Oracle Errata System Oracle Linux 5.3 2022-01-04T22:57:39 Oracle Linux 8 [4.18.0-240.10.1_3.OL8] - Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7 [4.18.0-240.10.1_3] - [net] SUNRPC: Signalled ASYNC tasks need to exit (Scott Mayhew) [1907667 1872310] [4.18.0-240.9.1_3] - [net] tunnels: Fix off-by-one in lower MTU bounds for ICMP/ICMPv6 replies (Antoine Tenart) [1902082 1895765] - [net] net-sysfs: add backlog len and CPU id to softnet data (Paolo Abeni) [1883314 1866909] - [net] try to avoid unneeded backlog flush (Paolo Abeni) [1883314 1866909] - [net] skbuff: fix a data race in skb_queue_len() (Paolo Abeni) [1883314 1866909] - [powerpc] mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush (Diego Domingos) [1899208 1805031] - [powerpc] powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case (Diego Domingos) [1899208 1805031] - [net] netfilter: ctnetlink: add a range check for l3/l4 protonum (Florian Westphal) [1892665 1892666] {CVE-2020-25211} - [char] random: decouple random and urandom extrng fops (Vladis Dronov) [1899584 1890711] - [char] random: Add a poll handler to extrng_fops (Vladis Dronov) [1886192 1884857] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25211 Oracle Linux 7 [6.9.10.68-5] - Adding CTV-2020-29599 fix IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29599 Oracle Linux 8 [78.6.1-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.6.1-1] - Update to 78.6.1 build1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2020-16044 Oracle Linux 7 [78.6.1-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.6.1-1] - Update to 78.6.1 build1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2020-16044 Oracle Linux 7 [78.6.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.6.1-1] - Update to 78.6.1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2020-16044 Oracle Linux 8 [78.6.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.6.1-1] - Update to 78.6.1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2020-16044 Oracle Linux 8 [5.0.102-2.0.1] - Add support for new Oracle release [5.0.102-2] - Rebuild with updated tests - Resolves: RHBZ#1912684 [5.0.102-1] - Update to .NET SDK 5.0.102 and Runtime 5.0.2 - Resolves: RHBZ#1912684 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-1723 Oracle Linux 8 [3.1.111-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.111-1] - Update to .NET Core SDK 3.1.111 and Runtime 3.1.11 - Resolves: RHBZ#1907633 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-1723 Oracle Linux 8 [2.79-13.1] - Fix various issues in dnssec validation (CVE-2020-25681) - Accept responses only on correct sockets (CVE-2020-25684) - Use strong verification on queries (CVE-2020-25685) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25683 CVE-2020-25687 CVE-2020-25681 CVE-2020-25682 Oracle Linux 7 [2.76-16.1] - Accept responses only on correct sockets (CVE-2020-25684) - Use strong verification on queries (CVE-2020-25685) - Handle multiple identical DNS queries better (CVE-2020-25686) - Link against nettle for sha256 hash implementation MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 Oracle Linux 7 [1.3.1-12] - Rebuild with OpenJDK 7 [1.3.1-11] - Fix remote code execution vulnerability - Resolves: CVE-2020-26217 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26217 Oracle Linux 8 [1.8.29-6.1] - RHEL 8.3.Z ERRATUM - CVE-2021-3156 Resolves: rhbz#1917732 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3156 Oracle Linux 7 [1.8.23-10.1] - RHEL 7.9.Z ERRATUM - CVE-2021-3156 Resolves: rhbz#1917729 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3156 Oracle Linux 8 [78.7.0-2.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.7.0-2] - Update to 78.7.0 build2 [78.7.0-1] - Update to 78.7.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26976 CVE-2021-23964 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 Oracle Linux 7 [78.7.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.7.0-2] - Update to 78.7.0 build2 [78.7.0-1] - Update to 78.7.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26976 CVE-2021-23964 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 Oracle Linux 7 [78.7.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.7.0-1] - Update to 78.7.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26976 CVE-2021-23964 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2020-15685 Oracle Linux 8 [78.7.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.7.0-1] - Update to 78.7.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26976 CVE-2021-23964 CVE-2021-23953 CVE-2021-23954 CVE-2021-23960 CVE-2020-15685 Oracle Linux 8 [1.6.2-5] - Fix CVE-2021-21261 (#1918774) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-21261 Oracle Linux 7 [3.10.0-1160.15.2.OL7] - Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.3 [3.10.0-1160.15.2] - [fs] nfs: Fix security label length not being reset (Dave Wysochanski) [1917504] [3.10.0-1160.15.1] - [fs] ceph: quota: fix null pointer dereference in quota check (Jeff Layton) [1890386] - [netdrv] revert 'mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query' (Alaa Hleihel) [1896756] - [kernel] timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion (Waiman Long) [1890911] - [kernel] exit: Optimize forget_original_parent() for large thread group exiting (Waiman Long) [1872110] - [kernel] exit: reparent: call forget_original_parent() under tasklist_lock (Waiman Long) [1872110] - [kernel] Disable tasklist_waiters when qrwlock is enabled (Waiman Long) [1872110] - [fs] cifs: handle ERRBaduid for SMB1 (Leif Sahlberg) [1847041] [3.10.0-1160.14.1] - [fs] nfsd: fix incorrect umasks ('J. Bruce Fields') [1905208] - [hv] vmbus: Add timeout to vmbus_wait_for_unload (Mohammed Gamal) [1888979] - [scsi] qla2xxx: Fix device loss on 4G and older HBAs (Nilesh Javali) [1889311] - [s390] dasd: Fix zero write for FBA devices (Philipp Rudo) [1896839] - [net] ipv6: use in6_dev_put in dad timer handler instead of __in6_dev_put (Xin Long) [1809519] [3.10.0-1160.13.1] - [s390] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (Philipp Rudo) [1896826] - [block] block/diskstats: more accurate approximation of io_ticks for slow disks (Ming Lei) [1859364] - [block] block: delete part_round_stats and switch to less precise counting (Ming Lei) [1859364] - [md] dm: simplify start of block stats accounting for bio-based (Ming Lei) [1859364] - [block] block/rsxx: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364] - [block] drbd: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364] - [md] md: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364] - [nvme] limit number of IO queues on Dell/Kioxia config (Gopal Tiwari) [1883403] - [netdrv] hv_netvsc: make recording RSS hash depend on feature flag (Mohammed Gamal) [1898280] - [netdrv] hv_netvsc: record hardware hash in skb (Mohammed Gamal) [1898280] - [fs] block: Fix use-after-free in blkdev_get() (Ming Lei) [1902414] {CVE-2020-15436} [3.10.0-1160.12.1] - [mm] mmap: relax file size limit for regular files (Rafael Aquini) [1855985] - [mm] mmap: introduce sane default mmap limits (Rafael Aquini) [1855985] - [of] Move dynamic node fixups out of powerpc and into common code (Laurent Vivier) [1866138] - [fs] nfs: Fix double-free in filelayout_alloc_commit_info/filelayout_free_lseg (Benjamin Coddington) [1679980] - [hid] HID: hid-plantronics: Re-resend Update to map button for PTT products (Torez Smith) [1769502] - [fs] dlm: make posix locks interruptible (Alexander Aring) [1826858] MODERATE Copyright 2021 Oracle, Inc. CVE-2020-15436 CVE-2020-35513 Oracle Linux 7 [4:5.16.3-299] - Fix CVE-2020-10543 (bug #1839272) - Fix CVE-2020-10878 (bug #1839275) [4:5.16.3-298] - Fix CVE-2020-12723 (bug #1839278) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Oracle Linux 7 [1.5.3-175.el7_9.3] - kvm-Suppress-prototype-warning-for-nss-headers.patch [bz#1884997] - Resolves: bz#1884997 (qemu-kvm FTBFS on rhel7.9) [1.5.3-175.el7_9.2] - kvm-hw-net-vmxnet_tx_pkt-fix-assertion-failure-in-vmxnet.patch [bz#1860960] - kvm-hw-core-loader-Fix-possible-crash-in-rom_copy.patch [bz#1842923] - Resolves: bz#1842923 (CVE-2020-13765 qemu-kvm: QEMU: loader: OOB access while loading registered ROM may lead to code execution [rhel-7.9.z]) - Resolves: bz#1860960 (CVE-2020-16092 qemu-kvm: QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c [rhel-7.9.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-13765 CVE-2020-16092 Oracle Linux 7 [2.17-322.0.2] - merge RH el7 u9 errata patches with Oracle patches Review-exception: Simple merge - merge RH el7 u9 patches with Oracle patches Review-exception: Simple merge - Four patches to match 3rd patch bundle from Marvell - modify MIPS values in elf/elf.h - add sysdeps/aarch64/sys/ifunc.h - consolidate Linux mmap [BZ-21270] - fix mmap for really large offsets - [Orabug 30778222] Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - [Orabug 28481550/29851177] Make funlockfile/flockfile match tests with _IO_funlockfile and _IO_flockfile. - aarch64 Optimize memcpy for octeonx - aarch64 Add Atomics HWCAP_IMPORTANT - implement allocate_once - Adding Mike Fabian's C.utf-8 patch (C.utf-8 is a unicode-aware version of the C locale) - Marvell Patches to support mips/aarch64 - mips support _ABI64 and STRING_INLINE_unaligned - mips Use HAVE_SA_RESTORER for declaration of restore_rt. - Do not redefine MEMCPY_OK_FOR_FWD_MEMMOVE - mips pread.c remove typo. - mips remove mips64/n32/fallocate.c - add uint64_t for SEM_NWAITERS_SHIFT - Replace sysdeps/mips/preconfigure with current version. - change !_MIPS_ARCH_OCTEON to !defined _MIPS_ARCH_OCTEON - Check for /usr/bin/sh before invoking bash specific cmds - Backport to fix ltp set{re,res}{g,u}id.c tests. - mips Octeon add syncw in atomic.h asm.h - Make mmap64() 64-bit file offsets for n32 - mips Use 'k0' for Octeon1 - Bug 1591 mips/mips64/pthread_spin_unlock.c - mips Bug 1552 fadvise changes - mips user.h delete PAGE_SIZE PAGE_MASK NBPG HOST_STACK_END_ADDR - mips bug 1633 modify debug/Makefile - mips octeon2 optimize atomic compare and exchange - mips Append octeon3 to the machine variable. - ifaddrs netlink request increase buffer size for large messages - mips clean up memcpy.S syntax (no change in prefetching) - Include sysdep.h in sysdeps/aarch64/crti.S - aarch64 rename R_AARCH64 fields based on new ABI - aarch64 Support variable pagesize - mips bug 4380 static glibc syscalls to support cancellation - aarch64 add funwind tables to backtrace - aarch64 define typesizes - mips sqrt code added - Cleanup strcoll_l to match upstream - Add test to check for cache size int overflow - mips correct reserved FCSR bits - mips fpu_control.h standardize capitalization - mips fpu_control.h add FPU_RC_MASK - mips use FPU_RC_MASK in fegetround fesetround - mips inline math lib support functions - mips add strcmp.c - mips revise memset again for Octeon 128byte cache lines - aarch64 define FUTEX_WAIT_REQUEUE_PI - aarch64 Define ABORT_INSTRUCTION - aarch64 fix first cfi_adjust_cfa_offset - mips add section GNU-stack for executable stack - aarch64 Make SSIZE_T_TYPE always signed long - aarch64 define OFF_T_TYPE to be SYSCALL_SLONG_TYPE - aarch64 Handle various MATCHES cases - Change shm_segsz to be __syscall_ulong_t - convert elf/sotruss.ksh to standard Bourne function syntax - aarch64 remove inaccurate comment from sysdep.h - aarch64 Prevent warning in sigcontextinfo.h - aarch64 Prevent warning in jmpbuf-unwind.h - check signal stack before and after swapcontext - aarch64 Add SystemTap probe longjmp and setjmp - aarch64 count_leading_zeros defined - mips improved newlib strcmp.c - fix initial condition for get_nprocs - aarch64: remove asm/ptrace.h in sys includes - elf/pldd.c use scratch_buffer instead of extend_alloca - grp Rewrite to use scratch_buffer - add scratch_buffer to initgroups - add scratch_buffer to getnameinfo - nscd_getgr_r add scratch_buffer - mips Define DT_MIPS_RLD_MAP_REL macro - mips Add ENTRY and END to assembly routines - Makeconfig changes to support include subdirs - mips assembly changes for GP64_REG and GP64_STACK - sunrpc: Do not use alloca in clntudp_call - Improve wide char support - Provide cache/non-cache versions for localedata - CR29749550 [armv5] build failure - Add 3 arm patches to aarch64 tree to avoid future build/merge failures. - Rebase aarch64 patches at 30000 to avoid future conflicts. - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - EL Errata <el-errata_ww@oracle.com> - Add BUS_MCEERR_AR, BUS_MCEERR_AO to sysdeps/unix/sysv/linux/bits/siginfo.h - Add MAP_SHARED_VALIDATE to sysdeps/unix/sysv/linux/bits/mman-linux.h and - sysdeps/unix/sysv/linux/aarch64/bits/mman-linux.h - Add MAP_SYNC to sysdeps/unix/sysv/linux/aarch64/bits/mman.h - Add RTEXT_FILTER_SKIP_STATS - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> Orabug: <29495283> - add Ampere emag to tunable cpu list - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> Orabug: <2700101> - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - bundle of 71 upstream commits to improve malloc correctness and performance - upstream commit 4b5b548c9fedd5e6d920639e42ea8e5f473c4de3 - Fix BZ #15089: malloc_trim always trim for large padding. - upstream commit 51a7380b8968251a49a4c5b0bc7ed1af5b0512c6 - malloc/malloc.c: Avoid calling sbrk unnecessarily with zero - upstream commit 8a35c3fe122d49ba76dff815b3537affb5a50b45 - Use alignment macros, pagesize and powerof2. - upstream commit eab55bfb14f5e1ea6f522d81632ce5a1b8a8c942 - Add missing includes to sysdeps/generic/malloc-sysdep.h. - upstream commit 987c02692a88b8c9024cb99187434aad02c3c047 - malloc: fix comment typo - upstream commit c52ff39e8ee052e4a57676d65a27f09bd0a859ad - * malloc/malloc.c: Fix powerof2 check. - upstream commit af102d9529faee5810fde80dac6337b6148789ad - Remove explicit inline on malloc perturb functions. - upstream commit ca6be1655bd357bf6ac8857fba9b9dce928edbdc - Use ALIGN_DOWN in systrim. - upstream commit 8ba14398e629c1f63b9c91a59a47a713b3cce8bc - Do not macro-expand failed assertion expression [BZ #18604] - upstream commit 400e12265d99964f8445bb6d717321eb73152cc5 - Replace MUTEX_INITIALIZER with _LIBC_LOCK_INITIALIZER in generic code - upstream commit 00d4e2ea3503e6de0f198cd65343f287a51f04db - malloc: Remove arena_mem variable - upstream commit ca135f824b1dbaf43e4a673de7725db76a51b714 - malloc: Remove max_total_mem member from struct malloc_par - upstream commit 59eda029a8a35e5f4e5cd7be0f84c6629e48ec6e - malloc: Remove NO_THREADS - upstream commit b43f552a8a23c0e405ab13a268bee12ada3b7841 - Fix type of parameter passed by malloc_consolidate - upstream commit 8a727af925be63aa6ea0f5f90e16751fd541626b - malloc: Remove malloc hooks from fork handler - upstream commit 4cf6c72fd2a482e7499c29162349810029632c3f - malloc: Rewrite dumped heap for compatibility in __malloc_set_state - upstream commit dea39b13e2958a7f0e75b5594a06d97d61cc439f - malloc: Correct malloc alignment on 32-bit architectures [BZ #6527] - upstream commit 1e8a8875d69e36d2890b223ffe8853a8ff0c9512 - malloc: Correct size computation in realloc for dumped fake mmapped chunks - upstream commit 073f82140c7dbd7af387153c29ac7ac3e882c4ef - malloc_usable_size: Use correct size for dumped fake mapped chunks - upstream commit f88aab5d508c13ae4a88124e65773d7d827cd47b - malloc: Preserve arena free list/thread count invariant [BZ #20370] - upstream commit 5bc17330eb7667b96fee8baf3729c3310fa28b40 - elf: dl-minimal malloc needs to respect fundamental alignment - upstream commit 4bf5f2224baa1590f92f7a26930928fe9f7e4b57 - malloc: Automated part of conversion to __libc_lock - upstream commit c1234e60f975da09764683cddff4ef7e2a21ce78 - Document the M_ARENA_* mallopt parameters - upstream commit 68fc2ccc1aebc15b92e596b2bdc5605da1e25f3c - Remove redundant definitions of M_ARENA_* macros - upstream commit aceb22c1f59231909777f7d0a6b955adbf7096a2 - Remove references to sbrk to grow/shrink arenas - upstream commit e863cce57bff6cb795e6aad745ddf6235bca21ce - malloc: Remove malloc_get_state, malloc_set_state [BZ #19473] - upstream commit 681421f3cac665a82d000d854ae6df1fb3b561a5 - sysmalloc: Initialize previous size field of mmaped chunks - upstream commit e9c4fe93b3855239752819303ca377dff0ed0553 - malloc: Use accessors for chunk metadata access - upstream commit ae9166f2b8936304ea347a98519372804963447f - malloc: Update comments about chunk layout - upstream commit 3d7229c2507be1daf0c3e15e1f134076fa8b9025 - Fix malloc/ tests for GCC 7 -Walloc-size-larger-than=. - upstream commit 17f487b7afa7cd6c316040f3e6c86dc96b2eec30 - Further harden glibc malloc metadata against 1-byte overflows. - upstream commit e4e26210c3bdb5dcdce7a3def3b90fa45d3e2c89 - Fix failing test malloc/tst-interpose-nothread with GCC 7. - upstream commit 622222846a2e6ffbcd02cb46cb5f29c48fe4a466 - Call the right helper function when setting mallopt M_ARENA_MAX (BZ #21338) - upstream commit 44e4b889ab0e0497567c8983ad25a78798a3ab51 - manual: Document replacing malloc [BZ #20424 - upstream commit 3b5f801ddb838311b5b05c218caac3bdb00d7c95 - Tweak realloc/MREMAP comment to be more accurate. - upstream commit 4e61a6be446026c327aa70cef221c9082bf0085d - i386: Increase MALLOC_ALIGNMENT to 16 [BZ #21120] - upstream commit d5c3fafc4307c9b7a4c7d5cb381fcdbfad340bcc - Add per-thread cache to malloc - upstream commit be8aa923a70da16ebabe85e912abc6b815bbdcb4 - * manual/tunables.texi: Add missing @end deftp. - upstream commit ed421fca42fd9b4cab7c66e77894b8dd7ca57ed0 - Avoid backtrace from __stack_chk_fail [BZ #12189] - upstream commit eac43cbb8d808a40004aa0a4a286f5c5155beccb - malloc: Avoid optimizer warning with GCC 7 and -O3 - upstream commit ec2c1fcefb200c6cb7e09553f3c6af8815013d83 - malloc: Abort on heap corruption, without a backtrace [BZ #21754] - upstream commit ac3ed168d0c0b2b702319ac0db72c9b475a8c72e - malloc: Remove check_action variable [BZ #21754] - upstream commit a9da0bb2667ab20f1dbcd0a9ae6846db02fbc96a - malloc: Remove corrupt arena flag - upstream commit 5129873a8e913e207e5f7b4b521c72f41a1bbf6d - malloc: Change top_check return type to void - upstream commit 24cffce7366c4070d8f823702a4fcec2cb732595 - malloc: Resolve compilation failure in NDEBUG mode - upstream commit 0c71122c0cee483a4e6abcdbe78a1595eefe86e2 - malloc: Remove the internal_function attribute - upstream commit 1e26d35193efbb29239c710a4c46a64708643320 - malloc: Fix tcache leak after thread destruction [BZ #22111] - upstream Oct 15, 2017 commit 8e57c9432a2b68c8a1e7f4df28f0e8c7acc04753 - Silence -O3 -Wall warning in malloc/hooks.c with GCC 7 [BZ #22052] - upstream Oct 17, 2017 commit e4dd4ace56880d2f1064cd787e2bdb96ddacc3c4 - Inline tcache functions - upstream Oct 17, 2017 commit e956075a5a2044d05ce48b905b10270ed4a63e87 - Use relaxed atomics for malloc have_fastchunks - upstream Oct 17, 2017 commit 3381be5cdef2e43949db12f66a5a3ec23b2c4c90 - Improve malloc initialization sequence - upstream Oct 18, 2017 commit 2c2245b92ccf6344b324d17d8f94ccd3b8c559c6 - Fix build failure on tilepro due to unsupported atomics - upstream Oct 19, 2017 commit d74e6f6c0de55fc588b1ac09c88eb0fb8b8600af - Fix deadlock in _int_free consistency check - upstream Oct 20, 2017 commit a15d53e2de4c7d83bda251469d92a3c7b49a90db - Add single-threaded path to _int_free - upstream Oct 20, 2017 commit 6d43de4b85b11d26a19bebe4f55f31be16e3d419 - Fix build issue with SINGLE_THREAD_P - upstream Oct 24, 2017 commit 3f6bb8a32e5f5efd78ac08c41e623651cc242a89 - Add single-threaded path to malloc/realloc/calloc/memalloc - upstream Oct 24, 2017 commit 905a7725e9157ea522d8ab97b4c8b96aeb23df54 - Add single-threaded path to _int_malloc - upstream Nov 15, 2017 commit 7a9368a1174cb15b9f1d6342e0e10dd90dae238d - malloc: Account for all heaps in an arena in malloc_info [BZ #22439] - upstream Nov 23, 2017 commit 0a947e061d47c9710838f210506215bd9533324b - malloc: Call tcache destructor in arena_thread_freeres - upstream Nov 30, 2017 commit 34697694e8a93b325b18f25f7dcded55d6baeaf6 - Fix integer overflow in malloc when tcache is enabled [BZ #22375] - upstream Jan 12, 2018 commit 249a5895f120b13290a372a49bb4b499e749806f - malloc: Ensure that the consolidated fast chunk has a sane size. - upstream Jan 29, 2018 commit 406e7a0a47110adbf79326c8a0bda5ffac3e0f10 - malloc: Use assert.h assert macro - upstream Feb 10, 2018 commit 402ecba487804e9196769f39a8d157847d3b3104 - [BZ #22830] malloc_stats: restore cancellation for stderr correctly. - upstream Mar 9, 2018 commit 229855e5983881812b21b215346cb990722c6023 - malloc: Revert sense of prev_inuse in comments - upstream Mar 14, 2018 commit bdc3009b8ff0effdbbfb05eb6b10966753cbf9b8 - malloc: harden removal from unsorted list - malloc: fix merge regressions in previous bundle of patches. Orabug: <29139332> - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - Modified patches to avoid duplication of patch2754 (added in 2.17-260.0.16) - and patch10134. OraBug 29319671. - Reviewed-by: Egeyar Bagcioglu <egeyar.bagcioglu@oracle.com> - Regenerate intl/plural.c OraBug 28806294. - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - intl: Port to Bison 3.0 - Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9 OraBug 28806294. - Reviewed-by: Patrick McGehearty <patrick.mcgehearty@oracle.com> - Fix dbl-64/wordsize-64 remquo (bug 17569). - Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae OraBug 19570749. - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - libio: Disable vtable validation in case of interposition. - Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0. OraBug 28641867. - Reviewed-by: Egeyar Bagcioglu <egeyar.bagcioglu@oracle.com> - merged bundle of 142 upstream commits for aarch64 support with glibc rhel7 update 6. - upstream commit 75eff3fe90f96783f31f58fa84af1b77e57d1ae4 - trimmed to only add bzero.S, memcmp.S memcpy.S, memmove.S, memset.S, - strcmp.S, strlen.S, strncmp.S and strnlen.S into sysdeps/aarch64. Orabug: <28003847> - upstream commit 08325735c2efb0257b8c07ac0ff91e44c27ecbf8 - Lazy TLSDESC relocation data race fix - upstream commit c71c89e5c72baf43fd44d08dda8ab846eec5b1d6 - fix cfi annotations which used incorrect sign. - upstream commit f008c71455a8f23c2a24c451e61b12ddfca9a54f - fix uninitialized warning for math_private.h - upstream commit d2e4346a30683cc42c57bd1bfd457897d78c6d7e - fix internal asm profiling code - upstream commit efbe665c3a2d344b0d64456cf29499ba53c2965a - add ifunc support for aarch64 - upstream commit d6fc3f6516cd20f195758086fbbbe3f17a8a6d95 - add ChangeLog for ifunc support patch - upstream commit 6cd380dd366d728da9f579eeb9f7f4c47f48e474 - avoid-literals-in-start.S - upstream commit f124cb381116b5809de198327690ad0bd8d1478e - Fix nearbyint arithmetic moved before feholdexcept (bug 22225). - upstream commit db4f87bad48ed93ae14f61121367a7cb94fa46ed - do not use MIN for dl-machine.h - upstream commit a2e0a7f12ba57a49d1380c7ba1ff4b1f51d67347 - Guess L1 cache linesize - upstream commit 58a813bf6e732211af53e690c92c14a50bb06e0e - fix f-max-min for gcc - upstream commit e7df6c5c79458dc042a8c967bafa6e8eca88ae0d - HWCAP additions - upstream commit 14d886edbd3d80b771e1c42fbd9217f9074de9c6 - fix start code for static pie - upstream commit afce1991f6f61514172696ec3edf93331cb0e04f - clean up HWCAP updates - upstream commit 953c49cc3bb1041090281042148197ad3537c551 - more HWCAP additions - upstream commit 3f8d9d58c59fdbe27301d0e18bfd426a5f2edf19 - use builtins for fpcr/fpsr - upstream commit 4f5b921eb9b775aa3549a9bcd684c3013132f04b - add include for fpcr/fpsr fix - upstream commit 0c8a67a5737b4b6dd74bd24219fc642c8d244bee - fix include for fpcr/fpsr fix Orabug: <28036322> - upstream commit 2fee269248c6ef303569d9ac8fec3a27676520e0 - Enable _STRING_ARCH_unaligned on AArch64. - upstream commit 16396c41deab45f715ffd813280d9d685b3b281e - Add _STRING_INLINE_unaligned and string_private.h - upstream commit a8c5a2a9521e105da6e96eaf4029b8e4d595e4f5 - This is an optimized memset for AArch64. - upstream commit b998e16e71c8617746b7c39500e925d28ff22ed8 - This is an optimized memcpy/memmove for AArch64. - upstream commit c435989f52204703d524f467c830dc363439e532 - Optimize the strlen implementation. - upstream commit 58ec4fb881719d0b69989f9a4955290fca531831 - Add a simple rawmemchr implementation. - upstream commit a024b39a4e31a049391b459234f6b3575c9fc107 - This patch further tunes memcpy - upstream commit 95e431cc73c2df3bc606107d6f79c4683bd61102 - An optimized memchr was missing for AArch64. - upstream commit 922369032c604b4dcfd535e1bcddd4687e7126a5 - [AArch64] Optimized memcmp. - upstream commit 4c1d801a5956f049126ef6cbe22ed23693e77a8c - aarch64: Avoid hidden symbols for memcpy/memmove into static binaries - upstream commit 2bce01ebbaf8db52ba4a5635eb5744f989cdbf69 - aarch64: Improve strcmp unaligned performance - upstream commit 84c94d2fd90d84ae7e67657ee8e22c2d1b796f63 - aarch64: Use the L() macro for labels in memcmp - upstream commit 6ca24c43481e2c93a6eec362b04c3e77a35b28e3 - aarch64/strcmp: fix misaligned loop jump target - upstream commit 30a81dae5b752f8aa5f96e7f7c341ec57cba3585 - aarch64: Optimized memcmp for medium to large sizes - upstream commit 4e54d918630ea53e29dd70d3bdffcb00d29ed3d4 - aarch64: Fix branch target to loop16 - upstream commit 7108f1f944792ac68332967015d5e6418c5ccc88 - aarch64: Improve strncmp for mutually misaligned inputs - upstream commit d46f84de745db8f3f06a37048261f4e5ceacf0a3 - aarch64/strncmp: Unbreak builds with old binutils - upstream commit b47c3e7637efb77818cbef55dcd0ed1f0ea0ddf1 - aarch64/strncmp: Use lsr instead of mov+lsr Orabug: <28077661> - upstream commit 3a7ac8a0f596bb73093212cd1109c1413777e1f8 - Remove bp-start.h and INIT_ARGV_and_ENVIRON. - upstream commit 10ad46bc6526edc5c7afcc57112da96917ff3629 - Consolidate valloc/pvalloc code. - upstream commit 520d437b9455560d099fe6bd9664be1f9f76868b - Fix build warnings from systemtap probes in non-systemtap configurations - upstream commit f3eeb3fc560ccc4ce51dc605e4703c5016b07244 - Replace malloc force_reg by atomic_forced_read. - upstream commit 6c8dbf00f536d78b1937b5af6f57be47fd376344 - Reformat malloc to gnu style. - upstream commit bdfe308a166b433a841d5c9ae256560c18bce640 - Remove THREAD_STATS. - upstream commit e0db65176fa88b9497cbd6362b24e3225382bfb6 - Clean up __exit_thread. - upstream commit 79520f4bd611602f5bdb2b50979cf75bb5ac2968 - Use existing makefile variables for dependencies on - upstream commit 75f11331f98ebf3873e887a683add944a1aec0fd - correct alignment of TLS_TCB_ALIGN (BZ #16796) - upstream commit 94c5a52a841f807a23dbdd19a5ddeb505cc1d543 - Consolidate arena_lookup and arena_lock into a single arena_get - upstream commit c26efef9798914e208329c0e8c3c73bb1135d9e3 - malloc: Consistently apply trim_threshold to all heaps [BZ #17195] - upstream commit 92a9b22d70b85b7edd0484db8bf2465a969fb09e - Drop unused first argument from arena_get2 - upstream commit c3b9ef8dfc83e9d17da5adc73709d2f7dfbbaf13 - Do not use the main arena in retry path if it is corrupt - upstream commit 90b2517115a56ca9f5625f3e16c2629deeac55a9 - include/stap-probe.h: Fix formatting. - upstream commit 6782806d8f6664d87d17bb30f8ce4e0c7c931e17 - malloc: Rewrite with explicit TLS access using __thread - upstream commit a62719ba90e2fa1728890ae7dc8df9e32a622e7b - malloc: Prevent arena free_list from turning cyclic [BZ #19048] - upstream commit 730bbab2c39dd615c31c924041b4d16d7f107ae0 - Mark internal unistd functions hidden in ld.so - upstream commit cbb47fa1c6476af73f393a81cd62fc926e1b8f6e - malloc: Manual part of conversion to __libc_lock - upstream commit e33a23fbe8c2dba04fe05678c584d3efcb6c9951 - Add INTERNAL_SYSCALL_CALL - upstream commit be7991c0705e35b4d70a419d117addcd6c627319 - Static inline functions for mallopt helpers - upstream commit afcf3cd8ebff8fed79238a2d1b95338c4606b1ee - New internal function __access_noerrno - upstream commit 67e58f39412ecd4467034761f3f074283c90f3c8 - Add framework for tunables - upstream commit 3c589b1a8a4401e258ba23a03fcbcc79b82393ab - tunables: Use correct unused attribute (fixed build error in 67e58f) - upstream commit 9dd409a5f4a7a053cc962f8371dad0fe5cc22597 - Initialize tunable list with the GLIBC_TUNABLES environment variable - upstream commit 6765d5d34d126b26d55e2d73dac4dfec5e6d6241 - Enhance --enable-tunables to select tunables frontend at build time - upstream commit b31b4d6ae50b0d332207754327598fdce5b51015 - User manual documentation for tunables - upstream commit 34a63b097335d3411080b5b6e5b164ab36563847 - malloc: Run tunables tests only if tunables are enabled - upstream commit d054a81ab3a2515a45d28e6c26d2b190ff74e8ec - tunables: Avoid getenv calls and disable glibc.malloc.check by default - upstream commit 41389c40499a083c59e68ba281ec87be567f2871 - Fix environment traversal when an envvar value is empty - upstream commit f3bef6a748097d02d196df247f7b292c7b83744c - * elf/dl-tunables.c (tunable_set_val_if_valid_range): Split into ... - upstream commit 8b9e9c3c0bae497ad5e2d0ae2f333f62feddcc12 - tunables: Fix environment variable processing for setuid binaries (bz #21073) - upstream commit ed8d5ffd0a14e84298a15ae2ec9b799010166b28 - Drop GLIBC_TUNABLES for setxid programs when tunables is disabled (bz #21073) - upstream commit 53aa04a86c10f49b7481e73d2ca045ecd6ed2df7 - tunables: Fail tests correctly when setgid does not work - upstream commit 43ce02c6ec27d4e2d8f0ae327bbbeaba84060964 - Fix typo in manual - upstream commit 8cbc826c37c0221ada65a7a622fe079b4e89a4b0 - Fix getting tunable values on big-endian (BZ #21109 - upstream commit 1c1243b6fc33c029488add276e56570a07803bfd - Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug #21209) - upstream commit 65eff7fbdbddad8c1f9af7cb48cd3b5dca3c5c9d - Update old tunables framework document/script. - upstream commit 17284d650ebe5c736c9730ee16401008f26128c3 - tunables: Make tunable_list relro - upstream commit d13103074ab5c7614eeb94f88a61803ed8f3e878 - tunables: Specify a default value for tunables - upstream commit ad2f35cb396d24391150675fb55311c98d1e1592 - tunables: Add support for tunables of uint64_t type - upstream commit ce79740bdbccea312df6cfcf70689efb57792fc9 - Reduce value of LD_HWCAP_MASK for tst-env-setuid test case - upstream commit ee8015b9ea084d5727ce477fdd8d935f1de7f7f6 - Support dl-tunables.list in subdirectories - upstream commit 81efada5287c3215307623e57d3bbbeefa0c1250 - Make __tunables_init hidden and avoid PLT - upstream commit 4158ba082c641f407009363b186b4c85f8a01a35 - Delay initialization of CPU features struct in static binaries - upstream commit 44330b6d32904fdc8b6835a112e0ba0aee9f4ef3 - tunables: Clean up hooks to get and set tunables - upstream commit ea9b0ecbf0e7b6e8281047624efbe1b2cbb6d487 - tunables: Add LD_HWCAP_MASK to tunables - upstream commit ff08fc59e36e02074eba8ab39b0d9001363970f0 - tunables: Use glibc.tune.hwcap_mask tunable instead of _dl_hwcap_mask - upstream commit f82e9672ad89ea1ef40bbe1af71478e255e87c5e - aarch64: Allow overriding HWCAP_CPUID feature check using HWCAP_MASK - upstream commit 511c5a1087991108118c6e9c9546e83e992bf39c - Make LD_HWCAP_MASK usable for static binaries - upstream commit ea01a4da219011f4a4db97eef3c5bfc2f6e8fc6b - aarch64: Add hwcap string routines - upstream commit 6c85cc2852367ea2db91ff6a1fc0f6fc0653788d - aarch64: Fix undefined behavior in _dl_procinfo - upstream commit 2c0b90ab443abc967cbf75add4f7fde84978cb95 - Enable tunables by default - upstream commit 95a73392580761abc62fc9b1386d232cd55878e9 - tunables: Use direct syscall for access (BZ#21744) - upstream commit a4de0a9008d6f15e1509c9818ba6e50d78bb83f3 - Fix gen-tunables.awk to work with older awk Orabug: <28121777> - upstream commit ddcf6798d35beca3c4eec80ea448b57fd45558f4 - Replace C implementation of bzero with direct call to memset. - upstream commit af96be34825586536ebcfbf5c675e795ddd3c8fa - Replace C implementation of bcopy with a direct call to memmove. - upstream commit 6a2c695266fab34cc057256d1b33d2268183f00e - aarch64: Thunderx specific memcpy and memmove - upstream commit 512d245bc30cca893db6979f42f058e734f345c3 - Add HWCAP_ macros from Linux 4.12 to AArch64 bits/hwcap.h. - upstream commit 738a9914a066a31750925543a8c6d2661bd61345 - benchtests: Print string array elements, int and uint in json - upstream commit 5ee1e3cebc47495a36d17a0066c241978ca6f502 - benchtests: Make memcpy benchmarks print results in json - upstream commit 25d5247277760e669a69618ce99ce6065e92362c - benchtests: New script to parse memcpy results - upstream commit ab85da15301c552e3ea4577a6432aa028bee9295 - aarch64: Call all string function implementations in tests - upstream commit 28cfa3a48e59f9c6b9bc25a003a4ede435841382 - tunables, aarch64: New tunable to override cpu - upstream commit 47ea614b9afcdaef80e09d58afcdad4f96ba3f15 - fix typo - upstream commit 82e06600505cc26810d263a964d9eca6f3cdfe91 - [AArch64] Update dl-procinfo for new HWCAP flags in Linux 4.12 - upstream commit 36ada5f681d86d4abe7b3b47d653d69e5ab2a6fd - aarch64: Optimized memcpy for Qualcomm Falkor processor - upstream commit 61c982910da9b60f7ac48eb1caaac1f4b013dbb1 - benchtests: Remove verification runs from benchmark tests - upstream commit 86c6519ee77d241575653206f33dbe1d4c8436cf - benchtests: Print json in memmove benchmark - upstream 9eee633b68649c94b2404f65d5c9a00c3ed1f068 - Change argument type passed to ifunc resolvers - upstream commit 9c9ec58197d1e18db6f7b39f7dc08b0f5f61df4e - Add thunderx2t99 and thunderx2t99p1 CPU names to tunables list - upstream commit f00bce744e12996a30b7ac5851b001b1dd7beaa9 - Fix glibc.tune.cpu tunable handling - upstream commit 29c933fb35b7bf872f57dc6977c879832983ab6c - benchtests: Make memset benchmarks print json - upstream commit 503c92c37a95f769762e65aff9383b302178c2bc - benchtests: Reallocate buffers for memset - upstream commit dd5bc7f1b385b29d0f90aefe4d9756b35011709b - aarch64: Optimized implementation of memmove for Qualcomm Falkor - upstream commit edbbc86c3a6624dcc0316a4cd78fe1adfb383405 - * sysdeps/aarch64/bzero.S (__bzero): Remove. - upstream commit 4d7632ff687dc60fb9ed38bae682d395017b61a8 - benchtests: Fix walking sizes and directions for *-walk benchmarks - upstream commit eb332f9feb7637eeefed037a683d2a6130d058b1 - benchtests: Bump start size since smaller sizes are noisy - upstream commit 5a67c4fa010abb27e704aa4ea3896f3aa2b39ed7 - aarch64: Optimized memset for falkor - upstream commit 5f1603c331d9e2194170762b7e5e80a5571e4b4e - Convert strcmp benchmark output to json format - upstream commit 4e00196912e63bd44f9a62a88a0f5c5fde25ad86 - aarch64: fix memset with --disable-multi-arch - upstream commit 3dfcbfa1a4bfa39344e8d945ed1bd697c4c9fe96 - benchtests: Reallocate buffers for every test run - upstream commit 96e6a7167e127d5e65000f2724e074f1c026e1f1 - benchtests: Make bench-memcmp print json - upstream commit e9537dddc7c7c7b60b55ed845542c8d586164488 Orabug: <28121801> - upstream commit 9dbebe1a67bbedfcb39c6b739f15bc639e8d40a2 - [AArch64] Save and restore q0-q7 on entry to dynamic linker. - upstream commit 1670e207c57513da84462c2a018f01653e7d1cc6 - aarch64: Rely on syscalls preserving registers - upstream commit f940b96522d6ac67915186dfaa71b43f3e7f5404 - [AArch64] Add optimized strchr. - upstream commit be9d4ccc7fe62751db1a5fdcb31958561dbbda9a - [AArch64] Add optimized strchrnul. - upstream commit 80085defb83e4f2ce098c8bc00c82d1e14998c71 - [AArch64] End frame record chain correctly. [??Bug 17522], release 2.21 - upstream commit aa76a5c7010e98c737d79f37aa6ae668f60f7a00 - [AArch64] Fix strchrnul clobbering v15 - upstream commit ec582ca0f30c963a1c27f405b6732ca8507271d5 - AArch64 optimized implementation of strrchr. - upstream commit dc400d7b735c47086a001ed051723e376230cf01 - AArch64: Optimized implementations of strcpy and stpcpy. - upstream commit d3496c9f4f27d3009b71be87f6108b4fed7314bd - Improve generic strcspn performance - upstream commit 91f3b75f47c9eca3299098c3dcc2f5d9dad320b1 - Improve generic strspn performance - upstream commit 282b71f07eb5e24ddf1308f92c37cb42f7c7d86b - Improve generic strpbrk performance - upstream commit 2e51bc3813ca3fe72fd197d08d79496e46669f43 - Use PTR_ALIGN_DOWN on strcspn and strspn - upstream commit f6a191a6ee0313d61dffa70d86b033c5a598f907 - Consolidate Linux read syscall - Fixes BZ#21428 - upstream commit ed0257f7d3378ec4a72e297f0dcba5159f2dd138 - [AArch64] Adjust elf_machine_dynamic to use _GLOBAL_OFFSET_TABLE_ - upstream commit e535ce250143b9c1600b306911710c0de73e2a5e - [ARM] add missing -funwind-tables to test case (bug 19529) - upstream commit a68ba2f3cd3cbe32c1f31e13c20ed13487727b32 - [AARCH64] Rewrite elf_machine_load_address using _DYNAMIC symbol - upstream commit db9bab09a51188bf57afeb47040ce6837b878367 - Document cache information sysconf variables - upstream commit a2e0a7f12ba57a49d1380c7ba1ff4b1f51d67347 - aarch64: Document _SC_LEVEL1_DCACHE_LINESIZE caveat - upstream commit 659ca267360e1c1f64eea9205bb81cb5e9049908 - aarch64: optimize _dl_tlsdesc_dynamic fast path - upstream commit 3d1d79283e6de4f7c434cb67fb53a4fd28359669 - aarch64: fix static pie enabled libc when main is in a shared library - upstream commit c9e613a728b9eaf0713b5a5970bb9ad4984fc688 - Add NT_ARM_SVE to elf.h Orabug: <28336148> - Rebase of the aarch64 OL 7.4 patches. - Enable ifunc support. (Egeyar Bagcioglu 2.17-196.0.2.el7_4.2) Orabug: <26894372> [2.17-322] - Enable file-based IFUNC selection on NVMe devices (#1883162) [2.17-321] - CVE-2020-10029: Prevent stack corruption from crafted input in cosl, sinl, sincosl, and tanl function. (#1812119) [2.17-320] - CVE-2020-29573: Harden printf family of functions (#1869380) [2.17-319] - Revert fix for #1772307 to improve Intel Xeon performance (#1889977) [2.17-318] - CVE-2019-25013: Fix EUC-KR conversion module defect (#1912543) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10029 CVE-2020-29573 CVE-2019-25013 Oracle Linux 7 [1.0.9-10] - Fix CVE-2021-21261 (#1918771) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-21261 Oracle Linux 8 [3.1.112-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.112-1] - Update to .NET Core SDK 3.1.112 and Runtime 3.1.12 - Resolves: RHBZ#1923377 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-1721 Oracle Linux 8 [2.1.521-1] - Update to .NET Core SDK 2.1.521 and Runtime 2.1.25 - Resolves: RHBZ#1922272 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-1721 Oracle Linux 8 [5.0.103-1.0.1] - Add support for new Oracle release [5.0.103-1] - Update to .NET SDK 5.0.103 and Runtime 5.0.3 - Resolves: RHBZ#1924765 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-1721 Oracle Linux 8 subversion [1.10.2-4] - add security fix for CVE-2020-17525 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-17525 Oracle Linux 8 buildah [1.16.7-4.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) [1.16.7-4] - update to the latest content of https://github.com/containers/buildah/tree/release-1.16 (https://github.com/containers/buildah/commit/aaed66b) - Related: #1888571 [1.16.7-3] - revert back to buildah-1.16 for the quarterly release - Related: #1888571 [1.19.0-2] - bump version to refrect buildah upgrade - Related: #1888571 [1.16.7-2] - bump to release-1.19 branch - Related: #1888571 [1.16.5-5] - update to the latest content of https://github.com/containers/buildah/tree/release-1.16 (https://github.com/containers/buildah/commit/56ed75b) - Related: #1888571 [1.16.5-4] - simplify spec file - use short commit ID in tarball name - Related: #1888571 [1.16.5-3] - update to the latest content of https://github.com/containers/buildah/tree/release-1.16 (https://github.com/containers/buildah/commit/9e02bf9) - Related: #1888571 [1.16.5-2] - use shortcommit ID in branch tarball name - Related: #1888571 [1.16.5-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 cockpit-podman [27.1-3] - run much more tests - patch from Matej Marusak - Related: #1888571 [27.1-2] - gating tests - always set VM password - Related: #1888571 [27.1-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/27.1 - Related: #1888571 [27-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/27 - Related: #1888571 [26-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/26 - Related: #1888571 [25-5] - remove redundant patch - Related: #1888571 [25-4] - replace docker.io with quay.io for gating tests due do docker.io new pull rate limit requirements - Related: #1888571 [25-3] - test: Cleanup images before pulling the ones we need - thanks to Matej Marusak - Related: #1888571 [25-2] - remove hack in tests - add LICENSE - Related: #1888571 [25-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 conmon [2:2.0.22-3] - exclude i686 as golang is not suppoerted there - Related: #1888571 [2:2.0.22-2] - add BR: golang, go-md2man - add man pages - Related: #1888571 [2:2.0.22-1] - update to https://github.com/containers/conmon/releases/tag/v2.0.22 - Related: #1888571 [2:2.0.21-3] - simplify spec - Related: #1888571 [2:2.0.21-2] - be sure to harden the linked binary - compile with debuginfo enabled - Related: #1888571 [2:2.0.21-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 containernetworking-plugins [0.9.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v0.9.0 - Related: #1888571 container-selinux [2:2.155.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.155.0 - Related: #1888571 [2:2.154.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.154.0 - Related: #1888571 [2:2.153.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.153.0 - Related: #1888571 [2:2.152.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.152.0 - Related: #1888571 [2:2.151.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.151.0 - Related: #1888571 [2:2.150.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.150.0 - Related: #1888571 [2:2.145.0-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Resolves: #1873064 criu [3.15-1] - update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15 - Related: #1888571 [3.14-2] - fix 'Need to fix bugs found by coverity.' - Related: #1821193 [3.14-1] - synchronize containter-tools 8.3.0 with 8.2.1 - Related: #1821193 crun [0.16-2] - exclude i686 because of build failures - Related: #1888571 [0.16-1] - update to https://github.com/containers/crun/releases/tag/0.16 - Related: #1888571 [0.15.1-1] - update to https://github.com/containers/crun/releases/tag/0.15.1 - Related: #1888571 [0.15-2] - backport 'exec: check read bytes from sync' (gscrivan@redhat.com) (https://github.com/containers/crun/issues/511) - Related: #1888571 [0.15-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 fuse-overlayfs [1.3.0-2] - disable openat2 syscall again - still unsupported in current RHEL8 kernel - Resolves: #1921863 [1.3.0-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.3.0 - Related: #1888571 [1.2.0-3] - be sure to harden the linked binary - Related: #1888571 [1.2.0-2] - ensure fuse module is loaded - Related: #1888571 [1.2.0-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 libslirp oci-seccomp-bpf-hook [1.2.0-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.0 - Related: #1888571 podman [2.2.1-7.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) [2.2.1-7] - Resolves: #1925928 - Fix varlink GetVersion() - Upstream PR: https://github.com/containers/podman/pull/9274 [2.2.1-6] - update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel (https://github.com/containers/podman/commit/1741f15) - Related: #1888571 [2.2.1-5] - update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel (https://github.com/containers/podman/commit/b5bc6a7) - Related: #1877188 [2.2.1-4] - add Requires: oci-runtime - Related: #1888571 [2.2.1-3] - update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel (https://github.com/containers/podman/commit/14c35f6) - Related: #1888571 [2.2.1-2] - update to https://github.com/containers/dnsname/releases/tag/v1.1.1 [2.2.1-1] - update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel (https://github.com/containers/podman/commit/a0d478e) - Related: #1888571 [2.2.0-2] - attempt to fix gatng tests - Related: #1888571 [2.2.0-1] - update to https://github.com/containers/podman/releases/tag/v2.2.0 - Related: #1888571 [2.1.1-3] - attempt to fix linker error with golang-1.15 - add Requires: httpd-tools to tests, needed to work around missing htpasswd in docker registry image, thanks to Ed Santiago - Related: #1888571 [2.1.1-2] - update to the latest content of https://github.com/containers/podman/tree/v2.1.1-rhel (https://github.com/containers/podman/commit/450615a) - Resolves: #1873204 - Resolves: #1884668 [2.1.1-1] - update podman to 2.1.1-rhel - Resolves: #1743687 - Resolves: #1811570 - Resolves: #1869322 - Resolves: #1678546 - Resolves: #1853455 - Resolves: #1874271 python-podman-api [1.2.0-0.2.gitd0a45fe] - revert update to 1.6.0 due to new python3-pbr dependency which is not in RHEL - Related: RHELPLAN-25139 [1.2.0-0.1.gitd0a45fe] - Initial package runc [1.0.0-70.rc92] - add Provides: oci-runtime = 1 - Related: #1888571 [1.0.0-69.rc92] - still use ExcludeArch as go_arches macro is broken for 8.4 - Related: #1888571 skopeo [1:1.2.0-9.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) - Add oracle registry into the conf file [Orabug: 29845934 31306708] [1:1.2.0-9] - upload proper source tarball - Related: #1888571 [1:1.2.0-8] - revert back to version aimed at 8.3.1 - skopeo-1.2.0 - also downgrade versions of vendored libraries - Related: #1888571 [1:1.2.1-1] - update vendored component versions - update to the latest content of https://github.com/containers/skopeo/tree/release-1.2 (https://github.com/containers/skopeo/commit/2e90a8a) - Related: #1888571 [1:1.2.0-6] - always build with debuginfo - use less verbose output when compiling - Related: #1888571 [1:1.2.0-5] - re-sync config files - assure events_logger = 'file' - Related: #1888571 [1:1.2.0-4] - change default logging mechanism to use for container engine events in containers.conf to be events_logger = 'file' - it should fix RHEL gating tests for podman nonroot (thanks to Dan Walsh) - Related: #1888571 [1:1.2.0-3] - simplify spec file - use short commit ID in tarball name - Related: #1888571 [1:1.2.0-2] - use shortcommit ID in branch tarball name - Related: #1888571 [1:1.2.0-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 slirp4netns [1.1.8-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8 - Related: #1888571 [1.1.7-2] - exclude i686 because of build failures - Related: #1888571 [1.1.7-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7 - Related: #1888571 [1.1.6-2] - - be sure to harden the linked binary - Related: #1888571 [1.1.6-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.6 - Related: #1888571 udica [0.2.4-1] - update to https://github.com/containers/udica/releases/tag/v0.2.4 - Related: #1888571 [0.2.3-1] - synchronize with stream-container-tools-rhel8-rhel-8.4.0 - Related: #1888571 [0.2.2-1] - https://github.com/containers/udica/releases/tag/v0.2.2 - Related: #1821193 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14370 Oracle Linux 8 [3.53.1-17] - Fix various corner cases with ike v1 app b support. [3.53.1-16] - Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. [3.53.1-15] - Revert some policy changes the generate ABI runtime issues. [3.53.1-14] - Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries. [3.53.1-13] - Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1. [3.53.1-12] - fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests MODERATE Copyright 2021 Oracle, Inc. CVE-2020-12403 CVE-2020-6829 CVE-2020-12400 Oracle Linux 8 nodejs [1:10.23.1-1] - January Security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Rebase to 10.23.1 - Resolves: RHBZ#1916461, RHBZ#1914789 - Resolves: RHBZ#1914783, RHBZ#1916462, RHBZ#1916395, RHBZ#1916459 - Resolves: RHBZ#1916691, RHBZ#1916689, RHBZ#1916388 - Remove dot-prop patch, as it is fixed by npm rebase [1:10.22.1-1] - Security rebase to 10.22.1 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-8116 CVE-2020-8252 CVE-2020-15095 CVE-2020-7608 CVE-2020-7754 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287 CVE-2020-7774 CVE-2020-15366 Oracle Linux 8 nodejs [1:12.20.1-1] - Security rebase for January security release - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ#1916460, RHBZ#1914786 - Resolves: RHBZ#1914784, RHBZ#1916396 nodejs-nodemon [2.0.3-1] - Resolves: RHBZ#1921841, RHBZ#1921843, RHBZ#1921842 - Rebase to 2.0.3 nodejs-packaging MODERATE Copyright 2021 Oracle, Inc. CVE-2020-7754 CVE-2019-10746 CVE-2019-10747 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287 Oracle Linux 8 nodejs [1:14.15.4-2] - Add patch for yarn crash - Resolves: RHBZ#1916465 [1:14.15.4-1] - Security rebase to 14.15.4 - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ#1916463, RHBZ#1914788 - Resolves: RHBZ#1914785, RHBZ#1916387, RHBZ#1916389, RHBZ#1916390, RHBZ#1916690 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-7754 CVE-2020-7788 CVE-2020-8265 CVE-2020-8287 CVE-2020-8277 CVE-2020-7774 CVE-2020-15366 Oracle Linux 8 [4:5.26.3-417] - Fix CVE-2020-12723 (bug #1909860) - Fix Time-Local tests to pass after year 2019 (bug #1807120) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-12723 Oracle Linux 8 [4.18.0-240.15.1_3.OL8] - Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7 [4.18.0-240.15.1_3] - [x86] kvm: svm: Initialize prev_ga_tag before use (Vitaly Kuznetsov) [1919885 1909254] - [net] tls: move mark_tech_preview to tls_init (Sabrina Dubroca) [1918743 1907477] - [video] hyperv_fb: Fix the cache type when mapping the VRAM (Mohammed Gamal) [1917711 1908893] - [video] hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (Mohammed Gamal) [1917711 1908893] - [net] esp: select CRYPTO_SEQIV (Vladis Dronov) [1912872 1905088] - [crypto] treewide: Use fallthrough pseudo-keyword (Vladis Dronov) [1912872 1905088] - [crypto] crypto: drbg - always try to free Jitter RNG instance (Vladis Dronov) [1912872 1905088] - [crypto] crypto: drbg - should select CTR (Vladis Dronov) [1912872 1905088] - [crypto] crypto: ctr - no longer needs CRYPTO_SEQIV (Vladis Dronov) [1912872 1905088] - [crypto] crypto: drbg - always seeded with SP800-90B compliant noise source (Vladis Dronov) [1912872 1905088] - [crypto] crypto: jitter - SP800-90B compliance (Vladis Dronov) [1912872 1905088] - [crypto] crypto: jitter - add header to fix buildwarnings (Vladis Dronov) [1912872 1905088] - [crypto] crypto: jitter - fix comments (Vladis Dronov) [1912872 1905088] - [crypto] crypto: jitter - update implementation to 2.1.2 (Vladis Dronov) [1912872 1905088] - [crypto] crypto: drbg - in-place cipher operation for CTR (Vladis Dronov) [1912872 1905088] - [crypto] crypto: drbg - eliminate constant reinitialization of SGL (Vladis Dronov) [1912872 1905088] - [netdrv] ionic: start queues before announcing link up (Jonathan Toppins) [1918372 1906250] - [drm] drm/i915: Enable Tigerlake support by default (Lyude Paul) [1882620 1877005] - [drm] drm/i915: Simplify intel_set_cdclk_{pre, post}_plane_update() calling convention (Lyude Paul) [1882620 1877005] - [drm] drm/i915/psr: Program default IO buffer Wake and Fast Wake (Lyude Paul) [1882620 1877005] - [kernel] rcu: Force on tick when invoking lots of callbacks (Waiman Long) [1915638 1862812] - [kernel] nohz: Add TICK_DEP_BIT_RCU (Waiman Long) [1915638 1862812] - [pci] PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken (Myron Stowe) [1906516 1888310] [4.18.0-240.14.1_3] - [netdrv] net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() (Waiman Long) [1915814 1904213] - [mm] x86/mm/cpa: Prevent large page split when ftrace flips RW on kernel text (Waiman Long) [1915814 1904213] - [mm] x86/mm/cpa: Fix cpa_flush_array() TLB invalidation (Waiman Long) [1915814 1904213] - [hv] hv: vmbus: Add timeout to vmbus_wait_for_unload (Mohammed Gamal) [1913528 1888980] - [kernel] perf/core: Fix race in the perf_mmap_close() function (Michael Petlan) [1897016 1869925] {CVE-2020-14351} - [kernel] perf: Make struct ring_buffer less ambiguous (Michael Petlan) [1897016 1869925] {CVE-2020-14351} - [tty] tty: Fix ->pgrp locking in tiocspgrp() (Waiman Long) [1908196 1908197] {CVE-2020-29661} - [x86] x86/tboot: Don't disable swiotlb when iommu is forced on (Tony Camuso) [1911555 1883395] - [iommu] iommu/vt-d: Avoid panic if iommu init fails in tboot system (Tony Camuso) [1911555 1883395] - [kernel] sched/deadline: Fix priority inheritance with multiple scheduling classes (Phil Auld) [1908731 1780490] - [kernel] locking/rwsem: Remove reader optimistic spinning (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Enable reader optimistic lock stealing (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Prevent potential lock starvation (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Pass the current atomic count to rwsem_down_read_slowpath() (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Fold __down_{read,write}*() (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Introduce rwsem_write_trylock() (Waiman Long) [1908519 1895046] - [kernel] locking/rwsem: Better collate rwsem_read_trylock() (Waiman Long) [1908519 1895046] - [kernel] rwsem: Implement down_read_interruptible (Waiman Long) [1908519 1895046] - [kernel] rwsem: Implement down_read_killable_nested (Waiman Long) [1908519 1895046] - [firmware] efi/esrt: Only call efi_mem_reserve() for boot services memory (Kairui Song) [1907775 1878024] - [firmware] efi: Drop type and attribute checks in efi_mem_desc_lookup() (Kairui Song) [1907775 1878024] - [scsi] scsi: core: Don't start concurrent async scan on same host (Ming Lei) [1905214 1874501] [4.18.0-240.13.1_3] - [arm64] arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Andrew Jones) [1909577 1908439] - [arm64] arm64: pgtable: Fix pte_accessible() (Andrew Jones) [1909577 1908439] - [net] icmp: randomize the global rate limiter (Guillaume Nault) [1906371 1896516] {CVE-2020-25705} - [tools] kvm: x86: do not attempt TSC synchronization on guest writes (Paolo Bonzini) [1905084 1898018] - [x86] kvm: x86: fix MSR_IA32_TSC read for nested migration (Paolo Bonzini) [1905084 1898018] - [x86] kvm: nsvm: delay MSR permission processing to first nested VM run (Paolo Bonzini) [1905084 1898018] - [x86] kvm: x86: rename KVM_REQ_GET_VMCS12_PAGES (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: use __GFP_ZERO instead of clear_page (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: refactor msr permission bitmap allocation (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: rename a variable in the svm_create_vcpu (Paolo Bonzini) [1905084 1898018] - [x86] kvm: nsvm: Avoid freeing uninitialized pointers in svm_set_nested_state() (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: nested: Don't allocate VMCB structures on stack (Paolo Bonzini) [1905084 1898018] - [x86] kvm: nsvm: more strict SMM checks when returning to nested guest (Paolo Bonzini) [1905084 1898018] - [x86] svm: nsvm: setup nested msr permission bitmap on nested state load (Paolo Bonzini) [1905084 1898018] - [x86] svm: nsvm: correctly restore GIF on vmexit from nesting after migration (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: avoid emulation with stale next_rip (Paolo Bonzini) [1905084 1898018] - [x86] kvm: nsvm: remove nonsensical EXITINFO1 adjustment on nested NPF (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: Rename svm_nested_virtualize_tpr() to nested_svm_virtualize_tpr() (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: Add svm_ prefix to set/clr/is_intercept() (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: Add vmcb_ prefix to mark_*() functions (Paolo Bonzini) [1905084 1898018] - [x86] kvm: svm: Rename struct nested_state to svm_nested_state (Paolo Bonzini) [1905084 1898018] - [x86] kvm: nsvm: Check that DR6[63:32] and DR7[64:32] are not set on vmrun of nested guests (Paolo Bonzini) [1905084 1898018] - [x86] kvm: x86: Move the check for upper 32 reserved bits of DR6 to separate function (Paolo Bonzini) [1905084 1898018] - [netdrv] net/mlx5e: Add IPv6 traffic class (DSCP) header rewrite support (Alaa Hleihel) [1897688 1889981] - [netdrv] net/mlx5e: Fix endianness when calculating pedit mask first bit (Alaa Hleihel) [1897688 1889981] - [net] openvswitch: fix to make sure flow_lookup() is not preempted (Eelco Chaudron) [1893281 1888237] [4.18.0-240.12.1_3] - [net] SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() (Steve Dickson) [1912478 1884361] - [net] SUNRPC: Fix ('SUNRPC: Add '@len' parameter to gss_unwrap()') (Steve Dickson) [1912478 1884361] - [mm] x86/ioremap: Map EFI runtime services data as encrypted for SEV (Lenny Szubowicz) [1909243 1883134] - [kernel] sched/deadline: Unthrottle PI boosted threads while enqueuing (Daniel Bristot de Oliveira) [1913964 1869760] - [kernel] sched/deadline: Fix stale throttling on de-/boosted tasks (Daniel Bristot de Oliveira) [1913964 1869760] - [fs] NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall (Scott Mayhew) [1908313 1881550] - [fs] NFS: Fix interrupted slots by sending a solo SEQUENCE operation (Scott Mayhew) [1908312 1887577] - [net] netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal (Antoine Tenart) [1907576 1901026] - [powerpc] powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt handler (Diego Domingos) [1907301 1891822] - [powerpc] powerpc/powernv/dump: Handle multiple writes to ack attribute (Diego Domingos) [1907301 1891822] - [powerpc] powerpc/powernv/dump: Fix race while processing OPAL dump (Diego Domingos) [1907301 1891822] - [powerpc] powerpc/opal_elog: Handle multiple writes to ack attribute (Diego Domingos) [1907301 1891822] - [powerpc] powerpc/powernv/elog: Fix race while processing OPAL error log event (Diego Domingos) [1907301 1891822] - [block] block: fix incorrect branching in blk_max_size_offset() (Mike Snitzer) [1905136 1903722] - [md] dm: fix IO splitting (Mike Snitzer) [1905136 1903722] - [block] block: fix get_max_io_size() (Mike Snitzer) [1905136 1903722] - [block] block: Improve physical block alignment of split bios (Mike Snitzer) [1905136 1903722] - [block] block: use gcd() to fix chunk_sectors limit stacking (Mike Snitzer) [1905136 1903722] - [netdrv] net/mlx5e: Add LAG warning if bond slave is not lag master (Alaa Hleihel) [1892344 1851709] - [netdrv] net/mlx5e: Add LAG warning for unsupported tx type (Alaa Hleihel) [1892344 1851709] - [netdrv] net/mlx5e: Return a valid errno if can't get lag device index (Alaa Hleihel) [1892344 1851709] - [net] openvswitch: handle DNAT tuple collision (Dumitru Ceara) [1892744 1877128] - [mm] mm/page_idle.c: skip offline pages (Chris von Recklinghausen) [1903019 1867490] - [include] mm/hotplug: invalid PFNs from pfn_to_online_page() (Waiman Long) [1903019 1878006] [4.18.0-240.11.1_3] - [scsi] scsi: core: Return BLK_STS_AGAIN for ALUA transitioning (Ewan Milne) [1900112 1867264] - [scsi] scsi: scsi_dh_alua: Set 'transitioning' state on Unit Attention (Ewan Milne) [1900112 1867264] - [scsi] scsi: scsi_dh_alua: Return BLK_STS_AGAIN for ALUA transitioning state (Ewan Milne) [1900112 1867264] - [block] scsi: block: Return status code in blk_mq_end_request() (Ewan Milne) [1900112 1867264] - [include] compiler_attributes.h: Add 'fallthrough' pseudo keyword for switch/case use (Ivan Vecera) [1900112 1867168] - [net] net: sctp: Rename fallthrough label to unhandled (Ivan Vecera) [1900112 1867168] - [idle] intel_idle: Customize IceLake server support (David Arcari) [1897183 1881620] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29661 CVE-2020-14351 CVE-2020-25705 Oracle Linux 8 [331-1.2] - Fix issue found by covcan - Related: rhbz#1927567 [331-1.1] - Backport security fix for CVE-2021-27135 - Resolves: rhbz#1927567 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27135 Oracle Linux 7 [295-3.1] - Backport security fix for CVE-2021-27135 - Resolves: rhbz#1927564 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27135 Oracle Linux 8 [5.56-5] - Fix CVE-2021-20230 stunnel: client certificate not correctly verified when redirect and verifyChain options are used. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20230 Oracle Linux 8 [78.8.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.8.0-1] - Update to 78.8.0 build2 [78.7.1-1] - Update to 78.7.1 [78.7.0-3] - Fixing install prefix for the homepage CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-23968 CVE-2021-23969 CVE-2021-23978 CVE-2021-23973 Oracle Linux 7 [78.8.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.8.0-1] - Update to 78.8.0 build2 [78.7.1-1] - Update to 78.7.1 [78.7.0-3] - Fixing install prefix for the homepage CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-23968 CVE-2021-23969 CVE-2021-23978 CVE-2021-23973 Oracle Linux 8 [78.8.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.8.0-1] - Update to 78.8.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23968 CVE-2021-23969 CVE-2021-23978 CVE-2021-23973 Oracle Linux 7 [78.8.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.8.0-1] - Update to 78.8.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23968 CVE-2021-23969 CVE-2021-23978 CVE-2021-23973 Oracle Linux 8 [32:9.11.20-5.1] - Fix off-by-one bug in ISC SPNEGO implementation (CVE-2020-8625) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-8625 Oracle Linux 7 [32:9.11.4-26.P2.4] - Fix off-by-one bug in ISC SPNEGO implementation (CVE-2020-8625) [32:9.11.4-26.P2.3] - Fix inline re-signing (#rh1889902) [32:9.11.4-26.P2.2] - Fix unsupported algorithms validation (#rh1769876) [32:9.11.4-26.P2.1] - Fix tsig-request verify (CVE-2020-8622) - Prevent PKCS11 daemon crash on crafted packet (CVE-2020-8623) - Correct update-policy type subdomain to match documentation (CVE-2020-8624) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-8625 Oracle Linux 8 [2.02-90.0.2.el8_3.1] - Fix various coverity issues [Orabug: 32530657] - Add SBAT metadata to grubx64.efi [Orabug: 32530657] - Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327] - Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072] - Update signing certificate for efi binaries - honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497] - set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597] - Update upstream references [Orabug: 26388226] - Copy symvers.gz to /boot during kernel install [Orabug: 29773086] - Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for 18504756 - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - Put 'with' in menuentry instead of 'using' [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-90.el8_3.1] - Fix another batch of CVEs Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Oracle Linux 7 [2.02-0.87.0.8.e7.2] - Enable common subpackage for aarch64 - Disable RHEL patch 0183-efinet-retransmit-if-our-device-is-busy.patch to comply with UEFI spec - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. [Orabug: 32172943] - Fix degradation in multiboot2 code [Orabug: 32069510] - Update signing certificate for efi binaries - Update upstream references [Orabug: 30138841] - Restore symlink to grub environment file, that was removed during grub2-efi update if grub2 package is also installed on UEFI machines [Orabug: 27345750] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for [Orabug: 18504756] - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev) - Put 'with' in menuentry instead of 'using' [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-0.87.e7.2] - Fix another batch of CVEs Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 [2.02-0.87.e7.1] - Fix keyboards that report IBM PC AT scan codes Resolves: rhbz#1892240 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Oracle Linux 8 buildah [1.5-8.gite94b4f9.0.1] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.5-8.gite94b4f9] - bump release to preserve upgrade path - Related: #1821193 [1.5-4.gite94b4f9] - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: #1818127 [1.5-3.gite94b4f9] - re-enable debuginfo [1.5-2.gite94b4f9] - go toolset not in scl anymore [1.5-1.gite94b4f9] - rebase [1.4-3.git608fa84] - fedora-like go compiler macro in buildrequires is enough [1.4-2.git608fa84] - rebase [1.3-3.git4888163] - Resolves: #1615611 - rebuild with gobuild tag 'no_openssl' [1.3-2.git4888163] - Resolves: #1614009 - built with updated scl-ized go-toolset dep - build with %gobuild [1.3-1] - Bump to v1.3 - Vendor in lates containers/image - build-using-dockerfile: let -t include transports again - Block use of /proc/acpi and /proc/keys from inside containers - Fix handling of --registries-conf - Fix becoming a maintainer link - add optional CI test fo darwin - Don't pass a nil error to errors.Wrapf() - image filter test: use kubernetes/pause as a 'since' - Add --cidfile option to from - vendor: update containers/storage - Contributors need to find the CONTRIBUTOR.md file easier - Add a --loglevel option to build-with-dockerfile - Create Development plan - cmd: Code improvement - allow buildah cross compile for a darwin target - Add unused function param lint check - docs: Follow man-pages(7) suggestions for SYNOPSIS - Start using github.com/seccomp/containers-golang - umount: add all option to umount all mounted containers - runConfigureNetwork(): remove an unused parameter - Update github.com/opencontainers/selinux - Fix buildah bud --layers - Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 - main: if unprivileged, reexec in a user namespace - Vendor in latest imagebuilder - Reduce the complexity of the buildah.Run function - mount: output it before replacing lastError - Vendor in latest selinux-go code - Implement basic recognition of the '--isolation' option - Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin - Run(): don't include any default environment variables - build without seccomp - vendor in latest runtime-tools - bind/mount_unsupported.go: remove import errors - Update github.com/opencontainers/runc - Add Capabilities lists to BuilderInfo - Tweaks for commit tests - commit: recognize committing to second storage locations - Fix ARGS parsing for run commands - Add info on registries.conf to from manpage - Switch from using docker to podman for testing in .papr - buildah: set the HTTP User-Agent - ONBUILD tutorial - Add information about the configuration files to the install docs - Makefile: add uninstall - Add tilde info for push to troubleshooting - mount: support multiple inputs - Use the right formatting when adding entries to /etc/hosts - Vendor in latest go-selinux bindings - Allow --userns-uid-map/--userns-gid-map to be global options - bind: factor out UnmountMountpoints - Run(): simplify runCopyStdio() - Run(): handle POLLNVAL results - Run(): tweak terminal mode handling - Run(): rename 'copyStdio' to 'copyPipes' - Run(): don't set a Pdeathsig for the runtime - Run(): add options for adding and removing capabilities - Run(): don't use a callback when a slice will do - setupSeccomp(): refactor - Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers - Escape use of '_' in .md docs - Break out getProcIDMappings() - Break out SetupIntermediateMountNamespace() - Add Multi From Demo - Use the c/image conversion code instead of converting configs manually - Don't throw away the manifest MIME type and guess again - Consolidate loading manifest and config in initConfig - Pass a types.Image to Builder.initConfig - Require an image ID in importBuilderDataFromImage - Use c/image/manifest.GuessMIMEType instead of a custom heuristic - Do not ignore any parsing errors in initConfig - Explicitly handle 'from scratch' images in Builder.initConfig - Fix parsing of OCI images - Simplify dead but dangerous-looking error handling - Don't ignore v2s1 history if docker_version is not set - Add --rm and --force-rm to buildah bud - Add --all,-a flag to buildah images - Separate stdio buffering from writing - Remove tty check from images --format - Add environment variable BUILDAH_RUNTIME - Add --layers and --no-cache to buildah bud - Touch up images man - version.md: fix DESCRIPTION - tests: add containers test - tests: add images test - images: fix usage - fix make clean error - Change 'registries' to 'container registries' in man - add commit test - Add(): learn to record hashes of what we add - Minor update to buildah config documentation for entrypoint - Bump to v1.2-dev - Add registries.conf link to a few man pages [1.2-3] - do not depend on btrfs-progs for rhel8 [1.2-2] - buildah does not require ostree [1.2-1] - Vendor in latest containers/image - build-using-dockerfile: let -t include transports again - Block use of /proc/acpi and /proc/keys from inside containers - Fix handling of --registries-conf - Fix becoming a maintainer link - add optional CI test fo darwin - Don't pass a nil error to errors.Wrapf() - image filter test: use kubernetes/pause as a 'since' - Add --cidfile option to from - vendor: update containers/storage - Contributors need to find the CONTRIBUTOR.md file easier - Add a --loglevel option to build-with-dockerfile - Create Development plan - cmd: Code improvement - allow buildah cross compile for a darwin target - Add unused function param lint check - docs: Follow man-pages(7) suggestions for SYNOPSIS - Start using github.com/seccomp/containers-golang - umount: add all option to umount all mounted containers - runConfigureNetwork(): remove an unused parameter - Update github.com/opencontainers/selinux - Fix buildah bud --layers - Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 - main: if unprivileged, reexec in a user namespace - Vendor in latest imagebuilder - Reduce the complexity of the buildah.Run function - mount: output it before replacing lastError - Vendor in latest selinux-go code - Implement basic recognition of the '--isolation' option - Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin - Run(): don't include any default environment variables - build without seccomp - vendor in latest runtime-tools - bind/mount_unsupported.go: remove import errors - Update github.com/opencontainers/runc - Add Capabilities lists to BuilderInfo - Tweaks for commit tests - commit: recognize committing to second storage locations - Fix ARGS parsing for run commands - Add info on registries.conf to from manpage - Switch from using docker to podman for testing in .papr - buildah: set the HTTP User-Agent - ONBUILD tutorial - Add information about the configuration files to the install docs - Makefile: add uninstall - Add tilde info for push to troubleshooting - mount: support multiple inputs - Use the right formatting when adding entries to /etc/hosts - Vendor in latest go-selinux bindings - Allow --userns-uid-map/--userns-gid-map to be global options - bind: factor out UnmountMountpoints - Run(): simplify runCopyStdio() - Run(): handle POLLNVAL results - Run(): tweak terminal mode handling - Run(): rename 'copyStdio' to 'copyPipes' - Run(): don't set a Pdeathsig for the runtime - Run(): add options for adding and removing capabilities - Run(): don't use a callback when a slice will do - setupSeccomp(): refactor - Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers - Escape use of '_' in .md docs - Break out getProcIDMappings() - Break out SetupIntermediateMountNamespace() - Add Multi From Demo - Use the c/image conversion code instead of converting configs manually - Don't throw away the manifest MIME type and guess again - Consolidate loading manifest and config in initConfig - Pass a types.Image to Builder.initConfig - Require an image ID in importBuilderDataFromImage - Use c/image/manifest.GuessMIMEType instead of a custom heuristic - Do not ignore any parsing errors in initConfig - Explicitly handle 'from scratch' images in Builder.initConfig - Fix parsing of OCI images - Simplify dead but dangerous-looking error handling - Don't ignore v2s1 history if docker_version is not set - Add --rm and --force-rm to buildah bud - Add --all,-a flag to buildah images - Separate stdio buffering from writing - Remove tty check from images --format - Add environment variable BUILDAH_RUNTIME - Add --layers and --no-cache to buildah bud - Touch up images man - version.md: fix DESCRIPTION - tests: add containers test - tests: add images test - images: fix usage - fix make clean error - Change 'registries' to 'container registries' in man - add commit test - Add(): learn to record hashes of what we add - Minor update to buildah config documentation for entrypoint - Add registries.conf link to a few man pages [1.1-1] - Drop capabilities if running container processes as non root - Print Warning message if cmd will not be used based on entrypoint - Update 01-intro.md - Shouldn't add insecure registries to list of search registries - Report errors on bad transports specification when pushing images - Move parsing code out of common for namespaces and into pkg/parse.go - Add disable-content-trust noop flag to bud - Change freenode chan to buildah - runCopyStdio(): don't close stdin unless we saw POLLHUP - Add registry errors for pull - runCollectOutput(): just read until the pipes are closed on us - Run(): provide redirection for stdio - rmi, rm: add test - add mount test - Add parameter judgment for commands that do not require parameters - Add context dir to bud command in baseline test - run.bats: check that we can run with symlinks in the bundle path - Give better messages to users when image can not be found - use absolute path for bundlePath - Add environment variable to buildah --format - rm: add validation to args and all option - Accept json array input for config entrypoint - Run(): process RunOptions.Mounts, and its flags - Run(): only collect error output from stdio pipes if we created some - Add OnBuild support for Dockerfiles - Quick fix on demo readme - run: fix validate flags - buildah bud should require a context directory or URL - Touchup tutorial for run changes - Validate common bud and from flags - images: Error if the specified imagename does not exist - inspect: Increase err judgments to avoid panic - add test to inspect - buildah bud picks up ENV from base image - Extend the amount of time travis_wait should wait - Add a make target for Installing CNI plugins - Add tests for namespace control flags - copy.bats: check ownerships in the container - Fix SELinux test errors when SELinux is enabled - Add example CNI configurations - Run: set supplemental group IDs - Run: use a temporary mount namespace - Use CNI to configure container networks - add/secrets/commit: Use mappings when setting permissions on added content - Add CLI options for specifying namespace and cgroup setup - Always set mappings when using user namespaces - Run(): break out creation of stdio pipe descriptors - Read UID/GID mapping information from containers and images - Additional bud CI tests - Run integration tests under travis_wait in Travis - build-using-dockerfile: add --annotation - Implement --squash for build-using-dockerfile and commit - Vendor in latest container/storage for devicemapper support - add test to inspect - Vendor github.com/onsi/ginkgo and github.com/onsi/gomega - Test with Go 1.10, too - Add console syntax highlighting to troubleshooting page - bud.bats: print '' before checking its contents - Manage 'Run' containers more closely - Break Builder.Run()'s 'run runc' bits out - util.ResolveName(): handle completion for tagged/digested image names - Handle /etc/hosts and /etc/resolv.conf properly in container - Documentation fixes - Make it easier to parse our temporary directory as an image name - Makefile: list new pkg/ subdirectoris as dependencies for buildah - containerImageSource: return more-correct errors - API cleanup: PullPolicy and TerminalPolicy should be types - Make 'run --terminal' and 'run -t' aliases for 'run --tty' - Vendor github.com/containernetworking/cni v0.6.0 - Update github.com/containers/storage - Update github.com/projectatomic/libpod - Add support for buildah bud --label - buildah push/from can push and pull images with no reference - Vendor in latest containers/image - Update gometalinter to fix install.tools error - Update troubleshooting with new run workaround - Added a bud demo and tidied up - Attempt to download file from url, if fails assume Dockerfile - Add buildah bud CI tests for ENV variables - Re-enable rpm .spec version check and new commit test - Update buildah scratch demo to support el7 - Added Docker compatibility demo - Update to F28 and new run format in baseline test - Touchup man page short options across man pages - Added demo dir and a demo. chged distrorlease - builder-inspect: fix format option - Add cpu-shares short flag (-c) and cpu-shares CI tests - Minor fixes to formatting in rpm spec changelog - Fix rpm .spec changelog formatting - CI tests and minor fix for cache related noop flags - buildah-from: add effective value to mount propagation [1.0-1] - Remove buildah run cmd and entrypoint execution - Add Files section with registries.conf to pertinent man pages - Force 'localhost' as a default registry - Add --compress, --rm, --squash flags as a noop for bud - Add FIPS mode secret to buildah run and bud - Add config --comment/--domainname/--history-comment/--hostname - Add support for --iidfile to bud and commit - Add /bin/sh -c to entrypoint in config - buildah images and podman images are listing different sizes - Remove tarball as an option from buildah push --help - Update entrypoint behaviour to match docker - Display imageId after commit - config: add support for StopSignal - Allow referencing stages as index and names - Add multi-stage builds support - Vendor in latest imagebuilder, to get mixed case AS support - Allow umount to have multi-containers - Update buildah push doc - buildah bud walks symlinks - Imagename is required for commit atm, update manpage [0.16-3.git532e267] - Resolves: #1573681 - built commit 532e267 [0.16.0-2.git6f7d05b] - built commit 6f7d05b [0.16-1] - Add support for shell - Vendor in latest containers/image - docker-archive generates docker legacy compatible images - Do not create subdirectories for layers with no configs - Ensure the layer IDs in legacy docker/tarfile metadata are unique - docker-archive: repeated layers are symlinked in the tar file - sysregistries: remove all trailing slashes - Improve docker/* error messages - Fix failure to make auth directory - Create a new slice in Schema1.UpdateLayerInfos - Drop unused storageImageDestination.{image,systemContext} - Load a *storage.Image only once in storageImageSource - Support gzip for docker-archive files - Remove .tar extension from blob and config file names - ostree, src: support copy of compressed layers - ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size - image: fix docker schema v1 -> OCI conversion - Add /etc/containers/certs.d as default certs directory - Change image time to locale, add troubleshooting.md, add logo to other mds - Allow --cmd parameter to have commands as values - Document the mounts.conf file - Fix man pages to format correctly - buildah from now supports pulling images using the following transports: - docker-archive, oci-archive, and dir. - If the user overrides the storage driver, the options should be dropped - Show Config/Manifest as JSON string in inspect when format is not set - Adds feature to pull compressed docker-archive files [0.15-1] - Fix handling of buildah run command options [0.14-1] - If commonOpts do not exist, we should return rather then segfault - Display full error string instead of just status - Implement --volume and --shm-size for bud and from - Fix secrets patch for buildah bud - Fixes the naming issue of blobs and config for the dir transport by removing the .tar extension [0.13-1.git99066e0] - use correct version [0.12-4.git99066e0] - enable debuginfo [0.12-3.git99066e0] - BR: libseccomp-devel [0.12-2.git99066e0] - Resolves: #1548535 - built commit 99066e0 [0.12-1] - Added handing for simpler error message for Unknown Dockerfile instructions. - Change default certs directory to /etc/containers/certs.dir - Vendor in latest containers/image - Vendor in latest containers/storage - build-using-dockerfile: set the 'author' field for MAINTAINER - Return exit code 1 when buildah-rmi fails - Trim the image reference to just its name before calling getImageName - Touch up rmi -f usage statement - Add --format and --filter to buildah containers - Add --prune,-p option to rmi command - Add authfile param to commit - Fix --runtime-flag for buildah run and bud - format should override quiet for images - Allow all auth params to work with bud - Do not overwrite directory permissions on --chown - Unescape HTML characters output into the terminal - Fix: setting the container name to the image - Prompt for un/pwd if not supplied with --creds - Make bud be really quiet - Return a better error message when failed to resolve an image - Update auth tests and fix bud man page [0.11-3.git49095a8] - Resolves: #1542236 - add ostree and bump runc dep [0.11-2.git49095a8] - rebased to 49095a83f8622cf69532352d183337635562e261 [0.11-1] - Add --all to remove containers - Add --all functionality to rmi - Show ctrid when doing rm -all - Ignore sequential duplicate layers when reading v2s1 - Lots of minor bug fixes - Vendor in latest containers/image and containers/storage [0.10-2] - Fix checkin [0.10-1] - Display Config and Manifest as strings - Bump containers/image - Use configured registries to resolve image names - Update to work with newer image library - Add --chown option to add/copy commands [0.9-2.git04ea079] - build for all arches [0.9-1] - Allow push to use the image id - Make sure builtin volumes have the correct label [0.8-1] - Buildah bud was failing on SELinux machines, this fixes this - Block access to certain kernel file systems inside of the container [0.7-1] - Ignore errors when trying to read containers buildah.json for loading SELinux reservations - Use credentials from kpod login for buildah - Adds support for converting manifest types when using the dir transport - Rework how we do UID resolution in images - Bump github.com/vbatts/tar-split - Set option.terminal appropriately in run [0.5-5.gitf7dc659] - revert building for s390x, it is intended for rhel 7.5 [0.5-4] - Add requires for container-selinux [0.5-3.gitf7dc659] - build for s390x, https://bugzilla.redhat.com/show_bug.cgi?id=1482234 [0.5-2] - Bump github.com/vbatts/tar-split - Fixes CVE That could allow a container image to cause a DOS [0.5-1] - Add secrets patch to buildah - Add proper SELinux labeling to buildah run - Add tls-verify to bud command - Make filtering by date use the image's date - images: don't list unnamed images twice - Fix timeout issue - Add further tty verbiage to buildah run - Make inspect try an image on failure if type not specified - Add support for - Tons of bug fixes and code cleanup [0.4-2.git01db066] - bump to latest version - set GIT_COMMIT at build-time [0.4-1.git9cbccf88c] - Add default transport to push if not provided - Avoid trying to print a nil ImageReference - Add authentication to commit and push - Add information on buildah from man page on transports - Remove --transport flag - Run: do not complain about missing volume locations - Add credentials to buildah from - Remove export command - Run(): create the right working directory - Improve 'from' behavior with unnamed references - Avoid parsing image metadata for dates and layers - Read the image's creation date from public API - Bump containers/storage and containers/image - Don't panic if an image's ID can't be parsed - Turn on --enable-gc when running gometalinter - rmi: handle truncated image IDs [0.4-1.git9cbccf8] - bump to v0.4 [0.3-4.gitb9b2a8a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.3-3.gitb9b2a8a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.3-2.gitb9b2a8a7e] - Bump for inclusion of OCI 1.0 Runtime and Image Spec [0.2.0-1.gitac2aad6] - buildah run: Add support for -- ending options parsing - buildah Add/Copy support for glob syntax - buildah commit: Add flag to remove containers on commit - buildah push: Improve man page and help information - buildah run: add a way to disable PTY allocation - Buildah docs: clarify --runtime-flag of run command - Update to match newer storage and image-spec APIs - Update containers/storage and containers/image versions - buildah export: add support - buildah images: update commands - buildah images: Add JSON output option - buildah rmi: update commands - buildah containers: Add JSON output option - buildah version: add command - buildah run: Handle run without an explicit command correctly - Ensure volume points get created, and with perms - buildah containers: Add a -a/--all option [0.1.0-2.git597d2ab9] - Release Candidate 1 - All features have now been implemented. [0.0.1-1.git7a0a5333] - First package for Fedora containernetworking-plugins [0.7.4-4.git9ebe139] - bump release to preserve upgrade path - Related: #1821193 [0.7.4-3.git9ebe139] - re-enable debuginfo [0.7.4-2.git9ebe139] - rebase, removed patch that is already upstream [0.7.3-7.git19f2f28] - go tools not in scl anymore [0.7.3-6.git19f2f28] - correct tag specification format in %gobuild macro [0.7.3-5.git19f2f28] - Resolves: #1616062 - patch to revert coreos/go-iptables bump [0.7.3-4.git19f2f28] - Resolves:#1603012 - fix versioning, upstream got it wrong at 7.2 [0.7.2-3.git19f2f28] - disable i686 temporarily for appstream builds - update golang deps and gobuild definition [0.7.2-2.git19f2f28] - rebase [0.7.0-103.gitdd8ff8a] - enable scl with the toolset [0.7.0-102.gitdd8ff8a] - remove devel and unittest subpackages - use new go-toolset deps [0.7.0-101] - rebase - patches already upstream, removed [0.6.0-6] - Imported from Fedora - Renamed CNI -> plugins [0.6.0-4] - Own the libexec cni directory [0.6.0-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.6.0-2] - skip settling IPv4 addresses [0.6.0-1] - rebased to 7480240de9749f9a0a5c8614b17f1f03e0c06ab9 [0.5.2-7] - do not install to /opt (against Fedora Guidelines) [0.5.2-6] - Enable devel subpackage [0.5.2-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.5.2-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.5.2-3] - excludearch: ppc64 as it's not in goarches anymore - re-enable s390x [0.5.2-2] - upstream moved to github.com/containernetworking/plugins - built commit dcf7368 - provides: containernetworking-plugins - use vendored deps because they're a lot less of a PITA - excludearch: s390x for now (rhbz#1466865) [0.5.2-1] - Update to 0.5.2 - Softlink to default /opt/cni/bin directories [0.5.1-1] - Initial package container-selinux [2:2.124.0-1.gitf958d0c] - update to 2.124.0 - Resolves: #1816541 [2:2.94-2.git1e99f1d] - rebuild because of CVE-2019-9512 and CVE-2019-9514 - Resolves: #1766316, #1766215 [2:2.94-1.git1e99f1d] - Resolves: #1690286 - bump to v2.94 - Resolves: #1693806, #1689255 [2:2.89-1.git2521d0d] - bump to v2.89 [2:2.75-1.git99e2cfd] - bump to v2.75 - built commit 99e2cfd [2:2.74-1] - Resolves: #1641655 - bump to v2.74 - built commit a62c2db [2:2.73-3] - tweak macro for fedora - applies to rhel8 as well [2:2.73-2] - moved changelog entries: - Define spc_t as a container_domain, so that container_runtime will transition to spc_t even when setup with nosuid. - Allow container_runtimes to setattr on callers fifo_files - Fix restorecon to not error on missing directory [2.69-3] - Make sure we pull in the latest selinux-policy [2.69-2] - Add map support to container-selinux for RHEL 7.5 - Dontudit attempts to write to kernel_sysctl_t [2.68-1] - Add label for /var/lib/origin - Add customizable_file_t to customizable_types [2.67-1] - Add policy for container_logreader_t [2.66-1] - Allow dnsmasq to dbus chat with spc_t [2.64-1] - Allow containers to create all socket classes [2.62-1] - Label overlay directories under /var/lib/containers/ correctly [2.61-1] - Allow spc_t to load kernel modules from inside of container [2.60-1] - Allow containers to list cgroup directories - Transition for unconfined_service_t to container_runtime_t when executing container_runtime_exec_t. [2.58-2] - Run restorecon /usr/bin/podman in postinstall [2.58-1] - Add labels to allow podman to be run from a systemd unit file [2.57-1] - Set the version of SELinux policy required to the latest to fix build issues. [2.56-1] - Allow container_runtime_t to transition to spc_t over unlabeled files [2.55-1] Allow iptables to read container state Dontaudit attempts from containers to write to /proc/self Allow spc_t to change attributes on container_runtime_t fifo files [2.52-1] - Add better support for writing custom selinux policy for customer container domains. [2.51-1] - Allow shell_exec_t as a container_runtime_t entrypoint [2.50-1] - Allow bin_t as a container_runtime_t entrypoint [2.49-1] - Add support for MLS running container runtimes - Add missing allow rules for running systemd in a container [2.48-1] - Update policy to match master branch - Remove typebounds and replace with nnp_transition and nosuid_transition calls [2.41-1] - Add support to nnp_transition for container domains - Eliminates need for typebounds. [2.40-1] - Allow container_runtime_t to use user ttys - Fixes bounds check for container_t [2.39-1] - Allow container runtimes to use interited terminals. This helps satisfy the bounds check of container_t versus container_runtime_t. [2.38-1] - Allow container runtimes to mmap container_file_t devices - Add labeling for rhel push plugin [2.37-1] - Allow containers to use inherited ttys - Allow ostree to handle labels under /var/lib/containers/ostree [2.36-1] - Allow containers to relabelto/from all file types to container_file_t [2.35-1] - Allow container to map chr_files labeled container_file_t [2.34-1] - Dontaudit container processes getattr on kernel file systems [2.33-1] - Allow containers to read /etc/resolv.conf and /etc/hosts if volume - mounted into container. [2.32-1] - Make sure users creating content in /var/lib with right labels [2.31-1] - Allow the container runtime to dbus chat with dnsmasq - add dontaudit rules for container trying to write to /proc [2.29-1] - Add support for lxcd - Add support for labeling of tmpfs storage created within a container. [2.28-1] - Allow a container to umount a container_file_t filesystem [2.27-1] - Allow container runtimes to work with the netfilter sockets - Allow container_file_t to be an entrypoint for VM's - Allow spc_t domains to transition to svirt_t [2.24-1] - Make sure container_runtime_t has all access of container_t [2.23-1] - Allow container runtimes to create sockets in tmp dirs [2.22-1] - Add additonal support for crio labeling. [2.21-3] - Fixup spec file conditionals [2:2.21-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [2.21-1] - Allow containers to execmod on container_share_t files. [2.20-2] - Relabel runc and crio executables [2.20-1] - Allow container processes to getsession [2:2.19-2.1] - update release tag to isolate from 7.3 [2:2.19-1] - Fix mcs transition problem on stdin/stdout/stderr - Add labels for CRI-O - Allow containers to use tunnel sockets [2:2.15-1.1] - Resolves: #1451289 - rebase to v2.15 - built @origin/RHEL-1.12 commit 583ca40 [2:2.10-2.1] - Make sure we have a late enough version of policycoreutils [2:2.10-1] - Update to the latest container-selinux patch from upstream - Label files under /usr/libexec/lxc as container_runtime_exec_t - Give container_t access to XFRM sockets - Allow spc_t to dbus chat with init system - Allow containers to read cgroup configuration mounted into a container [2:2.9-4] - Resolves: #1425574 - built commit 79a6d70 [2:2.9-3] - Resolves: #1420591 - built @origin/RHEL-1.12 commit 8f876c4 [2:2.9-2] - built @origin/RHEL-1.12 commit 33cb78b [2:2.8-2] - [2:2.7-1] - built origin/RHEL-1.12 commit 21dd37b [2:2.4-2] - correct version-release in changelog entries [2:2.4-1] - Add typebounds statement for container_t from container_runtime_t - We should only label runc not runc* [2:2.3-1] - Fix labeling on /usr/bin/runc.* - Add sandbox_net_domain access to container.te - Remove containers ability to look at /etc content [2:2.2-4] - use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7 [2:2.2-3] - properly disable docker module in %post [2:2.2-2] - depend on selinux-policy-targeted - relabel docker-latest* files as well [2:2.2-1] - bump to v2.2 - additional labeling for ocid [2:2.0-2] - install policy at level 200 - From: Dan Walsh <dwalsh@redhat.com> [2:2.0-1] - Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a standalone package) - include projectatomic/RHEL-1.12 branch commit for building on centos/rhel [2:1.12.4-29] - new package (separated from docker) criu fuse-overlayfs [0.3-5] - revert fuse-overlayfs to commit 6d269aa - Resolves: #1720707 [0.3-4.dev.gitd760789] - rebase [0.3-2] - rebase - Resolves:#1666510 [0.1-7.dev.git50c7a50] - Resolves: #1640232 - built commit 50c7a50 [0.1-6.dev.git1c72a1a] - Resolves: #1614856 - add manpage - built commit 1c72a1a - add BR: go-md2man [0.1-5.dev.gitd40ac75] - built commit d40ac75 - remove fedora bz ids - Exclude ix86 and ppc64 [0.1-4.dev.git79c70fd] - Resolves: #1609598 - initial upload to Fedora - bundled gnulib [0.1-3.dev.git79c70fd] - correct license field [0.1-2.dev.git79c70fd] - fix license [0.1-1.dev.git13575b6] - First package for Fedora oci-systemd-hook oci-umount podman [1.0.0-8.git921f98f] - fix 'podman can not create user inside of container' regression introduced by patch for CVE-2021-20188 - Related: #1918285 [1.0.0-7.git921f98f] - fix CVE-2021-20188 - Resolves: #1918285 [1.0.0-6.git921f98f] - fix 'podman run errors out/segfaults in container-tools-1.0-8.3.0' - Resolves: #1882267 [1.0.0-5.git921f98f] - bump release to preserve upgrade path - Resolves: #1821193 [1.0.0-4.git921f98f] - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: #1818122 [1.0.0-3.git921f98f] - rebuild because of CVE-2019-9512 and CVE-2019-9514 - Resolves: #1766294, #1766322 [1.0.0-2.git921f98f] - rebase [1.0.0-1.git82e8011] - rebase to v1, yay! - rebase conmon to 9b1f0a08285a7f74b21cc9b6bfd98a48905a7ba2 - Resolves:#1623282 - python interface removed, moved to https://github.com/containers/python-podman/ [0.12.1.2-4.git9551f6b] - re-enable debuginfo [0.12.1.2-3.git9551f6b] - python libraries added - resolves: #1657180 [0.12.1.2-2.git9551f6b] - rebase [0.11.1.1-3.git594495d] - go tools not in scl anymore [0.11.1.1-2.git594495d] - fedora-like buildrequires go toolset [0.11.1.1-1.git594495d] - Resolves: #1636230 - build with FIPS enabled golang toolchain - bump to v0.11.1.1 - built commit 594495d [0.11.1-3.gita4adfe5] - podman-docker provides docker - Resolves: #1650355 [0.11.1-2.gita4adfe5] - Require platform-python-setuptools instead of python3-setuptools - Resolves: rhbz#1650144 [0.11.1-1.gita4adfe5] - bump to v0.11.1 - built libpod commit a4adfe5 - built conmon from cri-o commit 464dba6 [0.10.1.3-5.gitdb08685] - Resolves: #1625384 - keep BR: device-mapper-devel but don't build with it - not having device-mapper-devel seems to have brew not recognize %{_unitdir} [0.10.1.3-4.gitdb08685] - Resolves: #1625384 - correctly add buildtags to remove devmapper [0.10.1.3-3.gitdb08685] - Resolves: #1625384 - build without device-mapper-devel (no podman support) and lvm2 [0.10.1.3-2.gitdb08685] - Resolves: #1625384 - depend on lvm2 [0.10.1.3-1.gitdb08685] - Resolves: #1640298 - update vendored buildah to allow building when there are running containers - bump to v0.10.1.3 - built podman commit db08685 [0.10.1.2-1.git2b4f8d1] - Resolves: #1625378 - bump to v0.10.1.2 - built podman commit 2b4f8d1 [0.10.1.1-1.git4bea3e9] - bump to v0.10.1.1 - built podman commit 4bea3e9 [0.10.1-1.gite4a1553] - bump podman to v0.10.1 - built podman commit e4a1553 - built conmon from cri-o commit a30f93c [0.9.3.1-4.git1cd906d] - rebased cri-o to 1.11.6 [0.9.3.1-3.git1cd906d] - rebase [0.9.2-2.git37a2afe] - rebase to podman 0.9.2 - rebase to cri-o 0.11.4 [0.9.1.1-2.git123de30] - rebase [0.8.4-1.git9f9b8cf] - bump to v0.8.4 - built commit 9f9b8cf - upstream username changed from projectatomic to containers - use containernetworking-plugins >= 0.7.3-5 [0.8.2.1-2.git7a526bb] - Resolves: #1615607 - rebuild with gobuild tag 'no_openssl' [0.8.2.1-1.git7a526bb] - Upstream 0.8.2.1 release - Add support for podman-docker Resolves: rhbz#1615104 [0.8.2-1.dev.git8b2d38e] - Resolves: #1614710 - podman search name includes registry - bump to v0.8.2-dev - built libpod commit 8b2d38e - built conmon from cri-o commit acc0ee7 [0.8.1-2.git6b4ab2a] - Add recommends for slirp4netns and container-selinux [0.8.1-2.git6b4ab2a] - bump to v0.8.1 - use %go{build,generate} instead of go build and go generate - update go deps to use scl-ized builds - No need for Makefile patch for python installs [0.8.1-1.git6b4ab2a] - Bump to v0.8.1 [0.7.4-2.git079121] - podman should not require atomic-registries [0.7.4-1.dev.git9a18681] - bump to v0.7.4-dev - built commit 9a18681 [0.7.3-2.git079121] - Turn on ostree support - Upstream 0.7.3 [0.7.2-2.git4ca4c5f] - Upstream 0.7.2 release [0.7.1-3.git84cfdb2] - rebuilt [0.7.1-2.git84cfdb2] - rebase to 84cfdb2 [0.7.1-1.git802d4f2] - Upstream 0.7.1 release [0.6.4-2.gitd5beb2f] - disable devel and unittest subpackages - include conditionals for rhel-8.0 [0.6.4-1.gitd5beb2f] - do not compress debuginfo with dwz to support delve debugger [0.6.1-3.git3e0ff12] - do not compress debuginfo with dwz to support delve debugger [0.6.1-2.git3e0ff12] - bash completion shouldn't have shebang [0.6.1-1.git3e0ff12] - Resolves: #1584429 - drop capabilities when running a container as non-root - bump to v0.6.1 - built podman commit 3e0ff12 - built conmon from cri-o commit 1c0c3b0 - drop containernetworking-plugins subpackage, it's now split out into a standalone package [0.4.1-4.gitb51d327] - Resolves: #1572538 - build host-device and portmap plugins [0.4.1-3.gitb51d327] - correct dep on containernetworking-plugins [0.4.1-2.gitb51d327] - add containernetworking-plugins v0.7.0 as a subpackage (podman dep) - release tag for the containernetworking-plugins is actually gotten from podman release tag. [0.4.1-1.gitb51d327] - bump to v0.4.1 - built commit b51d327 [0.3.3-1.dev.gitbc358eb] - built podman commit bc358eb - built conmon from cri-o commit 712f3b8 [0.3.2-1.gitf79a39a] - Release 0.3.2-1 [0.3.1-2.git98b95ff] - Correct RPM version [0.3.1-1-gitc187538] - Release 0.3.1-1 [0.2.2-2.git525e3b1] - Build on ARMv7 too (Fedora supports containers on that arch too) [0.2.2-1.git525e3b1] - Release 0.2.2 [0.2.1-1.git3d0100b] - Release 0.2.1 [0.2-3.git3d0100b] - Add dep for atomic-registries [0.2-2.git3d0100b] - Add more 64bit arches - Add containernetworking-cni dependancy - Add iptables dependancy [0-2.1.git3d0100] - Release 0.2 [0-0.3.git367213a] - Resolves: #1541554 - first official build - built commit 367213a [0-0.2.git0387f69] - built commit 0387f69 [0-0.1.gitc1b2278] - First package for Fedora runc [1.0.0-56.rc5.dev.git2abd837] - rebuild because of CVE-2019-9512 and CVE-2019-9514 - Resolves: #1766328, #1766300 [1.0.0-55.rc5.dev.git2abd837] - Resolves: #1665770 - rootfs: umount all procfs and sysfs with --no-pivot - Resolves: CVE-2019-5736 [1.0.0-54.rc5.dev.git2abd837] - re-enable debuginfo [1.0.0-53.rc5.dev.git2abd837] - go toolset not in scl anymore [1.0.0-52.rc5.dev.git2abd837] - rebase [2:1.0.0-51.dev.gitfdd8055] - Fix handling of tmpcopyup [2:1.0.0-49.rc5.dev.gitb4e2ecb] - %gobuild uses no_openssl - remove unused devel and unit-test subpackages [2:1.0.0-48.rc5.dev.gitad0f525] - build with %gobuild - exlude i686 temporarily because of go-toolset issues [1.0.0-47.dev.gitb4e2ecb] - Rebuild with fixed binutils [2:1.0.0-46.dev.gitb4e2ecb] - Add patch https://github.com/opencontainers/runc/pull/1807 to allow - runc and podman to work with sd_notify [2:1.0.0-40.rc5.dev.gitad0f525] - Remove sysclt handling, not needed in RHEL8 - Make sure package built with seccomp flags - Remove rectty - Add completions [2:1.0.0-36.rc5.dev.gitad0f525] - Better handling of user namespace [2:1.0.0-31.rc5.git0cbfd83] - Fix issues between SELinux and UserNamespace [1.0.0-27.rc5.dev.git4bb1fe4] - rebuilt, placed missing changelog entry back [2:1.0.0-26.rc5.git4bb1fe4] - release v1.0.0~rc5 [1.0.0-26.rc4.git9f9c962] - Bump to the latest from upstream [1.0.0-25.rc4.gite6516b3] - built commit e6516b3 [1.0.0-24.rc4.dev.gitc6e4a1e.1] - rebase to c6e4a1ebeb1a72b529c6f1b6ee2b1ae5b868b14f - https://github.com/opencontainers/runc/pull/1651 [1.0.0-23.rc4.git1d3ab6d] - Resolves: #1524654 [1.0.0-22.rc4.git1d3ab6d] - Many Stability fixes - Many fixes for rootless containers - Many fixes for static builds [1.0.0-21.rc4.dev.gitaea4f21] - enable debuginfo and include -buildmode=pie for go build [1.0.0-20.rc4.dev.gitaea4f21] - use Makefile [1.0.0-19.rc4.dev.gitaea4f21] - disable debuginfo temporarily [1.0.0-18.rc4.dev.gitaea4f21] - enable debuginfo [1.0.0-17.rc4.gitaea4f21] - Add container-selinux prerequires to make sure runc is labeled correctly [1.0.0-16.rc4.dev.gitaea4f21] - correct the release tag 'rc4dev' -> 'rc4.dev' cause I'm OCD [1.0.0-15.rc4dev.gitaea4f21] - Use the same checkout as Fedora for lates CRI-O [1.0.0-14.rc4dev.git84a082b] - rebase to 84a082bfef6f932de921437815355186db37aeb1 [1.0.0-13.rc3.gitd40db12] - Resolves: #1479489 - built commit d40db12 [1.0.0-12.1.gitf8ce01d] - disable s390x temporarily because of indefinite wait times on brew [1.0.0-11.1.gitf8ce01d] - correct previous bogus date : [1.0.0-10.1.gitf8ce01d] - Resolves: #1441737 - run sysctl_apply for sysctl knob [1.0.0-9.1.gitf8ce01d] - Resolves: #1447078 - change default root path - add commit e800860 from runc @projectatomic/change-root-path [1.0.0-8.1.gitf8ce01d] - Resolves: #1441737 - enable kernel sysctl knob /proc/sys/fs/may_detach_mounts [1.0.0-7.1.gitf8ce01d] - Resolves: #1429675 - built @opencontainers/master commit f8ce01d [1.0.0-4.1.gitee992e5] - built @projectatomic/master commit ee992e5 [1.0.0-3.rc2] - Resolves: #1426674 - built projectatomic/runc_rhel_7 commit 5d93f81 [1.0.0-2.rc2] - Resolves: #1419702 - rebase to latest upstream master - built commit b263a43 [1.0.0-1.rc2] - Resolves: #1412239 - *CVE-2016-9962* - set init processes as non-dumpable, runc patch from Michael Crosby <crosbymichael@gmail.com> [0.1.1-6] - Resolves: #1373980 - rebuild for 7.3.0 [0.1.1-5] - build with golang >= 1.6.2 [0.1.1-4] - release tags were inconsistent in the previous build [0.1.1-1] - Resolves: #1341267 - rebase runc to v0.1.1 [0.1.0-3] - add selinux build tag - add BR: libseccomp-devel [0.1.0-2] - Resolves: #1328970 - add seccomp buildtag [0.1.0-1] - Resolves: rhbz#1328616 - rebase to v0.1.0 [0.0.8-1.git4155b68] - Resolves: rhbz#1277245 - bump to 0.0.8 - Resolves: rhbz#1302363 - criu is a runtime dep - Resolves: rhbz#1302348 - libseccomp-golang is bundled in Godeps - manpages included [1:0.0.5-0.1.git97bc9a7] - Update to 0.0.5, introduce Epoch for Fedora due to 0.2 version instead of 0.0.2 [0.2-0.2.git90e6d37] - First package for Fedora resolves: #1255179 skopeo [1:0.1.32-6.git1715c90.0.1] - Update registry conf file [Orabug: 31306708] - Add oracle registry into the conf file [Orabug: 29845934] - Fix oracle registry login issues [Orabug: 29937192] [1:0.1.32-6.git1715c90] - bump release to preserve upgrade path - Related: #1821193 [1:0.1.32-4.git1715c90] - rebuild because of CVE-2019-9512 and CVE-2019-9514 - Resolves: #1772130, #1772135 [1:0.1.32-3.git1715c90] - rebase [1:0.1.32-2.git1715c90] - re-enable debuginfo [1:0.1.31-12.gitb0b750d] - go tools not in scl anymore [1:0.1.31-11.gitb0b750d] - Resolves: #1615609 - built upstream tag v0.1.31 [1:0.1.31-10.git0144aa8] - Resolves: #1616069 - correct order of registries [1:0.1.31-9.git0144aa8] - Resolves: #1615609 - rebuild with gobuild tag 'no_openssl' [1:0.1.31-8.git0144aa8] - Resolves: #1614934 - containers-common soft dep on slirp4netns and fuse-overlayfs [1:0.1.31-7.git0144aa8] - build with %gobuild - use scl-ized go-toolset as dep - disable i686 builds temporarily because of go-toolset issues [1:0.1.31-6.git0144aa8] - add statx to seccomp.json to containers-config - add seccomp.json to containers-config [1:0.1.31-4.git0144aa8] - Resolves: #1597629 - handle dependency issue for skopeo-containers - rename skopeo-containers to containers-common as in Fedora [1:0.1.31-3.git0144aa8] - Resolves: #1583762 - btrfs dep removal needs exclude_graphdriver_btrfs buildtag [1:0.1.31-2.git0144aa8] - correct bz in previous changelog [1:0.1.31-1.git0144aa8] - Resolves: #1580938 - resolve FTBFS - Resolves: #1583762 - remove dependency on btrfs-progs-devel - bump to v0.1.31 (from master) - built commit ca3bff6 - use go-toolset deps for rhel8 [0.1.29-5.git7add6fc] - Fix small typo in registries.conf [0.1.29-4.git] - Add policy.json.5 [0.1.29-3.git] - Add registries.conf [0.1.29-2.git] - Add registries.conf man page [0.1.29-1.git] - bump to 0.1.29-1 - Updated containers/image docker-archive generates docker legacy compatible images Do not create subdirectories for layers with no configs Ensure the layer IDs in legacy docker/tarfile metadata are unique docker-archive: repeated layers are symlinked in the tar file sysregistries: remove all trailing slashes Improve docker/* error messages Fix failure to make auth directory Create a new slice in Schema1.UpdateLayerInfos Drop unused storageImageDestination.{image,systemContext} Load a *storage.Image only once in storageImageSource Support gzip for docker-archive files Remove .tar extension from blob and config file names ostree, src: support copy of compressed layers ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size image: fix docker schema v1 -> OCI conversion Add /etc/containers/certs.d as default certs directory [0.1.28-2.git0270e56] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.1.28-1.git] - Vendor in fixed libraries in containers/image and containers/storage [0.1.27-1.git] - Fix Conflicts to Obsoletes - Add better docs to man pages. - Use credentials from authfile for skopeo commands - Support storage='' in /etc/containers/storage.conf - Add global --override-arch and --override-os options [0.1.25-2.git2e8377a7] - Add manifest type conversion to skopeo copy - User can select from 3 manifest types: oci, v2s1, or v2s2 - e.g skopeo copy --format v2s1 --compress-blobs docker-archive:alp.tar dir:my-directory [0.1.25-2.git7fd6f66b] - Force storage.conf to default to overlay [0.1.25-1.git7fd6f66b] - Fix CVE in tar-split - copy: add shared blob directory support for OCI sources/destinations - Aligning Docker version between containers/image and skopeo - Update image-tools, and remove the duplicate Sirupsen/logrus vendor - makefile: use -buildmode=pie [0.1.24-8.git28d4e08a] - Add /usr/share/containers/mounts.conf [0.1.24-7.git28d4e08a] - Bug fixes - Update to release [0.1.24-6.dev.git28d4e08] - skopeo-containers conflicts with docker-rhsubscription <= 2:1.13.1-31 [0.1.24-5.dev.git28d4e08] - Add rhel subscription secrets data to skopeo-containers [0.1.24-4.dev.git28d4e08] - Update container/storage.conf and containers-storage.conf man page - Default override to true so it is consistent with RHEL. [0.1.24-3.dev.git28d4e08] - built commit 28d4e08 [0.1.24-2.dev.git875dd2e] - built commit 875dd2e - Resolves: gh#416 [0.1.24-1.dev.gita41cd0] - bump to 0.1.24-dev - correct a prior bogus date - fix macro in comment warning [0.1.23-6.dev.git1bbd87] - Change name of storage.conf.5 man page to containers-storage.conf.5, since it conflicts with inn package - Also remove default to 'overalay' in the configuration, since we should - allow containers storage to pick the best default for the platform. [0.1.23-5.git1bbd87f] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.1.23-4.git1bbd87f] - Rebuild with binutils fix for ppc64le (#1475636) [0.1.23-3.git1bbd87f] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.1.23-2.dev.git1bbd87] - Fix storage.conf man page to be storage.conf.5.gz so that it works. [0.1.23-1.dev.git1bbd87] - Support for OCI V1.0 Images - Update to image-spec v1.0.0 and revendor - Fixes for authentication [0.1.22-2.dev.git5d24b67] - Epoch: 1 for CentOS as CentOS Extras' build already has epoch set to 1 [0.1.22-1.dev.git5d24b67] - Give more useful help when explaining usage - Also specify container-storage as a valid transport - Remove docker reference wherever possible - vendor in ostree fixes [0.1.21-1.dev.git0b73154] - Add support for storage.conf and storage-config.5.md from github container storage package - Bump to the latest version of skopeo - vendor.conf: add ostree-go - it is used by containers/image for pulling images to the OSTree storage. - fail early when image os does not match host os - Improve documentation on what to do with containers/image failures in test-skopeo - We now have the docker-archive: transport - Integration tests with built registries also exist - Support /etc/docker/certs.d - update image-spec to v1.0.0-rc6 [0.1.20-1.dev.git0224d8c] - BZ #1380078 - New release [0.1.19-2.dev.git0224d8c] - No golang support for ppc64. Adding exclude arch. BZ #1445490 [0.1.19-1.dev.git0224d8c] - bump to v0.1.19-dev - built commit 0224d8c [0.1.17-3.dev.git2b3af4a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [0.1.17-2.dev.git2b3af4a] - Rebuild for gpgme 1.18 [0.1.17-1.dev.git2b3af4a] - bump to 0.1.17-dev [0.1.14-6.git550a480] - Fix BZ#1391932 [0.1.14-5.git550a480] - Conflicts with atomic in skopeo-containers [0.1.14-4.git550a480] - built skopeo-containers [0.1.14-3.gitd830391] - built mtrmac/integrate-all-the-things commit d830391 [0.1.14-2.git362bfc5] - built commit 362bfc5 [0.1.14-1.gitffe92ed] - build origin/master commit ffe92ed [0.1.13-6] - https://fedoraproject.org/wiki/Changes/golang1.7 [0.1.13-5] - include go-srpm-macros and compiler(go-compiler) in fedora conditionals - define %gobuild if not already - add patch to build with older version of golang [0.1.13-4] - update to v0.1.12 [0.1.12-3] - fix go build source path [0.1.12-2] - update to v0.1.12 [0.1.11-1] - update to v0.1.11 [0.1.10-1] - update to v0.1.10 - change runcom -> projectatomic [0.1.9-1] - update to v0.1.9 [0.1.8-1] - update to v0.1.8 [0.1.4-2] - https://fedoraproject.org/wiki/Changes/golang1.6 [0.1.4] - First package for Fedora slirp4netns [0.1-5.dev.gitc4e1bc5] - backport fix for CVE-2020-7039 - Resolves: #1791578 [0.1-4.dev.gitc4e1bc5] - actually add CVE-2019-14378 patch to dist-git - Related: RHELPLAN-25139 [0.1-3.dev.gitc4e1bc5] - Fix CVE-2019-14378 (#1768394). [0.1-2.dev.gitc4e1bc5] - changed summary [0.1-1.dev.gitc4e1bc5] - First package for RHEL 8 - import from Fedora rawhide - Exclude ix86 and ppc64 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20188 Oracle Linux 8 buildah [1.11.6-8.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-8] - exclude i686 arch - Related: #1821193 [1.11.6-7] - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process' - Resolves: #1819393 [1.11.6-6] - fix 'COPY command takes long time with buildah' - Resolves: #1806118 [1.11.6-5] - fix CVE-2020-1702 - Resolves: #1801930 - adding the first phase of FIPS fix - Related: #1784952 [1.11.6-4] - compile in FIPS mode - Related: RHELPLAN-25139 [1.11.6-3] - be sure to use golang >= 1.12.12-4 - Related: RHELPLAN-25139 [1.11.6-2] - fix chroot: unmount with MNT_DETACH instead of UnmountMountpoints() - bug reference 1772179 - Related: RHELPLAN-25139 [1.11.6-1] - update to buildah 1.11.6 - Related: RHELPLAN-25139 [1.11.5-1] - update to buildah 1.11.5 - Related: RHELPLAN-25139 [1.11.4-2] - fix %gobuild macro to not to ignore BUILDTAGS - Related: RHELPLAN-25139 [1.11.4-1] - update to 1.11.4 - Related: RHELPLAN-25139 [1.9.0-5] - Use autosetup macro again. [1.9.0-4] - Fix CVE-2019-10214 (#1734653). [1.9.0-3] - Resolves: #1721247 - enable fips mode [1.9.0-2] - Resolves: #1720654 - tests subpackage depends on golang explicitly [1.9.0-1] - Resolves: #1720654 - rebase to v1.9.0 [1.8.3-1] - Resolves: #1720654 - rebase to v1.8.3 [1.8-0.git021d607] - package system tests [1.5-3.gite94b4f9] - re-enable debuginfo [1.5-2.gite94b4f9] - go toolset not in scl anymore [1.5-1.gite94b4f9] - rebase [1.4-3.git608fa84] - fedora-like go compiler macro in buildrequires is enough [1.4-2.git608fa84] - rebase [1.3-3.git4888163] - Resolves: #1615611 - rebuild with gobuild tag 'no_openssl' [1.3-2.git4888163] - Resolves: #1614009 - built with updated scl-ized go-toolset dep - build with %gobuild [1.3-1] - Bump to v1.3 - Vendor in lates containers/image - build-using-dockerfile: let -t include transports again - Block use of /proc/acpi and /proc/keys from inside containers - Fix handling of --registries-conf - Fix becoming a maintainer link - add optional CI test fo darwin - Don't pass a nil error to errors.Wrapf() - image filter test: use kubernetes/pause as a 'since' - Add --cidfile option to from - vendor: update containers/storage - Contributors need to find the CONTRIBUTOR.md file easier - Add a --loglevel option to build-with-dockerfile - Create Development plan - cmd: Code improvement - allow buildah cross compile for a darwin target - Add unused function param lint check - docs: Follow man-pages(7) suggestions for SYNOPSIS - Start using github.com/seccomp/containers-golang - umount: add all option to umount all mounted containers - runConfigureNetwork(): remove an unused parameter - Update github.com/opencontainers/selinux - Fix buildah bud --layers - Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 - main: if unprivileged, reexec in a user namespace - Vendor in latest imagebuilder - Reduce the complexity of the buildah.Run function - mount: output it before replacing lastError - Vendor in latest selinux-go code - Implement basic recognition of the '--isolation' option - Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin - Run(): don't include any default environment variables - build without seccomp - vendor in latest runtime-tools - bind/mount_unsupported.go: remove import errors - Update github.com/opencontainers/runc - Add Capabilities lists to BuilderInfo - Tweaks for commit tests - commit: recognize committing to second storage locations - Fix ARGS parsing for run commands - Add info on registries.conf to from manpage - Switch from using docker to podman for testing in .papr - buildah: set the HTTP User-Agent - ONBUILD tutorial - Add information about the configuration files to the install docs - Makefile: add uninstall - Add tilde info for push to troubleshooting - mount: support multiple inputs - Use the right formatting when adding entries to /etc/hosts - Vendor in latest go-selinux bindings - Allow --userns-uid-map/--userns-gid-map to be global options - bind: factor out UnmountMountpoints - Run(): simplify runCopyStdio() - Run(): handle POLLNVAL results - Run(): tweak terminal mode handling - Run(): rename 'copyStdio' to 'copyPipes' - Run(): don't set a Pdeathsig for the runtime - Run(): add options for adding and removing capabilities - Run(): don't use a callback when a slice will do - setupSeccomp(): refactor - Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers - Escape use of '_' in .md docs - Break out getProcIDMappings() - Break out SetupIntermediateMountNamespace() - Add Multi From Demo - Use the c/image conversion code instead of converting configs manually - Don't throw away the manifest MIME type and guess again - Consolidate loading manifest and config in initConfig - Pass a types.Image to Builder.initConfig - Require an image ID in importBuilderDataFromImage - Use c/image/manifest.GuessMIMEType instead of a custom heuristic - Do not ignore any parsing errors in initConfig - Explicitly handle 'from scratch' images in Builder.initConfig - Fix parsing of OCI images - Simplify dead but dangerous-looking error handling - Don't ignore v2s1 history if docker_version is not set - Add --rm and --force-rm to buildah bud - Add --all,-a flag to buildah images - Separate stdio buffering from writing - Remove tty check from images --format - Add environment variable BUILDAH_RUNTIME - Add --layers and --no-cache to buildah bud - Touch up images man - version.md: fix DESCRIPTION - tests: add containers test - tests: add images test - images: fix usage - fix make clean error - Change 'registries' to 'container registries' in man - add commit test - Add(): learn to record hashes of what we add - Minor update to buildah config documentation for entrypoint - Bump to v1.2-dev - Add registries.conf link to a few man pages [1.2-3] - do not depend on btrfs-progs for rhel8 [1.2-2] - buildah does not require ostree [1.2-1] - Vendor in latest containers/image - build-using-dockerfile: let -t include transports again - Block use of /proc/acpi and /proc/keys from inside containers - Fix handling of --registries-conf - Fix becoming a maintainer link - add optional CI test fo darwin - Don't pass a nil error to errors.Wrapf() - image filter test: use kubernetes/pause as a 'since' - Add --cidfile option to from - vendor: update containers/storage - Contributors need to find the CONTRIBUTOR.md file easier - Add a --loglevel option to build-with-dockerfile - Create Development plan - cmd: Code improvement - allow buildah cross compile for a darwin target - Add unused function param lint check - docs: Follow man-pages(7) suggestions for SYNOPSIS - Start using github.com/seccomp/containers-golang - umount: add all option to umount all mounted containers - runConfigureNetwork(): remove an unused parameter - Update github.com/opencontainers/selinux - Fix buildah bud --layers - Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 - main: if unprivileged, reexec in a user namespace - Vendor in latest imagebuilder - Reduce the complexity of the buildah.Run function - mount: output it before replacing lastError - Vendor in latest selinux-go code - Implement basic recognition of the '--isolation' option - Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin - Run(): don't include any default environment variables - build without seccomp - vendor in latest runtime-tools - bind/mount_unsupported.go: remove import errors - Update github.com/opencontainers/runc - Add Capabilities lists to BuilderInfo - Tweaks for commit tests - commit: recognize committing to second storage locations - Fix ARGS parsing for run commands - Add info on registries.conf to from manpage - Switch from using docker to podman for testing in .papr - buildah: set the HTTP User-Agent - ONBUILD tutorial - Add information about the configuration files to the install docs - Makefile: add uninstall - Add tilde info for push to troubleshooting - mount: support multiple inputs - Use the right formatting when adding entries to /etc/hosts - Vendor in latest go-selinux bindings - Allow --userns-uid-map/--userns-gid-map to be global options - bind: factor out UnmountMountpoints - Run(): simplify runCopyStdio() - Run(): handle POLLNVAL results - Run(): tweak terminal mode handling - Run(): rename 'copyStdio' to 'copyPipes' - Run(): don't set a Pdeathsig for the runtime - Run(): add options for adding and removing capabilities - Run(): don't use a callback when a slice will do - setupSeccomp(): refactor - Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers - Escape use of '_' in .md docs - Break out getProcIDMappings() - Break out SetupIntermediateMountNamespace() - Add Multi From Demo - Use the c/image conversion code instead of converting configs manually - Don't throw away the manifest MIME type and guess again - Consolidate loading manifest and config in initConfig - Pass a types.Image to Builder.initConfig - Require an image ID in importBuilderDataFromImage - Use c/image/manifest.GuessMIMEType instead of a custom heuristic - Do not ignore any parsing errors in initConfig - Explicitly handle 'from scratch' images in Builder.initConfig - Fix parsing of OCI images - Simplify dead but dangerous-looking error handling - Don't ignore v2s1 history if docker_version is not set - Add --rm and --force-rm to buildah bud - Add --all,-a flag to buildah images - Separate stdio buffering from writing - Remove tty check from images --format - Add environment variable BUILDAH_RUNTIME - Add --layers and --no-cache to buildah bud - Touch up images man - version.md: fix DESCRIPTION - tests: add containers test - tests: add images test - images: fix usage - fix make clean error - Change 'registries' to 'container registries' in man - add commit test - Add(): learn to record hashes of what we add - Minor update to buildah config documentation for entrypoint - Add registries.conf link to a few man pages [1.1-1] - Drop capabilities if running container processes as non root - Print Warning message if cmd will not be used based on entrypoint - Update 01-intro.md - Shouldn't add insecure registries to list of search registries - Report errors on bad transports specification when pushing images - Move parsing code out of common for namespaces and into pkg/parse.go - Add disable-content-trust noop flag to bud - Change freenode chan to buildah - runCopyStdio(): don't close stdin unless we saw POLLHUP - Add registry errors for pull - runCollectOutput(): just read until the pipes are closed on us - Run(): provide redirection for stdio - rmi, rm: add test - add mount test - Add parameter judgment for commands that do not require parameters - Add context dir to bud command in baseline test - run.bats: check that we can run with symlinks in the bundle path - Give better messages to users when image can not be found - use absolute path for bundlePath - Add environment variable to buildah --format - rm: add validation to args and all option - Accept json array input for config entrypoint - Run(): process RunOptions.Mounts, and its flags - Run(): only collect error output from stdio pipes if we created some - Add OnBuild support for Dockerfiles - Quick fix on demo readme - run: fix validate flags - buildah bud should require a context directory or URL - Touchup tutorial for run changes - Validate common bud and from flags - images: Error if the specified imagename does not exist - inspect: Increase err judgments to avoid panic - add test to inspect - buildah bud picks up ENV from base image - Extend the amount of time travis_wait should wait - Add a make target for Installing CNI plugins - Add tests for namespace control flags - copy.bats: check ownerships in the container - Fix SELinux test errors when SELinux is enabled - Add example CNI configurations - Run: set supplemental group IDs - Run: use a temporary mount namespace - Use CNI to configure container networks - add/secrets/commit: Use mappings when setting permissions on added content - Add CLI options for specifying namespace and cgroup setup - Always set mappings when using user namespaces - Run(): break out creation of stdio pipe descriptors - Read UID/GID mapping information from containers and images - Additional bud CI tests - Run integration tests under travis_wait in Travis - build-using-dockerfile: add --annotation - Implement --squash for build-using-dockerfile and commit - Vendor in latest container/storage for devicemapper support - add test to inspect - Vendor github.com/onsi/ginkgo and github.com/onsi/gomega - Test with Go 1.10, too - Add console syntax highlighting to troubleshooting page - bud.bats: print '' before checking its contents - Manage 'Run' containers more closely - Break Builder.Run()'s 'run runc' bits out - util.ResolveName(): handle completion for tagged/digested image names - Handle /etc/hosts and /etc/resolv.conf properly in container - Documentation fixes - Make it easier to parse our temporary directory as an image name - Makefile: list new pkg/ subdirectoris as dependencies for buildah - containerImageSource: return more-correct errors - API cleanup: PullPolicy and TerminalPolicy should be types - Make 'run --terminal' and 'run -t' aliases for 'run --tty' - Vendor github.com/containernetworking/cni v0.6.0 - Update github.com/containers/storage - Update github.com/projectatomic/libpod - Add support for buildah bud --label - buildah push/from can push and pull images with no reference - Vendor in latest containers/image - Update gometalinter to fix install.tools error - Update troubleshooting with new run workaround - Added a bud demo and tidied up - Attempt to download file from url, if fails assume Dockerfile - Add buildah bud CI tests for ENV variables - Re-enable rpm .spec version check and new commit test - Update buildah scratch demo to support el7 - Added Docker compatibility demo - Update to F28 and new run format in baseline test - Touchup man page short options across man pages - Added demo dir and a demo. chged distrorlease - builder-inspect: fix format option - Add cpu-shares short flag (-c) and cpu-shares CI tests - Minor fixes to formatting in rpm spec changelog - Fix rpm .spec changelog formatting - CI tests and minor fix for cache related noop flags - buildah-from: add effective value to mount propagation [1.0-1] - Remove buildah run cmd and entrypoint execution - Add Files section with registries.conf to pertinent man pages - Force 'localhost' as a default registry - Add --compress, --rm, --squash flags as a noop for bud - Add FIPS mode secret to buildah run and bud - Add config --comment/--domainname/--history-comment/--hostname - Add support for --iidfile to bud and commit - Add /bin/sh -c to entrypoint in config - buildah images and podman images are listing different sizes - Remove tarball as an option from buildah push --help - Update entrypoint behaviour to match docker - Display imageId after commit - config: add support for StopSignal - Allow referencing stages as index and names - Add multi-stage builds support - Vendor in latest imagebuilder, to get mixed case AS support - Allow umount to have multi-containers - Update buildah push doc - buildah bud walks symlinks - Imagename is required for commit atm, update manpage [0.16-3.git532e267] - Resolves: #1573681 - built commit 532e267 [0.16.0-2.git6f7d05b] - built commit 6f7d05b [0.16-1] - Add support for shell - Vendor in latest containers/image - docker-archive generates docker legacy compatible images - Do not create subdirectories for layers with no configs - Ensure the layer IDs in legacy docker/tarfile metadata are unique - docker-archive: repeated layers are symlinked in the tar file - sysregistries: remove all trailing slashes - Improve docker/* error messages - Fix failure to make auth directory - Create a new slice in Schema1.UpdateLayerInfos - Drop unused storageImageDestination.{image,systemContext} - Load a *storage.Image only once in storageImageSource - Support gzip for docker-archive files - Remove .tar extension from blob and config file names - ostree, src: support copy of compressed layers - ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size - image: fix docker schema v1 -> OCI conversion - Add /etc/containers/certs.d as default certs directory - Change image time to locale, add troubleshooting.md, add logo to other mds - Allow --cmd parameter to have commands as values - Document the mounts.conf file - Fix man pages to format correctly - buildah from now supports pulling images using the following transports: - docker-archive, oci-archive, and dir. - If the user overrides the storage driver, the options should be dropped - Show Config/Manifest as JSON string in inspect when format is not set - Adds feature to pull compressed docker-archive files [0.15-1] - Fix handling of buildah run command options [0.14-1] - If commonOpts do not exist, we should return rather then segfault - Display full error string instead of just status - Implement --volume and --shm-size for bud and from - Fix secrets patch for buildah bud - Fixes the naming issue of blobs and config for the dir transport by removing the .tar extension [0.13-1.git99066e0] - use correct version [0.12-4.git99066e0] - enable debuginfo [0.12-3.git99066e0] - BR: libseccomp-devel [0.12-2.git99066e0] - Resolves: #1548535 - built commit 99066e0 [0.12-1] - Added handing for simpler error message for Unknown Dockerfile instructions. - Change default certs directory to /etc/containers/certs.dir - Vendor in latest containers/image - Vendor in latest containers/storage - build-using-dockerfile: set the 'author' field for MAINTAINER - Return exit code 1 when buildah-rmi fails - Trim the image reference to just its name before calling getImageName - Touch up rmi -f usage statement - Add --format and --filter to buildah containers - Add --prune,-p option to rmi command - Add authfile param to commit - Fix --runtime-flag for buildah run and bud - format should override quiet for images - Allow all auth params to work with bud - Do not overwrite directory permissions on --chown - Unescape HTML characters output into the terminal - Fix: setting the container name to the image - Prompt for un/pwd if not supplied with --creds - Make bud be really quiet - Return a better error message when failed to resolve an image - Update auth tests and fix bud man page [0.11-3.git49095a8] - Resolves: #1542236 - add ostree and bump runc dep [0.11-2.git49095a8] - rebased to 49095a83f8622cf69532352d183337635562e261 [0.11-1] - Add --all to remove containers - Add --all functionality to rmi - Show ctrid when doing rm -all - Ignore sequential duplicate layers when reading v2s1 - Lots of minor bug fixes - Vendor in latest containers/image and containers/storage [0.10-2] - Fix checkin [0.10-1] - Display Config and Manifest as strings - Bump containers/image - Use configured registries to resolve image names - Update to work with newer image library - Add --chown option to add/copy commands [0.9-2.git04ea079] - build for all arches [0.9-1] - Allow push to use the image id - Make sure builtin volumes have the correct label [0.8-1] - Buildah bud was failing on SELinux machines, this fixes this - Block access to certain kernel file systems inside of the container [0.7-1] - Ignore errors when trying to read containers buildah.json for loading SELinux reservations - Use credentials from kpod login for buildah - Adds support for converting manifest types when using the dir transport - Rework how we do UID resolution in images - Bump github.com/vbatts/tar-split - Set option.terminal appropriately in run [0.5-5.gitf7dc659] - revert building for s390x, it is intended for rhel 7.5 [0.5-4] - Add requires for container-selinux [0.5-3.gitf7dc659] - build for s390x, https://bugzilla.redhat.com/show_bug.cgi?id=1482234 [0.5-2] - Bump github.com/vbatts/tar-split - Fixes CVE That could allow a container image to cause a DOS [0.5-1] - Add secrets patch to buildah - Add proper SELinux labeling to buildah run - Add tls-verify to bud command - Make filtering by date use the image's date - images: don't list unnamed images twice - Fix timeout issue - Add further tty verbiage to buildah run - Make inspect try an image on failure if type not specified - Add support for - Tons of bug fixes and code cleanup [0.4-2.git01db066] - bump to latest version - set GIT_COMMIT at build-time [0.4-1.git9cbccf88c] - Add default transport to push if not provided - Avoid trying to print a nil ImageReference - Add authentication to commit and push - Add information on buildah from man page on transports - Remove --transport flag - Run: do not complain about missing volume locations - Add credentials to buildah from - Remove export command - Run(): create the right working directory - Improve 'from' behavior with unnamed references - Avoid parsing image metadata for dates and layers - Read the image's creation date from public API - Bump containers/storage and containers/image - Don't panic if an image's ID can't be parsed - Turn on --enable-gc when running gometalinter - rmi: handle truncated image IDs [0.4-1.git9cbccf8] - bump to v0.4 [0.3-4.gitb9b2a8a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.3-3.gitb9b2a8a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.3-2.gitb9b2a8a7e] - Bump for inclusion of OCI 1.0 Runtime and Image Spec [0.2.0-1.gitac2aad6] - buildah run: Add support for -- ending options parsing - buildah Add/Copy support for glob syntax - buildah commit: Add flag to remove containers on commit - buildah push: Improve man page and help information - buildah run: add a way to disable PTY allocation - Buildah docs: clarify --runtime-flag of run command - Update to match newer storage and image-spec APIs - Update containers/storage and containers/image versions - buildah export: add support - buildah images: update commands - buildah images: Add JSON output option - buildah rmi: update commands - buildah containers: Add JSON output option - buildah version: add command - buildah run: Handle run without an explicit command correctly - Ensure volume points get created, and with perms - buildah containers: Add a -a/--all option [0.1.0-2.git597d2ab9] - Release Candidate 1 - All features have now been implemented. [0.0.1-1.git7a0a5333] - First package for Fedora cockpit-podman conmon containernetworking-plugins [0.8.3-4.0.1] - Disable debuginfo [0.8.3-4] - compile with no_openssl - Related: RHELPLAN-25139 [0.8.3-3] - compile in FIPS mode - Related: RHELPLAN-25139 [0.8.3-2] - be sure to use golang >= 1.12.12-4 - Related: RHELPLAN-25139 [0.8.3-1] - update to 0.8.3 - Related: RHELPLAN-25139 [0.8.1-2] - backport https://github.com/coreos/go-iptables/pull/62 from Michael Cambria - Resolves: #1627561 [0.8.1-1] - Resolves: #1720319 - bump to v0.8.1 [0.7.5-1] - Resolves: #1616063 - bump to v0.7.5 [0.7.4-3.git9ebe139] - re-enable debuginfo [0.7.4-2.git9ebe139] - rebase, removed patch that is already upstream [0.7.3-7.git19f2f28] - go tools not in scl anymore [0.7.3-6.git19f2f28] - correct tag specification format in %gobuild macro [0.7.3-5.git19f2f28] - Resolves: #1616062 - patch to revert coreos/go-iptables bump [0.7.3-4.git19f2f28] - Resolves:#1603012 - fix versioning, upstream got it wrong at 7.2 [0.7.2-3.git19f2f28] - disable i686 temporarily for appstream builds - update golang deps and gobuild definition [0.7.2-2.git19f2f28] - rebase [0.7.0-103.gitdd8ff8a] - enable scl with the toolset [0.7.0-102.gitdd8ff8a] - remove devel and unittest subpackages - use new go-toolset deps [0.7.0-101] - rebase - patches already upstream, removed [0.6.0-6] - Imported from Fedora - Renamed CNI -> plugins [0.6.0-4] - Own the libexec cni directory [0.6.0-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.6.0-2] - skip settling IPv4 addresses [0.6.0-1] - rebased to 7480240de9749f9a0a5c8614b17f1f03e0c06ab9 [0.5.2-7] - do not install to /opt (against Fedora Guidelines) [0.5.2-6] - Enable devel subpackage [0.5.2-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.5.2-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.5.2-3] - excludearch: ppc64 as it's not in goarches anymore - re-enable s390x [0.5.2-2] - upstream moved to github.com/containernetworking/plugins - built commit dcf7368 - provides: containernetworking-plugins - use vendored deps because they're a lot less of a PITA - excludearch: s390x for now (rhbz#1466865) [0.5.2-1] - Update to 0.5.2 - Softlink to default /opt/cni/bin directories [0.5.1-1] - Initial package container-selinux criu fuse-overlayfs podman [1.6.4-26.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - delivering fix for [Orabug: 29874238] by Nikita Gerasimov <nikita.gerasimov@oracle.com> [1.6.4-26] - update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel (https://github.com/containers/podman/commit/bcbbbc4) - Related: #1920382 [1.6.4-25] - fix CVE-2021-20188 - update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel (https://github.com/containers/podman/commit/2c7b579) - Related: #1920382 python-podman-api [1.2.0-0.2.gitd0a45fe] - revert update to 1.6.0 due to new python3-pbr dependency which is not in RHEL - Related: RHELPLAN-25139 [1.2.0-0.1.gitd0a45fe] - Initial package runc skopeo [1:0.1.41-4.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - Add oracle registry into the conf file [Orabug: 29845934 31306708] - Fix oracle registry login issues [Orabug: 29937192] [1:0.1.41-4] - add docker.io into the default registry list - Resolves: #1886443 [1:0.1.41-3] - patch broken gating tests: improper 'jq' usage, and use 'registry:2.6' (instead of :2) to work around broken image pushed by docker [1:0.1.41-2] - exclude i686 arch - Related: #1821193 [1:0.1.41-1] - update to 0.1.41 - Related: #1821193 [1:0.1.40-8] - modify registries.conf default configuration to be more secure by default - Resolves: #1810056 [1:0.1.40-7] - Fix CVE-2020-1702. - Resolves: #1801928 [1:0.1.40-6] - change the search order of registries and remove quay.io (#1784267) [1:0.1.40-5] - compile in FIPS mode - Related: RHELPLAN-25139 [1:0.1.40-4] - be sure to use golang >= 1.12.12-4 - Related: RHELPLAN-25139 [1:0.1.40-3] - fix file list - Related: RHELPLAN-25139 [1:0.1.40-2] - comment out mountopt option in order to fix gating tests see bug 1769769 - Related: RHELPLAN-25139 [1:0.1.40-1] - update to 0.1.40 - Related: RHELPLAN-25139 [1:0.1.37-5] - Fix CVE-2019-10214 (#1734651). [1:0.1.37-4] - fix permissions of rhel/secrets Resolves: #1691543 [1:0.1.37-3] - Resolves: #1719994 - add registry.access.redhat.com to registries.conf [1:0.1.37-2] - Resolves: #1721247 - enable fips mode [1:0.1.37-1] - Resolves: #1720654 - rebase to v0.1.37 [1:0.1.36-1.git6307635] - built upstream tag v0.1.36, including system tests [1:0.1.32-4.git1715c90] - Fixes @openshift/machine-config-operator#669 - install /etc/containers/oci/hooks.d and /etc/containers/certs.d [1:0.1.32-3.git1715c90] - rebase [1:0.1.32-2.git1715c90] - re-enable debuginfo [1:0.1.31-12.gitb0b750d] - go tools not in scl anymore [1:0.1.31-11.gitb0b750d] - Resolves: #1615609 - built upstream tag v0.1.31 [1:0.1.31-10.git0144aa8] - Resolves: #1616069 - correct order of registries [1:0.1.31-9.git0144aa8] - Resolves: #1615609 - rebuild with gobuild tag 'no_openssl' [1:0.1.31-8.git0144aa8] - Resolves: #1614934 - containers-common soft dep on slirp4netns and fuse-overlayfs [1:0.1.31-7.git0144aa8] - build with %gobuild - use scl-ized go-toolset as dep - disable i686 builds temporarily because of go-toolset issues [1:0.1.31-6.git0144aa8] - add statx to seccomp.json to containers-config - add seccomp.json to containers-config [1:0.1.31-4.git0144aa8] - Resolves: #1597629 - handle dependency issue for skopeo-containers - rename skopeo-containers to containers-common as in Fedora [1:0.1.31-3.git0144aa8] - Resolves: #1583762 - btrfs dep removal needs exclude_graphdriver_btrfs buildtag [1:0.1.31-2.git0144aa8] - correct bz in previous changelog [1:0.1.31-1.git0144aa8] - Resolves: #1580938 - resolve FTBFS - Resolves: #1583762 - remove dependency on btrfs-progs-devel - bump to v0.1.31 (from master) - built commit ca3bff6 - use go-toolset deps for rhel8 [0.1.29-5.git7add6fc] - Fix small typo in registries.conf [0.1.29-4.git] - Add policy.json.5 [0.1.29-3.git] - Add registries.conf [0.1.29-2.git] - Add registries.conf man page [0.1.29-1.git] - bump to 0.1.29-1 - Updated containers/image docker-archive generates docker legacy compatible images Do not create subdirectories for layers with no configs Ensure the layer IDs in legacy docker/tarfile metadata are unique docker-archive: repeated layers are symlinked in the tar file sysregistries: remove all trailing slashes Improve docker/* error messages Fix failure to make auth directory Create a new slice in Schema1.UpdateLayerInfos Drop unused storageImageDestination.{image,systemContext} Load a *storage.Image only once in storageImageSource Support gzip for docker-archive files Remove .tar extension from blob and config file names ostree, src: support copy of compressed layers ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size image: fix docker schema v1 -> OCI conversion Add /etc/containers/certs.d as default certs directory [0.1.28-2.git0270e56] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.1.28-1.git] - Vendor in fixed libraries in containers/image and containers/storage [0.1.27-1.git] - Fix Conflicts to Obsoletes - Add better docs to man pages. - Use credentials from authfile for skopeo commands - Support storage='' in /etc/containers/storage.conf - Add global --override-arch and --override-os options [0.1.25-2.git2e8377a7] - Add manifest type conversion to skopeo copy - User can select from 3 manifest types: oci, v2s1, or v2s2 - e.g skopeo copy --format v2s1 --compress-blobs docker-archive:alp.tar dir:my-directory [0.1.25-2.git7fd6f66b] - Force storage.conf to default to overlay [0.1.25-1.git7fd6f66b] - Fix CVE in tar-split - copy: add shared blob directory support for OCI sources/destinations - Aligning Docker version between containers/image and skopeo - Update image-tools, and remove the duplicate Sirupsen/logrus vendor - makefile: use -buildmode=pie [0.1.24-8.git28d4e08a] - Add /usr/share/containers/mounts.conf [0.1.24-7.git28d4e08a] - Bug fixes - Update to release [0.1.24-6.dev.git28d4e08] - skopeo-containers conflicts with docker-rhsubscription <= 2:1.13.1-31 [0.1.24-5.dev.git28d4e08] - Add rhel subscription secrets data to skopeo-containers [0.1.24-4.dev.git28d4e08] - Update container/storage.conf and containers-storage.conf man page - Default override to true so it is consistent with RHEL. [0.1.24-3.dev.git28d4e08] - built commit 28d4e08 [0.1.24-2.dev.git875dd2e] - built commit 875dd2e - Resolves: gh#416 [0.1.24-1.dev.gita41cd0] - bump to 0.1.24-dev - correct a prior bogus date - fix macro in comment warning [0.1.23-6.dev.git1bbd87] - Change name of storage.conf.5 man page to containers-storage.conf.5, since it conflicts with inn package - Also remove default to 'overalay' in the configuration, since we should - allow containers storage to pick the best default for the platform. [0.1.23-5.git1bbd87f] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [0.1.23-4.git1bbd87f] - Rebuild with binutils fix for ppc64le (#1475636) [0.1.23-3.git1bbd87f] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [0.1.23-2.dev.git1bbd87] - Fix storage.conf man page to be storage.conf.5.gz so that it works. [0.1.23-1.dev.git1bbd87] - Support for OCI V1.0 Images - Update to image-spec v1.0.0 and revendor - Fixes for authentication [0.1.22-2.dev.git5d24b67] - Epoch: 1 for CentOS as CentOS Extras' build already has epoch set to 1 [0.1.22-1.dev.git5d24b67] - Give more useful help when explaining usage - Also specify container-storage as a valid transport - Remove docker reference wherever possible - vendor in ostree fixes [0.1.21-1.dev.git0b73154] - Add support for storage.conf and storage-config.5.md from github container storage package - Bump to the latest version of skopeo - vendor.conf: add ostree-go - it is used by containers/image for pulling images to the OSTree storage. - fail early when image os does not match host os - Improve documentation on what to do with containers/image failures in test-skopeo - We now have the docker-archive: transport - Integration tests with built registries also exist - Support /etc/docker/certs.d - update image-spec to v1.0.0-rc6 [0.1.20-1.dev.git0224d8c] - BZ #1380078 - New release [0.1.19-2.dev.git0224d8c] - No golang support for ppc64. Adding exclude arch. BZ #1445490 [0.1.19-1.dev.git0224d8c] - bump to v0.1.19-dev - built commit 0224d8c [0.1.17-3.dev.git2b3af4a] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [0.1.17-2.dev.git2b3af4a] - Rebuild for gpgme 1.18 [0.1.17-1.dev.git2b3af4a] - bump to 0.1.17-dev [0.1.14-6.git550a480] - Fix BZ#1391932 [0.1.14-5.git550a480] - Conflicts with atomic in skopeo-containers [0.1.14-4.git550a480] - built skopeo-containers [0.1.14-3.gitd830391] - built mtrmac/integrate-all-the-things commit d830391 [0.1.14-2.git362bfc5] - built commit 362bfc5 [0.1.14-1.gitffe92ed] - build origin/master commit ffe92ed [0.1.13-6] - https://fedoraproject.org/wiki/Changes/golang1.7 [0.1.13-5] - include go-srpm-macros and compiler(go-compiler) in fedora conditionals - define %gobuild if not already - add patch to build with older version of golang [0.1.13-4] - update to v0.1.12 [0.1.12-3] - fix go build source path [0.1.12-2] - update to v0.1.12 [0.1.11-1] - update to v0.1.11 [0.1.10-1] - update to v0.1.10 - change runcom -> projectatomic [0.1.9-1] - update to v0.1.9 [0.1.8-1] - update to v0.1.8 [0.1.4-2] - https://fedoraproject.org/wiki/Changes/golang1.6 [0.1.4] - First package for Fedora slirp4netns udica IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20188 Oracle Linux 8 qemu-kvm [4.2.0-34.el8_3.4] - kvm-virtiofsd-extract-lo_do_open-from-lo_open.patch [bz#1919109] - kvm-virtiofsd-optionally-return-inode-pointer-from-lo_do.patch [bz#1919109] - kvm-virtiofsd-prevent-opening-of-special-files-CVE-2020-.patch [bz#1919109] - Resolves: bz#1919109 (CVE-2020-35517 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privileged host device access from guest [rhel-8.3.0.z]) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-35517 Oracle Linux 8 nodejs [1:12.21.0-1] - Resolves: RHBZ#1932315, RHBZ#1932424 - remove --debug-nghttp2 option - remove ini patch - Backport patch to use getauxval IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-22883 CVE-2021-22884 Oracle Linux 8 nodejs [1:10.24.0-1] - Resolves: RHBZ#1932373, RHBZ#1932426 - Resolves CVE-2021-22883 and CVE-2021-22884 - remove -debug-nghttp2 flag (1930775) - remove ini patch merged upstream IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-22883 CVE-2021-22884 Oracle Linux 7 [4.1.0-0.27.2012314git3c2946] - fix CVE-2021-26937 (#1927063) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26937 Oracle Linux 8 nodejs [1:14.16.0-2] - Resolves: RHBZ#1932427 - remove --debug-nghttp2 option [1:14.16.0-1] - Resolves: RHBZ#1932317, RHBZ#1932425 - Rebase, remove ini patch [1:14.15.4-2] - Add patch for yarn crash - Resolves: RHBZ#1916465 [1:14.15.4-1] - Security rebase to 14.15.4 - https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/ - Resolves: RHBZ#1916463, RHBZ#1914788 - Resolves: RHBZ#1914785, RHBZ#1916387, RHBZ#1916389, RHBZ#1916390, RHBZ#1916690 [1:14.15.0-1] - Update to LTS release - Rebase: RHBZ#1891809 [1:14.11.0-1] - Security update to 14.11.0 [1:14.4.0-1] - Security update to 14.4.0 - Resolves: RHBZ#1815402 [1:14.3.0-1] - Update to 14.3.0 - Fix optflags to save memory - Resolves: RHBZ#1815402 [1:14.2.0-1] - Update to 14.2.0 - build with python3 only - some clean up [1:12.16.1-2] - Fix CVE-2020-10531 [1:12.16.1-1] - Rebase to 12.16.1 [1:12.14.1-1] - Rebase to 12.14.1 [1:12.13.1-1] - Resolves: RHBZ# 1773503, update to 12.13.1 - minor clean up and sync with Fedora spec - turn off debug builds [1:12.4.0-2] - Add condition to libs [1:12.4.0-1] - Update to v12.x - Add v8-devel and libs subpackages from fedora [1:10.14.1-2] - move nodejs-packaging BR out of conditional [1:10.14.1-1] - Resolves RHBZ#1644207 - fixes node-gyp permissions - rebase [1:10.11.0-2] - BuildRequire nodejs-packaging for proper npm dependency generation - Resolves: rhbz#1615947 [1:10.11.0-1] - Rebase to 10.11.0 - Import changes from fedora - Resolves: rhbz#1621766 [1:10.7.0-5] - Import sources from fedora - Allow using python2 at %build and %install - turn off debug for aarch64 [1:10.7.0-4] - Fix npm upgrade scriptlet - Fix unexpected trailing .1 in npm release field [1:10.7.0-3] - Restore annotations to binaries - Fix unexpected trailing .1 in release field [1:10.7.0-2] - Update to 10.7.0 - https://nodejs.org/en/blog/release/v10.7.0/ - https://nodejs.org/en/blog/release/v10.6.0/ [1:10.5.0-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild [1:10.5.0-1] - Update to 10.5.0 - https://nodejs.org/en/blog/release/v10.5.0/ [1:10.4.1-1] - Update to 10.4.1 to address security issues - https://nodejs.org/en/blog/release/v10.4.1/ - Resolves: rhbz#1590801 - Resolves: rhbz#1591014 - Resolves: rhbz#1591019 [1:10.4.0-1] - Update to 10.4.0 - https://nodejs.org/en/blog/release/v10.4.0/ [1:10.3.0-1] - Update to 10.3.0 - Update npm to 6.1.0 - https://nodejs.org/en/blog/release/v10.3.0/ [1:10.2.1-2] - Fix up bare 'python' to be python2 - Drop redundant entry in docs section [1:10.2.1-1] - Update to 10.2.1 - https://nodejs.org/en/blog/release/v10.2.1/ [1:10.2.0-1] - Update to 10.2.0 - https://nodejs.org/en/blog/release/v10.2.0/ [1:10.1.0-3] - Fix incorrect rpm macro [1:10.1.0-2] - Include upstream v8 fix for ppc64[le] - Disable debug build on ppc64[le] and s390x [1:10.1.0-1] - Update to 10.1.0 - https://nodejs.org/en/blog/release/v10.1.0/ - Reenable node_g binary [1:10.0.0-1] - Update to 10.0.0 - https://nodejs.org/en/blog/release/v10.0.0/ - Drop workaround patch - Temporarily drop node_g binary due to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85587 [1:9.11.1-2] - Use standard Fedora linker flags (bug #1543859) [1:9.11.1-1] - Update to 9.11.1 - https://nodejs.org/en/blog/release/v9.11.0/ - https://nodejs.org/en/blog/release/v9.11.1/ [1:9.10.0-1] - Update to 9.10.0 - https://nodejs.org/en/blog/release/v9.10.0/ [1:9.9.0-1] - Update to 9.9.0 - https://nodejs.org/en/blog/release/v9.9.0/ [1:9.8.0-1] - Update to 9.8.0 - https://nodejs.org/en/blog/release/v9.8.0/ [1:9.7.0-1] - Update to 9.7.0 - https://nodejs.org/en/blog/release/v9.7.0/ - Work around F28 build issue [1:9.6.1-1] - Update to 9.6.1 - https://nodejs.org/en/blog/release/v9.6.1/ - https://nodejs.org/en/blog/release/v9.6.0/ [1:9.5.0-1] - Package Node.js 9.5.0 [1:8.9.4-2] - Fix incorrect Requires: [1:8.9.4-1] - Update to 8.9.4 - https://nodejs.org/en/blog/release/v8.9.4/ - Switch to system copy of nghttp2 [1:8.9.3-2] - Update to 8.9.3 - https://nodejs.org/en/blog/release/v8.9.3/ - https://nodejs.org/en/blog/release/v8.9.2/ [1:8.9.1-2] - Rebuild for ICU 60.1 [1:8.9.1-1] - Update to 8.9.1 [1:8.9.0-1] - Update to 8.9.0 - Drop upstreamed patch [1:8.8.1-1] - Update to 8.8.1 to fix a regression [1:8.8.0-1] - Security update to 8.8.0 - https://nodejs.org/en/blog/release/v8.8.0/ [1:8.7.0-1] - Update to 8.7.0 - https://nodejs.org/en/blog/release/v8.7.0/ [1:8.6.0-2] - Use bcond macro instead of bootstrap conditional [1:8.6.0-1] - Fix nghttp2 version - Update to 8.6.0 - https://nodejs.org/en/blog/release/v8.6.0/ [1:8.5.0-3] - Build with bootstrap + bundle libuv for modularity - backport patch for aarch64 debug build [1:8.5.0-2] - Disable debug builds on aarch64 due to https://github.com/nodejs/node/issues/15395 [1:8.5.0-1] - Update to v8.5.0 - https://nodejs.org/en/blog/release/v8.5.0/ [1:8.4.0-2] - Refactor openssl BR [1:8.4.0-1] - Update to v8.4.0 - https://nodejs.org/en/blog/release/v8.4.0/ - http2 is now supported, add bundled nghttp2 - remove openssl 1.0.1 patches, we won't be using them in fedora [1:8.3.0-1] - Update to v8.3.0 - https://nodejs.org/en/blog/release/v8.3.0/ - update V8 to 6.0 - update minimal gcc and g++ requirements to 4.9.4 [1:8.2.1-2] - Bump release to fix broken dependencies [1:8.2.1-1.2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [1:8.2.1-1.1] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [1:8.2.1-1] - Update to v8.2.1 - https://nodejs.org/en/blog/release/v8.2.1/ [1:8.2.0-1] - Update to v8.2.0 - https://nodejs.org/en/blog/release/v8.2.0/ - Update npm to 5.3.0 - Adds npx command [1:8.1.4-3] - s/BuildRequires/Requires/ for http-parser-devel%{?_isa} [1:8.1.4-2] - Rename python-devel to python2-devel - own %{_pkgdocdir}/npm [1:8.1.4-1] - Update to v8.1.4 - https://nodejs.org/en/blog/release/v8.1.4/ - Drop upstreamed c-ares patch [1:8.1.3-1] - Update to v8.1.3 - https://nodejs.org/en/blog/release/v8.1.3/ [1:8.1.2-1] - Update to v8.1.2 - remove GCC 7 patch, as it is now fixed in node >= 6.12 nodejs-nodemon [2.0.3-1] - Updated nodejs-packaging [23-3] - Updated - Removed pathfix.py [23-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild [23-1] - Ensure nodejs(engine) is required for packages with no dependencies [22-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild [22-1] - Refactor nodejs.req in more idiomatic Python - Treat only external dependency links as un-bundled [21-1] - Refactor nodejs.prov in more idiomatic Python [20-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild [20-1] - Fix handling of ^ dependencies for multiversion modules [18-1] - Handle =, >= and <= dependencies for multiversion modules IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-22883 CVE-2021-22884 Oracle Linux 8 [2.1.522-1] - Update to .NET Core SDK 2.1.522 and Runtime 2.1.26 - Resolves: RHBZ#1933844 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26701 Oracle Linux 8 [3.1.113-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.113-1] - Update to .NET Core SDK 3.1.113 and Runtime 3.1.13 - Resolves: RHBZ#1933845 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26701 Oracle Linux 8 [5.0.104-1.0.1] - Add support for new Oracle release [5.0.104-1] - Update to .NET SDK 5.0.104 and Runtime 5.0.4 - Resolves: RHBZ#1934247 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26701 Oracle Linux 7 [1:2.6-12.1.0.2] - Added undefine-bitwise-in-common-header.patch [bug 27677154] [1:2.6-12.1] - P2P: Fix a corner case in peer addition based on PD Request (CVE-2021-27803) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27803 Oracle Linux 8 [1:2.9-2.1] - P2P: Fix a corner case in peer addition based on PD Request (CVE-2021-27803) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27803 Oracle Linux 7 [10.5.18-12] - Change variable 'TPS' to 'tps' - ########################################################################## - # RHEL 7.9: - ########################################################################## - Bugzilla Bug 1883639 - Add KRA Transport and Storage Certificates profiles, audit for IPA (edewata) - ########################################################################## - # Backported CVEs (ascheel): - ########################################################################## - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1725128 - CVE-2019-10178 pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1791100 - CVE-2020-1696 pki-core: Stored XSS in TPS profile creation [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1724688 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in 'path length' constraint field in CA's Agent page [rhel-7.9.z] (dmoluguw, ascheel) - Bugzilla Bug 1789843 - CVE-2019-10221 pki-core: reflected cross site scripting in getcookies?url= endpoint in CA [rhel-7.9.z] (dmoluguw, ascheel) - Bugzilla Bug 1724713 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab [rhel-7.9.z] (ascheel) - Bugzilla Bug 1798011 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page [rhel-7.9.z] (ascheel,jmagne) - ########################################################################## - Update to jquery v3.4.1 (ascheel) - Update to jquery-i18n-properties v1.2.7 (ascheel) - Update to backbone v1.4.0 (ascheel) - Upgrade to underscore v1.9.2 (ascheel) - Update to patternfly v3.59.3 (ascheel) - Update to jQuery v3.5.1 (ascheel) - Upgrade to bootstrap v3.4.1 (ascheel) - Link in new Bootstrap CSS file (ascheel) - ########################################################################## - # RHCS 9.7: - ########################################################################## - # Bugzilla Bug #1733588 - Rebase redhat-pki, redhat-pki-theme, pki-core, and [10.5.18-11] - ########################################################################## - # RHEL 7.9: - ########################################################################## - Bugzilla Bug 1883639 - Add KRA Transport and Storage Certificates profiles, audit for IPA (edewata) - ########################################################################## - # Backported CVEs (ascheel): - ########################################################################## - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1725128 - CVE-2019-10178 pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1791100 - CVE-2020-1696 pki-core: Stored XSS in TPS profile creation [certificate_system_9-default] (edewata, ascheel) - Bugzilla Bug 1724688 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in 'path length' constraint field in CA's Agent page [rhel-7.9.z] (dmoluguw, ascheel) - Bugzilla Bug 1789843 - CVE-2019-10221 pki-core: reflected cross site scripting in getcookies?url= endpoint in CA [rhel-7.9.z] (dmoluguw, ascheel) - Bugzilla Bug 1724713 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab [rhel-7.9.z] (ascheel) - Bugzilla Bug 1798011 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page [rhel-7.9.z] (ascheel,jmagne) - ########################################################################## - Update to jquery v3.4.1 (ascheel) - Update to jquery-i18n-properties v1.2.7 (ascheel) - Update to backbone v1.4.0 (ascheel) - Upgrade to underscore v1.9.2 (ascheel) - Update to patternfly v3.59.3 (ascheel) - Update to jQuery v3.5.1 (ascheel) - Upgrade to bootstrap v3.4.1 (ascheel) - Link in new Bootstrap CSS file (ascheel) - ########################################################################## - # RHCS 9.7: - ########################################################################## - # Bugzilla Bug #1733588 - Rebase redhat-pki, redhat-pki-theme, pki-core, and [10.5.18-10] - Bugzilla Bug #1883639 - additional fix to upgrade script (edewata) [10.5.18-9] - Bugzilla Bug #1883639 - additional support on upgrade for audit cert profile and auditProfileUpgrade + auditProfileUpgrade part 2 (cfu) [10.5.18-8] - ########################################################################## - # RHEL 7.9: - ########################################################################## - Bugzilla Bug #1883639 - add profile caAuditSigningCert (cfu) - ########################################################################## - # RHCS 9.7: - ########################################################################## - # Bugzilla Bug #1710978 - TPS - Add logging to tdbAddCertificatesForCUID if - # Bugzilla Bug #1858860 - TPS - Update Error Codes returned to client - # Bugzilla Bug #1858861 - TPS - Server side key generation is not working - # Bugzilla Bug #1858867 - TPS does not check token cuid on the user IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-10146 CVE-2019-10179 CVE-2019-10221 CVE-2020-1721 CVE-2020-25715 CVE-2021-20179 Oracle Linux 7 [3.10.0-1160.21.1.OL7] - Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.3 [3.10.0-1160.21.1] - [pinctrl] devicetree: Avoid taking direct reference to device name string (Aristeu Rozanski) [1922902] {CVE-2020-0427} - [pinctrl] Delete an error message (Aristeu Rozanski) [1922902] {CVE-2020-0427} - [tty] vt: keyboard, reorder user buffer handling in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [tty] vt: keyboard, rename i to kb_func in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [tty] vt: keyboard, extend func_buf_lock to readers (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [tty] vt: keyboard, simplify vt_kdgkbsent (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [tty] keyboard, do not speculate on func_table index (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [tty] vt: fix write/write race in ioctl(KDSKBSENT) handler (Aristeu Rozanski) [1896775] {CVE-2020-25656} - [iommu] amd: return error on real irq alloc failure (Jerry Snitselaar) [1918273] - [iommu] amd: Set DTE[IntTabLen] to represent 512 IRTEs (Jerry Snitselaar) [1921187] - [iommu] amd: Increase interrupt remapping table limit to 512 entries (Jerry Snitselaar) [1921187] - [scsi] lpfc: Fix LUN loss after cable pull (Dick Kennedy) [1875961] - [scsi] lpfc: Fix NVMe rport deregister and registration during ADISC (Dick Kennedy) [1875961] - [scsi] lpfc: Fix ADISC reception terminating login state if a NVME target (Dick Kennedy) [1875961] - [netdrv] i40e: revert 'i40e: don't report link up for a VF who hasn't enabled queues' (Stefan Assmann) [1901064] [3.10.0-1160.20.1] - [md] Set prev_flush_start and flush_bio in an atomic way (Xiao Ni) [1889372] - [md] improve variable names in md_flush_request() (Xiao Ni) [1889372] - [kernel] timer: Fix potential bug in requeue_timers() (Waiman Long) [1914011] - [x86] kvm: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Vitaly Kuznetsov) [1890669] - [x86] kvm: avoid incorrect writes to host MSR_IA32_SPEC_CTRL (Vitaly Kuznetsov) [1890669] - [md] dm-mirror: fix a crash if the underlying block device doesn't have merge_bvec_fn (Mikulas Patocka) [1916407] - [gpu] drm/i915: Fix use-after-free when destroying GEM context (Dave Airlie) [1814731] {CVE-2020-7053} [3.10.0-1160.19.1] - [kernel] watchdog: use nmi registers snapshot in hardlockup handler (Prarit Bhargava) [1916589] - [nvme] nvmet: allow Keep Alive for Discovery controller (Gopal Tiwari) [1910817] - [net] netfilter: ctnetlink: add a range check for l3/l4 protonum (Florian Westphal) [1888296] {CVE-2020-25211} - [net] icmp: randomize the global rate limiter (Antoine Tenart) [1896515] {CVE-2020-25705} [3.10.0-1160.18.1] - [fs] nfs: Fix security label length not being reset (Dave Wysochanski) [1917504] - [target] scsi: Fix XCOPY NAA identifier lookup (Maurizio Lombardi) [1900469] {CVE-2020-28374} - [ipc] sem.c: fully initialize sem_array before making it visible (Vladis Dronov) [1877264] - [netdrv] geneve: add transport ports in route lookup for geneve (Sabrina Dubroca) [1885144] {CVE-2020-25645} - [kernel] perf/core: Fix race in the perf_mmap_close() function (Michael Petlan) [1869936] {CVE-2020-14351} [3.10.0-1160.17.1] - [x86] kvm: svm: Initialize prev_ga_tag before use ('Dr. David Alan Gilbert') [1909036] - [scsi] scsi_dh: fix scheduling while atomic and also missing unlock in error path (Mike Snitzer) [1619147] - [video] hyperv_fb: Fix the cache type when mapping the VRAM (Mohammed Gamal) [1908896] - [video] hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (Mohammed Gamal) [1908896] - [scsi] target: iscsi: Fix cmd abort fabric stop race (Maurizio Lombardi) [1784540] - [scsi] target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock (Maurizio Lombardi) [1784540] - [s390] kernel/uv: handle length extension properly (Claudio Imbrenda) [1899172] [3.10.0-1160.16.1] - [tty] Fix ->pgrp locking in tiocspgrp() (Chris von Recklinghausen) [1908193] {CVE-2020-29661} - [net] fix struct pid memory leak (Jay Shin) [1901797] - [hid] Fix assumption that devices have inputs (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] microsoft: the driver now neeed MEMLESS_FF infrastructure (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] microsoft: Add rumble support for Xbox One S controller (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] microsoft: Convert private data to be a proper struct (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] revert 'hid: microsoft: fix invalid rdesc for 3k kbd' (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] input: ignore System Control application usages if not System Controls (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [hid] hid-microsoft: Do the check for the ms usage page per device (Chris von Recklinghausen) [1821870] {CVE-2019-19532} - [net] net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) [1903819] - [net] net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) [1903819] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-7053 CVE-2019-19532 CVE-2020-25211 CVE-2020-25645 CVE-2020-25656 CVE-2020-29661 CVE-2020-0427 CVE-2021-20265 CVE-2020-14351 CVE-2020-25705 CVE-2020-28374 Oracle Linux 7 [4.6.8-5.0.1] - Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818] [4.6.8-5.el7_9.4] - Resolves: #1897253 IPA WebUI inaccessible after upgrading to RHEL 8.3.- idoverride-memberof.js missing - wgi/plugins.py: ignore empty plugin directories - Resolves: #1895197 improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find - Improve PKI subsystem detection - ipatests: add test for PKI subsystem detection - ipatest: fix test_upgrade.py::TestUpgrade::()::test_kra_detection - Resolves: #1892793 Authentication and login times are over several seconds due to unindexed ipaExternalMember - Add more indices - Resolves: #1884819 IdM Web UI shows users as disabled - fix cert-find errors in CA-less deployment - Resolves: #1863619 CA-less install does not set required permissions on KDC certificate - CAless installation: set the perms on KDC cert file - ipatests: check KDC cert permissions in CA less install - Resolves: #1859248 CVE-2020-11023 ipa: jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution - WebUI: Fix jQuery DOM manipulation issues - Resolves: #1846349 cannot issue certs with multiple IP addresses corresponding to different hosts - fix iPAddress cert issuance for >1 host/service MODERATE Copyright 2021 Oracle, Inc. CVE-2020-11023 Oracle Linux 8 pki-core [10.9.4-3.0.1] - Remove redhat reference. [10.9.4-3] - Bug # 1933146 - PKI instance creation failed with new 389-ds-base build [10.9.4-2] - CVE-2021-20179: Fix unprivileged users can renew any certificate IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20179 Oracle Linux 8 [78.9.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.9.0-1] - Update to 78.9.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 Oracle Linux 7 [78.9.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.9.0-1] - Update to 78.9.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 Oracle Linux 8 [78.9.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.9.0-3] - Update to 78.9.0 build2, updated langpacks [78.9.0-2] - Update to 78.9.0 build2 [78.9.0-1] - Update to 78.9.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 Oracle Linux 7 [78.9.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.9.0-3] - Update to 78.9.0 build2, updated langpacks [78.9.0-2] - Update to 78.9.0 build2 [78.9.0-1] - Update to 78.9.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 Oracle Linux 7 [1.0.9-11] - Fix CVE-2021-21381 (#1938059) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-21381 Oracle Linux 8 [1.1.1g-15] - version bump [1.1.1g-14] - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT [1.1.1g-13] - Fix CVE-2021-3449 NULL pointer deref in signature_algorithms processing IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3449 CVE-2021-3450 Oracle Linux 8 libvirt [6.0.0-28.1.0.1] - Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma) qemu-kvm [4.2.0-34.el8_3.5] - kvm-Drop-bogus-IPv6-messages.patch [bz#1939493] - Resolves: bz#1939493 (CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-8.3.0.z] [rhel-8.3.0.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20295 Oracle Linux 8 [1.6.2-6] - Fix CVE-2021-21381 (#1938062) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-21381 Oracle Linux 7 [3.10.0-1160.24.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.24.1] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930826] {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930849] {CVE-2021-27363} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1930807] {CVE-2021-27364} - redhat: add CI file for kernel-private (Bruno Meneguele) [3.10.0-1160.23.1] - tcm_loop: add WQ_MEM_RECLAIM and flush_work (Maurizio Lombardi) [1925652] - net/mlx4_en: Handle TX error CQE (Alaa Hleihel) [1925691] - net/mlx4_en: Avoid scheduling restart task if it is already running (Alaa Hleihel) [1925691] [3.10.0-1160.22.1] - mm: do not stall register_shrinker() (Rafael Aquini) [1926043] - sched/rt: Fix PI handling vs. sched_setscheduler() (Phil Auld) [1928082] - sched/rt: Simplify pull_rt_task() logic and remove .leaf_rt_rq_list (Phil Auld) [1928082] - sched: Queue RT tasks to head when prio drops (Phil Auld) [1928082] - sched/core: Use READ_ONCE()/WRITE_ONCE() in move_queued_task()/task_rq_lock() (Phil Auld) [1928082] - mmc: block: handle complete_work on separate workqueue (Ming Lei) [1918916] - tcp: fix to update snd_wl1 in bulk receiver fast path (Vladis Dronov) [1929804] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 [1.5.4-2] - resolves: #1941511 - Fix CVE-2021-20277 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20277 Oracle Linux 8 [1.4.3.8-7] - Bump version to 1.4.3.8-7 - Resolves: Bug 1908705 - CVE-2020-35518 389-ds:1.4/389-ds-base: information disclosure during the binding of a DN - Resolves: Bug 1936461 - A failed re-indexing leaves the database in broken state. - Resolves: Bug 1912481 - Server-Cert.crt created using dscreate has Subject:CN =localhost instead of hostname. MODERATE Copyright 2021 Oracle, Inc. CVE-2020-35518 Oracle Linux 8 [4.18.0-240.22.1_3.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-240.22.1_3] - futex: Handle faults correctly for PI futexes (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Don't enable IRQs unconditionally in put_pi_state() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Fix incorrect should_fail_futex() handling (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Consistently use fshared as boolean (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Remove needless goto's (Waiman Long) [1924633 1924635] {CVE-2021-3347} - futex: Remove put_futex_key() (Waiman Long) [1924633 1924635] {CVE-2021-3347} - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930832 1930833] {CVE-2021-27364} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930855 1930856] {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1940423 1930809] {CVE-2021-27363} [4.18.0-240.21.1_3] - KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off (Paolo Bonzini) [1939013 1912448] - gfs2: Fix deadlock between gfs2_{create_inode, inode_lookup} and delete_work_func (Andreas Gruenbacher) [1937109 1903190] - gfs2: Don't call cancel_delayed_work_sync from within delete work function (Andreas Gruenbacher) [1937109 1903190] - gfs2: Only access gl_delete for iopen glocks (Andreas Gruenbacher) [1937109 1903190] - gfs2: Don't sleep during glock hash walk (Andreas Gruenbacher) [1937109 1903190] - [netdrv] net/mlx5e: Add missing set of destination vport flags in termtbl create (Alaa Hleihel) [1924689 1851700] - [tools] tools arch x86: Sync asm/cpufeatures.h with the kernel sources (David Arcari) [1929740 1916478] - [x86] x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (David Arcari) [1929740 1916478] [4.18.0-240.20.1_3] - fix regression in 'epoll: Keep a reference on files added to the check list' (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466} - do_epoll_ctl(): clean the failure exits up a bit (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466} - epoll: Keep a reference on files added to the check list (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466} - [kernel] sched/features: Distinguish between NORMAL and DEADLINE hrtick (Juri Lelli) [1930735 1912118] - [kernel] sched/features: Fix hrtick reprogramming (Juri Lelli) [1930735 1912118] - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built (Vitaly Kuznetsov) [1932199 1887216] - iommu/vt-d: Gracefully handle DMAR units with no supported address widths (Vitaly Kuznetsov) [1932199 1887216] - iommu/vt-d: Skip TE disabling on quirky gfx dedicated iommu (Vitaly Kuznetsov) [1932199 1887216] - net/vmw_vsock: fix NULL pointer dereference (Jon Maloy) [1925599 1925600] {CVE-2021-26708} - net/vmw_vsock: improve locking in vsock_connect_timeout() (Jon Maloy) [1925599 1925600] {CVE-2021-26708} - vsock: fix locking in vsock_shutdown() (Jon Maloy) [1925599 1925600] {CVE-2021-26708} - vsock: fix the race conditions in multi-transport support (Jon Maloy) [1925599 1925600] {CVE-2021-26708} - [base] mm: don't panic when links can't be created in sysfs (Baoquan He) [1930168 1890171] - mm: don't rely on system state to detect hot-plug operations (Baoquan He) [1930168 1890171] - mm: replace memmap_context by meminit_context (Baoquan He) [1930168 1890171] - [tools] kvm: nvmx: check for invalid hdr.vmx.flags (Paolo Bonzini) [1923281 1904128] - [x86] kvm: nvmx: check for required but missing VMCS12 in KVM_SET_NESTED_STATE (Paolo Bonzini) [1923281 1904128] - [tools] selftests: kvm: do not set guest mode flag (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: fix CPUID entries returned by KVM_GET_CPUID2 ioctl (Paolo Bonzini) [1923281 1904128] - [x86] kvm: svm: Fix offset computation bug in __sev_dbg_decrypt() (Paolo Bonzini) [1923281 1904128] - [x86] kvm: nvmx: Sync unsync'd vmcs02 state to vmcs12 on migration (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: get smi pending status correctly (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh() (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: Add more protection against undefined behavior in rsvd_bits() (Paolo Bonzini) [1923281 1904128] - [documentation] kvm: Forbid the use of tagged userspace addresses for memslots (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: allow KVM_REQ_GET_NESTED_STATE_PAGES outside guest mode for VMX (Paolo Bonzini) [1923281 1904128] - [x86] kvm: nsvm: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit (Paolo Bonzini) [1923281 1904128] - [x86] kvm: nsvm: mark vmcb as dirty when forcingly leaving the guest mode (Paolo Bonzini) [1923281 1904128] - [x86] kvm: nsvm: correctly restore nested_run_pending on migration (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) [1923281 1904128] - [x86] kvm: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Paolo Bonzini) [1923281 1904128] - [target] scsi: target: Fix XCOPY NAA identifier lookup (Maurizio Lombardi) [1900462 1900463] {CVE-2020-28374} - scsi: qla2xxx: Fix mailbox Ch erroneous error (Nilesh Javali) [1924222 1894578] - [net] fix iteration for sctp transport seq_files (Xin Long) [1927521 1916824] - [scsi] scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (Dick Kennedy) [1927921 1887549] - [mm] mm, oom: remove oom_lock from oom_reaper (Waiman Long) [1929738 1873759] [4.18.0-240.19.1_3] - audit: trigger accompanying records when no rules present (Richard Guy Briggs) [1907520 1896480] - revert: 1320a4052ea1 ('audit: trigger accompanying records when no rules present') (Richard Guy Briggs) [1907520 1896480] - audit: issue CWD record to accompany LSM_AUDIT_DATA_* records (Richard Guy Briggs) [1907520 1896480] - audit: remove unused !CONFIG_AUDITSYSCALL __audit_inode* stubs (Richard Guy Briggs) [1907520 1896480] - redhat: use tags from git notes for zstream to generate changelog (Frantisek Hrbata) [4.18.0-240.18.1_3] - [scsi] scsi: fnic: Do not call 'scsi_done()' for unhandled commands (Govindarajulu Varadarajan) [1925186 1870397] - [target] scsi: target: iscsi: Fix cmd abort fabric stop race (Maurizio Lombardi) [1918354 1908215] - [target] scsi: target: Modify core_tmr_abort_task() (Maurizio Lombardi) [1918363 1880395] - [s390] s390/crypto: add arch_get_random_long() support (Vladis Dronov) [1915816 1904274] [4.18.0-240.17.1_3] - [mm] mm/slub: fix panic in slab_alloc_node() (Oleksandr Natalenko) [1925511 1921056] - [s390] s390/early: improve machine detection (Claudio Imbrenda) [1925508 1896307] - [infiniband] RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz() (Kamal Heib) [1924691 1903992] [4.18.0-240.16.1_3] - [netdrv] net/mlx5e: Fix using wrong stats_grps in mlx5e_update_ndo_stats() (Alaa Hleihel) [1921060 1870593] - [net] tcp: Fix potential use-after-free due to double kfree() (Florian Westphal) [1915529 1915164] - [net] tcp: fix race condition when creating child sockets from syncookies (Florian Westphal) [1915529 1915164] - [x86] kvm: ioapic: break infinite recursion on lazy EOI (Vitaly Kuznetsov) [1906438 1882793] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-0466 CVE-2021-26708 CVE-2020-27152 CVE-2021-3347 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2020-28374 Oracle Linux 7 [7:3.5.20-17.6] - Resolves: #1944256 - CVE-2020-25097 squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25097 Oracle Linux 7 [2.7.1-9] - Port fixes for potential miscalculation in ecdsa_verify (#1943156) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20305 Oracle Linux 7 [78.9.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.9.1-1] - Update to 78.9.1 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 Oracle Linux 8 [78.9.1-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.9.1-1] - Update to 78.9.1 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 Oracle Linux 8 [2.1.3-3] - resolves: rhbz#1941514 - Fix CVE-2021-20277 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20277 Oracle Linux 8 gnutls [3.6.14-8] - Port fixes for potential miscalculation in ecdsa_verify (#1942929) nettle [3.4.1-4] - Fix patch application [3.4.1-3] - Port fixes for potential miscalculation in ecdsa_verify (#1942924) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20305 Oracle Linux 8 galera [25.3.32-1] - Rebase to 25.3.32 mariadb [3:10.3.28-1] - Rebase to 10.3.28 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27928 Oracle Linux 7 [1:11.0.11.0.9-1.0.1] - link atomic for ix86 build [1:11.0.11.0.9-1] - Add backport of JDK-8187450 from 11.0.12 to fix RH1937736 - Resolves: rhbz#1937736 [1:11.0.11.0.9-0] - Update to jdk-11.0.11.0+9 - Update release notes to 11.0.11.0+9 - Switch to GA mode for final release. - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz#1940228 [1:11.0.11.0.7-0.0.ea] - Update to jdk-11.0.11.0+7 - Update release notes to 11.0.11.0+7 - Resolves: rhbz#1938082 [1:11.0.11.0.6-0.0.ea] - Update to jdk-11.0.11.0+6 - Update release notes to 11.0.11.0+6 - Resolves: rhbz#1938082 [1:11.0.11.0.5-0.0.ea] - Update to jdk-11.0.11.0+5 - Update release notes to 11.0.11.0+5 - Resolves: rhbz#1938082 [1:11.0.11.0.4-0.0.ea] - Update to jdk-11.0.11.0+4 - Update release notes to 11.0.11.0+4 - Resolves: rhbz#1938082 [1:11.0.11.0.3-0.1.ea] - Fix issue where CheckVendor.java test erroneously passes when it should fail. - Add proper quoting so '&' is not treated as a special character by the shell. - Resolves: rhbz#1938082 [1:11.0.11.0.3-0.0.ea] - Update to jdk-11.0.11.0+3 - Update release notes to 11.0.11.0+3 - Resolves: rhbz#1938082 [1:11.0.11.0.2-0.1.ea] - Debug builds need to find their documentation from the release build. - RHEL 7 builds still include a doc package for debug builds, though debug builds do not build docs. - Resolves: rhbz#1930527 [1:11.0.11.0.2-0.1.ea] - Perform static library build on a separate source tree with bundled image libraries - Make static library build optional - Based on initial work by Severin Gehwolf - Resolves: rhbz#1930527 [1:11.0.11.0.2-0.0.ea] - Update to jdk-11.0.11.0+2 - Update release notes to 11.0.11.0+2 - Remove local backport of JDK-8258836 which is now available upstream. - Resolves: rhbz#1938082 [1:11.0.11.0.1-0.0.ea] - Update to jdk-11.0.11.0+1 - Update release notes to 11.0.11.0+1 - Switch to EA mode for 11.0.11 pre-release builds. - Require tzdata 2020f to match upstream change JDK-8259048 - Resolves: rhbz#1938082 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-2163 Oracle Linux 7 [1:1.8.0.292.b10-1] - Add CVE numbers. - Require tzdata 2021a due to JDK-8260356 - Resolves: rhbz#1938201 [1:1.8.0.292.b10-0] - Update to aarch64-shenandoah-jdk8u292-b10 (GA) - Update release notes for 8u292-b10. - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz#1938201 [1:1.8.0.292.b09-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b09 (EA) - Update release notes for 8u292-b09. - Resolves: rhbz#1938081 [1:1.8.0.292.b08-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b08 (EA) - Update release notes for 8u292-b08. - Resolves: rhbz#1938081 [1:1.8.0.292.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b07 (EA) - Update release notes for 8u292-b07. - Resolves: rhbz#1938081 [1:1.8.0.292.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b06 (EA) - Update release notes for 8u292-b06. - Require tzdata 2020f due to JDK-8259048 - Resolves: rhbz#1938081 [1:1.8.0.292.b05-0.2.ea] - Update to aarch64-shenandoah-jdk8u292-b05-shenandoah-merge-2021-03-11 (EA) - Update release notes for 8u292-b05-shenandoah-merge-2021-03-11. - Extend s390 patch to fix issue caused by JDK-8252660 backport and lack of JDK-8188813 in 8u. - Revise JDK-8252660 s390 failure to make _soft_max_size a jlong so pointer types are accurate. - Resolves: rhbz#1938081 [1:1.8.0.292.b05-0.1.ea] - Re-organise S/390 patches for upstream submission, separating 8u upstream from Shenandoah fixes. - Add new formatting case found in memprofiler.cpp on debug builds to PR3593 patch. - Resolves: rhbz#1938081 [1:1.8.0.292.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b05 (EA) - Update release notes for 8u292-b05. - Resolves: rhbz#1938081 [1:1.8.0.292.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b04 (EA) - Update release notes for 8u292-b04. - Resolves: rhbz#1938081 [1:1.8.0.292.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b03 (EA) - Update release notes for 8u292-b03. - Resolves: rhbz#1938081 [1:1.8.0.292.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b02 (EA) - Update release notes for 8u292-b02. - Resolves: rhbz#1938081 [1:1.8.0.292.b01-0.0.ea] - Update to aarch64-shenandoah-jdk8u292-b01 (EA) - Update release notes for 8u292-b01. - Switch to EA mode. - Update tarball generation script to use PR3822 which handles JDK-8233228 & JDK-8035166 changes - Resolves: rhbz#1938081 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-2163 Oracle Linux 8 [1:1.8.0.292.b10-0] - Update to aarch64-shenandoah-jdk8u292-b10 (GA) - Update release notes for 8u292-b10. - Update tarball generation script to use PR3822 which handles JDK-8233228 & JDK-8035166 changes - Remove RH1868759 patch as this is now resolved upstream by JDK-8258833. - Re-organise S/390 patches for upstream submission, separating 8u upstream from Shenandoah fixes. - Add new formatting case found in memprofiler.cpp on debug builds to PR3593 patch. - Extend s390 patch to fix issue caused by JDK-8252660 backport and lack of JDK-8188813 in 8u. - Revise JDK-8252660 s390 failure to make _soft_max_size a jlong so pointer types are accurate. - Require tzdata 2020f due to JDK-8259048 - Require tzdata 2021a due to JDK-8260356 - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz#1938201 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-2163 Oracle Linux 8 [1:11.0.11.0.9-0] - Update to jdk-11.0.11.0+9 - Update release notes to 11.0.11.0+9 - Require tzdata 2020f to match upstream change JDK-8259048 - Require tzdata 2021a to match upstream change JDK-8260356 - Remove RH1868754 patch as this is now resolved upstream by JDK-8258833 - Remove RH1868740 & RH1883849 patches as these are now resolved by JDK-8259319 - This tarball is embargoed until 2021-04-20 @ 1pm PT. - Resolves: rhbz#1938201 [1:11.0.11.0.9-0] - Fix issue where CheckVendor.java test erroneously passes when it should fail. - Add proper quoting so '&' is not treated as a special character by the shell. - Fixed not-including fastdebug build in case of --without fastdebug - Resolves: rhbz#1938201 [1:11.0.10.0.9-5] - Perform static library build on a separate source tree with bundled image libraries - Make static library build optional - Based on initial work by Severin Gehwolf - Resolves: rhbz#1930513 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-2163 Oracle Linux 7 [78.10.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.10.0-1] - Update to 78.10.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23961 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29948 Oracle Linux 8 [78.10.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.10.0-1] - Update to 78.10.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23961 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 CVE-2021-29948 Oracle Linux 7 [1.3.1-13] - Fix remote code execution vulnerability - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 - Resolves: CVE-2021-21350 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-21347 CVE-2021-21350 CVE-2021-21344 CVE-2021-21345 CVE-2021-21346 Oracle Linux 8 [78.10.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.10.0-1] - Update to 78.10.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23961 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 Oracle Linux 7 [78.10.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.10.0-1] - Update to 78.10.0 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23961 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29945 CVE-2021-29946 Oracle Linux 7 [3.53.1-7] - Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto [3.53.1-6] - Update to CVE 2020-256423 TLS flood DOS attack patch. [3.53.1-5] - Fix CVE 2020-256423 TLS flood DOS Attack. [3.53.1-4] - Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn. MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25648 Oracle Linux 7 [2.4.44-23] - Fix CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd (#1895328) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25692 Oracle Linux 7 [32:9.11.4-26.P2.5] - Possible assertion failure on DNAME processing (CVE-2021-25215) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25215 Oracle Linux 7 [1.0.0-1.rc95] - Addresses CVE-2021-30465 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 7 docker-engine [19.03.11-11] - Addresses CVE-2021-30465 - updated runc minimum version to runc >= 3:1.0.0-1.rc95. [19.03.11-10] - Addresses runc CVE-2021-30465 - updated runc versions in cli/vendor.conf and docker-engine/vendor.conf to 1.0.0-rc95. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 7 [9.2.24-6] - Patch fixing BZ#1741488 CVE-2019-10208 [9.2.24-5] - Patch fixing CVE-2020-25694 BZ#1907894 - Patch fixing CVE-2020-25695 BZ#1907895 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-10208 CVE-2020-25694 CVE-2020-25695 Oracle Linux 8 libnma [1.8.30-2] - Rebuild with new gtk-doc to fix multilib issues (rh #1853152) NetworkManager [1.30.0-7.0.1] - add connectivity check via Oracle servers [Orabug: 32051972] - Disable the build of NetworkManager-config-connectivity-* subpackage for 8.3 [1:1.30.0-7] - initrd: set multi-connect=single for connections with static IP (rh #1915493) [1:1.30.0-6] - core: fix handling local routes generated by kernel (rh #1907661) - initrd: fix crash with rd.znet= argument (rh #1941106) - core: fix crash handling path match (rh #1942741) [1:1.30.0-5] - bond: restore MAC on release only when there is a cloned MAC address (rh #1933292) [1:1.30.0-4] - initrd: apply the MTU from bond= argument to the bond connection (rh #1936610) [1:1.30.0-3] - Increase LimitNOFILE to allow more than 1024 file descriptors (rh #1926599). This requires a suitable libndp version that can handle many file descriptors (rh #1933041). [1:1.30.0-2] - Avoid logging warning setting bond ad_actor_system (rh #1923999) [1:1.30.0-1] - Update to 1.30.0 release [1:1.30.0-0.10] - Update to 1.30-rc1 (1.29.90-dev) (development) - cloud-setup: fix removing IPv4 address (rh #1920838) [1:1.30.0-0.9] - Update to 1.29.11 (development) - bond: fix changing mode when the device is created externally (rh #1870691) - ovs: fix firewalld configuration for ovs-ports (rh #1921107) - ovs: avoid race condition when system interface is removed from ovsdb (rh #1923248) - doc: mention NETMASK as alternative to PREFIX for addresses in man nm-settings-ifcfg-rh (rh #1925123) [1:1.30.0-0.8] - Update to 1.29.10 (development) - bond: introduce new 'vlan+srcmac' xmit_hash_policy option (rh #1915457) - ovs: clean up interfaces from ovsdb at startup (rh #1861296) [1:1.30.0-0.7] - Update to 1.29.9 (development) - By default check all devices for hostname reverse DNS lookup (rh #1766944) [1:1.30.0-0.6] - Update to 1.29.8 (development) - initrd: accept zero-byte prefix for BOOTIF MAC address (rh #1904099) - core: fix bond port wrongly detached by dispather call (rh #1888348) - cloud-setup: add manual page (rh #1867997) - core: fix handling timeout for IPv6 RDNSS,DNSSL option in RA (rh #1874743) [1:1.30.0-0.5] - Update to 1.29.7 (development) - Add WPA3-Enterprise support (rh #1883024) [1:1.30.0-0.4] - Update to 1.29.6 (development) - initrd: disable ipv4 and ipv6 by default for vlan parent connection (rh #1903175) - initrd: fix parsing of ip= argument with dotted interface name (rh #1898294) [1:1.30.0-0.3] - Update to 1.29.3 (development) - Support changing external-ids of OVS bridges and interfaces (rh #1866227) - Add a hostname setting (rh #1766944) - Support creating veth interfaces (rh #1901523) - initrd: fix parsing of ip= arguments with empty first token (rh #1900260) [1:1.30.0-0.2] - device: fix crash in nm_device_reactivate_ip_config() - dns: fix crash in systemd-resolved DNS plugin (rh #1894839) [1:1.30.0-0.1] - Update to 1.29.1 (development) - add library for handling profiles in keyfile format (rh #1813334) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20297 Oracle Linux 8 [4.18.0-305.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305] - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (Michael Petlan) [1950388] [4.18.0-304] - mm: Revert 'remove the account_page_dirtied export' (Waiman Long) [1941257] - Revert '[netdrv] net/broadcom: Clean broadcom code from driver versions' (Jonathan Toppins) [1940842] [4.18.0-303] - redhat: switch secureboot kernel image signing to release keys (Jan Stancek) - Revert '[md] md/raid5: add a new member of offset into r5dev' (Nigel Croxon) [1936903] - Revert '[md] md/raid5: make async_copy_data() to support different page offset' (Nigel Croxon) [1936903] - Revert '[crypto] md/raid5: add new xor function to support different page offset' (Nigel Croxon) [1936903] - Revert '[md] md/raid5: convert to new xor compution interface' (Nigel Croxon) [1936903] - Revert '[crypto] md/raid6: let syndrome computor support different page offset' (Nigel Croxon) [1936903] - Revert '[crypto] md/raid6: let async recovery function support different page offset' (Nigel Croxon) [1936903] - Revert '[md] md/raid5: let multiple devices of stripe_head share page' (Nigel Croxon) [1936903] - Revert '[md] md/raid5: resize stripe_head when reshape array' (Nigel Croxon) [1936903] - Revert '[md] md/raid5: reallocate page array after setting new stripe_size' (Nigel Croxon) [1936903] - ACPI: PNP: compare the string length in the matching_id() (Mark Langsdorf) [1933702] - ceph: add missing break when parsing 'nowsync' mount option (Jeff Layton) [1932753] - get_maintainer.conf: Update with new location of RHMAINTAINERS (Prarit Bhargava) - redhat: make pathspec exclusion compatible with old git versions (Herton R. Krzesinski) - redhat/scripts: Update merge-subtrees.sh with new subtree location (Prarit Bhargava) - tree: Add RHMAINTAINERS soft link in 8.4 (Prarit Bhargava) - tree: remove existing redhat/rhdocs subtree in 8.4 (Prarit Bhargava) [4.18.0-302] - PCI: rpadlpar: Fix potential drc_name corruption in store functions (Gustavo Luiz Duarte) [1938116] - selftests: kvm: Add basic Hyper-V clocksources tests (Vitaly Kuznetsov) [1931782] - KVM: x86: hyper-v: Dont touch TSC page values when guest opted for re-enlightenment (Vitaly Kuznetsov) [1931782] - KVM: x86: hyper-v: Track Hyper-V TSC page status (Vitaly Kuznetsov) [1931782] - KVM: x86: hyper-v: Prevent using not-yet-updated TSC page by secondary CPUs (Vitaly Kuznetsov) [1931782] - KVM: x86: hyper-v: Limit guest to writing zero to HV_X64_MSR_TSC_EMULATION_STATUS (Vitaly Kuznetsov) [1931782] - drm/i915/guc: Update to use firmware v49.0.1 (Dave Airlie) [1935281] {CVE-2020-12362} - time: Enable __kernel_timespec for 32-bit vdso build (Waiman Long) [1936282] - lib/idr.c: document calling context for IDA APIs mustnt use locks (Chris von Recklinghausen) [1917764] - ida: Free allocated bitmap in error path (Chris von Recklinghausen) [1917764] - radix tree test suite: Fix compilation (Chris von Recklinghausen) [1917764] - vmalloc: convert to XArray (Chris von Recklinghausen) [1917764] - mm: pass addr as unsigned long to vb_free (Chris von Recklinghausen) [1917764] - radix tree: Remove multiorder support (Chris von Recklinghausen) [1917764] - radix tree test: Convert multiorder tests to XArray (Chris von Recklinghausen) [1917764] - radix tree tests: Convert item_delete_rcu to XArray (Chris von Recklinghausen) [1917764] - radix tree tests: Convert item_kill_tree to XArray (Chris von Recklinghausen) [1917764] - radix tree tests: Move item_insert_order (Chris von Recklinghausen) [1917764] - radix tree test suite: Remove multiorder benchmarking (Chris von Recklinghausen) [1917764] - radix tree test suite: Remove __item_insert (Chris von Recklinghausen) [1917764] - radix tree: Remove radix_tree_clear_tags (Chris von Recklinghausen) [1917764] - radix tree: Remove split/join code (Chris von Recklinghausen) [1917764] - radix tree: Remove radix_tree_update_node_t (Chris von Recklinghausen) [1917764] - mm: Convert truncate to XArray (Chris von Recklinghausen) [1917764] - copy rh_kabi.h to tools/testing/radix-tree/linux (Chris von Recklinghausen) [1917764] [4.18.0-301] - ibmvnic: fix a race between open and reset (Diego Domingos) [1940042] - ibmvnic: Set to CLOSED state even on error (Diego Domingos) [1940042] - ibmvnic: device remove has higher precedence over reset (Diego Domingos) [1940042] - ibmvnic: merge do_change_param_reset into do_reset (Diego Domingos) [1940042] - ibmvfc: disable MQ channelization by default (Gustavo Luiz Duarte) [1939359] - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() (Steve Dickson) [1926945] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930833] {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930856] {CVE-2021-27363} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1930809] {CVE-2021-27364} - futex: Handle faults correctly for PI futexes (Waiman Long) [1924635] - futex: Simplify fixup_pi_state_owner() (Waiman Long) [1924635] - futex: Use pi_state_update_owner() in put_pi_state() (Waiman Long) [1924635] - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Waiman Long) [1924635] - futex: Provide and use pi_state_update_owner() (Waiman Long) [1924635] - futex: Replace pointless printk in fixup_owner() (Waiman Long) [1924635] - futex: Ensure the correct return value from futex_lock_pi() (Waiman Long) [1924635] - futex: Dont enable IRQs unconditionally in put_pi_state() (Waiman Long) [1924635] - futex: Fix incorrect should_fail_futex() handling (Waiman Long) [1924635] - futex: Consistently use fshared as boolean (Waiman Long) [1924635] - futex: Remove needless gotos (Waiman Long) [1924635] - futex: Remove put_futex_key() (Waiman Long) [1924635] - NFS: Correct size calculation for create reply length (Benjamin Coddington) [1934903] - SUNRPC: Set memalloc_nofs_save() for sync tasks (Benjamin Coddington) [1934098] - net/mlx5: CT: Add support for matching on ct_state reply flag (Alaa Hleihel) [1919651] - net/mlx5e: CT: manage the lifetime of the ct entry object (Alaa Hleihel) [1919651] - net/mlx5e: CT: Use per flow counter when CT flow accounting is enabled (Alaa Hleihel) [1919651] - net/mlx5e: Fix a use after free on error in mlx5_tc_ct_shared_counter_get() (Alaa Hleihel) [1919651] - net/mlx5e: CT: Use the same counter for both directions (Alaa Hleihel) [1919651] - ethtool: fix the check logic of at least one channel for RX/TX (Ivan Vecera) [1907406] [4.18.0-300] - [scsi] scsi: qedi: Correct max length of CHAP secret (Nilesh Javali) [1909180] - redhat: use tags from git notes for zstream to generate changelog (Frantisek Hrbata) - redhat: add CI file for kernel-private (Bruno Meneguele) - CI: Drop unused variable (Bruno Meneguele) - CI: Enable RT verification (Bruno Meneguele) - KVM: SVM: Clear the CR4 register on reset (Vitaly Kuznetsov) [1920788] - net: flow_offload: Add original direction flag to ct_metadata (Marcelo Ricardo Leitner) [1921946] - net/sched: cls_flower: Add match on the ct_state reply flag (Marcelo Ricardo Leitner) [1921946] - net/sched: cls_flower add CT_FLAGS_INVALID flag support (Marcelo Ricardo Leitner) [1921946] - net/sched: cls_flower: Reject invalid ct_state flags rules (Marcelo Ricardo Leitner) [1921946] - netlink: add mask validation (Marcelo Ricardo Leitner) [1921946] - netlink: create helpers for checking type is an int (Marcelo Ricardo Leitner) [1921946] - netlink: policy: correct validation type check (Marcelo Ricardo Leitner) [1921946] - netlink: make NLA_BINARY validation more flexible (Marcelo Ricardo Leitner) [1921946] [4.18.0-299] - md: Set prev_flush_start and flush_bio in an atomic way (Xiao Ni) [1901598] - md: improve variable names in md_flush_request() (Xiao Ni) [1901598] - hpsa: fix regression issue for old controllers (Joseph Szczypek) [1925711] - scsi: hpsa: Correct dev cmds outstanding for retried cmds (Joseph Szczypek) [1925711] - vt: Disable KD_FONT_OP_COPY (Dave Airlie) [1903937] {CVE-2020-28974} - drm/i915/rkl: Remove require_force_probe protection (Lyude Paul) [1937558] - drm/i915/tgl/psr: Disable PSR on Tigerlake for now (Lyude Paul) [1924702] - dm raid: fix discard limits for raid0 and raid10 (Mike Snitzer) [1934274] - dm: fix __send_changing_extent_only to avoid duplicate dm_target_offset() (Mike Snitzer) [1934274] - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing (Waiman Long) [1934212] - mm: memcontrol: fix slub memory accounting (Waiman Long) [1934212] - mm: memcontrol: fix swap undercounting in cgroup2 (Waiman Long) [1934212] - mm: memcontrol: fix NR_ANON_THPS accounting in charge moving (Waiman Long) [1934212] - mm, slub: better heuristic for number of cpus when calculating slab order (Waiman Long) [1934212] - Revert 'mm: memcontrol: avoid workload stalls when lowering memory.high' (Waiman Long) [1934212] - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed (Hangbin Liu) [1931732] - selftests/bpf: No need to drop the packet when there is no geneve opt (Hangbin Liu) [1931732] [4.18.0-298] - drm/i915/gen11+: Only load DRAM information from pcode (Lyude Paul) [1934537] - drm/i915/dg1: Wait for pcode/uncore handshake at startup (Lyude Paul) [1934537] - powercap/intel_rapl: add support for TigerLake Desktop (David Arcari) [1932457] - powerpc/perf: Fix handling of privilege level checks in perf interrupt context (Gustavo Luiz Duarte) [1918411] - NFSv4.2: fix error return on memory allocation failure (Scott Mayhew) [1917689] - NFSv4.2: improve page handling for GETXATTR (Scott Mayhew) [1917689] - NFSv4.2: Fix up the get/listxattr calls to rpc_prepare_reply_pages() (Scott Mayhew) [1917689] - NFS: Fix rpcrdma_inline_fixup() crash with new LISTXATTRS operation (Scott Mayhew) [1917689] - SUNRPC: Fix up xdr_set_page() (Benjamin Coddington) [1917689] - NFSv4: Fix open coded xdr_stream_remaining() (Benjamin Coddington) [1917689] - SUNRPC: Clean up the handling of page padding in rpc_prepare_reply_pages() (Benjamin Coddington) [1917689] - SUNRPC: Fix up xdr_read_pages() to take arbitrary object lengths (Benjamin Coddington) [1917689] - SUNRPC: Clean up helpers xdr_set_iov() and xdr_set_page_base() (Benjamin Coddington) [1917689] - SUNRPC: Split out a function for setting current page (Benjamin Coddington) [1917689] - SUNRPC: Fix up typo in xdr_init_decode() (Benjamin Coddington) [1917689] - NFSv4: Fix the alignment of page data in the getdeviceinfo reply (Benjamin Coddington) [1917689] - net: fix pos incrementment in ipv6_route_seq_next (Lorenzo Bianconi) [1926608] - ipv6_route_seq_next should increase position index (Lorenzo Bianconi) [1926608] - bpf: Clear subreg_def for global function return values (Yauheni Kaliuta) [1934062] - igc: Fix returning wrong statistics (Corinna Vinschen) [1910873] [4.18.0-297] - KVM: SVM: Make symbol 'svm_gp_erratum_intercept' static (Paolo Bonzini) [1769283] - KVM: SVM: Fix #GP handling for doubly-nested virtualization (Paolo Bonzini) [1769283] - KVM: SVM: Add support for SVM instruction address check change (Paolo Bonzini) [1769283] - KVM: SVM: Add emulation support for #GP triggered by SVM instructions (Paolo Bonzini) [1769283] - KVM: x86: Factor out x86 instruction emulation with decoding (Paolo Bonzini) [1769283] - gfs2: In gfs2_ail1_start_one unplug the IO when needed (Bob Peterson) [1648446] - gfs2: Free rd_bits later in gfs2_clear-rgrpd to fix use-after-free (Bob Peterson) [1648446] - gfs2: Only access gl_delete for iopen glocks (Bob Peterson) [1648446] - gfs2: Fix case in which ail writes are done to jdata holes (Bob Peterson) [1648446] - gfs2: simplify gfs2_block_map (Bob Peterson) [1648446] - gfs2: Only set PageChecked if we have a transaction (Bob Peterson) [1648446] - gfs2: dont lock sd_ail_lock in gfs2_releasepage (Bob Peterson) [1648446] - gfs2: make gfs2_ail1_empty_one return the count of active items (Bob Peterson) [1648446] - gfs2: Wipe jdata and ail1 in gfs2_journal_wipe, formerly gfs2_meta_wipe (Bob Peterson) [1648446] - gfs2: enhance log_blocks trace point to show log blocks free (Bob Peterson) [1648446] - gfs2: rename gfs2_write_full_page to gfs2_write_jdata_page, remove parm (Bob Peterson) [1648446] - PM: hibernate: flush swap writer after marking (Lenny Szubowicz) [1898677] - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown (Lenny Szubowicz) [1898677] - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation (Lenny Szubowicz) [1898677] - bpf, devmap: Use GFP_KERNEL for xdp bulk queue allocation (Jiri Benc) [1882215] - ice, xsk: clear the status bits for the next_to_use descriptor (Jiri Benc) [1906820] - net/mlx4_en: Handle TX error CQE (Alaa Hleihel) [1925690] - net/mlx4_en: Avoid scheduling restart task if it is already running (Alaa Hleihel) [1925690] - blk-mq: test QUEUE_FLAG_HCTX_ACTIVE for sbitmap_shared in hctx_may_queue (Ming Lei) [1922013] - blk-mq: Improve performance of non-mq IO schedulers with multiple HW queues (Ming Lei) [1922013] - Revert 'blk-mq, elevator: Count requests per hctx to improve performance' (Ming Lei) [1922013] - bpftool: Disable CAP_BPF check for feature command (Jiri Olsa) [1921542] - RDMA/siw: Fix calculation of tx_valid_cpus size (Kamal Heib) [1919502] - net/mlx5e: Disable performance optimization for IPv4/IPv6 ethertype (Alaa Hleihel) [1928671 1919807] - IB/mlx5: Return appropriate error code instead of ENOMEM (Alaa Hleihel) [1928671] - net/mlx5: Disable devlink reload for lag devices (Alaa Hleihel) [1928671 1929166] - net/mlx5: Disable devlink reload for multi port slave device (Alaa Hleihel) [1928671 1929166] - net/mlx5: Disallow RoCE on lag device (Alaa Hleihel) [1928671 1929166] - net/mlx5: Disallow RoCE on multi port slave device (Alaa Hleihel) [1928671 1929166] - net/mlx5: Fix health error state handling (Alaa Hleihel) [1928671] - net/mlx5e: Change interrupt moderation channel params also when channels are closed (Alaa Hleihel) [1928671] - net/mlx5e: Dont change interrupt moderation params when DIM is enabled (Alaa Hleihel) [1928671] - net/mlx5e: E-switch, Fix rate calculation for overflow (Alaa Hleihel) [1928671] - net/mlx5e: Release skb in case of failure in tc update skb (Alaa Hleihel) [1928671 1929119] - net/mlx5e: Check tunnel offload is required before setting SWP (Alaa Hleihel) [1928671 1925439] - net/mlx5e: kTLS, Use refcounts to free kTLS RX priv context (Alaa Hleihel) [1928671 1928706] - net/mlx5e: Fix CQ params of ICOSQ and async ICOSQ (Alaa Hleihel) [1928671 1928706] - net/mlx5e: Replace synchronize_rcu with synchronize_net (Alaa Hleihel) [1928671 1913616] - net/mlx5e: Enable XDP for Connect-X IPsec capable devices (Alaa Hleihel) [1928671 1856795] - net/mlx5e: Enable striding RQ for Connect-X IPsec capable devices (Alaa Hleihel) [1928671 1926120] - fix regression in 'epoll: Keep a reference on files added to the check list' (Carlos Maiolino) [1920776] {CVE-2020-0466} - do_epoll_ctl(): clean the failure exits up a bit (Carlos Maiolino) [1920776] {CVE-2020-0466} - epoll: Keep a reference on files added to the check list (Carlos Maiolino) [1920776] {CVE-2020-0466} [4.18.0-296] - perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from NUMA info (Prarit Bhargava) [1766743] - perf/x86/intel/uncore: Store the logical die id instead of the physical die id. (Prarit Bhargava) [1766743] - mm: fix page reference leak in soft_offline_page() (Aristeu Rozanski) [1768372] - mm,hwpoison: try to narrow window race for free pages (Aristeu Rozanski) [1768372] - mm,hwpoison: double-check page count in __get_any_page() (Aristeu Rozanski) [1768372] - mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Aristeu Rozanski) [1768372] - mm,hwpoison: return 0 if the page is already poisoned in soft-offline (Aristeu Rozanski) [1768372] - mm,hwpoison: refactor soft_offline_huge_page and __soft_offline_page (Aristeu Rozanski) [1768372] - mm,hwpoison: rework soft offline for in-use pages (Aristeu Rozanski) [1768372] - mm,hwpoison: rework soft offline for free pages (Aristeu Rozanski) [1768372] - mm,hwpoison: unify THP handling for hard and soft offline (Aristeu Rozanski) [1768372] - mm,hwpoison: kill put_hwpoison_page (Aristeu Rozanski) [1768372] - mm,hwpoison: refactor madvise_inject_error (Aristeu Rozanski) [1768372] - mm,hwpoison: unexport get_hwpoison_page and make it static (Aristeu Rozanski) [1768372] - mm,hwpoison-inject: dont pin for hwpoison_filter (Aristeu Rozanski) [1768372] - mm, hwpoison: remove recalculating hpage (Aristeu Rozanski) [1768372] - mm,hwpoison: cleanup unused PageHuge() check (Aristeu Rozanski) [1768372] - mm/madvise.c: replace with page_size() in madvise_inject_error() (Aristeu Rozanski) [1768372] - mm, soft-offline: convert parameter to pfn (Aristeu Rozanski) [1768372] - tick/nohz: Revert 'Narrow down noise while setting current tasks tick dependency' (Waiman Long) [1931004] - kvm: Add kvm_stat.service file and kvm_stat logrotate config to the tools (Thomas Huth) [1919930] - igc: fix link speed advertising (Corinna Vinschen) [1769701] - [crypto] crypto: qat - add capability detection logic in qat_4xxx (Vladis Dronov) [1833004] - [crypto] crypto: qat - add AES-XTS support for QAT GEN4 devices (Vladis Dronov) [1833004] - [crypto] crypto: qat - add AES-CTR support for QAT GEN4 devices (Vladis Dronov) [1833004] - [crypto] crypto: qat - fix excluded_middle.cocci warnings (Vladis Dronov) [1833004] - [crypto] crypto: qat - add qat_4xxx driver (Vladis Dronov) [1833004] - [crypto] crypto: qat - add hook to initialize vector routing table (Vladis Dronov) [1833004] - [crypto] crypto: qat - target fw images to specific AEs (Vladis Dronov) [1833004] - [crypto] crypto: qat - add gen4 firmware loader (Vladis Dronov) [1833004] - [crypto] crypto: qat - add support for broadcasting mode (Vladis Dronov) [1833004] - [crypto] crypto: qat - add support for shared ustore (Vladis Dronov) [1833004] - [crypto] crypto: qat - allow to target specific AEs (Vladis Dronov) [1833004] - [crypto] crypto: qat - add FCU CSRs to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add CSS3K support (Vladis Dronov) [1833004] - [crypto] crypto: qat - use ae_mask (Vladis Dronov) [1833004] - [crypto] crypto: qat - add check for null pointer (Vladis Dronov) [1833004] - [crypto] crypto: qat - add misc control CSR to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add wake up event to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add clock enable CSR to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add reset CSR and mask to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add local memory size to chip info (Vladis Dronov) [1833004] - [crypto] crypto: qat - add support for lm2 and lm3 (Vladis Dronov) [1833004] - [crypto] crypto: qat - add next neighbor to chip_info (Vladis Dronov) [1833004] - [crypto] crypto: qat - replace check based on DID (Vladis Dronov) [1833004] - [crypto] crypto: qat - introduce chip info structure (Vladis Dronov) [1833004] - [crypto] crypto: qat - refactor long expressions (Vladis Dronov) [1833004] - [crypto] crypto: qat - refactor qat_uclo_set_ae_mode() (Vladis Dronov) [1833004] - [crypto] crypto: qat - move defines to header files (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove global CSRs helpers (Vladis Dronov) [1833004] - [crypto] crypto: qat - refactor AE start (Vladis Dronov) [1833004] - [crypto] crypto: qat - change micro word data mask (Vladis Dronov) [1833004] - [crypto] crypto: qat - change type for ctx_mask (Vladis Dronov) [1833004] - [crypto] crypto: qat - add support for relative FW ucode loading (Vladis Dronov) [1833004] - [crypto] crypto: qat - rename qat_uclo_del_uof_obj() (Vladis Dronov) [1833004] - [crypto] crypto: qat - introduce additional parenthesis (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove unnecessary parenthesis (Vladis Dronov) [1833004] - [crypto] crypto: qat - fix error message (Vladis Dronov) [1833004] - [crypto] crypto: qat - fix CSR access (Vladis Dronov) [1833004] - [crypto] crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (Vladis Dronov) [1833004] - [crypto] crypto: qat - support for mof format in fw loader (Vladis Dronov) [1833004] - [crypto] crypto: qat - replace pci with PCI in comments (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove cast for mailbox CSR (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove unneeded semicolon (Vladis Dronov) [1833004] - [crypto] crypto: qat - extend ae_mask (Vladis Dronov) [1833004] - [crypto] crypto: qat - allow for instances in different banks (Vladis Dronov) [1833004] - [crypto] crypto: qat - refactor qat_crypto_dev_config() (Vladis Dronov) [1833004] - [crypto] crypto: qat - refactor qat_crypto_create_instances() (Vladis Dronov) [1833004] - [crypto] crypto: qat - change return value in adf_cfg_key_val_get() (Vladis Dronov) [1833004] - [crypto] crypto: qat - change return value in adf_cfg_add_key_value_param() (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove unnecessary void* casts (Vladis Dronov) [1833004] - [crypto] crypto: qat - call functions in adf_sriov if available (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove hardcoded bank irq clear flag mask (Vladis Dronov) [1833004] - [crypto] crypto: qat - abstract writes to arbiter enable (Vladis Dronov) [1833004] - [crypto] crypto: qat - use BIT_ULL() - 1 pattern for masks (Vladis Dronov) [1833004] - [crypto] crypto: qat - replace constant masks with GENMASK (Vladis Dronov) [1833004] - [crypto] crypto: qat - abstract build ring base (Vladis Dronov) [1833004] - [crypto] crypto: qat - enable ring after pair is programmed (Vladis Dronov) [1833004] - [crypto] crypto: qat - register crypto instances based on capability (Vladis Dronov) [1833004] - [crypto] crypto: qat - add support for capability detection (Vladis Dronov) [1833004] - [crypto] crypto: qat - abstract arbiter access (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove unused macros in arbiter module (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove writes into WQCFG (Vladis Dronov) [1833004] - [crypto] crypto: qat - update constants table (Vladis Dronov) [1833004] - [crypto] crypto: qat - use admin mask to send fw constants (Vladis Dronov) [1833004] - [crypto] crypto: qat - change admin sequence (Vladis Dronov) [1833004] - [crypto] crypto: qat - rename ME in AE (Vladis Dronov) [1833004] - [crypto] crypto: qat - add packed to init admin structures (Vladis Dronov) [1833004] - [crypto] crypto: qat - abstract admin interface (Vladis Dronov) [1833004] - [crypto] crypto: qat - relocate GEN2 CSR access code (Vladis Dronov) [1833004] - [crypto] crypto: qat - split transport CSR access logic (Vladis Dronov) [1833004] - [crypto] crypto: qat - fix configuration of iov threads (Vladis Dronov) [1833004] - [crypto] crypto: qat - num_rings_per_bank is device dependent (Vladis Dronov) [1833004] - [crypto] crypto: qat - mask device capabilities with soft straps (Vladis Dronov) [1833004] - [crypto] crypto: qat - update IV in software (Vladis Dronov) [1833004] - [crypto] crypto: qat - remove unused function (Vladis Dronov) [1833004] [4.18.0-295] - mptcp: send ack for every add_addr (Davide Caratti) [1929280] - Revert '[net] tcp: change pingpong threshold to 3' (Davide Caratti) [1929280] - powerpc/pseries: Dont enforce MSI affinity with kdump (Greg Kurz) [1919427] - rtc: disallow update interrupts when time is invalid (Waiman Long) [1918288] - rtc: disable uie before setting time and enable after (Waiman Long) [1918288] - rtc: dont reference bogus function pointer in kdoc (Waiman Long) [1918288] - KVM: x86/mmu: Expand collapsible SPTE zap for TDP MMU to ZONE_DEVICE and HugeTLB pages (Paolo Bonzini) [1897366] - KVM: x86/mmu: Allow parallel page faults for the TDP MMU (Paolo Bonzini) [1897366] - KVM: x86/mmu: Mark SPTEs in disconnected pages as removed (Paolo Bonzini) [1897366] - KVM: x86/mmu: Flush TLBs after zap in TDP MMU PF handler (Paolo Bonzini) [1897366] - KVM: x86/mmu: Use atomic ops to set SPTEs in TDP MMU map (Paolo Bonzini) [1897366] - KVM: x86/mmu: Factor out functions to add/remove TDP MMU pages (Paolo Bonzini) [1897366] - i915: kvmgt: the KVM mmu_lock is now an rwlock (Paolo Bonzini) [1897366] - KVM: x86/mmu: Use an rwlock for the x86 MMU (Paolo Bonzini) [1897366] - KVM: x86/mmu: Protect TDP MMU page table memory with RCU (Paolo Bonzini) [1897366] - KVM: x86/mmu: Clear dirtied pages mask bit before early break (Paolo Bonzini) [1897366] - KVM: x86/mmu: Skip no-op changes in TDP MMU functions (Paolo Bonzini) [1897366] - KVM: x86/mmu: Yield in TDU MMU iter even if no SPTES changed (Paolo Bonzini) [1897366] - KVM: x86/mmu: Ensure forward progress when yielding in TDP MMU iter (Paolo Bonzini) [1897366] - KVM: x86/mmu: Rename goal_gfn to next_last_level_gfn (Paolo Bonzini) [1897366] - KVM: x86/mmu: Merge flush and non-flush tdp_mmu_iter_cond_resched (Paolo Bonzini) [1897366] - KVM: x86/mmu: Fix braces in kvm_recover_nx_lpages (Paolo Bonzini) [1897366] - KVM: x86/mmu: Factor out handling of removed page tables (Paolo Bonzini) [1897366] - KVM: x86/mmu: Dont redundantly clear TDP MMU pt memory (Paolo Bonzini) [1897366] - KVM: x86/mmu: Add lockdep when setting a TDP MMU SPTE (Paolo Bonzini) [1897366] - KVM: x86/mmu: Add comment on __tdp_mmu_set_spte (Paolo Bonzini) [1897366] - KVM: x86/mmu: change TDP MMU yield function returns to match cond_resched (Paolo Bonzini) [1897366] - locking/arch: Move qrwlock.h include after qspinlock.h (Paolo Bonzini) [1897366] - sched: Add cond_resched_rwlock (Paolo Bonzini) [1897366] - sched: Add needbreak for rwlocks (Paolo Bonzini) [1897366] - locking/rwlocks: Add contention detection for rwlocks (Paolo Bonzini) [1897366] - RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes (Kamal Heib) [1919395] - net/vmw_vsock: fix NULL pointer dereference (Jon Maloy) [1925600] {CVE-2021-26708} - net/vmw_vsock: improve locking in vsock_connect_timeout() (Jon Maloy) [1925600] {CVE-2021-26708} - vsock: fix locking in vsock_shutdown() (Jon Maloy) [1925600] {CVE-2021-26708} - vsock: fix the race conditions in multi-transport support (Jon Maloy) [1925600] {CVE-2021-26708} - ahci: Add missing Intel Emmitsburg PCH RAID PCI IDs (David Arcari) [1928789] - KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off (Paolo Bonzini) [1912448] - [sound] ALSA: hda/via: Fix runtime PM for Clevo W35xSS (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Add two 'Intel Reference board' SSID in the ALC256 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Add mute LED quirk for more HP laptops (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Modify Dell platform name (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (Jaroslav Kysela) [1916102] - [sound] ALSA: ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Apply jack fixup for Quanta NL3 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Add quirk for MSI-GP73 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Supported Dell fixed type headset (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Remove dummy lineout on Acer TravelMate P648/P658 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/hdmi: Fix incorrect mutex unlock in silent_stream_disable() (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/hdmi: packet buffer index must be set before reading value (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/hdmi: always print pin NIDs as hexadecimal (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/hdmi: fix silent stream for first playback to DP (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/conexant: add a new hda codec CX11970 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda: Fix regressions on clear and reconfig sysfs (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/proc - print DP-MST connections (Jaroslav Kysela) [1916102] - [sound] ALSA: hda - Fix the return value if cb func is already registered (Jaroslav Kysela) [1916102] - [sound] ALSA: mixart: Fix mutex deadlock (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Fix bass speaker DAC assignment on Asus Zephyrus G14 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Add new codec supported for ALC897 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Fixed Dell AIO wrong sound tone (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - HP Headset Mic cant detect after boot (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Add supported mute Led for HP (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Enable headphone for ASUS TM420 (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/realtek - Fixed HP headset Mic cant be detected (Jaroslav Kysela) [1916102] - [sound] ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid (Jaroslav Kysela) [1916102] - [sound] ALSA: hda/generic: Add option to enforce preferred_dacs pairs (Jaroslav Kysela) [1916102] - [sound] ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (Jaroslav Kysela) [1916102] - [sound] ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (Jaroslav Kysela) [1916102] - [fs] gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end (Andreas Grunbacher) [1926852] - [net] netfilter: nf_tables: coalesce multiple notifications into one skbuff (Phil Sutter) [1855207] - [drm] drm/i915/rkl: new rkl ddc map for different PCH (Lyude Paul) [1910761] - [drm] drm/nouveau: fix dma syncing warning with debugging on (Lyude Paul) [1915548] - [drm] drm/i915: Update TGL and RKL HuC firmware versions (Lyude Paul) [1924209] - [drm] drm/i915/tgl, rkl: Make Wa_1606700617/22010271021 permanent (Lyude Paul) [1924209] - [drm] drm/i915: Update gen12 forcewake table (Lyude Paul) [1924209] - [drm] drm/i915: Rename FORCEWAKE_BLITTER to FORCEWAKE_GT (Lyude Paul) [1924209] - [drm] drm/i915/display/fbc: Implement WA 22010751166 (Lyude Paul) [1924209] - [drm] drm/i915: Tweaked Wa_14010685332 for PCHs used on gen11 platforms (Lyude Paul) [1924209] - [drm] drm/i915: Reorder hpd init vs. display resume (Lyude Paul) [1921868] - [drm] drm/i915/dp: Dont use DPCD backlights that need PWM enable/disable (Lyude Paul) [1885406] - [drm] drm/dp: Revert 'drm/dp: Introduce EDID-based quirks' (Lyude Paul) [1885406] - [drm] drm/i915/dp: Allow forcing specific interfaces through enable_dpcd_backlight (Lyude Paul) [1885406] - [drm] drm/i915/dp: Enable Intels HDR backlight interface (only SDR for now) (Lyude Paul) [1885406] - [drm] drm/i915: Keep track of pwm-related backlight hooks separately (Lyude Paul) [1885406] - [drm] drm/i915: Pass port to intel_panel_bl_funcs.get() (Lyude Paul) [1885406] - [drm] drm/i915/dp: Add register definitions for Intel HDR backlight interface (Lyude Paul) [1885406] - [drm] drm/i915/dp: Rename eDP VESA backlight interface functions (Lyude Paul) [1885406] - [drm] drm/i915: Pass down brightness values to enable/disable backlight callbacks (Lyude Paul) [1885406] - [drm] drm/i915: Rename pwm_* backlight callbacks to ext_pwm_* (Lyude Paul) [1885406] - [drm] drm/i915/dp: Program source OUI on eDP panels (Lyude Paul) [1885406] - [drm] drm/i915: refactor panel backlight control functions. (v2) (Lyude Paul) [1885406] - [drm] drm/i915/backlight: fix CPU mode backlight takeover on LPT (Lyude Paul) [1885406] - [drm] drm/i915/dpcd_bl: uncheck PWM_PIN_CAP when detect eDP backlight capabilities (Lyude Paul) [1885406] - [drm] drm/i915: panel: Add get_vbt_pwm_freq() helper (Lyude Paul) [1885406] - [drm] drm/i915/dp: Tweak initial dpcd backlight.enabled value (Lyude Paul) [1885406] - [drm] kms: handle mDP connectors (Lyude Paul) [1876992] - [drm] drm/i915/tgl: Fix Combo PHY DPLL fractional divider for 38.4MHz ref clock (Lyude Paul) [1876992] - [drm] drm/i915/rkl: Add new cdclk table (Lyude Paul) [1876992] - [drm] drm/i915/rkl: Handle HTI (Lyude Paul) [1876992] - [drm] drm/i915/rkl: Add DPLL4 support (Lyude Paul) [1876992] - [drm] drm/i915/rkl: Add initial workarounds (Lyude Paul) [1876992] - [drm] drm/i915/rkl: Handle new DPCLKA_CFGCR0 layout (Lyude Paul) [1876992] - [drm] drm/i915: Update TGL and RKL DMC firmware versions (Lyude Paul) [1876992] - [drm] drm/i915/gt: Program mocs:63 for cache eviction on gen9 (Lyude Paul) [1876992] - [drm] drm/i915/gt: Limit frequency drop to RPe on parking (Lyude Paul) [1876992] - [drm] drm/i915/gt: Retain default context state across shrinking (Lyude Paul) [1876992] - [drm] drm/amdgpu/vcn3.0: remove old DPG workaround (Lyude Paul) [1876992] - [drm] drm/amdgpu/vcn3.0: stall DPG when WPTR/RPTR reset (Lyude Paul) [1876992] - [drm] drm/i915/gt: Fixup tgl mocs for PTE tracking (Lyude Paul) [1876992] - [drm] drm/amdgpu: add rlc iram and dram firmware support (Lyude Paul) [1876992] - [drm] drm/nouveau: fix relocations applying logic and a double-free (Lyude Paul) [1876992] - [drm] drm/amd/display: Avoid HDCP initialization in devices without output (Lyude Paul) [1876992] - [drm] drm/amd/amdgpu: fix null pointer in runtime pm (Lyude Paul) [1876992] - [drm] drm/amdgpu: update golden setting for sienna_cichlid (Lyude Paul) [1876992] - [drm] drm/amdgpu: fix a page fault (Lyude Paul) [1876992] - [drm] drm/amdgpu: fix SI UVD firmware validate resume fail (Lyude Paul) [1876992] - [drm] drm/i915/tgl: Fix Media power gate sequence (Lyude Paul) [1876992] - [drm] drm/i915: Handle max_bpc==16 (Lyude Paul) [1876992] - [drm] drm/amd/display: Add missing pflip irq for dcn2.0 (Lyude Paul) [1876992] - [drm] drm/gma500: Fix out-of-bounds access to struct drm_device.vblank (Lyude Paul) [1876992] - [drm] drm/i915: Correctly set SFC capability for video engines (Lyude Paul) [1876992] - [drm] drm/amd/display: Add missing pflip irq (Lyude Paul) [1876992] - [drm] drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running (Lyude Paul) [1876992] - [drm] drm/amd/pm: perform SMC reset on suspend/hibernation (Lyude Paul) [1876992] - [drm] drm/amd/pm: correct the baco reset sequence for CI ASICs (Lyude Paul) [1876992] - [drm] drm/amdgpu: perform srbm soft reset always on SDMA resume (Lyude Paul) [1876992] - [drm] drm/i915/gem: Flush coherency domains on first set-domain-ioctl (Lyude Paul) [1876992] - [drm] drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (Lyude Paul) [1876992] - [drm] drm/i915/gt: Use the local HWSP offset during submission (Lyude Paul) [1876992] - [drm] drm/i915: Fix encoder lookup during PSR atomic check (Lyude Paul) [1876992] - [drm] drm/nouveau/gem: fix 'refcount_t: underflow; use-after-free' (Lyude Paul) [1876992] - [drm] drm/nouveau/nouveau: fix the start/end range for migration (Lyude Paul) [1876992] - [drm] drm/amd/display: adding ddc_gpio_vga_reg_list to ddc reg defns (Lyude Paul) [1876992] - [drm] drm/amd/display: Fixed panic during seamless boot (Lyude Paul) [1876992] - [drm] drm/amdgpu: add DID for navi10 blockchain SKU (Lyude Paul) [1876992] - [drm] drm/amdgpu: disable DCN and VCN for navi10 blockchain SKU(v3) (Lyude Paul) [1876992] - [drm] drm/amdgpu: resolved ASD loading issue on sienna (Lyude Paul) [1876992] - [drm] drm/amdgpu: update golden setting for sienna_cichlid (Lyude Paul) [1876992] - [drm] drm/nouveau/device: fix changing endianess code to work on older GPUs (Lyude Paul) [1876992] - [drm] drm/nouveau/kms/nv50-: Program notifier offset before requesting disp caps (Lyude Paul) [1876992] - [drm] drm/i915: Restore ILK-M RPS support (Lyude Paul) [1876992] - [drm] drm/i915: Reject 90/270 degree rotated initial fbs (Lyude Paul) [1876992] - [drm] drm/i915: Use the active reference on the vma while capturing (Lyude Paul) [1876992] - [drm] drm/i915: Mark ininitial fb obj as WT on eLLC machines to avoid rcu lockup during fbdev init (Lyude Paul) [1876992] - [drm] drm/i915: Exclude low pages (128KiB) of stolen from use (Lyude Paul) [1876992] - [drm] drm/i915: Drop runtime-pm assert from vgpu io accessors (Lyude Paul) [1876992] - [drm] drm/i915/gt: Delay execlist processing for tgl (Lyude Paul) [1876992] - [drm] drm/i915/gt: Undo forced context restores after trivial preemptions (Lyude Paul) [1876992] - [drm] drm/i915/gt: Initialize reserved and unspecified MOCS indices (Lyude Paul) [1876992] - [drm] drm/i915: Fix TGL DKL PHY DP vswing handling (Lyude Paul) [1876992] - [drm] drm/i915: Avoid mixing integer types during batch copies (Lyude Paul) [1876992] - [drm] drm/i915: Cancel outstanding work after disabling heartbeats on an engine (Lyude Paul) [1876992] - [drm] drm/i915: Break up error capture compression loops with cond_resched() (Lyude Paul) [1876992] - [drm] drm/i915/gt: Always send a pulse down the engine after disabling heartbeat (Lyude Paul) [1876992] - [drm] drm/i915/gem: Always test execution status on closing the context (Lyude Paul) [1876992] - [drm] drm/i915/gem: Prevent using pgprot_writecombine() if PAT is not supported (Lyude Paul) [1876992] - [drm] drm/i915/gem: Avoid implicit vmap for highmem on x86-32 (Lyude Paul) [1876992] - [drm] drm/amdgpu: correct the cu and rb info for sienna cichlid (Lyude Paul) [1876992] - [drm] drm/amd/psp: Fix sysfs: cannot create duplicate filename (Lyude Paul) [1876992] - [drm] drm/amd/swsmu: add missing feature map for sienna_cichlid (Lyude Paul) [1876992] - [drm] drm/amd/pm: fix pp_dpm_fclk (Lyude Paul) [1876992] - [drm] drm/amd/pm: increase mclk switch threshold to 200 us (Lyude Paul) [1876992] - [drm] drm/amdgpu/swsmu: drop smu i2c bus on navi1x (Lyude Paul) [1876992] - [drm] drm/ttm: fix eviction valuable range check (Lyude Paul) [1876992] - [drm] drm/amd/display: Fix kernel panic by dal_gpio_open() error (Lyude Paul) [1876992] - [drm] drm/amd/display: Dont invoke kgdb_breakpoint() unconditionally (Lyude Paul) [1876992] - [drm] drm/amdgpu: increase the reserved VM size to 2MB (Lyude Paul) [1876992] - [drm] drm/amdgpu: add function to program pbb mode for sienna cichlid (Lyude Paul) [1876992] - [drm] drm/amd/display: Avoid MST manager resource leak (Lyude Paul) [1876992] - [drm] drm/amdkfd: Use same SQ prefetch setting as amdgpu (Lyude Paul) [1876992] - [drm] drm/amdgpu: correct the gpu reset handling for job != NULL case (Lyude Paul) [1876992] - [drm] drm/amdgpu: update golden setting for sienna_cichlid (Lyude Paul) [1876992] - [drm] drm/amdgpu: vcn and jpeg ring synchronization (Lyude Paul) [1876992] - [drm] drm/amd/display: Increase timeout for DP Disable (Lyude Paul) [1876992] - [drm] drm/amd/display: Fix incorrect backlight register offset for DCN (Lyude Paul) [1876992] - [drm] drm/amdgpu: dont map BO in reserved region (Lyude Paul) [1876992] - [drm] drm/shme-helpers: Fix dma_buf_mmap forwarding bug (Lyude Paul) [1876992] - [drm] drm/i915: Force VTd workarounds when running as a guest OS (Lyude Paul) [1876992] - [drm] drm/amd/display: Avoid set zero in the requested clk (Lyude Paul) [1876992] - [drm] drm/amd/display: HDMI remote sink need mode validation for Linux (Lyude Paul) [1876992] - [drm] drm/amdgpu: No sysfs, not an error condition (Lyude Paul) [1876992] - [drm] drm/amd/display: Check clock table return (Lyude Paul) [1876992] - [drm] drm/bridge/synopsys: dsi: add support for non-continuous HS clock (Lyude Paul) [1876992] - [drm] drm/vkms: avoid warning in vkms_get_vblank_timestamp (Lyude Paul) [1876992] - [drm] drm/bridge_connector: Set default status connected for eDP connectors (Lyude Paul) [1876992] - [drm] drm/scheduler: Scheduler priority fixes (v2) (Lyude Paul) [1876992] - [drm] drm/amdgpu: restore ras flags when user resets eeprom(v2) (Lyude Paul) [1876992] - [drm] drm/i915/gem: Serialise debugfs i915_gem_objects with ctx->mutex (Lyude Paul) [1876992] - [drm] drm/amd/display: Disconnect pipe separetely when disable pipe split (Lyude Paul) [1876992] - [drm] drm/hisilicon: Code refactoring for hibmc_drv_de (Lyude Paul) [1876992] - [drm] drm/amd/display: Screen corruption on dual displays (DP+USB-C) (Lyude Paul) [1876992] - [drm] drm: fix double free for gbo in drm_gem_vram_init and drm_gem_vram_create (Lyude Paul) [1876992] - [drm] drm/amdgpu: Fix invalid number of character '{' in amdgpu_acpi_init (Lyude Paul) [1876992] - [drm] drm/amdgpu: fix max_entries calculation v4 (Lyude Paul) [1876992] - [drm] drm/crc-debugfs: Fix memleak in crc_control_write (Lyude Paul) [1876992] - [drm] drm/gma500: fix error check (Lyude Paul) [1876992] - [drm] drm/amd/display: fix potential integer overflow when shifting 32 bit variable bl_pwm (Lyude Paul) [1876992] - [drm] drm/vkms: add missing platform_device_unregister() in vkms_init() (Lyude Paul) [1876992] - [drm] drm/vgem: add missing platform_device_unregister() in vgem_init() (Lyude Paul) [1876992] - [drm] drm/amd/display: Fix wrong return value in dm_update_plane_state() (Lyude Paul) [1876992] - [drm] drm/vkms: fix xrgb on compute crc (Lyude Paul) [1876992] - [iommu] iommu/amd: Set iommu->int_enabled consistently when interrupts are set up (Vitaly Kuznetsov) [1915038] - [iommu] iommu/amd: Fix IOMMU interrupt generation in X2APIC mode (Vitaly Kuznetsov) [1915038] - [iommu] iommu/amd: Fix union of bitfields in intcapxt support (Vitaly Kuznetsov) [1915038] - [iommu] iommu/amd: Fix kerneldoc comments (Vitaly Kuznetsov) [1915038] - [x86] x86/irq: Prepare consolidation of irq_alloc_info (Vitaly Kuznetsov) [1915038] - [iommu] iommu/amd: Use msi_msg shadow structs (Vitaly Kuznetsov) [1915038] - [iommu] x86_irq_Rename_X86_IRQ_ALLOC_TYPE_MSI_to_reflect_PCI_dependency (Vitaly Kuznetsov) [1915038] - [netdrv] Revert 'e1000e: disable s0ix entry and exit flows for ME systems' (Ken Cox) [1872412] - [netdrv] e1000e: fix S0ix flow to allow S0i3.2 subset entry (Ken Cox) [1872412] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-19523 CVE-2020-11608 CVE-2019-19528 CVE-2020-12464 CVE-2020-24394 CVE-2020-12114 CVE-2020-14356 CVE-2020-25643 CVE-2020-25704 CVE-2020-28974 CVE-2020-14314 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-35508 CVE-2019-18811 CVE-2020-15437 CVE-2020-27835 CVE-2020-12362 CVE-2020-36322 CVE-2021-0342 CVE-2020-0431 CVE-2020-27786 Oracle Linux 7 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32760 Oracle Linux 8 [3.26.0-13] - enabled fts3conf.test on s390x and ppc64 architectures [3.26.0-12] - Fixed CVE-2020-13434 (#1845843) - Fixed CVE-2020-15358 (#1855208) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-13434 CVE-2020-15358 Oracle Linux 8 [2.12-10] - Fixed improper input validation when writing tar header fields (#1766223) [2.12-9] - Extract: retain times for symlinks (#1487673) MODERATE Copyright 2021 Oracle, Inc. CVE-2019-14866 Oracle Linux 8 [2.28-151.0.1.el8_4] - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutex_spin_count tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> - add Ampere emag to tunable cpu list (Patrick McGehearty) - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile - Both should test - if (stream->_flags & _IO_USER_LOCK) == 0) - _IO_lock_lock (*stream->_lock); - OraBug: 28481550. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> [2.28-153] - Support SEM_STAT_ANY via semctl. Return EINVAL for unknown commands to semctl, msgctl, and shmctl. (#1912670) [2.28-151] - CVE-2019-9169: Fix buffer overread in regexec.c (#1685400). [2.28-150] - Rebuild glibc to update security markup metadata (#1931305) [2.28-149] - Fix NSS files and compat service upgrade defect (#1927040). [2.28-148] - CVE-2021-3326: iconv assertion failure in ISO-2022-JP-3 decoding (#1924919) [2.28-147] - x86-64: Fix FMA4 math routine selection after bug 1817513 (#1918115) [2.28-146] - CVE-2019-25013:Fix buffer overrun in EUC-KR conversion module (#1912544) [2.28-145] - Update glibc-hwcaps fix from upstream (#1817513) [2.28-144] - Support running libc.so.6 as a main program in more cases (#1882466) [2.28-142] - Add glibc-hwcaps support (#1817513) - Implement DT_AUDIT support (#1871385) [2.28-141] - Update Intel CET support (#1855790) [2.28-140] - Fix calling lazily-bound SVE-using functions on AArch64 (#1893662) [2.28-139] - CVE-2016-10228, CVE-2020-27618: Fix infinite loops in iconv (#1704868, [2.28-138] - Avoid comments after %endif in the RPM spec file (#1894340) [2.28-137] - x86: Further memcpy optimizations for AMD Zen (#1880670) [2.28-136] - Allow __getauxval in testsuite check (#1856398) [2.28-135] - Use -moutline-atomics for aarch64 (#1856398) [2.28-134] - resolv: Handle DNS transaction ID collisions (#1868106) [2.28-133] - x86: Update auto-tuning of memcpy non-temporal threshold (#1880670) [2.28-132] - Fix fgetsgent_r data corruption bug (#1871397) [2.28-131] - Improve IBM zSeries (s390x) Performance (#1871395) [2.28-130] - Fix avx2 strncmp offset compare condition check (#1871394) - Add strncmp and strcmp testcases for page boundary [2.28-129] - Improve IBM POWER9 architecture performance (#1871387) [2.28-128] - Enable glibc for POWER10 (#1845098) MODERATE Copyright 2021 Oracle, Inc. CVE-2016-10228 CVE-2019-9169 CVE-2020-27618 CVE-2021-3326 CVE-2019-25013 Oracle Linux 8 accountsservice [0.6.55-1] - Rebase to 0.6.55 Resolves: #1846376 atkmm [2.24.2-7] - Rebuild for annobin fixes - Resolves: rhbz#1703969 cairomm [1.12.0-8] - Rebuild for the annobin fixes - Resolves: rhbz#1703971 chrome-gnome-shell [10.1-7] - Disable updates support Resolves: #1802105 dleyna-core [0.6.0-3] - Dont remove a queue more than once - Remove any pending task processing handlers when destroying a queue Resolves: #1464902 dleyna-server [0.6.0-3] - Avoid crash when getting server properties Resolves: #1464902 enchant2 [2.2.3-3] - Rebuild for the annobin fixes - Resolves: rhbz#1703990 gamin [0.1.10-32] - Add a comment clarifying the license (rhbz#1096200) gdm [3.28.3-39] - Ensure login screen display server is is killed at log in - Pull in fixes for two security issues Resolves: #1918391 [3.28.3-38] - Re-add disabling Wayland for server GPUs Related: #1670273 [3.28.3-35] - Stop disabling Wayland for server GPUs Related: #1670273 geoclue2 [2.5.5-2] - Fix multilib conflicts in -devel subpackage (#1853141) geocode-glib [3.26.0-3] - Rebuild against fixed gtk-doc to fix another multilib conflict (#1853142) [3.26.0-2] - Fix multilib conflicts in -devel subpackage (#1853142) gjs [1.56.2-5] - Fix undefined property warnings Related: #1845660 glib2 [2.56.4-9] - Update GHmac patch to implement g_hmac_copy() Resolves: #1786538 - Update keyfile settings backend Resolves: #1728896 - Fix CVE-2019-13012 Resolves: #1728632 glibmm24 [2.56.0-2] - Rebuild for the annobin fixes - Resolves: rhbz#1704002 gnome-boxes [3.36.5-8.0.1] - Add Oracle Linux 8.3 and 8.4 for VM template [Orabug: 32013221] [Orabug: 32840088] [3.36.5-8] - Pass discard 'unmap' to supported disk drivers - Related: #1152037 [3.36.5-7] - Fix mixing VM widgets - Related: #1639163 gnome-control-center [3.28.2-27] - Update fr, ja, zh_CN translations - Resolves: #1876291 [3.28.2-26] - Support Simple Content Access from subscription manager Related: #1870837 [3.28.2-25] - Fix a leak found by Coverity - Related: #1700002 [3.28.2-24] - Fix crashes when updating printer entries - Related: #1700002 - Resolves: #1903043 [3.28.2-23] - Update list of printers instead of regenerating it - Resolves: #1700002 gnome-online-accounts [3.28.2-2] - Rebuild to fix multilib issues Resolves: #1765627 gnome-photos [3.28.1-4] - Add a manual Resolves: #1612779 gnome-settings-daemon [3.32.0-14] - Update fr, ja, zh_CN translations - Resolves: #1876291 [3.32.0-13] - Add back subscription-manager plugin Related: #1870837 [3.32.0-12] - Handle org.gnome.Shell.Screencast Stopped signal Related: #1705392 gnome-shell [3.32.2-30] - Backport of touch mode Resolves: #1833787 [3.32.2-29] - Refuse to override system extensions Related: #1802105 [3.32.2-28] - Backport extension updates support Related: #1802105 [3.32.2-27] - Default to printing JS backtrace on segfaults Resolves: #1883868 [3.32.2-26] - Backport OSK fixes Resolves: #1871041 [3.32.2-25] - Stop screen recording on monitor changes Resolves: #1705392 [3.32.2-24] - Handle workspace from startup notification Resolves: #1671761 [3.32.2-23] - Work around aggressive garbage collection Related: #1881312 [3.32.2-22] - Wake up lock screen when deactivated programmatically Resolves: #1854290 - Backport better caps-lock warning Resolves: #1861357 - Fix more (harmless) JS warnings Resolves: #1881312 [3.32.2-21] - Fix JS warning in AuthList downstream patch Resolves: #1860946 gnome-shell-extensions [3.32.1-14] - Use same logic than Nautilus for double click/tap in desktop-icons extension Resolves: #1842229 [3.32.1-13] - Update Japanese translation Related: #1865718 [3.32.1-12] - Adjust gettext locale in desktop-icons extension Resolves: #1865718 gnome-software [3.36.1-5] - Fix flatpak updates and removals when same ref occurs in multiple remotes - Resolves: #1888407 gnome-terminal [3.28.3-3] - Support using the '0', '+' and '-' keys from the numeric keypad as accelerators - Resolves: #837035 gtk-doc [1.28-3] - Backport an upstream patch to fix G_MAXINT appearing as G_MAXLONG on 32 bit - Related: #1853142 gtkmm24 [2.24.5-6] - Rebuild for the annobin fixes - Resolves: rhbz#1704012 gtkmm30 [3.22.2-3] - Rebuild for the annobin fixes - Resolves: rhbz#1704013 gvfs [1.36.2-11] - Add support for certificates prompts for GOA mounts (rhbz#1889411) libdazzle [3.28.5-2] - Rebuild to ship libdazzle-devel in CRB - Resolves: #1919429 libepubgen [0.1.0-3] - Resolves: rhbz#1919432 bump n-v-r and rebuild libsass [3.4.5-6] - Rebuild for the annobin fixes - Resolves: rhbz#1704058 libsigc++20 [2.10.0-6] - Rebuild for the annobin fixes - Resolves: rhbz#1704059 libvisual [1:0.4.0-25] - Fix multilib conflicts in lvconfig.h - Resolves: #1853155 mutter [3.32.2-57] - Backport touch-mode Resolves: #1833787 [3.32.2-56] - Backport geometric picking patches Resolves: #1919467 [3.32.2-55] - Fix slow nouveau with llvmpipe Resolves: #1921151 [3.32.2-54] - Fix polyinstantiation patch backport Resolves: #1861769 [3.32.2-53] - Fix test case backport Related: #1786496 [3.32.2-52] - Support polyinstantiation Resolves: #1861769 - Mitigate nouveau misidentifying connectors Resolves: #1786496 [3.32.2-51] - Add PING_TIMEOUT_DELAY to mutter MetaPreferences Resolves: #1886034 [3.32.2-50] - Fix GLX stereo buffer rebase error Resolves: #1889528 [3.32.2-49] - Add tile based shadow buffer damage tracking Resolves: #1670273 nautilus [3.28.1-15] - Fix activation_uri handling to prevent invalid bookmarks (rhbz#1906499) OpenEXR [2.2.0-12] - In check, dont override PKG_CONFIG_PATH from the environment (#1907528) pangomm [2.40.1-6] - Rebuild for the annobin fixes - Resolves: rhbz#1704100 soundtouch [2.0.0-3] - Rebuild for the annobin fixes - Remove an unused patch - Resolves: rhbz#1704123 vala [0.40.19-2] - Fix multilib conflicts in vala-gen-introspect - Resolves: #1853170 webkit2gtk3 [2.30.4-1] - Update to 2.30.4 - Related: #1883304 [2.30.3-1] - Update to 2.30.3 - Related: #1883304 [2.30.2-2] - Try to fix coverity build by disabling docs (thanks to Kamil Dudka <kdudka@redhat.com>!) - Related: #1883304 [2.30.2-1] - Update to 2.30.2 - Related: #1883304 [2.30.1-1] - Update to 2.30.1 - Related: #1883304 woff2 [1.0.2-5] - Resolves: rhbz#1919435 bump NVR for rebuild MODERATE Copyright 2021 Oracle, Inc. CVE-2020-13543 CVE-2020-13584 CVE-2019-13012 CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 Oracle Linux 8 [1.18.2-8] - Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196) - Resolves: #1906492 [1.18.2-7] - Document -k option in kvno(1) synopsis - Resolves: #1869055 [1.18.2-6] - Enable MD5 override for FIPS RADIUS - Resolves: #1872689 [1.18.2-5.2] - Unify kvno option documentation - Resolves: #1869055 [1.18.2-5.1] - Fix upstream URLs in spec file - Resolves: #1868039 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-28196 Oracle Linux 8 [2.9.7-9.0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.7-9] - Fix CVE-2020-24977 (#1878252) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-24977 Oracle Linux 8 [5.52-4] + bluez-5.52-4 - Fixing (#1885378) [5.52-3] + bluez-5.52-3 - Revering the 5.52-2 patch due some mismatch with upsream patch. [5.52-2] + bluez-5.52-2 - Fixing (#1885378) [5.52-1] + bluez-5.52-1 - Fixing (#1830397) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-27153 Oracle Linux 8 [0.20.0-4] - Use file cache by default (#1892810) - Avoid calloc with 0 argument (#1895401) [0.20.0-3] - Support PIN change for HID Alt tokens (#1830901) - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards (#1877973) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 Oracle Linux 8 [3.2.1-4] - CVE-2020-36242: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. - Resolves: rhbz#1926528 [3.2.1-3] - Conflict with non-matching vector package [3.2.1-2] - Re-add remove NPN bindings, required for pyOpenSSL - Resolves: rhbz#1907429 [3.2.1-1] - Rebase to upstream release 3.2.1 - Resolves: rhbz#1873581 - Resolves: rhbz#1778939 - Removed dependencies on python-asn1crypto, python-idna MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25659 CVE-2020-36242 Oracle Linux 8 [0.23.22-1] - Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363) - Preserve DT_NEEDED information from the previous version, flagged by rpmdiff - Add xsltproc to BR [0.23.21-4] - Fix realloc usage on proxy cleanup (#1894979) - Make 'trust anchor --store' preserve all attributes from .p11-kit files [0.23.21-3] - Restore clobbered changelog entry [0.23.21-2] - Update p11-kit-invalid-config.patch to be more thorough (thanks to Alexander Sosedkin) [0.23.21-1] - Update to upstream 0.23.21 release MODERATE Copyright 2021 Oracle, Inc. CVE-2020-29363 CVE-2020-29361 CVE-2020-29362 Oracle Linux 8 [7.61.1-18] - http: send payload when (proxy) authentication is done (#1918692) - curl: Inferior OCSP verification (CVE-2020-8286) - libcurl: FTP wildcard stack overflow (CVE-2020-8285) - curl: trusting FTP PASV responses (CVE-2020-8284) [7.61.1-17] - validate an ssl connection using an intermediate certificate (#1895355) [7.61.1-16] - fix multiarch conflicts in libcurl-minimal (#1895391) [7.61.1-15] - do not crash when HTTPS_PROXY and NO_PROXY are used together (#1873327) - libcurl: wrong connect-only connection (CVE-2020-8231) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 Oracle Linux 8 [239-45.0.1] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix memory hot add and remove [Orabug: 31310273] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catalog entries [Orabug: 30853009] - fix to generate systemd-pstore.service file [Orabug: 30230056] - fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792] - set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] - Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056] [239-45] - Revert 'test: add test cases for empty string match' and 'test: add test case for multi matches when use ||' (#1931947) - test/sys-script.py: add missing DEVNAME entries to uevents (#1931947) - sd-event: split out helper functions for reshuffling prioqs (#1819868) - sd-event: split out enable and disable codepaths from sd_event_source_set_enabled() (#1819868) - sd-event: mention that two debug logged events are ignored (#1819868) - sd-event: split clock data allocation out of sd_event_add_time() (#1819868) - sd-event: split out code to add/remove timer event sources to earliest/latest prioq (#1819868) - sd-event: fix delays assert brain-o (#17790) (#1819868) - sd-event: lets suffix last_run/last_log with '_usec' (#1819868) - sd-event: refuse running default event loops in any other thread than the one they are default for (#1819868) - sd-event: ref event loop while in sd_event_prepare() ot sd_event_run() (#1819868) - sd-event: follow coding style with naming return parameter (#1819868) - sd-event: remove earliest_index/latest_index into common part of event source objects (#1819868) - sd-event: update state at the end in event_source_enable (#1819868) - sd-event: increase n_enabled_child_sources just once (#1819868) - sd-event: add ability to ratelimit event sources (#1819868) - test: add ratelimiting test (#1819868) - core: prevent excessive /proc/self/mountinfo parsing (#1819868) - udev: run link_update() with increased retry count in second invocation (#1931947) - pam-systemd: use secure_getenv() rather than getenv() (#1687514) [239-44] - ci: PowerTools repo was renamed to powertools in RHEL 8.3 (#1871827) - ci: use quay.io instead of Docker Hub to avoid rate limits (#1871827) - ci: move jobs from Travis CI to GH Actions (#1871827) - unit: make UNIT() cast function deal with NULL pointers (#1871827) - use link to RHEL-8 docs (#1623116) - cgroup: Also set blkio.bfq.weight (#1657810) - units: make sure initrd-cleanup.service terminates before switching to rootfs (#1657810) - core: reload SELinux label cache on daemon-reload (#1888912) - selinux: introduce mac_selinux_create_file_prepare_at() (#1888912) - selinux: add trigger for policy reload to refresh internal selabel cache (#1888912) - udev/net_id: give RHEL-8.4 naming scheme a name (#1827462) - basic/stat-util: make mtime check stricter and use entire timestamp (#1642728) - udev: make algorithm that selects highest priority devlink less susceptible to race conditions (#1642728) - test: create /dev/null in test-udev.pl (#1642728) - test: missing 'die' (#1642728) - udev-test: remove a check for whether the test is run in a container (#1642728) - udev-test: skip the test only if it cant setup its environment (#1642728) - udev-test: fix test skip condition (#1642728) - udev-test: fix missing directory test/run (#1642728) - udev-test: check if permitted to create block device nodes (#1642728) - test-udev: add a testcase of too long line (#1642728) - test-udev: use proper semantics for too long line with continuation (#1642728) - test-udev: add more tests for line continuations and comments (#1642728) - test-udev: add more tests for line continuation (#1642728) - test-udev: fix alignment and drop unnecessary white spaces (#1642728) - test/udev-test.pl: cleanup if skipping test (#1642728) - test: add test cases for empty string match (#1642728) - test: add test case for multi matches when use '||' (#1642728) - udev-test: do not rely on 'mail' group being defined (#1642728) - test/udev-test.pl: allow multiple devices per test (#1642728) - test/udev-test.pl: create rules only once (#1642728) - test/udev-test.pl: allow concurrent additions and removals (#1642728) - test/udev-test.pl: use computed devnode name (#1642728) - test/udev-test.pl: test correctness of symlink targets (#1642728) - test/udev-test.pl: allow checking multiple symlinks (#1642728) - test/udev-test.pl: fix wrong test descriptions (#1642728) - test/udev-test.pl: last_rule is unsupported (#1642728) - test/udev-test.pl: Make some tests a little harder (#1642728) - test/udev-test.pl: remove bogus rules from magic subsys test (#1642728) - test/udev-test.pl: merge 'space and var with space' tests (#1642728) - test/udev-test.pl: merge import parent tests into one (#1642728) - test/udev-test.pl: count 'good' results (#1642728) - tests/udev-test.pl: add multiple device test (#1642728) - test/udev-test.pl: add repeat count (#1642728) - test/udev-test.pl: generator for large list of block devices (#1642728) - test/udev-test.pl: suppress umount error message at startup (#1642728) - test/udev_test.pl: add 'expected good' count (#1642728) - test/udev-test: gracefully exit when imports fail (#1642728) [239-43] - man: mention System Administrators Guide in systemctl manpage (#1623116) - udev: introduce udev net_id 'naming schemes' (#1827462) - meson: make net.naming-scheme= default configurable (#1827462) - man: describe naming schemes in a new man page (#1827462) - udev/net_id: parse _SUN ACPI index as a signed integer (#1827462) - udev/net_id: dont generate slot based names if multiple devices might claim the same slot (#1827462) - fix typo in ProtectSystem= option (#1871139) - remove references of non-existent man pages (#1876807) - log: Prefer logging to CLI unless JOURNAL_STREAM is set (#1865840) - locale-util: add new helper locale_is_installed() (#1755287) - test: add test case for locale_is_installed() (#1755287) - tree-wide: port various bits over to locale_is_installed() (#1755287) - install: allow instantiated units to be enabled via presets (#1812972) - install: small refactor to combine two function calls into one function (#1812972) - test: fix a memleak (#1812972) - docs: Add syntax for templated units to systemd.preset man page (#1812972) - shared/install: fix preset operations for non-service instantiated units (#1812972) - introduce setsockopt_int() helper (#1887181) - socket-util: add generic socket_pass_pktinfo() helper (#1887181) - core: add new PassPacketInfo= socket unit property (#1887181) - resolved: tweak cmsg calculation (#1887181) [239-42] - logind: dont print warning when user@.service template is masked (#1880270) - build: use simple project version in pkgconfig files (#1862714) - basic/virt: try the /proc/1/sched hack also for PID1 (#1868877) - seccomp: rework how the S[UG]ID filter is installed (#1860374) - vconsole-setup: downgrade log message when setting font fails on dummy console (#1889996) - units: fix systemd.special man page reference in system-update-cleanup.service (#1871827) - units: drop reference to sushell man page (#1871827) - sd-bus: break the loop in bus_ensure_running() if the bus is not connecting (#1885553) - core: add new API for enqueing a job with returning the transaction data (#846319) - systemctl: replace switch statement by table of structures (#846319) - systemctl: reindent table (#846319) - systemctl: Only wait when theres something to wait for. (#846319) - systemctl: clean up start_unit_one() error handling (#846319) - systemctl: split out extra args generation into helper function of its own (#846319) - systemctl: add new --show-transaction switch (#846319) - test: add some basic testing that 'systemctl start -T' does something (#846319) - man: document the new systemctl --show-transaction option (#846319) - socket: New option 'FlushPending' (boolean) to flush socket before entering listening state (#1870638) - core: remove support for API bus 'started outside our own logic' (#1764282) - mount-setup: fix segfault in mount_cgroup_controllers when using gcc9 compiler (#1868877) - dbus-execute: make transfer of CPUAffinity endian safe (#12711) (#1740657) - core: add support for setting CPUAffinity= to special 'numa' value (#1740657) - basic/user-util: always use base 10 for user/group numbers (#1848373) - parse-util: sometimes it is useful to check if a string is a valid integer, but not actually parse it (#1848373) - basic/parse-util: add safe_atoux64() (#1848373) - parse-util: allow tweaking how to parse integers (#1848373) - parse-util: allow '-0' as alternative to '0' and '+0' (#1848373) - parse-util: make return parameter optional in safe_atou16_full() (#1848373) - parse-util: rewrite parse_mode() on top of safe_atou_full() (#1848373) - user-util: be stricter in parse_uid() (#1848373) - strv: add new macro STARTSWITH_SET() (#1848373) - parse-util: also parse integers prefixed with 0b and 0o (#1848373) - tests: beef up integer parsing tests (#1848373) - shared/user-util: add compat forms of user name checking functions (#1848373) - shared/user-util: emit a warning on names with dots (#1848373) - user-util: Allow names starting with a digit (#1848373) - shared/user-util: allow usernames with dots in specific fields (#1848373) - user-util: switch order of checks in valid_user_group_name_or_id_full() (#1848373) - user-util: rework how we validate user names (#1848373) MODERATE Copyright 2021 Oracle, Inc. CVE-2019-3842 CVE-2020-13776 Oracle Linux 8 [0.3.15-1] - Rebase to 0.3.15 - Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 Oracle Linux 8 [1.24.2-5.0.1] - set RECENT_DATE to 01/30/2019 to make checks happy [Orabug: 30228991] [1.24.2-5] - Security fix for CVE-2020-26137 Resolves: rhbz#1883889 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26137 Oracle Linux 8 [3.6.8-37.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-37] - Fix for CVE-2021-23336 Resolves: rhbz#1928904 [3.6.8-36] - Fix for CVE-2021-3177 Resolves: rhbz#1918168 [3.6.8-35] - New options -a and -k for pathfix.py script backported from upstream Resolves: rhbz#1917691 [3.6.8-34] - Security fix for CVE-2020-27619: eval() call on content received via HTTP in the CJK codec tests Resolves: rhbz#1890237 [3.6.8-33] - Add support for upstream architecture names https://fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names Resolves: rhbz#1868003 [3.6.8-32] - Security fix for CVE-2020-26116: Reject control chars in HTTP method in http.client Resolves: rhbz#1883257 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26116 CVE-2020-27619 CVE-2021-23336 CVE-2021-3177 Oracle Linux 8 openchange [2.3-27.0.1] - Use ldconfig_scriptlets [2.3-27] - Rebuild for newer samba samba [4.13.3-3] - resolves: #1924615 - Fix a memcache bug when cache is full - resolves: #1924571 - Ensure that libwbclient has been updated before restarting services [4.13.3-2] - resolves: #1909647 - Fix winbind in trust scenarios with connection issues [4.13.3-1] - related: #1878109 - Rebase Samba to version 4.13.3 [4.13.2-5] - resolves: #1904174 - Fix ldap timeout with 'net ads join' [4.13.2-4] - resolves: #1902198 - Document weak crypto output of testparm [4.13.2-3] - resolves: #1899113 - Fix following dfs links with smb clients [4.13.2-2] - related: #1869702 - Fix spoolss crash - resolves: #1896736 - Fix name lookups of FreeIPA users - resolves: #1899113 - Fix DFS links [4.13.2-1] - resolves: #1878109 - Rebase Samba to version 4.13.2 - resolves: #1872833 - Add samba-winexe subpackage - resolves: #1891688 - Fix CVE-2020-14323 - resolves: #1892633 - Fix CVE-2020-14318 - resolves: #1892639 - Fix CVE-2020-14383 - resolves: #1879835 - Fix CVE-2020-1472 - resolves: #1888990 - Update smb.conf manpages to describe how to apply config changes. - resolves: #1869702 - Fix %U substitution for 'valid users' option - resolves: #1818038 - Improve FIPS compliance MODERATE Copyright 2021 Oracle, Inc. CVE-2020-1472 CVE-2020-14318 CVE-2020-14323 Oracle Linux 8 [5.3.28-40] - Resolves: CVE-2019-2708 - Resolves: #1856237 LOW Copyright 2021 Oracle, Inc. CVE-2019-2708 Oracle Linux 8 [4:5.26.3-419] - Fix CVE-2020-10543 (bug #1839273) - Fix CVE-2020-10878 (bug #1839276) - Fix a file mode of a perl-example.stp example (bug #1913693) [4:5.26.3-418] - Fix CVE-2020-12723 (bug #1839279) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10543 CVE-2020-10878 Oracle Linux 8 [4.4.19-14] - Fix hang when limit for nproc is very high Resolves: #1890888 [4.4.19-13] - Correctly drop saved UID when effective UID is not equal to its real UID Resolves: #1793943 LOW Copyright 2021 Oracle, Inc. CVE-2019-18276 Oracle Linux 8 [1:2.9-5] - P2P: Fix a corner case in peer addition based on PD Request (CVE-2021-27803) - Fix buffer overflow when processing P2P group information (CVE-2021-0326) [1:2.9-4] - enable WPA-EAP-SUITE-B-192 (rh #1916394) [1:2.9-3] - fix p2p_listen unexpectedly stopped after 5 seconds (rh #1693684) - allow changing 'bridge' via D-Bus (rh #1888050) - expose OWE configurability via D-Bus (rh #1888718) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-0326 Oracle Linux 8 [1.0.6-3] - Resolves: CVE-2020-8927 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-8927 Oracle Linux 8 [1.8.29-7] - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz#1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb#1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz#1917038 - updated upstream url Resolves: rhbz#1923825 LOW Copyright 2021 Oracle, Inc. CVE-2021-23240 CVE-2021-23239 Oracle Linux 8 [1.0.27-22] - related 1852663 - needed to rebuild due infrastructure error [1.0.27-21] - 1852663, 1848097 - NULL pointer dereference in sanei_epson_net_read function [1.0.27-20] - 1852468, 1852467, 1852466, 1852465 - prevent buffer overflow in esci2_img - 1852668, 1852667, 1852666, 1852665 - disable autodiscovery for epsonds backend MODERATE Copyright 2021 Oracle, Inc. CVE-2020-12867 Oracle Linux 8 delve [1.5.0-2.0.1] - Disable DWARF compression which has issues (Alex Burmashev) [1.5.0-2] - Add golang-1.15.4 related patch - Resolves: rhbz#1901189 [1.5.0-1] - Rebase to 1.5.0 - Related: rhbz#1870531 golang [1.15.7-1] - Rebase to 1.15.7 - Resolves: rhbz#1870531 - Resolves: rhbz#1919261 [1.15.5-1] - Rebase to 1.15.5 - Resolves: rhbz#1898652 - Resolves: rhbz#1898660 - Resolves: rhbz#1898649 [1.15.3-2] - fix typo in patch file name - Related: rhbz#1881539 [1.15.3-1] - Rebase to 1.15.3 - fix x/text infinite loop - Resolves: rhbz#1881539 [1.15.2-2] - Resolves: rhbz#1850045 [1.15.2-1] - Rebase to 1.15.2 - fix rhbz#1872622 in commit af9a1b1f6567a1c5273a134d395bfe7bb840b7f8 - Resolves: rhbz#1872622 - add net/http graceful shutdown patch - Resolves: rhbz#1888673 - add x509warnCN patch - Resolves: rhbz#1889437 [1.15.0-1] - Rebase to 1.15.0 - Related: rhbz#1870531 go-toolset [1.15.7-1] - Rebase to 1.15.7 - Resolves: rhbz#1870531 - Resolves: rhbz#1919261 [1.15.5-1] - Rebase to 1.15.5 - Resolves: rhbz#1898652 - Resolves: rhbz#1898660 - Resolves: rhbz#1898649 [1.15.3-1] - Rebase to 1.15.3 - fix x/text infinite loop - Resolves: rhbz#1881539 [1.15.2-1] - Rebase to 1.15.2 - Related: rhbz#1870531 - Related: rhbz#1872622 - Related: rhbz#1888673 - Related: rhbz#1889437 - Related: rhbz#1891095 [1.15.0-1] - Rebase to 1.15.0 - Related: rhbz#1870531 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3115 CVE-2021-3114 Oracle Linux 8 [3:2.1.29-11] - Fixes for CVE-2020-12108 and CVE-2020-15011 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-15011 CVE-2020-12108 Oracle Linux 8 evolution [3.28.5-16] - Resolves: #1902630 (Crash on file drag into mail composer with WebKitGTK 2.30) [3.28.5-15] - Resolves: #1883619 (ECalendarItem: Settings loaded only when being shown) evolution-data-server [3.28.5-15] - Resolves: #1862403 (CVE-2020-16117: Crash on malformed server response with minimal capabilities) evolution-ews [3.28.5-10] - Resolves: #1886026 (Simplify OAuth2 for outlook.office365.com server) - Resolves: #1885229 (Allow change of the Microsoft 365 OAuth2 endpoints) LOW Copyright 2021 Oracle, Inc. CVE-2020-16117 Oracle Linux 8 [5.12.5-8] - Build against system xkb and openssl 1.1 Resolves: bz#1882375 [5.12.5-7] - Fix buffer overflow in XBM parser Resolves: bz#1870364 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-17507 Oracle Linux 8 [0.27.3-2] - Avoid duplicating Changelog file Resolves: bz#1880984 [0.27.3-1] - Update to 0.27.3 Resolves: bz#1880984 LOW Copyright 2021 Oracle, Inc. CVE-2019-17402 Oracle Linux 8 python2 [2.7.18-4.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [2.7.18-4] - Security fix for CVE-2021-3177 Resolves: rhbz#1919163 [2.7.18-3] - Fixes for bundling prefix=/app build in gimp/inkscape containers Resolves: rhbz#1907592 [2.7.18-2] - Security fix for CVE-2020-26116: Reject control chars in HTTP method in httplib.putrequest Resolves: rhbz#1883258 [2.7.18-1] - Update to 2.7.18 Resolves: rhbz#1886754 python2-setuptools [39.0.1-13] - When building for Flatpak inclusion, build in bootstrap mode Resolves: rhbz#1907597 python-backports [1.0-16] - Update python macros to python2 versioned macros - Issue found when rebuilding the python27 module to include CVE fixes - Related: rhbz#1883890 rhbz#1883258 python-backports-ssl_match_hostname [3.5.0.1-12] - Remove unversioned Provides - Resolves: rhbz#1908300 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26137 CVE-2020-26116 CVE-2021-3177 CVE-2020-27783 Oracle Linux 8 libvirt [6.0.0-35.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] - Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma) - Disable parallel builds (Karl Heubaum) libvirt-dbus [1.3.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) libvirt-python [6.0.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) nbdkit [1.16.2-4.0.1] - Replace upstream references within the description tag [1.16.2] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) [1.16.2] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) perl-Sys-Virt [6.0.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) qemu-kvm [4.2.0-48.el8] - kvm-ide-atapi-check-logical-block-address-and-read-size-.patch [bz#1917451] - Resolves: bz#1917451 (CVE-2020-29443 virt:rhel/qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands [rhel-8.4.0]) [4.2.0-47.el8] - kvm-x86-cpu-Enable-AVX512_VP2INTERSECT-cpu-feature.patch [bz#1790620] - kvm-target-i386-add-fast-short-REP-MOV-support.patch [bz#1790620] - kvm-x86-cpu-Populate-SVM-CPUID-feature-bits.patch [bz#1790620] - kvm-i386-Add-the-support-for-AMD-EPYC-3rd-generation-pro.patch [bz#1790620] - Resolves: bz#1790620 ([RFE] AMD Milan - Add KVM/support for EPYC-Milan CPU Model - Slow Train) [4.2.0-46.el8] - kvm-redhat-makes-qemu-respect-system-s-crypto-profile.patch [bz#1902960] - kvm-spapr-Adjust-firmware-path-of-PCI-devices.patch [bz#1912891] - Resolves: bz#1902960 (QEMU doesnt honour system crypto policies) - Resolves: bz#1912891 ([ppc64le] --disk cdimage.iso,bus=usb fails to boot) [4.2.0-45.el8] - kvm-virtiofsd-extract-lo_do_open-from-lo_open.patch [bz#1919111] - kvm-virtiofsd-optionally-return-inode-pointer-from-lo_do.patch [bz#1919111] - kvm-virtiofsd-prevent-opening-of-special-files-CVE-2020-.patch [bz#1919111] - Resolves: bz#1919111 (CVE-2020-35517 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privileged host device access from guest [rhel-8.4.0]) [4.2.0-44.el8] - kvm-spapr-Improve-handling-of-fdt-buffer-size.patch [bz#1901837] - kvm-spapr-Fold-h_cas_compose_response-into-h_client_arch.patch [bz#1901837] - kvm-spapr-Don-t-use-spapr_drc_needed-in-CAS-code.patch [bz#1901837] - kvm-spapr-Fix-handling-of-unplugged-devices-during-CAS-a.patch [bz#1901837] - kvm-spapr-Allow-memory-unplug-to-always-succeed.patch [bz#1901837] - kvm-spapr-Improve-handling-of-memory-unplug-with-old-gue.patch [bz#1901837] - kvm-block-Require-aligned-image-size-to-avoid-assertion-.patch [bz#1834281] - kvm-file-posix-Allow-byte-aligned-O_DIRECT-with-NFS.patch [bz#1834281] - kvm-block-iscsi-fix-heap-buffer-overflow-in-iscsi_aio_io.patch [bz#1912974] - Resolves: bz#1834281 (qemu-img convert abort when converting image with unaligned size) - Resolves: bz#1901837 (Failed to hotunplug pc-dimm device) - Resolves: bz#1912974 (CVE-2020-11947 virt:rhel/qemu-kvm: QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure [rhel-8]) [4.2.0-43.el8] - kvm-Drop-bogus-IPv6-messages.patch [bz#1918054] - Resolves: bz#1918054 (CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-8.4.0]) [4.2.0-42.el8] - kvm-linux-headers-add-vfio-DMA-available-capability.patch [bz#1905391] - kvm-s390x-pci-Move-header-files-to-include-hw-s390x.patch [bz#1905391] - kvm-vfio-Create-shared-routine-for-scanning-info-capabil.patch [bz#1905391] - kvm-vfio-Find-DMA-available-capability.patch [bz#1905391] - kvm-s390x-pci-Add-routine-to-get-the-vfio-dma-available-.patch [bz#1905391] - kvm-s390x-pci-Honor-DMA-limits-set-by-vfio.patch [bz#1905391] - kvm-s390x-fix-build-for-without-default-devices.patch [bz#1905391] - Resolves: bz#1905391 (RHEL8.4 - s390x/pci: Honor vfio DMA limiting (qemu-kvm)) [4.2.0-41.el8] - kvm-udev-kvm-check-remove-the-exceeded-subscription-limi.patch [bz#1909244] - kvm-hw-arm-smmu-common-Factorize-some-code-in-smmu_ptw_6.patch [bz#1843852] - kvm-hw-arm-smmu-common-Add-IOTLB-helpers.patch [bz#1843852] - kvm-hw-arm-smmu-Introduce-smmu_get_iotlb_key.patch [bz#1843852] - kvm-hw-arm-smmu-Introduce-SMMUTLBEntry-for-PTW-and-IOTLB.patch [bz#1843852] - kvm-hw-arm-smmu-common-Manage-IOTLB-block-entries.patch [bz#1843852] - kvm-hw-arm-smmuv3-Introduce-smmuv3_s1_range_inval-helper.patch [bz#1843852] - kvm-hw-arm-smmuv3-Get-prepared-for-range-invalidation.patch [bz#1843852] - kvm-hw-arm-smmuv3-Fix-potential-integer-overflow-CID-143.patch [bz#1843852] - kvm-memory-Rename-memory_region_notify_one-to-memory_reg.patch [bz#1843852] - kvm-memory-Add-IOMMUTLBEvent.patch [bz#1843852] - kvm-memory-Add-IOMMU_NOTIFIER_DEVIOTLB_UNMAP-IOMMUTLBNot.patch [bz#1843852] - kvm-intel_iommu-Skip-page-walking-on-device-iotlb-invali.patch [bz#1843852] - kvm-memory-Skip-bad-range-assertion-if-notifier-is-DEVIO.patch [bz#1843852] - kvm-memory-clamp-cached-translation-in-case-it-points-to.patch [bz#1904393] - kvm-hw-ehci-check-return-value-of-usb_packet_map.patch [bz#1898628] - kvm-hw-net-e1000e-advance-desc_offset-in-case-of-null-de.patch [bz#1903070] - Resolves: bz#1909244 (Remove KVM guest count and limit info message) - Resolves: bz#1843852 (qemu core dumped: qemu-kvm: /builddir/build/BUILD/qemu-4.2.0/memory.c:1928: memory_region_notify_one: Assertion entry->iova >= notifier->start && entry_end <= notifier->end failed.) - Resolves: bz#1904393 (CVE-2020-27821 virt:rhel/qemu-kvm: QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c [rhel-8]) - Resolves: bz#1898628 (CVE-2020-25723 virt:rhel/qemu-kvm: QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c [rhel-8]) - Resolves: bz#1903070 (CVE-2020-25707 CVE-2020-28916 virt:rhel/qemu-kvm: various flaws [rhel-8]) [4.2.0-40.el8] - kvm-redhat-link-etc-qemu-ga-fsfreeze-hook-to-etc-qemu-kv.patch [bz#1910267] - kvm-qga-rename-Error-parameter-to-more-common-errp.patch [bz#1910326] - kvm-util-Introduce-qemu_get_host_name.patch [bz#1910326] - kvm-qga-Use-qemu_get_host_name-instead-of-g_get_host_nam.patch [bz#1910326] - kvm-redhat-add-un-pre-install-systemd-hooks-for-qemu-ga.patch [bz#1910220] - Resolves: bz#1910267 (There is no soft link '/etc/qemu-kvm/fsfreeze-hook') - Resolves: bz#1910326 (Incorrect hostname returned by qga command 'guest-get-host-name') - Resolves: bz#1910220 (qemu-ga service still active and can work after qemu-guest-agent been removed) [4.2.0-39.el8] - kvm-ppc-spapr-Add-hotremovable-flag-on-DIMM-LMBs-on-drme.patch [bz#1901837] - kvm-ppc-spapr-re-assert-IRQs-during-event-scan-if-there-.patch [bz#1901837] - kvm-slirp-check-pkt_len-before-reading-protocol-header.patch [bz#1902237] - kvm-s390x-s390-virtio-ccw-Reset-PCI-devices-during-subsy.patch [bz#1905386] - kvm-qapi-enable-use-of-g_autoptr-with-QAPI-types.patch [bz#1859494] - kvm-error-Fix-examples-in-error.h-s-big-comment.patch [bz#1859494] - kvm-error-Improve-error.h-s-big-comment.patch [bz#1859494] - kvm-error-Document-Error-API-usage-rules.patch [bz#1859494] - kvm-error-New-macro-ERRP_GUARD.patch [bz#1859494] - kvm-qga-add-command-guest-get-disks.patch [bz#1859494] - kvm-qga-add-implementation-of-guest-get-disks-for-Linux.patch [bz#1859494] - kvm-qga-add-implementation-of-guest-get-disks-for-Window.patch [bz#1859494] - kvm-qga-fix-missing-closedir-in-qmp_guest_get_disks.patch [bz#1859494] - kvm-qga-update-schema-for-guest-get-disks-dependents-fie.patch [bz#1859494] - Resolves: bz#1859494 (Report logical_name for disks without mounted file-system) - Resolves: bz#1901837 (Failed to hotunplug pc-dimm device) - Resolves: bz#1902237 (CVE-2020-29129 CVE-2020-29130 virt:rhel/qemu-kvm: QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets [rhel-8]) - Resolves: bz#1905386 (RHEL8.3 - s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset (qemu-kvm)) [4.2.0-38.el8] - kvm-seccomp-fix-killing-of-whole-process-instead-of-thre.patch [bz#1880546] - kvm-pc-bios-s390x-Rename-PSW_MASK_ZMODE-to-PSW_MASK_64.patch [bz#1903135] - kvm-pc-bios-s390x-Use-PSW-masks-where-possible-and-intro.patch [bz#1903135] - kvm-pc-bios-s390x-Ensure-Read-IPL-memory-is-clean.patch [bz#1903135] - kvm-pc-bios-s390x-Clear-out-leftover-S390EP-string.patch [bz#1903135] - Resolves: bz#1880546 (qemu use SCMP_ACT_TRAP even SCMP_ACT_KILL_PROCESS is available) - Resolves: bz#1903135 (RHEL8.3 - KVM Distro install to vfio_ccw backed DASD gets error at the reboot step (qemu-kvm)) [4.2.0-37.el8] - kvm-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx_pk.patch [bz#1860994] - Resolves: bz#1860994 (CVE-2020-16092 virt:rhel/qemu-kvm: QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c [rhel-8]) [4.2.0-36.el8] - kvm-qga-fix-assert-regression-on-guest-shutdown.patch [bz#1884531] - kvm-libvhost-user-handle-endianness-as-mandated-by-the-s.patch [bz#1857733] - kvm-virtio-add-vhost-user-fs-ccw-device.patch [bz#1857733] - kvm-Ensure-vhost-user-fs-is-enabled-on-s390x.patch [bz#1857733] - kvm-s390x-sclp.c-remove-unneeded-label-in-sclp_service_c.patch [bz#1798506] - kvm-s390-sclp-get-machine-once-during-read-scp-cpu-info.patch [bz#1798506] - kvm-s390-sclp-rework-sclp-boundary-checks.patch [bz#1798506] - kvm-s390-sclp-read-sccb-from-mem-based-on-provided-lengt.patch [bz#1798506] - kvm-s390-sclp-check-sccb-len-before-filling-in-data.patch [bz#1798506] - kvm-s390-sclp-use-cpu-offset-to-locate-cpu-entries.patch [bz#1798506] - kvm-s390-sclp-add-extended-length-sccb-support-for-kvm-g.patch [bz#1798506] - kvm-linux-headers-Partial-update-against-Linux-5.9-rc4.patch [bz#1798506] - kvm-misc-Replace-zero-length-arrays-with-flexible-array-.patch [bz#1798506] - kvm-s390-guest-support-for-diagnose-0x318.patch [bz#1798506] - kvm-s390x-pv-Remove-sclp-boundary-checks.patch [bz#1798506] - kvm-s390x-pv-Fix-diag318-PV-fencing.patch [bz#1798506] - kvm-s390-kvm-fix-diag318-propagation-and-reset-functiona.patch [bz#1659412] - kvm-trace-use-STAP_SDT_V2-to-work-around-symbol-visibili.patch [bz#1898700] - Resolves: bz#1659412 ([IBM 8.4 FEAT] KVM enablement for enhanced hardware diagnose data of guest kernel on s390x - qemu part) - Resolves: bz#1798506 ([IBM 8.4 FEAT] KVM: Support extended-length SCCBs - qemu part) - Resolves: bz#1857733 ([IBM 8.4 FEAT] KVM: Add support for virtio-fs on s390x - qemu part) - Resolves: bz#1884531 (qemu-ga aborts after guest-shutdown command) - Resolves: bz#1898700 (qemu-kvm for RHEL-8.4 doesnt build due to a possible incompatibility with systemtap-sdt-devel-4.4-1) [4.2.0-35.el8] - kvm-qga-commands-posix-Rework-build_guest_fsinfo_for_rea.patch [bz#1755075] - kvm-qga-commands-posix-Move-the-udev-code-from-the-pci-t.patch [bz#1755075] - kvm-qga-commands-posix-Support-fsinfo-for-non-PCI-virtio.patch [bz#1755075] - kvm-nvram-Exit-QEMU-if-NVRAM-cannot-contain-all-prom-env.patch [bz#1874780] - kvm-pc-bios-s390-ccw-Makefile-Compile-with-std-gnu99-fwr.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Move-ipl-related-code-from-main-int.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Introduce-ENODEV-define-and-remove-.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Move-the-inner-logic-of-find_subch-.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Do-not-bail-out-early-if-not-findin.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Scan-through-all-devices-if-no-boot.patch [bz#1846975] - kvm-pc-bios-s390-ccw-Allow-booting-in-case-the-first-vir.patch [bz#1846975] - kvm-pc-bios-s390-ccw-main-Remove-superfluous-call-to-ena.patch [bz#1846975] - kvm-aio-posix-completely-stop-polling-when-disabled.patch [bz#1846975] - kvm-Remove-explicit-glusterfs-api-dependency.patch [bz#1872854] - Resolves: bz#1755075 ([qemu-guest-agent] fsinfo doesnt return disk info on s390x) - Resolves: bz#1846975 (Failed to boot up a s390x guest with virtio-blk-ccw if attaching a virtio-scsi-ccw bus in previous) - Resolves: bz#1872854 (move the glusterfs dependency out of qemu-kvm-core to the glusterfs module) - Resolves: bz#1874780 (-prom-env does not validate input) supermin [5.1.19] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25637 CVE-2020-11947 CVE-2020-29443 CVE-2020-16092 CVE-2020-29129 CVE-2020-29130 CVE-2020-28916 CVE-2020-25723 CVE-2020-27821 CVE-2020-25707 Oracle Linux 8 apache-commons-collections jss [4.8.1-2] - Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error [4.8.1-1] - Rebase to upstream JSS v4.8.1 - Red Hat Bugilla #1908541 - jss broke SCEP - missing PasswordChallenge class - Red Hat Bugilla #1489256 - [RFE] jss should support RSA with OAEP padding [4.8.0-2] - Only check PKCS11Constants on beta builds - Bump tomcatjss, pki-core conflicts due to lang3 [4.8.0-1] - Rebase to upstream JSS v4.8.0 [4.8.0-0.1] - Rebase to upstream JSS v4.8.0-b1 pki-core [10.10.5-2.0.1] - Remove upstream reference. [10.10.5-2] - Bug 1914396 - CVE-2021-20179 pki-core:10.6/pki-core: Unprivileged users can renew any certificate [10.10.5-1] - Rebase to PKI 10.10.5 - Bug 1929067 - PKI instance creation failed with new 389-ds-base build pki-servlet-engine [1:9.0.30-1] - Resolves: rhbz#1721684 Rebase pki-servlet-engine to 9.0.30 - Update to JWS 5.3.0 distribution - Remove new dependencies that PKI doesnt need (and are not provided by RHEL 8) resteasy [3.0.26-6] - CVE-2020-1695: Improper validation of response header in MediaTypeHeaderDelegate.java class Resolves: rh-bz#1845548 tomcatjss [7.6.1-1] - Rebase to TomcatJSS 7.6.1 [7.6.0-2] - Bump dependency to JSS 4.8.0 - Remove unsupported platforms [7.6.0-1] - Rebase to TomcatJSS 7.6.0 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-1695 Oracle Linux 8 [1.11.0-6] - Use GNOME as default session Resolves: bz#1853608 [1.11.0-5] - Make sure we log properly output to journal (actually log to syslog) Resolves: bz#1841537 [1.11.0-4] - Make sure we log properly output to journal Resolves: bz#1841537 [1.11.0-3] - vncserver: ignore new 'session' parameter from the new systemd support Resolves: bz#1897504 [1.11.0-2] - Revert removal of vncserver Resolves: bz#1897504 - Correctly start vncsession as a daemon Resolves: bz#1897498 [1.11.0-1] - Update to 1.11.0 Resolves: bz#1880985 - Backport fix to allow Tigervnc use boolean values in config files Resolves: bz#1883415 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26117 Oracle Linux 8 gssdp [1.0.5-1] + gssdp-1.0.5-1 - Update to 1.0.5 - Fix SUBSCRIBE misbehaviour - Resolves: #1861928 gupnp [1.0.6-1] + gupnp-1.0.6-1 - Update to 1.0.6 - Fix SUBSCRIBE misbehaviour - Resolves: #1846589 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-12695 Oracle Linux 8 [0.20.0-3] - Fix mouse problems in multi-monitor environments under Wayland Resolves: rhbz#1790904 rhbz#1824610 [0.20.0-2] - Resolves: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25650 CVE-2020-25651 CVE-2020-25652 CVE-2020-25653 Oracle Linux 8 cockpit-podman [29-2] - fix gating test failure for cockpit-podman - Related: #1914884 [29-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: #1883490 conmon [2:2.0.26-1] - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: #1883490 container-selinux [2:2.158.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.158.0 - Related: #1883490 crun [0.18-1] - allow to build without glibc-static (thanks to Giuseppe Scrivano) - Related: #1883490 [0.17-2] - reverting back to 0.17 as theres no glibc-static in RHEL - Related: #1883490 [0.18-1] - update to https://github.com/containers/crun/releases/tag/0.18 - Related: #1883490 fuse-overlayfs [1.4.0-2] - disable openat2 syscall again - still unsupported in current RHEL8 kernel - Related: #1883490 [1.4.0-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0 - Related: #1883490 oci-seccomp-bpf-hook [1.2.0-2] - revert back to 1.2.0 - build issues - Related: #1883490 podman [3.0.1-6] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel (https://github.com/containers/podman/commit/ad1aaba) - Resolves: #1921128 - Resolves: #1936927 - Resolves: #1938234 [3.0.1-5] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel (https://github.com/containers/podman/commit/fcca86d) - Resolves: #1936927 [3.0.1-4] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel (https://github.com/containers/podman/commit/c67172a) - Resolves: #1935376 [3.0.1-3] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel (https://github.com/containers/podman/commit/7a71903) - Resolves: #1931545 [3.0.1-2] - update to the latest content of https://github.com/containers/podman/tree/v3.0 (https://github.com/containers/podman/commit/9a2fc37) - Related: #1883490 [3.0.1-1] - update to the latest content of https://github.com/containers/podman/tree/v3.0 (https://github.com/containers/podman/commit/7e286bc) - Related: #1883490 runc [1.0.0-70.rc92] - add missing Provides: oci-runtime = 1 - Related: #1883490 [1.0.0-69.rc92] - still use ExcludeArch as go_arches macro is broken for 8.4 - Related: #1883490 [1.0.0-68.rc92] - update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92 - propagate proper CFLAGS to CGO_CFLAGS to assure code hardening and optimization - Related: #1821193 [1.0.0-67.rc91] - update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91 - Related: #1821193 [1.0.0-66.rc10] - synchronize containter-tools 8.3.0 with 8.2.1 - Related: #1821193 [1.0.0-65.rc10] - address CVE-2019-19921 by updating to rc10 - Resolves: #1801887 [1.0.0-64.rc9] - use no_openssl in BUILDTAGS (no vendored crypto in runc) - Related: RHELPLAN-25139 skopeo [1.2.2-8.0.1] - Ignore rhel-shortnames.conf [JIRA: OLDIS-3902] - Temporarily update shortnames.conf for oraclelinux to point to docker [JIRA: OLDIS-3902] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) - Add oracle registry into the conf file [Orabug: 29845934 31306708] [1:1.2.2-8] - use runc as default OCI runtime in RHEL8 - Resolves: #1940854 [1:1.2.2-7] - update documentation and configs according to the current versions of vendored projects - Related: #1938234 [1:1.2.2-6] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.2 (https://github.com/containers/skopeo/commit/e7880c4) - Related: #1938234 [1:1.2.2-5] - use infra_image = registry.redhat.io/ubi8/pause in contiainers.conf (unlike previous one ubi8/pause doesnt require authentication) - Related: #1934947 [1:1.2.2-4] - quote infra_image registry, otherwise it cant be parsed - Related: #1934947 [1:1.2.2-3] - use infra_image = registry.redhat.io/rhel8/pause in contiainers.conf - Resolves: #1934947 [1:1.2.2-2] - update rhel-shortnames.conf to include only trusted registries - Resolves: #1931785 [1:1.2.2-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.2 (https://github.com/containers/skopeo/commit/e72dd9c) - Related: #1883490 udica [0.2.4-1] - update to https://github.com/containers/udica/releases/tag/v0.2.4 - Related: #1883490 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20199 CVE-2020-29652 Oracle Linux 8 egl-wayland [1.1.5-3] - Add upstream patch to address rhbz#1842473 [1.1.5-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [1.1.5-1] - Update to 1.1.5 libdrm [2.4.103-1] - Update to 2.4.103 libglvnd [1.3.2-1] - Update to 1.3.2 release libinput [1.16.3-1] - libinput 1.16.3 (#1886648) libwacom [1.6-2] - Add Lenovo tablet files from upstream (#1914411) [1.6-1] - libwacom 1.6 (#1878160) libX11 [1.6.8-4] - Fix CVE-2020-14363 (#1873923) mesa [20.3.3-2] - Fix CPU affinity memory corruption crash (#1938788) [20.3.3-1] - Update to 20.3.3 + upstream fixes for qemu regression [20.3.2-1] - Update to 20.3.2 for upstream fixes [20.3.1-1] - Update to 20.3.1 for radeon fix [20.3.0-2] - Fix regression with radeon si/cik cards [20.3.0-1] - Update to 20.3.0 release [20.3.0-0.1.rc2] - Update 20.3.0-rc2 - enable lavapipe behind env var so it can be used for testing xorg-x11-drivers [7.7-30] - Dont Require wacom on s390x, thats just silly [7.7-29] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [7.7-28] - Drop geode, since F31+ no longer supports the associated CPU [7.7-27] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild [7.7-26] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild [7.7-25] - enable on s390x (related #1727029) [7.7-24] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild [7.7-23] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild xorg-x11-server [1.20.10-1] - xserver 1.20.10 Resolves: #1891871 [1.20.8-10] - modesetting: keep going if a modeset fails on EnterVT Resolves: #1838392 [1.20.8-9] - CVE fix for: CVE-2020-14347 (#1862320) [1.20.8-8] - CVE fixes for: CVE-2020-14345 (#1872391), CVE-2020-14346 (#1872395), CVE-2020-14361 (#1872402), CVE-2020-14362 (#1872409) [1.20.8-7] - Enable XC-SECURITY Resolves: #1863142 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14361 CVE-2020-14363 CVE-2020-14345 CVE-2020-14346 CVE-2020-14362 CVE-2020-14360 CVE-2020-25712 CVE-2020-14347 CVE-2020-14344 Oracle Linux 8 httpd [2.4.37-39.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracles index page oracle_index.html [2.4.37-39] - prevent htcacheclean from while break when first file processed [2.4.37-38] - Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache [2.4.37-37] - Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key [2.4.37-36] - Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove() [2.4.37-35] - Resolves: #1651376 - centralizing default index.html for httpd [2.4.37-33] - Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation [2.4.37-31] - Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesnt perform checks when in a balancer mod_http2 [1.15.7-3] - Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage mod_md [1:2.0.8-8] - Resolves: #1832844 - mod_md does not work with ACME server that does not provide keyChange or revokeCert resources MODERATE Copyright 2021 Oracle, Inc. CVE-2018-17199 CVE-2020-11984 CVE-2020-11993 Oracle Linux 8 [0.9.11-17] - Fix CVE-2020-25708 Resolves: #1898078 [0.9.11-16] - Fix CVE-2019-20839 Resolves: #1851032 - Fix CVE-2018-21247 Resolves: #1852516 - Fix CVE-2020-14405 Resolves: #1860527 - Fix CVE-2020-14397 Resolves: #1861152 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14405 CVE-2018-21247 CVE-2019-20839 CVE-2020-14397 CVE-2020-25708 Oracle Linux 8 [2.0.15-16] - Resolves: rhbz#1900904 CVE-2020-25713 raptor2: malformed input file can lead to a segfault [2.0.15-15] - Resolves: rhbz#1896534 CVE-2017-18926 raptor: heap-based buffer overflow [2.0.15-14] - Resolves: rhbz#1896340 Suppress documentation in Flatpak builds MODERATE Copyright 2021 Oracle, Inc. CVE-2017-18926 CVE-2020-25713 Oracle Linux 8 bind-dyndb-ldap [11.6-2] - Rebuild against bind 9.11.26 - Resolves: rhbz#1904612 [11.6-1] - New upstream release - Resolves: rhbz#1891735 ipa [4.9.2-3.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [4.9.2-3] - ipa-client-install displays false message 'sudo binary does not seem to be present on this system' Resolves: RHBZ#1939371 [4.9.2-2] - Sync ipatests from upstream to RHEL packages for FreeIPA 4.9 branch Resolves: RHBZ#1932289 - Fix krb5kdc is crashing intermittently on IPA server Resolves: RHBZ#1932784 [4.9.2-1] - Upstream release FreeIPA 4.9.2 Related: RHBZ#1891832 opendnssec [2.1.7-1] - Upstream release 2.1.7 - Resolves: rhbz#1904484 softhsm [2.6.0-5] - Install prever devel package requirements for new negative option patch Related: RHBZ#1857272 [2.6.0-4] - Fixes: rhbz#1857272 - negative option for token.mechanism not working correctly MODERATE Copyright 2021 Oracle, Inc. CVE-2020-11023 Oracle Linux 8 [2:2.2.0-1] - Update to 2.2.0 (rhbz#1881971) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-11097 CVE-2020-4030 CVE-2020-4033 CVE-2020-11095 CVE-2020-11096 CVE-2020-11098 CVE-2020-11099 CVE-2020-15103 Oracle Linux 8 [9.27-1] - Rebase to 9.27 - Resolves: rhbz#1874523 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14373 CVE-2020-16289 CVE-2020-16290 CVE-2020-16296 CVE-2020-16297 CVE-2020-16298 CVE-2020-16304 CVE-2020-16306 CVE-2020-16310 CVE-2020-16287 CVE-2020-16288 CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 CVE-2020-16295 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 CVE-2020-16302 CVE-2020-16303 CVE-2020-16305 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309 CVE-2020-17538 Oracle Linux 8 [1.7.3-15] - Fix SPEC file to not check md5 mtime and size of /var/lib/unbound/root.key - Resolves: rhbz#1714175 - Use system-wide crypto policy setting (PROFILE=SYSTEM) instead of custom setting - Resolves: rhbz#1842837 - Enable additional logging in unbound - Resolves: rhbz#1850460 - security hardening from x41 report - Resolves: rhbz#1859933 - symbolic link traversal when writing PID file - Resolves: rhbz#1899058 MODERATE Copyright 2021 Oracle, Inc. CVE-2019-25038 CVE-2019-25040 CVE-2019-25042 CVE-2019-25032 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25039 CVE-2019-25041 CVE-2020-28935 Oracle Linux 8 [7.3.6-2] - change working dir to in grafana-cli wrapper (fixes Red Hat BZ #1916083) - add pcp-redis-datasource to allow_loading_unsigned_plugins config option [7.3.6-1] - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML (not supported in the open source version of Grafana) [7.3.4-1] - update to 7.3.4 tagged upstream community sources, see CHANGELOG - bundle golang dependencies - optionally bundle node.js dependencies and build and test frontend as part of the specfile - merge all datasources into main grafana package - change default provisioning path to /etc/grafana/provisioning - resolve https://bugzilla.redhat.com/show_bug.cgi?id=1843170 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-24303 CVE-2020-27846 Oracle Linux 8 python38 [3.8.6-3] - Security fix for CVE-2021-3177 Resolves: rhbz#1919161 [3.8.6-2] - Add support for upstream architecture names https://fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names Resolves: rhbz#1868006 [3.8.6-1] - Update to 3.8.6 - Security fix for CVE-2020-26116 python-requests [2.22.0-9] - Exclude unsupported i686 arch [2.22.0-8] - Adjusted for Python 3.8 module in RHEL 8 [2.22.0-7] - Remove the python2 subpackage (rhbz#1761787) [2.22.0-6] - Python 2: Remove tests and test dependencies [2.22.0-5] - Rebuilt for Python 3.8 [2.22.0-4] - Bootstrap for Python 3.8 [2.22.0-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild [2.22.0-2] - Add minimum requirement for chardet and urllib3 [2.22.0-1] - Update to v2.22.0 [2.21.0-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild [2.21.0-1] - Update to v2.21.0 - Dont rely on certifi being patched properly to use the system CA bundle MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26116 CVE-2021-3177 CVE-2020-27783 Oracle Linux 8 evince [3.28.4-11] - Add remaining translations of string 'Reset form' - Resolves: #1896006 [3.28.4-10] - Add available translations of string 'Reset form' - Resolves: #1896006 [3.28.4-9] - Ship evince-devel - Resolves: #1919423 [3.28.4-8] - Handle ResetForm action - Resolves: #1889793 poppler [20.11.0-2] - Improve python3 build dependency - Resolves: #1896335 [20.11.0-1] - Rebase poppler to 20.11.0 - Modify/remove patches as needed - Resolves: #1644423 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-27778 Oracle Linux 8 [1:2.3.8-9] - fix CVE-2020-24386 IMAP hibernation function allows mail access (#1913534) [1:2.3.8-8] - fix CVE-2020-25275 denial of service via mail MIME parsing (#1914019) [1:2.3.8-7] - change run directory from /var/run to /run (#1805947) [1:2.3.8-6] - fix mail storage block count parsing (#1894418) - MIME parser crashed when boundaries were wrong (#1888111) [1:2.3.8-5] - multilib compatibility (#1853137) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25275 CVE-2020-24386 Oracle Linux 8 [4.2.3-2] - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz#1901633 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-27783 Oracle Linux 8 [0.14.3-4] - Disable client-side renegotiation to prevent potential DoS Resolves: rhbz#1904459 [0.14.3-3] - Fix some static analyzer issues - Removed Obsoletes line for spice-client Related: rhbz#1840240 [0.14.3-2] - Fix multiple buffer overflows in QUIC decoding code Resolves: rhbz#1829946 [0.14.3-1] - Update to 0.14.3 Revolves: rhbz#1840240 LOW Copyright 2021 Oracle, Inc. CVE-2021-20201 Oracle Linux 8 rust [1.49.0-1] - Update to 1.49.0. [1.48.0-1] - Update to 1.48.0. rust-toolset [1.49.0-1] - Update to Rust and Cargo 1.49.0. [1.48.0-1] - Update to Rust and Cargo 1.48.0. LOW Copyright 2021 Oracle, Inc. CVE-2020-36317 CVE-2020-36318 Oracle Linux 8 squid [7:4.11-4.2] - Resolves: #1944260 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25097 Oracle Linux 8 slapi-nis [0.56.6-2] - CVE 2021-3480: idm:DL1/slapi-nis: NULL dereference (DoS) with specially crafted Binding DN - Resolves: rhbz#1944713 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3480 Oracle Linux 8 [32:9.11.26-4] - Possible assertion failure on DNAME processing (CVE-2021-25215) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25215 Oracle Linux 7 [0.56.5-4] - CVE 2021-3480: slapi-nis: NULL dereference (DoS) with specially crafted Binding DN - Resolves: rhbz#1942937 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3480 Oracle Linux 7 [1.20.4-16] - CVE fix for: CVE-2021-3472 (#1944956) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3472 Oracle Linux 8 [6.0.9-3] - fix integer overflow via STRALGO LCS command CVE-2021-29477 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29477 Oracle Linux 8 [5.0.203-1.0.1] - Add support for new Oracle release [5.0.203-1] - Update to .NET SDK 5.0.203 and Runtime 5.0.6 - Resolves: RHBZ#1954328 [5.0.202-1] - Update to .NET SDK 5.0.202 and Runtime 5.0.5 - Resolves: RHBZ#1947662 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31204 Oracle Linux 8 [3.1.115-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.115-1] - Update to .NET SDK 3.1.115 and Runtime 3.1.15 - Resolves: RHBZ#1954333 [3.1.114-2] - Rebuild to tag into the correct location - Resolves: RHBZ#1947455 [3.1.114-1] - Update to .NET Core SDK 3.1.114 and Runtime 3.1.14 - Resolves: RHBZ#1947455 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31204 Oracle Linux 7 [2.56.1-9] - Fix CVE-2021-27219 Resolves: #1960596 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27219 Oracle Linux 8 [4.18.0-305.3.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.3.1_4] - Revert 'uio: use request_threaded_irq instead' (Vitaly Kuznetsov) [1952952 1946644] - drm/ast: Set format registers in primary plane's update (Lyude Paul) [1952900 1923857] - net/sched: act_ct: clear post_ct if doing ct_clear (Marcelo Ricardo Leitner) [1956458 1941889] - md/raid1: properly indicate failure when ending a failed write request (Nigel Croxon) [1955188 1954588] - nitro_enclaves: Fix stale file descriptors on failed usercopy (Vitaly Kuznetsov) [1956379 1953717] [4.18.0-305.2.1_4] - net/mlx5e: Allow to match on MPLS parameters only for MPLS over UDP (Alaa Hleihel) [1952061 1936742] - net/mlx5e: Reject tc rules which redirect from a VF to itself (Alaa Hleihel) [1952065 1932839] - net/mlx5: CT: Add support for matching on ct_state inv and rel flags (Alaa Hleihel) [1952062 1942681] - KVM: VMX: Don't use vcpu->run->internal.ndata as an array index (Jon Maloy) [1954221 1954219] - tools/power turbostat: Revert '[tools] tools/power turbostat: Enable accumulate RAPL display' (Prarit Bhargava) [1952987 1944699] [4.18.0-305.1.1_4] - ALSA: usb-audio: fix NULL ptr dereference in usb_audio_probe (Jaroslav Kysela) [1954545 1870724] - ALSA: usb-audio: fix use after free in usb_audio_disconnect (Jaroslav Kysela) [1954545 1870724] - ALSA: usb-audio: Disable USB autosuspend properly in setup_disable_autosuspend() (Jaroslav Kysela) [1954545 1870724] - selinux: fix deadlock in security_set_bools() (Ondrej Mosnacek) [1945123 1924230] - geneve: do not modify the shared tunnel info when PMTU triggers an ICMP reply (Antoine Tenart) [1944667 1941753] - vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP reply (Antoine Tenart) [1944667 1941753] - redhat: switch to zstream (Jan Stancek) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3501 CVE-2021-3543 Oracle Linux 8 [2.56.4-10] - Fix various problems in GMainContext Resolves: #1953553 - Fix CVE-2021-27219 Resolves: #1960600 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27219 Oracle Linux 7 [78.11.0-3.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.11.0-3] - Update to 78.11.0 build2 (release) [78.11.0-2] - Fix rhel_minor_version for dist .el8_4 and .el8 [78.11.0-1] - Update to 78.11.0 build1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-29967 Oracle Linux 8 [78.11.0-3.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.11.0-3] - Update to 78.11.0 build2 (release) [78.11.0-2] - Fix rhel_minor_version for dist .el8_4 and .el8 [78.11.0-1] - Update to 78.11.0 build1 CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-29967 Oracle Linux 8 pki-core [10.10.5-3.0.1] - Remove upstream reference. [10.10.5-3] - Bug 1960146 - CVE-2021-3551 Dogtag installer 'pkispawn' logs admin credentials into a world-readable log file IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3551 Oracle Linux 8 [0.115-11.0.1] - Increase timeout to avoid defunct processes [Orabug: 26930744] [0.115-11.1] - early disconnection from D-Bus results in privilege esc. - Resolves: CVE-2021-3560 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3560 Oracle Linux 8 [1.18.0-3.1.0.1] - Remove Red Hat references [Orabug: 29498217] [1:1.18.0-3.1] - Resolves: #1963178 - CVE-2021-23017 nginx:1.18/nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23017 Oracle Linux 7 [0.3.0-10] - Added fixes for rhbz#1956829, rhbz#1956843, rhbz#1956919 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-25011 CVE-2020-36329 CVE-2020-36328 Oracle Linux 7 [78.11.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.11.0-1] - Update to 78.11.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29967 CVE-2021-29956 CVE-2021-29957 Oracle Linux 8 [78.11.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.11.0-1] - Update to 78.11.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29967 CVE-2021-29956 CVE-2021-29957 Oracle Linux 8 [1.16.1-2.0.1.1] - Remove Red Hat references [Orabug: 29498217] [1:1.16.1-2.1] - Resolves: #1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23017 Oracle Linux 8 runc [1.0.0-65.rc10] - fix CVE-2021-30465 - Resolves: #1955650 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 7 [2:2.1-73.9.0.1] - for Intel, do not trigger load if on-disk microcode is not an update [Orabug: 30634727] - set early_microcode='no' in virtualized guests to avoid early load bugs [Orabug: 30618736] - ensure late loading fixes are present on 4.1.12-* and 4.14.35-* - enable early and late load for 5.4.17-* - enable early loading for 06-4f-01 caveat - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 [2:2.1-73.9] - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 (#1962659, #1962709, #1962729, #1962675): - Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010; - Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0; - Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0; - Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04) at revision 0xb00000f; - Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05) at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f; - Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16; - Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c; - Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11; - Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d; - Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea; - Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up to 0xb00003e; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up to 0x2006b06; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up to 0xea; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up to 0xea; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xde up to 0xea; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up to 0xea; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up to 0xea; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up to 0xea; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up to 0xea; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up to 0xea; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x44 up to 0x46; - Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up to 0x19; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159 up to 0x100015b; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006 up to 0x4003102; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003006 up to 0x5003102; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e up to 0x7002302; - Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision 0x7000019 up to 0x700001b; - Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017 up to 0xf000019; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe00000f up to 0xe000012; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up to 0x44; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up to 0x20; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up to 0x34; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up to 0x36; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up to 0x1a; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0 up to 0xa6; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up to 0x2a; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0 up to 0xec; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0 up to 0xe8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision 0xe0 up to 0xea. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 Oracle Linux 8 [4:20210216-1.20210525.0.1] - add support for UEK6 kernels - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 [4:20210216-1.20210525.1] - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 (#1962663, #1962713, #1962733, #1962679): - Addition of 06-55-05/0xb7 (CLX-SP A0) microcode at revision 0x3000010; - Addition of 06-6a-05/0x87 (ICX-SP C0) microcode at revision 0xc0002f0; - Addition of 06-6a-06/0x87 (ICX-SP D0) microcode at revision 0xd0002a0; - Addition of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04) at revision 0xb00000f; - Addition of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05) at revision 0xb00000f; - Addition of 06-86-05/0x01 (SNR B1) microcode at revision 0xb00000f; - Addition of 06-8c-02/0xc2 (TGL-R C0) microcode at revision 0x16; - Addition of 06-8d-01/0xc2 (TGL-H R0) microcode at revision 0x2c; - Addition of 06-96-01/0x01 (EHL B1) microcode at revision 0x11; - Addition of 06-9c-00/0x01 (JSL A0/A1) microcode at revision 0x1d; - Addition of 06-a7-01/0x02 (RKL-S B0) microcode at revision 0x40; - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xe2 up to 0xea; - Update of 06-4f-01/0xef (BDX-E/EP/EX/ML B0/M0/R0) microcode (in intel-06-4f-01/intel-ucode/06-4f-01) from revision 0xb000038 up to 0xb00003e; - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006a0a up to 0x2006b06; - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xe2 up to 0xea; - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in intel-06-8c-01/intel-ucode/06-8c-01) from revision 0x68 up to 0x88; - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xde up to 0xea; - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xe0 up to 0xea; - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xde up to 0xea; - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from revision 0xde up to 0xea; - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xde up to 0xea; - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xde up to 0xea; - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xde up to 0xea; - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xde up to 0xea; - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xde up to 0xea; - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode from revision 0x44 up to 0x46; - Update of 06-3f-04/0x80 (HSX-EX E0) microcode from revision 0x16 up to 0x19; - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000159 up to 0x100015b; - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003006 up to 0x4003102; - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003006 up to 0x5003102; - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x700001e up to 0x7002302; - Update of 06-56-03/0x10 (BDX-DE V2/V3) microcode from revision 0x7000019 up to 0x700001b; - Update of 06-56-04/0x10 (BDX-DE Y0) microcode from revision 0xf000017 up to 0xf000019; - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe00000f up to 0xe000012; - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x40 up to 0x44; - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x1e up to 0x20; - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x2e up to 0x34; - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x34 up to 0x36; - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x18 up to 0x1a; - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xa0 up to 0xa6; - Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x28 up to 0x2a; - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xe0 up to 0xea; - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xe0 up to 0xec; - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xe0 up to 0xe8; - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode from revision 0xe0 up to 0xea. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 Oracle Linux 7 [4.10.16-15] - resolves: #1949444 - Fix CVE-2021-20254 [4.10.16-14] - resolves: #1937867 - Fix possible core dump with printing support - resolves: #1930747 - Ensure that libwbclient has been updated before restarting services MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20254 Oracle Linux 7 [3.10.0-1160.31.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.31.1] - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Philipp Rudo) [1917840] - scsi: qla2xxx: Fix the call trace for flush workqueue (Nilesh Javali) [1937945] - futex: Handle faults correctly for PI futexes (Donghai Qiao) [1935108] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Donghai Qiao) [1935108] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Donghai Qiao) [1935108] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Donghai Qiao) [1935108] {CVE-2021-3347} - scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (Nilesh Javali) [1933784] - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (Philipp Rudo) [1917839] - net: netfilter: Avoid deadlock when loading logger backend (Phil Sutter) [1858329] - net: netfilter: Link nfnetlink into bzImage (Phil Sutter) [1858329] [3.10.0-1160.30.1] - pf: Prohibit alu ops for pointer types not defining ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170} - bpf: Add sanity check for upper ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170} - bpf: Simplify alu_limit masking for pointer arithmetic (Jiri Olsa) [1942689] {CVE-2020-27170} - bpf: Fix off-by-one for area size in creating mask to left (Jiri Olsa) [1942689] {CVE-2020-27170} - netxen_nic: fix MSI/MSI-x interrupts (Tony Camuso) [1894274] - block: fix use-after-free on cached last_lookup partition (Ming Lei) [1898596] - mm: reduce struct page_cgroup overhead when page_owner is not enabled (Rafael Aquini) [1948451] - vt: selection, close sel_buffer race (Chris von Recklinghausen) [1831034] {CVE-2020-8648} [3.10.0-1160.29.1] - drm/i915: warn on guc enable about CVE (Dave Airlie) [1935277] {CVE-2020-12362} - sched: prevent divide by zero error in scale_rt_power() (Phil Auld) [1910763] - x86/efi: reset the correct tlb_state in efi_switch_mm() (Rafael Aquini) [1837531] - x86/mm, sched/core: Turn off IRQs in switch_mm() (Rafael Aquini) [1837531] - x86/mm, sched/core: Uninline switch_mm() (Rafael Aquini) [1837531] - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Rafael Aquini) [1837531] - hpsa: fix regression issue for old controllers (Joseph Szczypek) [1830268] - scsi: hpsa: Correct dev cmds outstanding for retried cmds (Joseph Szczypek) [1830268] [3.10.0-1160.28.1] - i40e: acquire VSI pointer only after VF is initialized (Stefan Assmann) [1886003] - ACPICA: Store GPE register enable masks upfront (Al Stone) [1883174] - netfilter: nf_tables: validate NFTA_SET_TABLE parameter (Phil Sutter) [1873171] - sctp: change to hold/put transport for proto_unreach_timer (Xin Long) [1707184] [3.10.0-1160.27.1] - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (Mohammed Gamal) [1941841] - Drivers: hv: vmbus: enable VMBus protocol version 5.0 (Mohammed Gamal) [1941841] - redhat: Add git suffix to realtime_check merge_tree (Juri Lelli) [3.10.0-1160.26.1] - selinux: fix deadlock in security_set_bools() (Ondrej Mosnacek) [1939091] - md: fix md io stats accounting broken (Ming Lei) [1927106] - redhat: Fix realtime_check for -private (Juri Lelli) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-8648 CVE-2020-27170 CVE-2020-12362 CVE-2021-3347 CVE-2020-12363 CVE-2020-12364 Oracle Linux 7 [1.3.10-6.11] - Bounds check for block exceeding page length (CVE-2021-3504) resolves: rhbz#1950500 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3504 Oracle Linux 7 [1.5.3-175.el7_9.4] - kvm-ide-atapi-check-logical-block-address-and-read-size-.patch [bz#1917449] - Resolves: bz#1917449 (CVE-2020-29443 qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands [rhel-7.9.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-29443 Oracle Linux 7 [1.3.10.2-12] - Bump version to 1.3.10.2-12 [1.3.10.2-11] - Bump version to 1.3.10.2-11 - Resolves: Bug 1953673 - Add new access log keywords for time spent in work queue and actual operation time - Resolves: Bug 1931182 - information disclosure during the binding of a DN MODERATE Copyright 2021 Oracle, Inc. CVE-2020-35518 Oracle Linux 7 [5.9.7-2] - libwebp security fixes: Resolves: bz#1961742 Resolves: bz#1961743 Resolves: bz#1961744 Resolves: bz#1961745 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-25011 CVE-2020-36329 CVE-2020-36328 CVE-2018-25014 Oracle Linux 8 [3.1.116-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.116-1] - Update to .NET SDK 3.1.116 and Runtime 3.1.16 - Resolves: RHBZ#1965505 [3.1.115-1] - Update to .NET SDK 3.1.115 and Runtime 3.1.15 - Resolves: RHBZ#1954333 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31957 Oracle Linux 8 [5.0.204-1.0.1] - Add support for new Oracle release [5.0.204-1] - Update to .NET SDK 5.0.204 and Runtime 5.0.7 - Resolves: RHBZ#1966166 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31957 Oracle Linux 8 [1.0.0-3] - Added fixes for rhbz#1956829, rhbz#1956843, rhbz#1956919 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-25011 CVE-2020-36329 CVE-2020-36328 Oracle Linux 7 [12:4.2.5-83.0.1] - Direct users to Oracle Linux support site. [12:4.2.5-83.1] - Fix for CVE-2021-25217 [12:4.2.5-83] - Revert fix for 1668696 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25217 Oracle Linux 8 [12:4.3.6-44.1] - Fix for CVE-2021-25217 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25217 Oracle Linux 8 [9.6.22-1] - Rebase to 9.6.22 Resolves: #1964516 Fix: CVE-2021-32027, CVE-2021-32028 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 CVE-2021-32028 Oracle Linux 8 [10.17-1] - Update to 10.17 Resolves: #1964520 Fix: CVE-2021-32027, CVE-2021-32028 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 CVE-2021-32028 Oracle Linux 8 [1.0.6-2] + gupnp-1.0.6-2 - Fix DNS rebind issue - Resolves: #1964710 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33516 Oracle Linux 8 buildah [1.19.7-1.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) [1.19.7-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 (https://github.com/containers/buildah/commit/a2854ed) - Resolves: #1935376 cockpit-podman [29-2] - fix gating test failure for cockpit-podman - Related: #1914884 [29-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: #1883490 conmon [2:2.0.26-1] - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: #1883490 containernetworking-plugins [0.9.1-1] - update to https://github.com/containernetworking/plugins/releases/tag/v0.9.1 - Related: #1883490 container-selinux [2:2.158.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.158.0 - Related: #1883490 criu [3.15-1] - update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15 - Related: #1883490 crun [0.18-2] - allow to build without glibc-static (thanks to Giuseppe Scrivano) - Related: #1883490 fuse-overlayfs [1.4.0-2] - disable openat2 syscall again - still unsupported in current RHEL8 kernel - Related: #1883490 [1.4.0-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0 - Related: #1883490 oci-seccomp-bpf-hook [1.2.0-1] - revert back to 1.2.0 - build issues - Related: #1883490 [1.2.1-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.1 - require crun >= 0.17 - Related: #1883490 podman [3.0.1-6.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) [3.0.1-6] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel (https://github.com/containers/podman/commit/ad1aaba) - Resolves: #1921128 - Resolves: #1936927 - Resolves: #1938234 runc [1.0.0-71.rc92] - fix CVE-2021-30465 - Related: #1955655 [1.0.0-70.rc92] - add missing Provides: oci-runtime = 1 - Related: #1883490 [1.0.0-69.rc92] - still use ExcludeArch as go_arches macro is broken for 8.4 - Related: #1883490 [1.0.0-68.rc92] - update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92 - propagate proper CFLAGS to CGO_CFLAGS to assure code hardening and optimization - Related: #1821193 skopeo [1.2.2-7.0.1] - Ignore rhel-shortnames.conf [JIRA: OLDIS-3902] - Temporarily update shortnames.conf for oraclelinux to point to docker [JIRA: OLDIS-3902] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) - Add oracle registry into the conf file [Orabug: 29845934 31306708] [1:1.2.2-7] - use runc as default OCI runtime in RHEL8 - Resolves: #1940854 slirp4netns [1.1.8-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8 - Related: #1883490 udica [0.2.4-1] - update to https://github.com/containers/udica/releases/tag/v0.2.4 - Related: #1883490 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 8 buildah [1.19.7-2.0.1] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.19.7-2] - revert changes to the state of 3.0-8.4.0 - Related: #1954702 conmon [2:2.0.26-3] - fix 'Permission on /dev/null are changing from 666 to 777 after running podman as root [rhel-8.4.0.z]' - Resolves: #1961682 [2:2.0.26-2] - revert back to the state of 3.0-8.4.0 - Related: #1954702 container-selinux [2:2.162.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.162.0 - Related: #1954702 [2:2.161.1-2] - do not use lockdown class yet - it is not available in RHEL - Related: #1954702 [2:2.161.1-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.161.1 - Related: #1954702 [2:2.160.2-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.160.2 - Related: #1954702 crun [0.18-2] - revert back to the state of 3.0-8.4.0 - Related: #1954702 fuse-overlayfs [1.4.0-3] - revert back to the state of 3.0-8.4.0 - Related: #1954702 podman [3.0.1-7.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) [3.0.1-7] - revert back to the state of 3.0-8.4.0 - Related: #1954702 runc [1.0.0-73.rc93] - fix 'podman run --pid=host command causes OCI permission error' - Related: #1954702 [1.0.0-72.rc93] - fix CVE-2021-30465 - Related: #1954702 [1.0.0-71.rc93] - upload rc93 tarball - Related: #1954702 skopeo [1:1.2.2-10.0.1] - Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov) - Add oracle registry into the conf file [Orabug: 29845934 31306708] [1:1.2.2-10] - re-enable release-1.2 branch - Related: #1954702 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 8 pgaudit [1.4.0-6] - Fix build requires [1.4.0-5] - Fix build requires postgresql [12.7-1] - Update to 12.7 Resolves: #1964510 Fix: CVE-2021-32027,CVE-2021-32028 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 CVE-2021-32028 CVE-2021-3393 CVE-2021-32029 Oracle Linux 8 pgaudit [1.5.0-1] - Update to version 1.5.0 Related: #1855776 postgresql [13.3-1] - Update to 13.3 Resolves: #1966338 Fix: CVE-2021-32027,CVE-2021-32028,CVE-2021-32029 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 CVE-2021-32028 CVE-2021-32029 Oracle Linux 7 [9.2.24-7] - Fix CVE-2021-32027 - Resolves: #1964507 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 Oracle Linux 7 [1.0.2-6] + gupnp-1.0.3-3 - Fix DNS rebind issue - Resolves: #1964706 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33516 Oracle Linux 8 [2.9.7-9.0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.7-9.2] - Fix CVE-2021-3541 (#1958783) [2.9.7-9.1] - Fix CVE-2021-3516 (#1956975) - Fix CVE-2021-3517 (#1957000) - Fix CVE-2021-3518 (#1957027) - Fix CVE-2021-3537 (#1957283) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3516 CVE-2021-3518 CVE-2021-3537 CVE-2021-3517 CVE-2021-3541 Oracle Linux 8 [4.18.0-305.7.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.7.1_4] - net: zero-initialize tc skb extension on allocation (Ivan Vecera) [1965457 1946986] - net/sched: cls_flower: fix only mask bit check in the validate_ct_state (Ivan Vecera) [1965457 1946986] - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb (Ivan Vecera) [1965457 1946986] - net/sched: act_api: fix miss set post_ct for ovs after do conntrack in act_ct (Ivan Vecera) [1965457 1946986] - net/sched: cls_flower: validate ct_state for invalid and reply flags (Ivan Vecera) [1965457 1946986] - flow_dissector: fix TTL and TOS dissection on IPv4 fragments (Paolo Abeni) [1963952 1950288] - Revert 'sctp: Fix SHUTDOWN CTSN Ack in the peer restart case' (Xin Long) [1965632 1953839] - sctp: do asoc update earlier in sctp_sf_do_dupcook_b (Xin Long) [1965632 1953839] - sctp: do asoc update earlier in sctp_sf_do_dupcook_a (Xin Long) [1965632 1953839] - Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962544 1962546] {CVE-2021-33034} - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (Lenny Szubowicz) [1964930 1934273] - x86/kvm: Disable all PV features on crash (Lenny Szubowicz) [1964930 1934273] - x86/kvm: Disable kvmclock on all CPUs on shutdown (Lenny Szubowicz) [1964930 1934273] - x86/kvm: Teardown PV features on boot CPU as well (Lenny Szubowicz) [1964930 1934273] - x86/kvm: Fix pr_info() for async PF setup/teardown (Lenny Szubowicz) [1964930 1934273] - net/sched: act_ct: Fix ct template allocation for zone 0 (Marcelo Ricardo Leitner) [1965150 1881824] [4.18.0-305.6.1_4] - openvswitch: fix stack OOB read while fragmenting IPv4 packets (Davide Caratti) [1963940 1924608] - net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets (Davide Caratti) [1963940 1924608] - net/sched: act_ct: fix wild memory access when clearing fragments (Davide Caratti) [1963940 1924608] - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT (Ivan Vecera) - redhat/configs: Add CONFIG_SYSTEM_REVOCATION_KEYS and CONFIG_SYSTEM_REVOCATION_LIST (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - certs: add 'x509_revocation_list' to gitignore (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - integrity: Load mokx variables into the blacklist keyring (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - certs: Add ability to preload revocation certs (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - certs: Move load_system_certificate_list to a common function (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - certs: Add EFI_CERT_X509_GUID support for dbx entries (Vladis Dronov) [1965270 1893793] {CVE-2020-26541} - net/sched: cls_api: increase max_reclassify_loop (Davide Caratti) [1965148 1955136] - dm writecache: fix performance degradation in ssd mode (Mike Snitzer) [1962241 1961859] - scsi: fnic: Use scsi_host_busy_iter() to traverse commands (Ewan D. Milne) [1961705 1949250] - scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io() (Ewan D. Milne) [1961705 1949250] [4.18.0-305.5.1_4] - gfs2: report 'already frozen/thawed' errors (Bob Peterson) [1961849 1932236] - gfs2: move freeze glock outside the make_fs_rw and _ro functions (Bob Peterson) [1961849 1932236] - gfs2: Add common helper for holding and releasing the freeze glock (Bob Peterson) [1961849 1932236] - gfs2: in signal_our_withdraw wait for unfreeze of _this_ fs only (Bob Peterson) [1961849 1932236] - gfs2: Don't freeze the file system during unmount (Bob Peterson) [1961849 1932236] - gfs2: Fix regression in freeze_go_sync (Bob Peterson) [1961849 1932236] - gfs2: The freeze glock should never be frozen (Bob Peterson) [1961849 1932236] - gfs2: When freezing gfs2, use GL_EXACT and not GL_NOCACHE (Bob Peterson) [1961849 1932236] - gfs2: read-only mounts should grab the sd_freeze_gl glock (Bob Peterson) [1961849 1932236] - gfs2: freeze should work on read-only mounts (Bob Peterson) [1961849 1932236] - gfs2: Abort gfs2_freeze if io error is seen (Bob Peterson) [1961849 1932236] - CI: Disable result checking for realtime check (Veronika Kabatova) - CI: Explicitly disable result checking for private CI (Veronika Kabatova) - CI: Rename variable (Veronika Kabatova) - CI: Update builder containers (Veronika Kabatova) [4.18.0-305.4.1_4] - vmxnet3: Set the default of vxlan overlay offload to disabled (Cathy Avery) [1960702 1941714] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-26541 CVE-2021-33034 Oracle Linux 8 [4.14.3-14] - Be more careful about copying data from signature header (#1958477) - Fixes CVE-2021-20271 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20271 Oracle Linux 8 [1.8.3-3] - Fix memory corruption due to an integer overflow _ Resolves: CVE-2021-3520 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3520 Oracle Linux 8 PyYAML [5.4.1-1] - Rebase to version 5.4.1 to fix CVE-2020-14343 - Resolves: rhbz#1860466 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14343 Oracle Linux 8 ruby [2.7.3-136] - Upgrade to Ruby 2.7.3. Resolves: rhbz#1951999 - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero Resolves: rhbz#1952000 [2.7.2-135] - Upgrade to Ruby 2.7.2. - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. [2.7.1-133] - Fix behavior allowing to load libraries multiple times. Resolves: rhbz#1842989 - Add ruby-default-gems dependency on irb. MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25613 CVE-2021-28965 Oracle Linux 8 ruby [2.5.9-107] - Update to Ruby 2.5.9. * Remove Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch; subsumed Resolves: rhbz#1952626 - Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero Resolves: rhbz#1955010 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10663 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-25613 CVE-2020-10933 CVE-2021-28965 Oracle Linux 8 ruby [2.6.7-107] - Upgrade to Ruby 2.6.7. Resolves: rhbz#1952627 - Resolv::DNS: timeouts if multiple IPv6 name servers are given an address containing leading zero Resolves: rhbz#1954968 - Fix: Rubygem-bundler: Don't use insecure tmp directory as home allows for execution of malicious code. Resolves: rhbz#1954969 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10663 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-25613 CVE-2020-10933 CVE-2021-28965 CVE-2019-3881 Oracle Linux 8 [20200602gitca407c7246bf-4.el8_4.1] - edk2-MdeModulePkg-LzmaCustomDecompressLib-catch-4GB-uncom.patch [bz#1952953] - Resolves: bz#1952953 (edk2: possible heap corruption with LzmaUefiDecompressGetInfo [rhel-8] [rhel-8.4.0.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-28211 Oracle Linux 8 [1.4.3.16-16] - Bump version to 1.4.3.16-16 - Resolves: Bug 1972738 - Changelog cache can upload updates from a wrong starting point (CSN) - Resolves: Bug 1972721 - Large updates can reset the CLcache to the beginning of the changelog [1.4.3.16-15] - Bump version to 1.4.3.16-15 - Resolves: Bug 1970791 - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule [1.4.3.16-14] - Bump version to 1.4.3.16-14 - Resolves: Bug 1968588 - ACIs are being evaluated against the Replication Manager account in a replication context - Resolves: Bug 1960720 - sync_repl NULL pointer dereference in sync_create_state_control() MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3514 Oracle Linux 7 [2.0-2.el7_9.1] - validate length of forwarded messages (CVE-2021-3570) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3570 Oracle Linux 8 [2.0-5.el8_4.1] - validate length of forwarded messages (CVE-2021-3570) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3570 Oracle Linux 7 [1.3.1-14] - Fix remote code execution vulnerability - Resolves: CVE-2021-29505 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29505 Oracle Linux 8 [4.18.0-305.10.2_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.10.2_4] - seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975181 1975182] {CVE-2021-33909} [4.18.0-305.10.1_4] - igbvf: amend removal of MODULE_VERSION (Corinna Vinschen) [1969920 1955752] - bluetooth: eliminate the potential race condition when removing the HCI controller (Gopal Tiwari) [1971464 1971488] {CVE-2021-32399} - scsi: ibmvfc: Free channel_setup_buf during device tear down (Steve Best) [1964697 1938102] - i40e: Fix parameters in aq_get_phy_register() (Stefan Assmann) [1967099 1907852] [4.18.0-305.9.1_4] - ixgbevf: Amend commit acf03026ec5a to include a version in module info. (Ken Cox) [1969911 1955764] - CI: Merge configuration (Veronika Kabatova) - igc: amend removal of MODULE_VERSION (Corinna Vinschen) [1969921 1955755] - igb: amend removal of MODULE_VERSION (Corinna Vinschen) [1969919 1955748] - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Waiman Long) [1964419 1950110] - scsi: qedf: Do not put host in qedf_vport_create() unconditionally (Nilesh Javali) [1974968 1899384] [4.18.0-305.8.1_4] - iavf: amend removal of MODULE_VERSION (Stefan Assmann) [1969925 1955738] - ixgbe: Amend commit acf03026ec5a to include a version string in module info. (Ken Cox) [1969922 1955759] - i40e: amend removal of MODULE_VERSION (Stefan Assmann) [1969923 1955736] - redhat/configs: Add CONFIG_PINCTRL_EMMITSBURG (David Arcari) [1963984 1959506] - redhat/configs: Remove CONFIG_EMMITSBURG (David Arcari) [1963984 1959506] - netlink: add tracepoint at NL_SET_ERR_MSG (Marcelo Ricardo Leitner) [1972938 1956983] - Revert '[netdrv] net/intel: remove driver versions from Intel drivers' (Jonathan Toppins) [1969917 1955745] - Amends commit ea6244cc248b to include a version string in module info. (Ken Cox) [1969915 1955726] - Revert '[netdrv] net/broadcom: Clean broadcom code from driver versions' (Jonathan Toppins) [1969914 1955721] - ena: revert removal of MODULE_VERSION from ena (Petr Oros) [1969913 1955712] - fm10k: amend removal of MODULE_VERSION (Vladis Dronov) [1969910 1955730] - net/sched: act_ct: Offload connections with commit action (Marcelo Ricardo Leitner) [1968679 1965817] - netfilter: flowtable: Remove redundant hw refresh bit (Marcelo Ricardo Leitner) [1968679 1965817] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32399 CVE-2021-33909 Oracle Linux 8 [239-45.0.2] - Disable unprivileged BPF by default [Orabug: 32870980] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix memory hot add and remove [Orabug: 31310273] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catalog entries [Orabug: 30853009] - fix to generate systemd-pstore.service file [Orabug: 30230056] - fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792] - set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874] - allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469] - add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475] - Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056] [239-45.2] - basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33910 Oracle Linux 7 [3.10.0-1160.36.2.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.36.2] - seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975251] [3.10.0-1160.36.1] - cipso,calipso: resolve a number of problems with the DOI refcounts (Antoine Tenart) [1967720] - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (Alaa Hleihel) [1962406] - sched/debug: Fix cgroup_path[] serialization (Waiman Long) [1912221] - sched/debug: Reset watchdog on all CPUs while processing sysrq-t (Waiman Long) [1912221] - vt: vt_ioctl: fix use-after-free in vt_in_use() (Vladis Dronov) [1872778] - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Vladis Dronov) [1872778] - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines (Vladis Dronov) [1872778] - vt: selection, introduce vc_is_sel (Vladis Dronov) [1872778] - redhat: genspec: generate changelog entries since last release (Augusto Caringi) [3.10.0-1160.35.1] - CI: Merge configuration (Veronika Kabatova) - [pci/aer] Work around use-after-free in pcie_do_fatal_recovery() (Al Stone) [1933663] - [pci/aer] do not invoke error recovery with non-fatal errors (Al Stone) [1933663] [3.10.0-1160.34.1] - futex: remove lockdep_assert_held() in pi_state_update_owner() (Donghai Qiao) [1965495] - video: hyperv_fb: Add ratelimit on error message (Mohammed Gamal) [1957803] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Mohammed Gamal) [1957803] - Drivers: hv: vmbus: Initialize unload_event statically (Mohammed Gamal) [1957803] - blk-mq: always allow reserved allocation in hctx_may_queue (Ming Lei) [1926825] - s390/pci: fix out of bounds access during irq setup (Philipp Rudo) [1917943] - s390/pci: improve irq number check for msix (Philipp Rudo) [1917943] [3.10.0-1160.33.1] - CI: Disable result checking for realtime check (Veronika Kabatova) - CI: Explicitly disable result checking for private CI (Veronika Kabatova) - CI: Rename variable (Veronika Kabatova) - mm: memcontrol: switch to rcu protection in drain_all_stock() (Waiman Long) [1957719] - sctp: Don't add the shutdown timer if its already been added (Xin Long) [1953052] - media: xirlink_cit: add missing descriptor sanity checks (Mark Langsdorf) [1826877] {CVE-2020-11668} [3.10.0-1160.32.1] - Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962532] {CVE-2021-33034} - net: ipv4: route: Fix sending IGMP messages with link address (Hangbin Liu) [1958339] - hv_netvsc: remove ndo_poll_controller (Mohammed Gamal) [1953075] - Fix double free in nvme_trans_log_temperature (Gopal Tiwari) [1946793] - rcu: Call touch_nmi_watchdog() while printing stall warnings (Artem Savkov) [1924688] - sched/fair: Use RCU accessors consistently for ->numa_group (Rafael Aquini) [1915635] {CVE-2019-20934} - sched/fair: Don't free p->numa_faults with concurrent readers (Rafael Aquini) [1915635] {CVE-2019-20934} - sched/numa: Simplify task_numa_compare() (Rafael Aquini) [1915635] {CVE-2019-20934} - sched/numa: Fix task_numa_free() lockdep splat (Rafael Aquini) [1915635] {CVE-2019-20934} - sched/numa: Move task_numa_free() to __put_task_struct() (Rafael Aquini) [1915635] {CVE-2019-20934} - [s390] s390/dasd: fix diag 0x250 inline assembly (Philipp Rudo) [1910395] - vsock/vmci: log once the failed queue pair allocation (Stefano Garzarella) [1892237] - VMCI: Stop log spew when qp allocation isn't possible (Stefano Garzarella) [1892237] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-11668 CVE-2019-20934 CVE-2021-33034 CVE-2021-33033 CVE-2021-33909 Oracle Linux 7 [78.12.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.12.0-1] - Update to 78.12.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 Oracle Linux 8 [78.12.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.12.0-1] - Update to 78.12.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 Oracle Linux 8 [1:1.8.0.302.b08-0] - Update to aarch64-shenandoah-jdk8u302-b08 (EA) - Update release notes for 8u302-b08. - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:1.8.0.302.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b07 (EA) - Update release notes for 8u302-b07. - Switch to EA mode. - Cleanup architecture handling - Fixed not-including fastdebug build in case of --without fastdebug - Re-order source files to sync with Fedora. - Introduced nm based check to verify alt-java on x86_64 is patched, and no other alt-java or java is patched - Patch600, rh1750419-redhat_alt_java.patch, amended to die, if it is used wrongly - Introduced ssbd_arches with currently only valid arch of x86_64 to separate real alt-java architectures - Use the 'reverse' build loop (debug first) as the main and only build loop to get more diagnostics. - Remove restriction on disabling product build, as debug packages no longer have javadoc packages. - Fix name of javadoc debug packages in Obsoletes declarations and add version where it was removed. - Resolves: rhbz#1972395 [1:1.8.0.302.b07-0.0.ea] - Add a test verifying system crypto policies can be disabled - Resolves: rhbz#1972395 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Oracle Linux 8 [1:11.0.12.0.7-0] - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:11.0.12.0.6-0.0.ea] - Update to jdk-11.0.12.0+6 - Update release notes to 11.0.12.0+6 - Switch to EA mode for 11.0.12 pre-release builds. - Update ECC patch following JDK-8226374 (bug ID yet to be confirmed) - Re-order source files to sync with Fedora. - Remove explicit compiler flags which should be handled by the upstream build (-std=gnu++98, -fno-delete-null-pointer-checks, -fno-lifetime-dse) - Use the 'reverse' build loop (debug first) as the main and only build loop to get more diagnostics. - Remove restriction on disabling product build, as debug packages no longer have javadoc packages. - Correct bug ID JDK-8264846 to intended ID of JDK-8264848 - Skip 11.0.12.0+5 as 11.0.12.0+6 only adds a test change - Resolves: rhbz#1972395 [1:11.0.12.0.6-0.0.ea] - Add a test verifying system crypto policies can be disabled - Resolves: rhbz#1972395 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Oracle Linux 7 [1:11.0.12.0.7-0.0.1] - link atomic for ix86 build [1:11.0.12.0.7-0] - Update to jdk-11.0.12.0+7 - Update release notes to 11.0.12.0+7 - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:11.0.12.0.6-0.0.ea] - Update to jdk-11.0.12.0+6 - Update release notes to 11.0.12.0+6 - Skip 11.0.12.0+5 as 11.0.12.0+6 only adds a test change - Resolves: rhbz#1967811 [1:11.0.12.0.4-0.0.ea] - Update to jdk-11.0.12.0+4 - Update release notes to 11.0.12.0+4 - Correct bug ID JDK-8264846 to intended ID of JDK-8264848 - Resolves: rhbz#1967811 [1:11.0.12.0.3-0.0.ea] - Update to jdk-11.0.12.0+3 - Update release notes to 11.0.12.0+3 - Resolves: rhbz#1967811 [1:11.0.12.0.2-0.0.ea] - Update to jdk-11.0.12.0+2 - Update release notes to 11.0.12.0+2 - Resolves: rhbz#1967811 [1:11.0.12.0.1-0.0.ea] - Update to jdk-11.0.12.0+1 - Update release notes to 11.0.12.0+1 - Switch to EA mode for 11.0.12 pre-release builds. - Update ECC patch following JDK-8226374 (bug ID yet to be confirmed) - Remove local JDK-8187450 backport as now included upstream. - Resolves: rhbz#1967811 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Oracle Linux 7 [1:1.8.0.302.b08-0] - Update to aarch64-shenandoah-jdk8u302-b08 (EA) - Update release notes for 8u302-b08. - Switch to GA mode for final release. - This tarball is embargoed until 2021-07-20 @ 1pm PT. - Resolves: rhbz#1972395 [1:1.8.0.302.b07-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b07 (EA) - Update release notes for 8u302-b07. - Resolves: rhbz#1967809 [1:1.8.0.302.b06-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b06 (EA) - Update release notes for 8u302-b06. - Resolves: rhbz#1967809 [1:1.8.0.302.b05-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b05 (EA) - Update release notes for 8u302-b05. - Remove JDK-8266929/RH1960024 as now upstream. - Resolves: rhbz#1967809 [1:1.8.0.302.b04-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b04 (EA) - Update release notes for 8u302-b04. - Resolves: rhbz#1967809 [1:1.8.0.302.b03-0.1.ea] - Update to aarch64-shenandoah-jdk8u302-b03-shenandoah-merge-2021-06-23 (EA) - Update release notes for 8u302-b03-shenandoah-merge-2021-06-23. - Resolves: rhbz#1967809 [1:1.8.0.302.b03-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b03 (EA) - Update release notes for 8u302-b03. - Resolves: rhbz#1967809 [1:1.8.0.302.b02-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b02 (EA) - Update release notes for 8u302-b02. - Resolves: rhbz#1967809 [1:1.8.0.302.b01-0.0.ea] - Update to aarch64-shenandoah-jdk8u302-b01 (EA) - Update release notes for 8u302-b01. - Switch to EA mode. - Resolves: rhbz#1967809 [1:1.8.0.292.b10-2] - Add JDK-8266929 backport for RH1960024. - Resolves: rhbz#1960024 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 Oracle Linux 7 [78.12.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.12.0-2] - Update to 78.12.0 build2 [78.12.0-1] - Update to 78.12.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 CVE-2021-29969 Oracle Linux 8 [78.12.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.12.0-3] - Rebuild to pickup older nss [78.12.0-2] - Update to 78.12.0 build2 [78.12.0-1] - Update to 78.12.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 CVE-2021-29969 Oracle Linux 8 varnish [6.0.6-2.1] - Resolves: #1982861 - CVE-2021-36740 varnish:6/varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request varnish-modules [0.15.0-5] - Related: #1795673 - RFE: rebase varnish:6 to latest 6.0.x LTS IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-36740 Oracle Linux 7 [2.5.1-8] - Fix Coverity warning introduced by the previous patch - Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses [2.5.1-7] - Fix Coverity warning introduced by the previous patch - Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses [2.5.1-6] - Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28091 Oracle Linux 8 ruby [2.7.4-137] - Upgrade to Ruby 2.7.4. - Fix command injection vulnerability in RDoc. Resolves: rhbz#1986768 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: rhbz#1986812 - Fix StartTLS stripping vulnerability in Net::IMAP. Resolves: rhbz#1986813 - Upgrade to Bundler 2.2.24. Resolves: CVE-2020-36327 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36327 CVE-2021-31799 CVE-2021-32066 CVE-2021-31810 Oracle Linux 8 [4:20210216-1.20210608.0.1] - add support for UEK6 kernels - enable early update for 06-4f-01 - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 - enable early and late load on RHCK [4:20210216-1.20210608.1] - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. [4:20210216-1.20210525.2] - Make intel-06-2d-07, intel-06-4e-03, intel-06-4f-01, intel-06-55-04, intel-06-5e-03, intel-06-8c-01, intel-06-8e-9e-0x-0xca, and intel-06-8e-9e-0x-dell caveats dependent on intel caveat. - Enable 06-8c-01 microcode update by default (#1972328). - Enable 06-5e-03 microcode update by default (#1972325). IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 Oracle Linux 7 [2:2.1-73.11.0.1] - for Intel, do not trigger load if on-disk microcode is not an update [Orabug: 30634727] - set early_microcode='no' in virtualized guests to avoid early load bugs [Orabug: 30618736] - ensure late loading fixes are present on 4.1.12-* and 4.14.35-* - enable early and late load for 5.4.17-* - enable early loading for 06-4f-01 caveat - remove no longer appropriate caveats for 06-2d-07 and 06-55-04 [2:2.1-73.11] - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. [2:2.1-73.10] - Make intel-06-2d-07, intel-06-4e-03, intel-06-4f-01, intel-06-55-04, intel-06-5e-03, intel-06-8c-01, intel-06-8e-9e-0x-0xca, and intel-06-8e-9e-0x-dell caveats dependent on intel caveat. - Enable 06-8c-01 microcode update by default. - Enable 06-5e-03 microcode update by default (#1897684). IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 Oracle Linux 8 [4.18.0-305.12.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.12.1_4] - Revert 'nvme-pci: remove last_sq_tail' (Gopal Tiwari) [1965415 1921591] - tc-testing: add test for ct DNAT tuple collision (Marcelo Ricardo Leitner) [1982494 1964578] - tc-testing: add support for sending various scapy packets (Marcelo Ricardo Leitner) [1982494 1964578] - tc-testing: fix list handling (Marcelo Ricardo Leitner) [1982494 1964578] - net/sched: act_ct: handle DNAT tuple collision (Marcelo Ricardo Leitner) [1982494 1964578] - mm/memcg: Relocate tcpmem to below memory in struct mem_cgroup (Waiman Long) [1980314 1959772] - mm/memcg: optimize user context object stock access (Waiman Long) [1980314 1959772] - mm/memcg: improve refill_obj_stock() performance (Waiman Long) [1980314 1959772] - mm/memcg: cache vmstat data in percpu memcg_stock_pcp (Waiman Long) [1980314 1959772] - mm/memcg: move mod_objcg_state() to memcontrol.c (Waiman Long) [1980314 1959772] - mm: memcontrol: use obj_cgroup APIs to charge kmem pages (Waiman Long) [1980314 1959772] - mm: memcontrol: change ug->dummy_page only if memcg changed (Waiman Long) [1980314 1959772] - mm: memcontrol: directly access page->memcg_data in mm/page_alloc.c (Waiman Long) [1980314 1959772] - mm: memcontrol: introduce obj_cgroup_{un}charge_pages (Waiman Long) [1980314 1959772] - mm: memcontrol: slab: fix obtain a reference to a freeing memcg (Waiman Long) [1980314 1959772] - mm: move lruvec stats update functions to vmstat.h (Waiman Long) [1980314 1959772] - mm: memcg/slab: rename *_lruvec_slab_state to *_lruvec_kmem_state (Waiman Long) [1980314 1959772] - mm: Convert page kmemcg type to a page memcg flag (Waiman Long) [1980314 1959772] - mm: Introduce page memcg flags (Waiman Long) [1980314 1959772] - mm: memcontrol/slab: Use helpers to access slab page's memcg_data (Waiman Long) [1980314 1959772] - mm: memcontrol: Use helpers to read page's memcg data (Waiman Long) [1980314 1959772] - mm/page_alloc.c: extract check_[new|free]_page_bad() common part to page_bad_reason() (Waiman Long) [1980314 1959772] - mm/page_alloc.c: rename free_pages_check() to check_free_page() (Waiman Long) [1980314 1959772] - mm/page_alloc.c: rename free_pages_check_bad() to check_free_page_bad() (Waiman Long) [1980314 1959772] - mm/page_alloc.c: bad_flags is not necessary for bad_page() (Waiman Long) [1980314 1959772] - mm/page_alloc.c: bad_[reason|flags] is not necessary when PageHWPoison (Waiman Long) [1980314 1959772] [4.18.0-305.11.1_4] - SUNRPC: Handle major timeout in xprt_adjust_timeout() (Scott Mayhew) [1980613 1979070] - net/mlx5e: Disable TLS device offload in kdump mode (Alaa Hleihel) [1969909 1946647] - net/mlx5e: Disable TX MPWQE in kdump mode (Alaa Hleihel) [1969909 1946647] - drm/i915: Add an encoder hook to sanitize its state during init/resume (Imre Deak) [1981250 1961122] - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) [1980500 1980501] {CVE-2021-22555} - Bluetooth: btusb: Fix the autosuspend enable and disable (Gopal Tiwari) [1972564 1927375] - cifs: handle empty list of targets in cifs_reconnect() (Ronnie Sahlberg) [1973637 1952263] - tick/nohz: Update idle_exittime on actual idle exit (Phil Auld) [1978710 1962632] - tick/nohz: Remove superflous check for CONFIG_VIRT_CPU_ACCOUNTING_NATIVE (Phil Auld) [1978710 1962632] - tick/nohz: Conditionally restart tick on idle exit (Phil Auld) [1978710 1962632] - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Hangbin Liu) [1975058 1975059] - redhat/configs: Re-enable dptf_power module (Prarit Bhargava) [1968381 1962349] - KVM: do not allow mapping valid but non-reference-counted pages (Jon Maloy) [1975514 1975515] {CVE-2021-22543} - seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975181 1975182] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-22555 CVE-2021-3609 CVE-2021-22543 Oracle Linux 8 [2.56.4-10.1] - Fix CVE-2021-27218 Resolves: #1974888 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-27218 Oracle Linux 8 hivex [1.3.18-21] - Bounds check for block exceeding page length (CVE-2021-3504) resolves: rhbz#1950501 libvirt [6.0.0-35.1.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] - Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma) - Disable parallel builds (Karl Heubaum) [6.0.0-35.1.el8] - network: make it safe to call networkSetupPrivateChains() multiple times (rhbz#1958301) - network: force re-creation of iptables private chains on firewalld restart (rhbz#1958301) qemu-kvm [4.2.0-48.el8_4.3] - kvm-net-introduce-qemu_receive_packet.patch [bz#1932917] - kvm-e1000-switch-to-use-qemu_receive_packet-for-loopback.patch [bz#1932917] - kvm-dp8393x-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917] - kvm-sungem-switch-to-use-qemu_receive_packet-for-loopbac.patch [bz#1932917] - kvm-tx_pkt-switch-to-use-qemu_receive_packet_iov-for-loo.patch [bz#1932917] - kvm-rtl8139-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917] - kvm-pcnet-switch-to-use-qemu_receive_packet-for-loopback.patch [bz#1932917] - kvm-cadence_gem-switch-to-use-qemu_receive_packet-for-lo.patch [bz#1932917] - kvm-lan9118-switch-to-use-qemu_receive_packet-for-loopba.patch [bz#1932917] - Resolves: bz#1932917 (CVE-2021-3416 virt:rhel/qemu-kvm: QEMU: net: infinite loop in loopback mode may lead to stack overflow [rhel-8.4.z]) [4.2.0-48.el8_4.2] - kvm-pc-bios-s390-ccw-fix-off-by-one-error.patch [bz#1975679] - kvm-pc-bios-s390-ccw-break-loop-if-a-null-block-number-i.patch [bz#1975679] - kvm-pc-bios-s390-ccw-don-t-try-to-read-the-next-block-if.patch [bz#1975679] - Resolves: bz#1975679 (RHEL8.4 Nightly[0322] - KVM guest fails to find zipl boot menu index (qemu-kvm) [rhel-8.4.0.z]) [4.2.0-48.el8_4] - kvm-net-remove-an-assert-call-in-eth_get_gso_type.patch [bz#1939494] - kvm-libqos-usb-hcd-ehci-use-32-bit-write-for-config-regi.patch [bz#1944621] - kvm-libqos-pci-pc-use-32-bit-write-for-EJ-register.patch [bz#1944621] - kvm-memory-Revert-memory-accept-mismatching-sizes-in-mem.patch [bz#1944621] - kvm-acpi-accept-byte-and-word-access-to-core-ACPI-regist.patch [bz#1944621] - kvm-xhci-fix-valid.max_access_size-to-access-address-reg.patch [bz#1944621] - kvm-softmmu-memory-Log-invalid-memory-accesses.patch [bz#1944621] - kvm-hw-intc-arm_gic-Fix-interrupt-ID-in-GICD_SGIR-regist.patch [bz#1952986] - Resolves: bz#1939494 (CVE-2020-27617 virt:rhel/qemu-kvm: QEMU: net: an assert failure via eth_get_gso_type [rhel-8.4.0.z]) - Resolves: bz#1944621 (CVE-2020-13754 virt:rhel/qemu-kvm: QEMU: msix: OOB access during mmio operations may lead to DoS [rhel-8.4.0.z]) - Resolves: bz#1952986 (CVE-2021-20221 virt:rhel/qemu-kvm: qemu: out-of-bound heap buffer access via an interrupt ID field [rhel-8.4.0.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-27617 CVE-2020-13754 CVE-2021-20221 CVE-2021-3504 CVE-2021-3416 Oracle Linux 8 rust [1.52.1-1] - Update to 1.52.1. Includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. [1.51.0-1] - Update to 1.51.0. Update to 1.51.0. Includes security fixes for CVE-2021-28875 and CVE-2021-28877. [1.50.0-1] - Update to 1.50.0. rust-toolset [1.52.1-1] - Update to Rust and Cargo 1.52.1. [1.51.0-1] - Update to Rust and Cargo 1.51.0. [1.50.0-1] - Update to Rust and Cargo 1.50.0. MODERATE Copyright 2021 Oracle, Inc. CVE-2021-28875 CVE-2021-28876 CVE-2021-28878 CVE-2021-28879 CVE-2020-36323 CVE-2021-28877 CVE-2021-31162 Oracle Linux 8 [20200602gitca407c7246bf-4.el8_4.2] - edk2-NetworkPkg-IScsiDxe-wrap-IScsiCHAP-source-files-to-8.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-simplify-ISCSI_CHAP_AUTH_DATA.In.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-clean-up-ISCSI_CHAP_AUTH_DATA.Ou.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-clean-up-library-class-dependenc.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-fix-potential-integer-overflow-i.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-assert-that-IScsiBinToHex-always.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-reformat-IScsiHexToBin-leading-c.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-hex-parsing.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-fix-IScsiHexToBin-buffer-overflo.patch [bz#1956676] - edk2-NetworkPkg-IScsiDxe-check-IScsiHexToBin-return-value.patch [bz#1956676] - Resolves: bz#1956676 (EMBARGOED edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe [rhel-8.4.0.z]) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38575 Oracle Linux 8 nodejs [1:12.22.3-2] - Resolves: RHBZ#1980031, RHBZ#1978201 - Fix typo, BR systemtap-sdt-level always, remove y18n patch [1:12.22.3-1] - Resolves: RHBZ#1980031, RHBZ#1978201 - Resolves #1952915 - Resolves CVE-2021-22918(libuv), use system cipher list nodejs-nodemon [2.0.3-1] - Resolves: RHBZ#1920692, RHBZ#1804236, RHBZ#1803247 - Rebase to 2.0.3 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-22918 CVE-2021-27290 CVE-2021-23362 Oracle Linux 8 nodejs [1:14.17.3-2] - Resolves: RHBZ#1980032, RHBZ#1978203 - Resolves RHBZ#1842826 - Don't use patch3 [1:14.17.3-1] - Resolves: RHBZ#1980032, RHBZ#1978203 - Resolves RHBZ#1842826 - Resolves CVE-2021-22918(libuv), use system cipher list [1:14.16.0-3] - Resolves: RHBZ#1930775 - Always build with systemtap MODERATE Copyright 2021 Oracle, Inc. CVE-2021-22918 CVE-2021-27290 CVE-2021-23362 Oracle Linux 8 [1:1.41.1-1] - Rebase to 1.41.1 - Change description to reflect upstream - Resolves: RHBZ1980033 LOW Copyright 2021 Oracle, Inc. CVE-2021-22918 Oracle Linux 8 golang [1.15.14-1] - Rebase to go-1.15.14-1-openssl-fips - Resolves: rhbz#1982287 - Addresses CVE-2021-34558 [1.15.13-4] - Related: rhbz#1978567 go-toolset [1.15.14-1] - Rebase to go-1.15.14-1-openssl-fips - Resolves: rhbz#1982287 - Addresses CVE-2021-34558 [1.15.13-2] - Related: rhbz#1978567 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-27918 CVE-2021-31525 CVE-2021-34558 CVE-2021-33196 Oracle Linux 8 [1.4.3.16-19] - Bump version to 1.4.3.16-19 - Resolve: Bug 1984091 - persistent search returns entries even when an error is returned by content-sync-plugin [1.4.3.16-18] - Bump version to 1.4.3.16-18 - Resolve: Bug 1983121 - CRYPT password hash with asterisk allows any bind attempt to succeed [1.4.3.16-17] - Bump version to 1.4.3.16-17 - Resolve: Bug 1983095 - Internal unindexed searches in syncrepl - Resolve: Bug 1980063 - IPA installation fails on s390x with 389-ds-base-1.4.3.8-4.module+el8.3.0+7193+dfd1e8ad.s390x LOW Copyright 2021 Oracle, Inc. CVE-2021-3652 Oracle Linux 8 [20.3-10.0.1] - Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938] - Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938] - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672] - limit permissions [Orabug: 31352433] - Changes to ignore all enslaved interfaces [Orabug: 30092148] - Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] - add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch: 1. Enable ec2_utils.py having a way to stop retrying to get ec2 metadata 2. Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla) - added OL to list of known distros [20.3-10.el8_4.5] - ci-write-passwords-only-to-serial-console-lock-down-clo.patch [bz#1979252] - Resolves: bz#1979252 (CVE-2021-3429 cloud-init: randomly generated passwords logged in clear-text to world-readable file [rhel-8] [rhel-8.4.0.z]) [20.3-10.el8_4.4] - ci-rhel-cloud.cfg-remove-ssh_genkeytypes-in-settings.py.patch [bz#1963981] - ci-cloud-init.spec.template-update-systemd_postun-param.patch [bz#1967600] - Resolves: bz#1963981 ([cloud-init] From RHEL 82+ cloud-init no longer displays sshd keys fingerprints from instance launched from a backup image [rhel-8.4.0.z]) - Resolves: bz#1967600 (cloud-init brew build fails on Fedora 33 [rhel-8.4.0.z]) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3429 Oracle Linux 8 [3.1.118-1.0.1] - Update patch to support 8.3 (alexander.burmashev@oracle.com) - support OL release scheme (alexander.burmashev@oracle.com) [3.1.118-1] - Update to .NET SDK 3.1.118 and Runtime 3.1.18 - Resolves: RHBZ#1990189 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-34485 CVE-2021-34532 CVE-2021-26423 Oracle Linux 8 [2.1.525-1] - Update to .NET SDK 2.1.525 and Runtime 2.1.29 - Resolves: RHBZ#1988581 [2.1.524-1] - Update to .NET SDK 2.1.524 and Runtime 2.1.28 - Resolves: RHBZ#1953766 LOW Copyright 2021 Oracle, Inc. CVE-2021-34485 Oracle Linux 8 [5.0.206-1.0.1] - Add support for new Oracle release [5.0.206-1] - Update to .NET SDK 5.0.206 and Runtime 5.0.9 - Resolves: RHBZ#1990965 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-34485 CVE-2021-34532 CVE-2021-26423 Oracle Linux 8 [2.4.0-9.0.1] - Restore default debug level for sss_cache [Orabug: 32810448] - Restore default debug level for shadow-utils tools [Orabug: 32810448] - Revert Redhat's change of disallowing duplicated incomplete gid when 'id_provider=ldap' is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [2.4.0-9.2] - Resolves: rhbz#1985456 - EMBARGOED CVE-2021-3621 sssd: shell command injection in sssctl [rhel-8.4.0.z] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3621 Oracle Linux 8 [0.27.3-3] - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz#1990355 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31291 Oracle Linux 8 [0.26-11] - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz#1990397 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31291 Oracle Linux 7 [78.13.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.13.0-2] - Update to 78.13.0 build2 [78.13.0-1] - Update to 78.13.0 build1 [78.12.0-2] - Rebuild to pickup older nss IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 Oracle Linux 8 [78.13.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.13.0-1] - Update to 78.13.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 Oracle Linux 8 [78.13.0-2.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.13.0-2] - Update to 78.13.0 build2 [78.13.0-1] - Update to 78.13.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 Oracle Linux 7 [0.27.0-4] - Fix heap-based buffer overflow vulnerability in jp2image.cpp that may lead to DoS Resolves: bz#1990352 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31291 Oracle Linux 7 [78.13.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.13.0-1] - Update to 78.13.0 build1 [78.12.0-3] - Rebuild to pickup older nss IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 Oracle Linux 7 [0.26-3] - Fix heap-based buffer overflow vulnerability in jp2image.cpp Resolves: bz#1990394 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31291 Oracle Linux 7 [0.23-3] - Fix heap-based buffer overflow vulnerability in jp2image.cpp Resolves: bz#1990393 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31291 Oracle Linux 8 [1.0.28-10.1] - a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution(#1985027) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3246 Oracle Linux 7 [1.0.25-12.1] - a crafted wav file could cause heap buffer overflow that allowed an arbitrary code execution(#1985024) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3246 Oracle Linux 7 [1.6.7-4] - Fix CVE-2021-31535 (#1962438) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-31535 Oracle Linux 7 [32:9.11.4-26.P2.7] - Apply again patch 172, got removed by mistake [32:9.11.4-26.P2.6] - Insufficient IXFR checks could lead to assertion failure (CVE-2021-25214) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-25214 Oracle Linux 7 [3.10.0-1160.41.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.41.1] - ixgbe: fix warning: sysfs: cannot create duplicate filename (Daniel Vacek) [1915449] [3.10.0-1160.40.1] - redhat: ppc64: CONFIG_RTAS_FILTER (Aristeu Rozanski) [1906443] {CVE-2020-27777} - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter (Aristeu Rozanski) [1906443] {CVE-2020-27777} - powerpc/rtas: Restrict RTAS requests from userspace (Aristeu Rozanski) [1906443] {CVE-2020-27777} - IB/mlx5: Fix initializing CQ fragments buffer (Alaa Hleihel) [1962499] [3.10.0-1160.39.1] - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) [1980489] {CVE-2021-22555} - Revert 'be2net: disable bh with spin_lock in be_process_mcc' (Petr Oros) [1971744] - futex: futex_requeue can potentially free the pi_state structure twice (Donghai Qiao) [1966856] - xfs: sync lazy sb accounting on quiesce of read-only mounts (Carlos Maiolino) [1921551] - scsi: lpfc: Fix crash caused by switch reboot (Dick Kennedy) [1897576] [3.10.0-1160.38.1] - seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975251] - memcg, slab: Fix incorrect placement of rcu_head in struct memcg_cache_params (Waiman Long) [1951810] - netfilter: x_tables: Use correct memory barriers. (Phil Sutter) [1949087] {CVE-2021-29650} - netfilter: nf_nat: don't bug when mapping already exists (Florian Westphal) [1972970] - netfilter: don't setup nat info for confirmed ct (Florian Westphal) [1972970] [3.10.0-1160.37.1] - bluetooth: eliminate the potential race condition when removing the HCI controller (Gopal Tiwari) [1971457] - net: Update window_clamp if SOCK_RCVBUF is set (Balazs Nemeth) [1962196] - bpf, x86: Validate computation of branch displacements for x86-64 (Jiri Olsa) [1947249] {CVE-2021-29154} - mm: vmalloc: add cond_resched() in __vunmap() (Rafael Aquini) [1896794] - mm/vmalloc: __vmalloc_area_node(): avoid 32-bit overflow (Rafael Aquini) [1896794] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29650 CVE-2021-29154 CVE-2020-27777 CVE-2021-32399 CVE-2021-22555 Oracle Linux 7 [1.16.5-10.0.1] - Revert Redhat's change of disallowing duplicated incomplete gid when 'id_provider=ldap' is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.5-10.10] - Resolves: rhbz#1973796 - SSSD is NOT able to contact the Global Catalog when local site is down [1.16.5-10.9] - Resolves: rhbz#1988463 - Missing search index for [rhel-7.9.z] - Resolves: rhbz#1968330 - id lookup is failing intermittently - Resolves: rhbz#1964415 - Memory leak in the simple access provider - Resolves: rhbz#1985457 - EMBARGOED CVE-2021-3621 sssd: shell command injection in sssctl [rhel-7.9.z] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3621 Oracle Linux 7 [1.3.10-6.12] - Limit recursion in ri-records (CVE-2021-3622) resolves: rhbz#1976193 LOW Copyright 2021 Oracle, Inc. CVE-2021-3622 Oracle Linux 7 [3.10.0-1160.42.2.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.42.2] - net_sched: cls_route: remove the right filter from hashtable (Ivan Vecera) [1992926] [3.10.0-1160.42.1] - [s390] s390/dasd: fix list corruption of lcu list (Claudio Imbrenda) [1889418] - [s390] s390/dasd: fix list corruption of pavgroup group list (Claudio Imbrenda) [1889418] - [s390] s390/dasd: prevent inconsistent LCU device data (Claudio Imbrenda) [1889418] - [s390] s390/dasd: fix hanging device offline processing (Claudio Imbrenda) [1889418] MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3715 Oracle Linux 8 [4.18.0-305.17.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.17.1_4] - ucounts: Move max_time_namespace according to ucount_type (Alex Gladkov) [1998002 1982954] - netfilter: conntrack: remove offload_pickup sysctl again (Florian Westphal) [1995555 1987101] - netfilter: flowtable: Set offload timeouts according to proto values (Phil Sutter) [1995554 1979184] - netfilter: conntrack: Introduce udp offload timeout configuration (Phil Sutter) [1995554 1979184] - netfilter: conntrack: Introduce tcp offload timeout configuration (Phil Sutter) [1995554 1979184] - powerpc/64s: Fix crashes when toggling stf barrier (Desnes A. Nunes do Rosario) [1989174 1964484] - iavf: fix locking of critical sections (Stefan Assmann) [1997534 1975245] - iavf: do not override the adapter state in the watchdog task (Stefan Assmann) [1997534 1975245] [4.18.0-305.16.1_4] - kernfs: dont call d_splice_alias() under kernfs node lock (Ian Kent) [1994879 1939133] - kernfs: use i_lock to protect concurrent inode updates (Ian Kent) [1994879 1939133] - kernfs: switch kernfs to use an rwsem (Ian Kent) [1994879 1939133] - kernfs: use VFS negative dentry caching (Ian Kent) [1994879 1939133] - kernfs: add a revision to identify directory node changes (Ian Kent) [1994879 1939133] - kernfs: move revalidate to be near lookup (Ian Kent) [1994879 1939133] - scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery (Jan Stancek) [1948608 1923762] - net: sched: act_mirred: Reset ct info when mirror/redirect skb (C. Erastus Toe) [1992226 1980532] - usb: ehci: Prevent missed ehci interrupts with edge-triggered MSI (Torez Smith) [1993894 1972139] - usb: ehci: do not initialise static variables (Torez Smith) [1993894 1972139] - usb: host: move EH SINGLE_STEP_SET_FEATURE implementation to core (Torez Smith) [1993894 1972139] - USB: ehci: drop workaround for forced irq threading (Torez Smith) [1993894 1972139] - usb: ehci: add spurious flag to disable overcurrent checking (Torez Smith) [1993894 1972139] - NFS: Only change the cookie verifier if the directory page cache is empty (Benjamin Coddington) [1993895 1982825] - NFS: Fix handling of cookie verifier in uncached_readdir() (Benjamin Coddington) [1993895 1982825] - nfs: Subsequent READDIR calls should carry non-zero cookieverifier (Benjamin Coddington) [1993895 1982825] - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Jon Maloy) [1988225 1988226] {CVE-2021-37576} [4.18.0-305.15.1_4] - sched: Fix data-race in wakeup (Phil Auld) [1987296 1937103] - mm/page_alloc: bail out on fatal signal during reclaim/compaction retry attempt (Aaron Tomlin) [1984085 1919765] - sunrpc: Avoid a KASAN slab-out-of-bounds bug in xdr_set_page_base() (Benjamin Coddington) [1990404 1969751] [4.18.0-305.14.1_4] - tick/nohz: Kick only _queued_ task whose tick dependency is updated (Waiman Long) [1981336 1922901] - tick/nohz: Change signal tick dependency to wake up CPUs of member tasks (Waiman Long) [1981336 1922901] - tick/nohz: Only wake up a single target cpu when kicking a task (Waiman Long) [1981336 1922901] - tick/nohz: Narrow down noise while setting current task's tick dependency (Waiman Long) [1981336 1922901] - mlx5: net: zero-initialize tc skb extension on allocation (Jan Stancek) [1982220 1965418] - scsi: qedf: Update the max_id value in host structure (Nilesh Javali) [1989097 1954876] - scsi: qla2xxx: Reserve extra IRQ vectors (Nilesh Javali) [1986156 1964834] [4.18.0-305.13.1_4] - xfrm: Fix wraparound in xfrm_policy_addr_delta() (Sabrina Dubroca) [1981840 1951965] - VMCI: Release resource if the work is already queued (Cathy Avery) [1982042 1978518] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-37576 CVE-2021-38201 Oracle Linux 8 [3.0.7-20.1] - Fix for CVE-2021-33582 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33582 Oracle Linux 7 [78.14.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.14.0-1] - Update to 78.14.0 build1 [78.13.0-2] - Use the right name for the appstream file IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38493 Oracle Linux 8 [78.14.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.14.0-1] - Update to 78.14.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38493 Oracle Linux 7 [78.14.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [78.14.0-1] - Update to 78.14.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38493 Oracle Linux 8 [78.14.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [78.14.0-1] - Update to 78.14.0 build1 [78.13.0-2] - Use the right name for the appstream file IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38493 Oracle Linux 8 [4.18.0-305.19.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.19.1_4] - libceph: allow addrvecs with a single NONE/blank address (Jeff Layton) [1996682 1972278] - ice: Only lock to update netdev dev_addr (Michal Schmidt) [2000129 1995868] - ice: don't remove netdev->dev_addr from uc sync list (Ken Cox) [2000130 1961018] [4.18.0-305.18.1_4] - mfd: intel-lpss: Use devm_ioremap_uc for MMIO (Steve Best) [1989560 1986715] - lib: devres: add a helper function for ioremap_uc (Steve Best) [1989560 1986715] - ceph: fix test for whether we can skip read when writing beyond EOF (Jeff Layton) [1996680 1971101] - arm64: memory: Add missing brackets to untagged_addr() macro (Chris von Recklinghausen) [1997998 1955809] - arm64: tags: Preserve tags for addresses translated via TTBR1 (Chris von Recklinghausen) [1997998 1955809] - arm64: entry: Move ct_user_exit before any other exception (Chris von Recklinghausen) [1997998 1955809] - arm64: memory: Implement __tag_set() as common function (Chris von Recklinghausen) [1997998 1955809] - arm64: mm: Really fix sparse warning in untagged_addr() (Chris von Recklinghausen) [1997998 1955809] - arm64: untag user pointers in access_ok and __uaccess_mask_ptr (Chris von Recklinghausen) [1997998 1955809] - arm64/mm: fix variable 'tag' set but not used (Chris von Recklinghausen) [1997998 1955809] - arm64: entry: SP Alignment Fault doesn't write to FAR_EL1 (Chris von Recklinghausen) [1997998 1955809] - arm64: compat: Add separate CP15 trapping hook (Chris von Recklinghausen) [1997998 1955809] - arm64: don't restore GPRs when context tracking (Chris von Recklinghausen) [1997998 1955809] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) (Jon Maloy) [1985429 1985430] {CVE-2021-3656} - KVM: SVM: add module param to control the #SMI interception (Jon Maloy) [1985429 1985430] {CVE-2021-3656} - tty: Don't hold ldisc lock in tty_reopen() if ldisc present (Waiman Long) [1997999 1968271] - tty/ldsem: Add lockdep asserts for ldisc_sem (Waiman Long) [1997999 1968271] - tty: Simplify tty->count math in tty_reopen() (Waiman Long) [1997999 1968271] - tty: Don't block on IO when ldisc change is pending (Waiman Long) [1997999 1968271] - tty: Hold tty_ldisc_lock() during tty_reopen() (Waiman Long) [1997999 1968271] - tty: Drop tty->count on tty_reopen() failure (Waiman Long) [1997999 1968271] - [s390] s390/vtime: fix increased steal time accounting (Claudio Imbrenda) [1988386 1963075] - XArray: Fix splitting to non-zero orders (Chris von Recklinghausen) [1997997 1946304] - XArray: Fix split documentation (Chris von Recklinghausen) [1997997 1946304] - ima: extend boot_aggregate with kernel measurements (Bruno Meneguele) [1997766 1977422] - ceph: reduce contention in ceph_check_delayed_caps() (Jeff Layton) [1995862 1953430] - ice: Stop processing VF messages during teardown (Ken Cox) [1997538 1986451] - iavf: Set RSS LUT and key in reset handle path (Ken Cox) [1997536 1910853] - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985412 1985413] {CVE-2021-3653} - scsi: ibmvfc: Fix potential race in ibmvfc_wait_for_ops() (Steve Best) [1969792 1941180] - [s390] s390/dasd: add missing discipline function (Claudio Imbrenda) [1995206 1981804] - serial_core: switch to ->[sg]et_serial() (Artem Savkov) [1993872 1952415] - net/mlx5e: Fix mapping of ct_label zero (Jan Stancek) [1983681 1915308] - drm/qxl: add lock asserts to qxl_bo_vmap_locked + qxl_bo_vunmap_locked (Lyude Paul) [1992839 1907341] - drm/qxl: rework cursor plane (Lyude Paul) [1992839 1907341] - drm/qxl: move shadow handling to new qxl_prepare_shadow() (Lyude Paul) [1992839 1907341] - drm/qxl: fix monitors object vmap (Lyude Paul) [1992839 1907341] - drm/qxl: fix prime vmap (Lyude Paul) [1992839 1907341] - drm/qxl: rename qxl_bo_kmap -> qxl_bo_vmap_locked (Lyude Paul) [1992839 1907341] - drm/qxl: fix lockdep issue in qxl_alloc_release_reserved (Lyude Paul) [1992839 1907341] - drm/qxl: use ttm bo priorities (Lyude Paul) [1992839 1907341] - drm/qxl: more fence wait rework (Lyude Paul) [1992839 1907341] - drm/qxl: properly handle device init failures (Lyude Paul) [1992839 1907341] - drm/qxl: allocate dumb buffers in ram (Lyude Paul) [1992839 1907341] - drm/qxl: simplify qxl_fence_wait (Lyude Paul) [1992839 1907341] - drm/qxl: properly free qxl releases (Lyude Paul) [1992839 1907341] - drm/qxl: handle shadow in primary destroy (Lyude Paul) [1992839 1907341] - drm/qxl: properly pin/unpin shadow (Lyude Paul) [1992839 1907341] - drm/qxl: release shadow on shutdown (Lyude Paul) [1992839 1907341] - drm/qxl: unpin release objects (Lyude Paul) [1992839 1907341] - drm/qxl: use drmm_mode_config_init (Lyude Paul) [1992839 1907341] - qxl/ttm: drop the unusued no wait flag to reserve function (Lyude Paul) [1992839 1907341] MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3653 Oracle Linux 8 nspr [4.32.0-1] - Update to NSPR 4.32 [4.31.0-1] - Update to NSPR 4.31 [4.30.0-1] - Update to NSPR 4.30 nss [3.67.0-6] - Fix ssl alert issue [3.67.0-5] - Fix issue with reading databases that were updated using unpatched versions of nss [3.67.0-4] - Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage. [3.67.0-3] - Fix sdb race condition [3.67.0-2] - Fix coverity issues [3.67.0-1] - Rebase to NSS 3.67 [3.66.0-2] - Restore old pkcs12 defaults. [3.66.0-1.1] - build nss for older nspr so we can pass gating with the new nspr in the build root [3.66.0-1] - Rebase to NSS 3.66 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25648 Oracle Linux 8 [1.18.2-8.3] - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) - Resolves: #1997600 [1.18.2-8.2] - Rebuild for rpminspect; no code changes - Resolves: #1983728 [1.18.2-8.1] - Fix KDC null deref on bad encrypted challenge (CVE-2021-36222) - Resolves: #1983728 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-36222 CVE-2021-37750 Oracle Linux 8 [7.61.1-18.el8_4.1] - fix bad connection reuse due to flawed path name checks (CVE-2021-22924) - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded MODERATE Copyright 2021 Oracle, Inc. CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 Oracle Linux 8 go-toolset [1.15.14-2] - Revert to Go 1.15.14 - Related: rhbz#1995126 - Reverts: rhbz#1994087 [1.15.15-1] - Rebase to Go 1.15.15 - Resolves: rhbz#1994087 - Add reject leading zeros patch - Resolves: rhbz#1994010 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-29923 Oracle Linux 8 mysql [8.0.26-1] - Update to MySQL 8.0.26 [8.0.25-1] - Update to MySQL 8.0.25 [8.0.24-1] - Update to MySQL 8.0.24 - Upstreamed patch: mysql-main-cast.patch [8.0.23-1] - Update to MySQL 8.0.23 - Created mysql-fix-includes-robin-hood.patch - Created mysql-main-cast.patch [8.0.22-1] - Update to MySQL 8.0.22 - mysql-certs-expired.patch patched by upstream - New zlib_decompress binary file in test package MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14765 CVE-2020-14776 CVE-2020-14812 CVE-2020-14789 CVE-2020-14777 CVE-2020-14786 CVE-2020-14790 CVE-2020-14791 CVE-2020-14793 CVE-2020-14794 CVE-2020-14800 CVE-2020-14804 CVE-2020-14809 CVE-2020-14814 CVE-2020-14821 CVE-2020-14828 CVE-2020-14829 CVE-2020-14672 CVE-2020-14769 CVE-2020-14773 CVE-2020-14775 CVE-2020-14785 CVE-2020-14830 CVE-2020-14836 CVE-2020-14867 CVE-2020-14893 CVE-2021-2010 CVE-2021-2011 CVE-2021-2021 CVE-2021-2022 CVE-2021-2024 CVE-2021-2032 CVE-2021-2036 CVE-2021-2046 CVE-2021-2055 CVE-2021-2065 CVE-2020-14837 CVE-2020-14838 CVE-2020-14839 CVE-2020-14844 CVE-2020-14845 CVE-2020-14846 CVE-2020-14848 CVE-2020-14852 CVE-2020-14860 CVE-2020-14861 CVE-2020-14866 CVE-2020-14868 CVE-2020-14870 CVE-2020-14873 CVE-2020-14888 CVE-2020-14891 CVE-2021-2001 CVE-2021-2002 CVE-2021-2028 CVE-2021-2030 CVE-2021-2031 CVE-2021-2038 CVE-2021-2042 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060 CVE-2021-2061 CVE-2021-2070 CVE-2021-2081 CVE-2021-2087 CVE-2021-2122 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2172 CVE-2021-2174 CVE-2021-2179 CVE-2021-2193 CVE-2021-2194 CVE-2021-2072 CVE-2021-2076 CVE-2021-2088 CVE-2021-2146 CVE-2021-2164 CVE-2021-2171 CVE-2021-2178 CVE-2021-2180 CVE-2021-2196 CVE-2021-2202 CVE-2021-2215 CVE-2021-2278 CVE-2021-2293 CVE-2021-2299 CVE-2021-2339 CVE-2021-2342 CVE-2021-2354 CVE-2021-2372 CVE-2021-2387 CVE-2021-2410 CVE-2021-2201 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2213 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2298 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 CVE-2021-2340 CVE-2021-2352 CVE-2021-2356 CVE-2021-2357 CVE-2021-2367 CVE-2021-2370 CVE-2021-2374 CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402 CVE-2021-2412 CVE-2021-2417 CVE-2021-2418 CVE-2021-2424 CVE-2021-2426 CVE-2021-2427 CVE-2021-2429 CVE-2021-2422 CVE-2021-2425 CVE-2021-2437 CVE-2021-2441 CVE-2021-2444 CVE-2021-2440 Oracle Linux 8 nodejs [1:12.22.5-1] - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ#1951621 (make FIPS always available) - Resolves: RHBZ#1988595, RHBZ#1993992, RHBZ#1993989, RHBZ#1993093 - Resolves: RHBZ#1994025, RHBZ#1994403, RHBZ#1994407, RHBZ#1994399 - Resolves: RHBZ#1993927 (make FIPS always available) [1:12.22.3-3] - Resolves CVE-2021-23362 CVE-2021-27290 - Resolves: RHBZ#1991584, RHBZ#1991578 - Add missing CVE trackers IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3672 CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-32803 CVE-2021-32804 CVE-2021-23343 Oracle Linux 8 nodejs [1:14.17.5-1] - Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, - CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672 - Resolves RHBZ#1847529 (make FIPS always available) - Resolves: RHBZ#1988599, RHBZ#1994000, RHBZ#1993998, RHBZ#1993095 - Resolves: RHBZ#1994028, RHBZ#1994402, RHBZ#1994406, RHBZ#1994398 - Resolves: RHBZ#1993924 (make FIPS always available) [1:14.17.3-3] - Resolves: RHBZ#1991584, RHBZ#1991578 - Resolves CVE-2021-23362 CVE-2021-27290 - Bump for missing mentions of CVEs IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3672 CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-32803 CVE-2021-32804 CVE-2021-23343 Oracle Linux 8 [91.2.0-4.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.2.0-4] - Disable webrender on the s390x due to wrong colors: rhbz#2009503 [91.2.0-3] - Update to 91.2.0 build1 [91.1.0-1] - Update to 91.1.0 build1 * Tue Aug 17 2021 Jan Horak <jhorak@redhat.com> - Update to 91.0.1 build1 [91.0-1] - Update to 91.0 ESR [91.0-1] - Update to 91.0b8 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 Oracle Linux 8 [7.3.6-3] - resolve CVE-2021-39226 - resolve CVE-2021-27358 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-39226 Oracle Linux 7 [91.2.0-4.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.2.0-4] - Disable webrender on the s390x due to wrong colors: rhbz#2009503 [91.2.0-3] - Update to 91.2.0 build1 [91.1.0-1] - Update to 91.1.0 build1 - Update to 91.0.1 build1 [91.0-1] - Update to 91.0 ESR [91.0-1] - Update to 91.0b8 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 Oracle Linux 7 [1.0.2k-22] - fix CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz#1932132, rhbz#1932126 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23840 CVE-2021-23841 Oracle Linux 7 [3.10.0-1160.45.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.45.1] - CI: handle RT branches in a single config (Veronika Kabatova) - CI: Drop private CI config (Veronika Kabatova) - CI: extend template use (Veronika Kabatova) - mm: page_counter: mitigate consequences of a page_counter underflow (Scott Wood) [2000973] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested(CVE-2021-3656) (Jon Maloy) [1985425] {CVE-2021-3656} - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (Marcelo Tosatti) [1991856] - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985408] {CVE-2021-3653} - scsi: qedf: Initiate cleanup for ELS commands as well (Nilesh Javali) [1982702] [3.10.0-1160.44.1] - fs: dlm: change handling of reconnects (Bob Peterson) [1834878] - DLM: fix NULL pointer dereference in send_to_sock() (Bob Peterson) [1834878] - DLM: fix to reschedule rwork (Bob Peterson) [1834878] - DLM: fix to use sk_callback_lock correctly (Bob Peterson) [1834878] - DLM: fix overflow dlm_cb_seq (Bob Peterson) [1834878] - DLM: fix conversion deadlock when DLM_LKF_NODLCKWT flag is set (Bob Peterson) [1834878] - DLM: use CF_CLOSE flag to stop dlm_send correctly (Bob Peterson) [1834878] - DLM: Reanimate CF_WRITE_PENDING flag (Bob Peterson) [1834878] - DLM: fix race condition between dlm_recoverd_stop and dlm_recoverd (Bob Peterson) [1834878] - DLM: close othercon at send/receive error (Bob Peterson) [1834878] - DLM: retry rcom when dlm_wait_function is timed out. (Bob Peterson) [1834878] - DLM: fix to use sock_mutex correctly in xxx_accept_from_sock (Bob Peterson) [1834878] - DLM: fix race condition between dlm_send and dlm_recv (Bob Peterson) [1834878] - DLM: fix double list_del() (Bob Peterson) [1834878] - DLM: Eliminate CF_WRITE_PENDING flag (Bob Peterson) [1834878] - KVM: do not allow mapping valid but non-reference-counted pages (Jon Maloy) [1975511] - vxlan: check return value of gro_cells_init() (Aristeu Rozanski) [1970618] - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Jon Maloy) [1988218] {CVE-2021-37576} [3.10.0-1160.43.1] - PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2 (Mohammed Gamal) [1984128] - PCI: hv: Decouple the func definition in hv_dr_state from VSP message (Mohammed Gamal) [1984128] - PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (Mohammed Gamal) [1984128] - i40e: improve locking of mac_filter_hash (Stefan Assmann) [1993850] - i40e: always propagate error value in i40e_set_vsi_promisc() (Stefan Assmann) [1993850] - i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc (Stefan Assmann) [1993850] - i40e: Remove scheduling while atomic possibility (Stefan Assmann) [1993850] - scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (Dick Kennedy) [1922479] - qed: Disable 'MFW indication via attention' SPAM every 5 minutes (Manish Chopra) [1854544] - NFS: Fix a performance regression caused by buffered IO locking (Benjamin Coddington) [1995649] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-37576 CVE-2021-22543 CVE-2021-3656 Oracle Linux 7 [1.3.10.2-13] - Bump version to 1.3.10.2-13 - Resolves: Bug 2005399 - Internal unindexed searches in syncrepl - Resolves: Bug 2005432 - CVE-2021-3652 389-ds:1.4/389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed - Resolves: Bug 2005434 - ACIs are being evaluated against the Replication Manager account in a replication context. - Resolves: Bug 2005435 - A connection can be erroneously flagged as replication conn during evaluation of an aci with ip bind rule LOW Copyright 2021 Oracle, Inc. CVE-2021-3652 Oracle Linux 7 [2.9.1-6.0.3] - Rebuild to include attribution logo [Orabug: 33024216] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-6.6] - Fix CVE-2016-4658 (#1966916) MODERATE Copyright 2021 Oracle, Inc. CVE-2016-4658 Oracle Linux 8 httpd [2.4.37-39.1.0.1.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle's index page oracle_index.html [2.4.37-39.1] - Resolves: #2007234 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #2007646 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26691 CVE-2021-40438 Oracle Linux 8 [5.0.208-1.0.1] - Merge Oracle Linux modifications [5.0.208-1] - Update to .NET SDK 5.0.208 and Runtime 5.0.11 - Resolves: RHBZ#2011060 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41355 Oracle Linux 8 [91.2.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.2.0-1] - Update to 91.2.0 build1 [91.1.2-1] - Update to 91.1.2 build1 [91.1.0-1] - Update to 91.1.0 build2 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 CVE-2021-38502 Oracle Linux 7 [91.2.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.2.0-1] - Update to 91.2.0 build1 [91.1.2-1] - Update to 91.1.2 build1 [91.1.0-1] - Update to 91.1.0 build2 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 CVE-2021-38502 Oracle Linux 7 [2.4.6-97.0.1.1] - replace index.html with Oracle's index page oracle_index.html [2.4.6-97.1] - Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing 'unix:' IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-40438 Oracle Linux 7 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 (EA) - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.3.ea] - Add patch to improve performance of common separators in Scanner.useLocale - Move alt-java patch to correct section. - Resolves: rhbz#1862929 [1:1.8.0.312.b05-0.2.ea] - Update to aarch64-shenandoah-jdk8u312-b05-shenandoah-merge-2021-10-07 - Update release notes for 8u312-b05-shenandoah-merge-2021-10-07. - Resolves: rhbz#1999735 [1:1.8.0.312.b05-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b05 (EA) - Update release notes for 8u312-b05. - Related: rhbz#1999735 [1:1.8.0.312.b04-0.2.ea] - Reduce disk footprint by removing build artifacts by default. - Related: rhbz#1999735 [1:1.8.0.312.b04-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b04 (EA) - Update release notes for 8u312-b04. - Related: rhbz#1999735 [1:1.8.0.312.b03-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b03 (EA) - Update release notes for 8u312-b03. - Related: rhbz#1999735 [1:1.8.0.312.b02-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b02 (EA) - Update release notes for 8u312-b02. - Related: rhbz#1999735 [1:1.8.0.312.b01-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b01 (EA) - Update release notes for 8u312-b01. - Switch to EA mode. - Remove '-clean' suffix as no 8u312 builds are unclean. - Related: rhbz#1999735 [1:1.8.0.302.b08-1] - Remove non-Free test and demo files from source tarball. - Related: rhbz#1999735 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35567 CVE-2021-35578 CVE-2021-35588 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35603 CVE-2021-35586 Oracle Linux 8 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2012333 [1:11.0.13.0.7-0.1.ea] - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Update tarball generation script to use git following OpenJDK 11u's move to github - Switch to EA mode for 11.0.13 pre-release builds. - Remove non-Free test from source tarball. - Related: rhbz#2011826 [1:11.0.12.0.7-1] - Restructure the build so a minimal initial build is then used for the final build (with docs) - This reduces pressure on the system JDK and ensures the JDK being built can do a full build - Reduce disk footprint by removing build artifacts by default. - Related: rhbz#2011826 [1:11.0.12.0.7-1] - Minor cosmetic improvements to make spec more comparable between variants - Related: rhbz#2011826 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35603 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 Oracle Linux 7 [1:11.0.13.0.8-1.0.1] - link atomic for ix86 build [1:11.0.13.0.8-1] - Revert addition of libharfbuzz.so after its removal by JDK-8255790 - Resolves: rhbz#2012332 [1:11.0.13.0.8-1] - Update to jdk-11.0.12.0+8 - Update release notes to 11.0.12.0+8 - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2012332 [1:11.0.13.0.7-0.1.ea] - Update to jdk-11.0.13.0+7 - Update release notes to 11.0.13.0+7 - Resolves: rhbz#1999936 [1:11.0.13.0.1-0.1.ea] - Update to jdk-11.0.13.0+1 - Update release notes to 11.0.13.0+1 - Update tarball generation script to use git following OpenJDK 11u's move to github - Switch to EA mode for 11.0.13 pre-release builds. - Remove non-Free test from source tarball. - Related: rhbz#1999936 [1:11.0.12.0.7-4] - Reduce disk footprint by removing build artifacts by default. - Related: rhbz#1999936 [1:11.0.12.0.7-3] - Restructure the build so a minimal initial build is then used for the final build (with docs) - This reduces pressure on the system JDK and ensures the JDK being built can do a full build - Related: rhbz#1999936 [1:11.0.12.0.7-2] - Don't package lib/client and lib/client/classes.jsa which don't exist. - Resolves: rhbz#1698873 [1:11.0.12.0.7-1] - Minor cosmetic improvements to make spec more comparable between variants - Related: rhbz#1999936 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35603 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 Oracle Linux 8 [1:1.8.0.312.b07-1] - Update to aarch64-shenandoah-jdk8u312-b07 (EA) - Update release notes for 8u312-b07. - Switch to GA mode for final release. - This tarball is embargoed until 2021-10-19 @ 1pm PT. - Resolves: rhbz#2011826 [1:1.8.0.312.b05-0.4.ea] - Allow plain key import to be disabled with -Dcom.redhat.fips.plainKeySupport=false - Resolves: rhbz#2014193 [1:1.8.0.312.b05-0.4.ea] - Add patch to allow plain key import. - Resolves: rhbz#2014193 [1:1.8.0.312.b05-0.3.ea] - Add patch to login to the NSS software token when in FIPS mode. - Resolves: rhbz#2014204 [1:1.8.0.312.b05-0.2.ea] - Port FIPS system detection support to OpenJDK 8u - Minor code cleanups on FIPS detection patch and check for SECMOD_GetSystemFIPSEnabled in configure. - Remove unneeded Requires on NSS as it will now be dynamically linked and detected by RPM. - Resolves: rhbz#2014201 [1:1.8.0.312.b05-0.2.ea] - Detect FIPS using SECMOD_GetSystemFIPSEnabled in the new libsystemconf JDK library. - Resolves: rhbz#2014201 [1:1.8.0.312.b05-0.1.ea] - Update to aarch64-shenandoah-jdk8u312-b05-shenandoah-merge-2021-10-07 - Update release notes for 8u312-b05-shenandoah-merge-2021-10-07. - Reduce disk footprint by removing build artifacts by default. - Switch to EA mode. - Remove non-Free test and demo files from source tarball. - Related: rhbz#2011826 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 Oracle Linux 8 [5.0.3-5] - fix denial of service via Redis Standard Protocol (RESP) request CVE-2021-32675 [5.0.3-4] - fix lua scripts can overflow the heap-based Lua stack CVE-2021-32626 - fix integer overflow issue with Streams CVE-2021-32627 - fix integer overflow bug in the ziplist data structure CVE-2021-32628 - fix integer overflow issue with intsets CVE-2021-32687 - fix integer overflow issue with strings CVE-2021-41099 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32675 CVE-2021-41099 CVE-2021-32687 Oracle Linux 8 [6.0.9-5] - fix denial of service via Redis Standard Protocol (RESP) request CVE-2021-32675 [6.0.9-4] - fix lua scripts can overflow the heap-based Lua stack CVE-2021-32626 - fix integer overflow issue with Streams CVE-2021-32627 - fix integer overflow bug in the ziplist data structure CVE-2021-32628 - fix integer overflow issue with intsets CVE-2021-32687 - fix integer overflow issue with strings CVE-2021-41099 [6.0.9-3] - fix integer overflow via STRALGO LCS command CVE-2021-29477 [6.0.9-2] - revert 'simplify config rewrite file' and keep configuration in /etc [6.0.9-1] - update to 6.0.9 [6.0.8-1] - update to 6.0.8 for new stream #1862063 [5.0.3-2] - fix Heap buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10192 - fix Stack buffer overflow in HyperLogLog triggered by malicious client CVE-2019-10193 [5.0.3-1] - update to 5.0.3 [4.0.10-2] - drop build dependency on pandoc - drop dependency on jemalloc #1591762 - fix License (BSD and MIT) - add bundled libraries licences - cleanup conditions from spec file [4.0.10-1] - Upstream 4.0.10 release. [4.0.9-1.2] - rebuild (#1571197) [4.0.9-1] - Upstream 4.0.9 release. [4.0.8-2] - Escape macros in %changelog [4.0.8-1] - Upstream 4.0.8 release. [4.0.7-1] - Upstream 4.0.7 release. [4.0.6-1] - Upstream 4.0.6 release. [4.0.5-1] - Redis 4.0.5 - Released Thu Dec 1 16:03:32 CET 2017 - Upgrade urgency CRITICAL: Redis 4.0.4 fix for PSYNC2 was broken, causing the slave to crash when receiving an RDB file from the master that contained a duplicated Lua script. [4.0.4-1] - Upstream 4.0.4 release. - Update to current upstream redis-doc also. - Fix man page issues (RHBZ #1513594 and RHBZ #1515417). [4.0.3-1] - Redis 4.0.3 - fix ownership of /usr/share/doc/redis - use make_flags for test to avoid rebuild and failure - fix rpm macro location on EL-6 - add /var/run/redis on EL-6 - add spec file license header - drop duplicated documentation from main package - keep man in main page [4.0.2-2] - Install the base modules directories, owned by the main package. [4.0.2-1] - Upstream 4.0.2 release. (RHBZ #1389592) - Add redis-devel for loadable module development. - Add redis-doc for man pages and detailed documentation. - Provide redis-check-aof as a symlink to redis-server also now. [3.2.11-1] - Upstream 3.2.11 bug-fix-only release - Switch to using Type=notify for Redis systemd services (RHBZ #1172841) - Add Provides:bundled hiredis, linenoise, lua-libs clauses (RHBZ #788500) [3.2.10-2] - Add redis-trib based on patch from Sebastian Saletnik. (RHBZ #1215654) [3.2.9-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild [3.2.10-1] - Upstream 3.2.10 release - Ensure both the redis and redis-sentinel service files set correct perms - Dropped systemd tmpfiles source, handled directly in systemd service files [3.2.9-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild [3.2.9-1] - Upstream 3.2.9 - Add RuntimeDirectory=redis to systemd unit file (RHBZ #1454700) - Mark rundir as %ghost since it may disappear (tmpfs - #1454700) - Fix a shutdown failure with Unix domain sockets (RHBZ #1444988) [3.2.8-1] - Upstream 3.2.8 - bugfix for #3796 (MIGRATE could cause server crash after socket error) [3.2.7-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild [3.2.7-1] - Upstream 3.2.7 (important security fix) [3.2.4-2] - Install tmpfiles and /run/redis for legacy configurations [3.2.4-1] - Upstream 3.2.4 - Fix buffer overlow (TALOS-2016-0206) [3.2.3-2] - add missing man pages #1374577 using patch from https://github.com/antirez/redis/pull/3491 - data and configuration should not be publicly readable #1374700 - remove /var/run/redis with systemd #1374728 - provide redis-check-rdb as a symlink to redis-server #1374736 using patch from https://github.com/antirez/redis/pull/3494 - move redis-shutdown to libexec [3.2.3-1] - Upstream 3.2.3 - Security fix for CVE-2013-7458 (redis-cli history world readable) - RHBZ#1363670 RHBZ#1363671 [3.0.6-3] - Fix redis-shutdown to handle password-protected instances shutdown [3.0.6-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild [3.0.6-1] - Upstream 3.0.6 (RHBZ#1272281) [3.0.5-1] - Upstream 3.0.5 - Fix slave/master replication hanging forever in certain case [3.0.4-1] - Update to 3.0.4 [3.0.3-2] - Rebuilt for jemalloc 4.0.0 [3.0.3-1] - Upstream 3.0.3 [3.0.2-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild [3.0.2-1] - Upstream 3.0.2 (RHBZ #1228245) - Fix Lua sandbox escape and arbitrary code execution (RHBZ #1228331) [3.0.1-1] - Upstream 3.0.1 (RHBZ #1208322) [3.0.0-2] - rotate /var/log/redis/sentinel.log [3.0.0-1] - Upstream 3.0.0 (RHBZ #1208322) [2.8.19-2] - Fix redis-shutdown on multiple NIC setup (RHBZ #1201237) [2.8.19-1] - Upstream 2.8.19 (RHBZ #1175232) - Fix permissions for tmpfiles (RHBZ #1182913) - Add limits config files - Spec cleanups [2.8.18-1] - Upstream 2.8.18 - Rebased patches [2.8.17-1] - Upstream 2.8.17 - fix redis-sentinel service unit file for systemd - fix redis-shutdown for sentinel - also use redis-shutdown in init scripts [2.8.15-2] - Minor fix to redis-shutdown (from Remi Collet) [2.8.15-1] - Upstream 2.8.15 (critical bugfix for sentinel) - Fix to sentinel systemd service and configuration (thanks Remi) - Refresh patch management [2.8.14-2] - Cleanup spec - Fix shutdown for redis-{server,sentinel} - Backport fixes from Remi Collet repository (ie: sentinel working) [2.8.14-1] - Upstream 2.8.14 (RHBZ #1136287) - Bugfix for lua scripting users (server crash) - Refresh patches - backport spec from EPEL7 (thanks Warren) [2.8.13-1] - Update to 2.8.13 [2.8.12-1] - Update to 2.8.12 [2.8.11-1] - Update to 2.8.11 [2.6.16-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild [2.6.16-1] - Update to 2.6.16 - Fix rhbz#973151 - Fix rhbz#656683 - Fix rhbz#977357 (Jan Vcelak <jvcelak@fedoraproject.org>) [2.6.13-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild [2.6.13-4] - ARM has gperftools [2.6.13-3] - Modify jemalloc patch for s390 compatibility (Thanks sharkcz) [2.6.13-2] - Unbundle jemalloc [2.6.13-1] - Add compile PIE flag (rhbz#955459) - Update to redis 2.6.13 (rhbz#820919) [2.6.7-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild [2.6.7-1] - Update to redis 2.6.7 [2.4.15-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild [2.4.15-2] - Remove TODO from docs [2.4.15-1] - Update to redis 2.4.15 [2.4.13-1] - Update to redis 2.4.13 [2.4.10-1] - Update to redis 2.4.10 [2.4.8-1] - Update to redis 2.4.8 [2.4.7-1] - Update to redis 2.4.7 [2.4.6-4] - Fixed a typo in the spec [2.4.6-3] - Fix .service file, to match config (Type=simple). [2.4.6-2] - Fix .service file, credits go to Timon. [2.4.6-1] - Update to 2.4.6 - systemd unit file added - Compiler flags changed to compile 2.4.6 - Remove doc/ and Changelog [2.2.12-1] - Update to redis 2.2.12 [2.2.5-2] - google-perftools exists only on selected architectures [2.2.5-1] - Update to redis 2.2.5 [2.2.2-1] - Update to redis 2.2.2 [2.0.4-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild [2.0.4-1] - Update to redis 2.0.4 [2.0.3-1] - Update to redis 2.0.3 [2.0.2-1] - Update to redis 2.0.2 - Disable checks section for el5 [2.0.1-1] - Update to redis 2.0.1 [2.0.0-1] - Update to redis 2.0.0 [1.2.6-3] - Add Fedora build flags - Send all scriplet output to /dev/null - Remove debugging flags - Add redis.conf check to init script [1.2.6-2] - Don't compress man pages - Use patch to fix redis.conf [1.2.6-1] - Initial package IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32675 CVE-2021-41099 CVE-2021-32687 Oracle Linux 7 [1.3.1-16] - Fix workaround - Resolves: CVE-2021-39148 [1.3.1-15] - Fix remote code execution vulnerabilities - Resolves: CVE-2021-39139 - Resolves: CVE-2021-39140 - Resolves: CVE-2021-39141 - Resolves: CVE-2021-39144 - Resolves: CVE-2021-39145 - Resolves: CVE-2021-39146 - Resolves: CVE-2021-39147 - Resolves: CVE-2021-39148 - Resolves: CVE-2021-39149 - Resolves: CVE-2021-39150 - Resolves: CVE-2021-39151 - Resolves: CVE-2021-39152 - Resolves: CVE-2021-39153 - Resolves: CVE-2021-39154 [1.3.1-14] - Fix remote code execution vulnerability - Resolves: CVE-2021-29505 [1.3.1-13] - Fix remote code execution vulnerability - Resolves: CVE-2021-21344 - Resolves: CVE-2021-21345 - Resolves: CVE-2021-21346 - Resolves: CVE-2021-21347 - Resolves: CVE-2021-21350 [1.3.1-12] - Rebuild with OpenJDK 7 [1.3.1-11] - Fix remote code execution vulnerability - Resolves: CVE-2020-26217 [1.3.1-10] - Apply upstream security patch - Resolves: CVE-2013-7285 [1.3.1-9] - Mass rebuild 2013-12-27 [1.3.1-8] - Disable support for XOM [1.3.1-7] - Update to current packaging guidelines [1.3.1-6] - Rebuild to regenerate API documentation - Resolves: CVE-2013-1571 [1.3.1-5] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild [1.3.1-4] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild [1.3.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild [1.3.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild [1.3.1-1] - Update to 1.3.1. - Install maven pom and depmap. [1.2.2-4] - Cosmetic fixes [0:1.2.2-3] - Drop gcj (suggested by Jochen Schmitt), we seem to need OpenJDK anyway - Fix -javadoc Require - Drop epoch [0:1.2.2-2] - Greatly simplify for Fedora - Disable tests, we don't have all that's required to run them - Remove maven build [0:1.2.2-1jpp] - Upgrade to 1.2.2 - Build with maven2 by default - Add poms and depmap frags [0:1.1.3-1jpp] - Upgrade to 1.1.3 - Patched to work with bea [0:1.0.2-2jpp] - Drop saxpath requirement - Require jaxen >= 0:1.1 [0:1.0.2-1jpp] - Upgrade to 1.0.2 - Delete included binary jars - Change -Dbuild.sysclasspath 'from only' to 'first' (DynamicProxyTest) - Relax some versioned dependencies - Build with ant-1.6.2 [0:1.0.1-2jpp] - Upgrade to ant-1.6.X [0:1.0.1-1jpp] - Upgrade to 1.0.1 [0:0.3-1jpp] - Upgrade to 0.3 - Add manual subpackage [0:0.2-1jpp] - First JPackage release IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-39139 CVE-2021-39140 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149 CVE-2021-39150 CVE-2021-39154 CVE-2021-39141 CVE-2021-39144 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 Oracle Linux 7 [2.27-44.base.0.3.1] - Forward-port patches to 2.27-44.base.1 - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.27-44.base.0.2.1] - Forward-port patches to 2.27-44.base.1 - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.27-44.base.1] - Add ability to control the display of unicode characters. (#2009168) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [1.8.5-4] - Fix CVE-2021-41133 (#2012867) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41133 Oracle Linux 7 [1.0.9-12] - Fix CVE-2021-41133 (#2012864) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41133 Oracle Linux 8 [4.18.0-305.25.1_4.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-305.25.1_4] - scsi: ibmvfc: Reinit target retries (Steve Best) [1993892 1965010] - scsi: ibmvfc: Avoid move login if fast fail is enabled (Steve Best) [1993892 1965010] - scsi: ibmvfc: Handle move login failure (Steve Best) [1993892 1965010] - scsi: ibmvfc: Fix invalid state machine BUG_ON() (Steve Best) [1993892 1965010] - tpm, tpm_tis: Reserve locality in tpm_tis_resume() (Jerry Snitselaar) [1998219 1920812] - tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (Jerry Snitselaar) [1998219 1920812] - tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (Jerry Snitselaar) [1998219 1920812] - tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (Jerry Snitselaar) [1998219 1920812] - tpm_tis: Clean up locality release (Jerry Snitselaar) [1998219 1920812] - tpm_tis: Fix check_locality for correct locality acquisition (Jerry Snitselaar) [1998219 1920812] - kthread: Fix PF_KTHREAD vs to_kthread() race (Waiman Long) [2010331 2001497] - sched/fair: Ignore percpu threads for imbalance pulls (Waiman Long) [2010331 2001497] - kthread: Extract KTHREAD_IS_PER_CPU (Waiman Long) [2010331 2001497] - sched: Optimize finish_lock_switch() (Waiman Long) [2010331 2001497] - sched/hotplug: Ensure only per-cpu kthreads run during hotplug (Waiman Long) [2010331 2001497] - sched: Fix balance_callback() (Waiman Long) [2010331 2001497] - net/sched: store the last executed chain also for clsact egress (Davide Caratti) [1992230 1980537] [4.18.0-305.24.1_4] - lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) [2010820 1986138] - e1000e: Do not take care about recovery NVM checksum (Ken Cox) [2002335 1984558] - xfs: sync lazy sb accounting on quiesce of read-only mounts (Bill O'Donnell) [2011919 1917220] - xfs: remove the unused return value from xfs_log_unmount_write (Bill O'Donnell) [2011919 1917220] - powerpc: use stop_machine for partition migration (Frantisek Hrbata) [1993952 1979798] [4.18.0-305.23.1_4] - CI: handle RT branches in a single config (Veronika Kabatova) - CI: Drop private CI config (Veronika Kabatova) - CI: extend template use (Veronika Kabatova) - xfs: drop unnecessary setfilesize helper (Brian Foster) [2007413 1942348] - xfs: drop unused ioend private merge and setfilesize code (Brian Foster) [2007413 1942348] - xfs: open code ioend needs workqueue helper (Brian Foster) [2007413 1942348] - xfs: drop submit side trans alloc for append ioends (Brian Foster) [2007413 1942348] [4.18.0-305.22.1_4] - [s390] s390/ap: Fix hanging ioctl caused by wrong msg counter (Claudio Imbrenda) [2002635 1984762] - cpuidle: pseries: Do not cap the CEDE0 latency in fixup_cede0_latency() (Diego Domingos) [1997431 1952809] - cpuidle: pseries: Fixup CEDE0 latency only for POWER10 onwards (Diego Domingos) [1997431 1952809] - EDAC/amd64: Fix PCI component registration (Aristeu Rozanski) [1982182 1918583] - EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId (Aristeu Rozanski) [1982182 1918583] - x86/CPU/AMD: Remove amd_get_nb_id() (Aristeu Rozanski) [1982182 1918583] - EDAC/mce_amd: Make fam_ops static global (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks[] (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() (Aristeu Rozanski) [1982182 1918583] - EDAC/amd64: Get rid of the ECC disabled long message (Aristeu Rozanski) [1982182 1918583] - EDAC/amd64: Check for memory before fully initializing an instance (Aristeu Rozanski) [1982182 1918583] - EDAC/amd64: Use cached data when checking for ECC (Aristeu Rozanski) [1982182 1918583] - x86/MCE: Make the number of MCA banks a per-CPU variable (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Don't cache block addresses on SMCA systems (Aristeu Rozanski) [1982182 1918583] - x86/MCE: Make mce_banks a per-CPU array (Aristeu Rozanski) [1982182 1918583] - x86/MCE: Make struct mce_banks[] static (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Don't report L1 BTB MCA errors on some family 17h models (Aristeu Rozanski) [1982182 1918583] - EDAC/mce_amd: Decode MCA_STATUS in bit definition order (Aristeu Rozanski) [1982182 1918583] - EDAC/mce_amd: Decode MCA_STATUS[Scrub] bit (Aristeu Rozanski) [1982182 1918583] - EDAC, mce_amd: Match error descriptions to latest documentation (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk (Aristeu Rozanski) [1982182 1918583] - x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models (Aristeu Rozanski) [1982182 1918583] - net: Fix skb->csum update in inet_proto_csum_replace16(). (Balazs Nemeth) [2005980 1975193] - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy (Kamal Heib) [1982040 1931846] {CVE-2020-36385} - RDMA/ucma: Fix locking for ctx->events_reported (Kamal Heib) [1982040 1931846] {CVE-2020-36385} - RDMA/ucma: Fix the locking of ctx->file (Kamal Heib) [1982040 1931846] {CVE-2020-36385} - RDMA/cma: Add missing locking to rdma_accept() (Kamal Heib) [1982040 1931846] {CVE-2020-36385} [4.18.0-305.21.1_4] - HID: make arrays usage and value to be the same (Benjamin Tissoires) [1974941 1974942] {CVE-2021-0512} - y2038: remove CONFIG_64BIT_TIME (Waiman Long) [2003569 1965360] [4.18.0-305.20.1_4] - net/mlx5: E-Switch, Allow setting GUID for host PF vport (Alaa Hleihel) [1986837 1967488] - net/mlx5: E-Switch, Read PF mac address (Alaa Hleihel) [1986837 1967488] - ice: fix Tx queue iteration for Tx timestamp enablement (Ken Cox) [2000128 1999743] - ice: restart periodic outputs around time changes (Ken Cox) [1997572 1992750] - ice: Fix perout start time rounding (Ken Cox) [1997572 1992750] - ice: add support for auxiliary input/output pins (Jonathan Toppins) [1998221 1956913] - ice: enable transmit timestamps for E810 devices (Jonathan Toppins) [1998220 1944818] - ice: enable receive hardware timestamping (Jonathan Toppins) [1998220 1944818] - ice: report the PTP clock index in ethtool .get_ts_info (Jonathan Toppins) [1998220 1944818] - ice: register 1588 PTP clock device object for E810 devices (Jonathan Toppins) [1998220 1944818] - ice: add low level PTP clock access functions (Jonathan Toppins) [1998220 1944818] - ice: add support for set/get of driver-stored firmware parameters (Jonathan Toppins) [1998220 1944818] - ice: process 1588 PTP capabilities during initialization (Jonathan Toppins) [1998220 1944818] - ice: add support for sideband messages (Jonathan Toppins) [1998220 1944818] - ice: Prevent probing virtual functions (Ken Cox) [1997539 1952810] - vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU (Gustavo Walbon) [2000602 1891589] - powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU (Gustavo Walbon) [2000602 1891589] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-0512 CVE-2020-36385 CVE-2021-3656 Oracle Linux 8 [3.6.8-39.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-39] - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz#1995234 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3733 Oracle Linux 8 [4.13.3-5] - resolves: #2003507 - Fix CVE-2021-20254 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20254 Oracle Linux 8 [7.61.1-18.el8_4.2] - fix STARTTLS protocol injection via MITM (CVE-2021-22947) - fix protocol downgrade required TLS bypass (CVE-2021-22946) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-22947 CVE-2021-22946 Oracle Linux 8 [0.7.11-3] - Backport patch: testcase_read: error out if repos are added or the system is changed too late MODERATE Copyright 2021 Oracle, Inc. CVE-2021-33938 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930 Oracle Linux 8 [2.30.4-3] - Fix crashing on aarch64 - Resolves: #2010825 [2.30.4-2] - Fix CVE-2021-30858 - Resolves: #2006427 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-30858 Oracle Linux 7 [91.3.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.3.0-1] - Update to 91.3.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Oracle Linux 8 [91.3.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.3.0-1] - Update to 91.3.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Oracle Linux 8 [91.3.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.3.0-2] - Update to 19.3.0 build2 [91.3.0-1] - Update to 91.3.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Oracle Linux 7 [91.3.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.3.0-2] - Update to 19.3.0 build2 [91.3.0-1] - Update to 91.3.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 Oracle Linux 8 [1:17.0.1.0.12-2] - Extend LTS check to exclude EPEL. - Related: rhbz#2013841 [1:17.0.1.0.12-2] - Set LTS designator. - Related: rhbz#2013841 [1:17.0.1.0.12-1] - Drop JDK-8272332/RH2004078 patch which is upstream in 17.0.1 - Resolves: rhbz#2013841 [1:17.0.1.0.12-1] - October CPU update to jdk 17.0.1+12 - Dropped commented-out source line - Resolves: rhbz#2013841 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-35556 CVE-2021-35559 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35603 CVE-2021-35561 CVE-2021-35564 Oracle Linux 8 python-docs [3.6.7-2] - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz#1695587 [3.6.7-1] - Modify for RHEL8 - Update to new Python version - Resolves: rhbz#1656044 python-wheel [1:0.31.1-3] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [1:0.31.1-2] - Removed wheels own implementation of crypto due to FIPS concerns Resolves: rhbz#1731526 [1:0.31.1-1] - Update to 0.31.1 Resolves: rhbz#1671681 python36 [3.6.8-38] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [3.6.8-37] - Bump the release to a number higher than RHEL7 - Resolves: rhbz#1954567 scipy MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20270 CVE-2021-27291 Oracle Linux 8 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-27619 CVE-2021-23336 CVE-2021-20095 CVE-2021-20270 CVE-2021-27291 CVE-2021-28957 CVE-2021-42771 CVE-2020-28493 Oracle Linux 8 [2.79-19] - Correct typo in man page (#1947039) [2.79-18] - Properly randomize outgoing ports also with bound interface (CVE-2021-3448) [2.79-17] - Fix sporadic bind-dynamic failures (#1887649) [2.79-16] - Fix network errors on queries both from ipv4 and ipv6 (#1921153) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3448 Oracle Linux 8 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3602 CVE-2021-20291 Oracle Linux 8 mod_wsgi [4.7.1-4] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [4.7.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [4.7.1-2] - Rebuilt for Python 3.9 [4.7.1-1] - update to 4.7.1 (#1721376) numpy [1.19.4-3] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [1.19.4-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1:1.19.4-1] - 1.19.4 python-cffi [1.14.3-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1.14.3-1] - Update to 1.14.3 [1.14.2-1] - Update to 1.14.2 (#1869032) [1.14.1-1] - Update to 1.14.1 - Fixes: rhbz#1860698 - Fixes: rhbz#1865276 python-cryptography [3.3.1-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [3.3.1-1] - Update to 3.3.1 (#1905756) python-idna [2.10-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [2.10-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [2.10-1] - Update to 2.10 (#1851653) [2.9-2] - Rebuilt for Python 3.9 [2.9-1] - Update to 2.9 (#1803654) python-lxml [4.6.2-3] - Security fix for CVE-2021-28957 Resolves: rhbz#1941534 [4.6.2-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [4.6.2-1] - Update to 4.6.2 - Fixes CVE-2020-27783 and another vulnerability in the HTML Cleaner - Fixes: rhbz#1855415 - Fixes: rhbz#1901634 python-psutil [5.8.0-4] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [5.8.0-3] - Disable test_leak_mem test. [5.8.0-2] - Disable test_sensors_temperatures test. [5.8.0-1] - Update to 5.8.0. Fixes rhbz#1909321 - Re-enable tests (skipping 2 that fail in mock). python-psycopg2 [2.8.6-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [2.8.6-1] - Rebase to upstream version 2.8.6 python-pycparser [2.20-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [2.20-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [2.20-1] - Update to 2.20 (#1810349) python-requests [2.25.0-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [2.25.0-1] - Update to 2.25.0 python-toml [0.10.1-5] - Convert spec for python39 module in RHEL8 - Revert usage of pyproject-rpm-macros - Resolves: rhbz#1877430 [0.10.1-4] - Dont BR pytest-cov [0.10.1-3] - Use pyproject-rpm-macros [0.10.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [0.10.1-1] - Update to 0.10.1 (#1835567) python-urllib3 [1.25.10-4] - Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser Resolves: rhbz#1968074 [1.25.10-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1.25.10-2] - Update RECENT_DATE dynamically [1.25.10-1] - Update to 1.25.10. Fixed bug #1824900 python-wheel [1:0.35.1-4] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [1:0.35.1-3] - Add back Epoch 1 to the package version because the original version with the epoch was available in CentOS Stream for a few days - Resolves: rhbz#1877430 [1:0.35.1-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1:0.35.1-1] - Update to 0.35.1 - Fixes: rhbz#1868821 python39 [3.9.6-2] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [3.9.6-1] - Update to 3.9.6 - Fix CVE-2021-29921: Improper input validation of octal strings in the ipaddress module Resolves: rhbz#1957458 [3.9.2-2] - Security fix for CVE-2021-3426: information disclosure via pydoc Resolves: rhbz#1935913 python3x-pip [20.2.4-6] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [20.2.4-5] - Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser Resolves: rhbz#1968074 [20.2.4-4] - Fix for CVE-2021-3572 - pip incorrectly handled unicode separators in git references Resolves: rhbz#1962856 [20.2.4-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [20.2.4-2] - Disable tests and documentation in Fedora ELN (and RHEL) [20.2.4-1] - Update to 20.2.4 (#1889112) python3x-setuptools [50.3.2-4] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 [50.3.2-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [50.3.2-2] - Disable tests in Fedora ELN (and RHEL) [50.3.2-1] - Update to 50.3.2 (#1889093) python3x-six [1.15.0-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1.15.0-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [1.15.0-1] - Update to 1.15.0 (#1838702) scipy [1.5.4-3] - Specify LDFLAGS explicitly - Force preprocessing of Fortran sources to make annobin record proper flags - Resolves: rhbz#1778983 rhbz#1877430 [1.5.4-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [1.5.4-1] - New upstream release 1.5.4 - Increase test timeout, 300 seconds is not always enough for test_logpdf_overflow on s390x resolves: #1894887 pytest [6.0.2-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [6.0.2-1] - Update to 6.0.2. python-iniconfig [1.1.1-2] - Convert from Fedora to the python39 module in RHEL8 - Revert usage of pyproject-rpm-macros - Remove dependency on setuptools_scm - Resolves: rhbz#1877430 [1.1.1-1] - Update to 1.1.1 (#1888157) python-more-itertools [8.5.0-2] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [8.5.0-1] - Update to 8.5.0 (#1873653) [8.4.0-1] - Update to 8.4.0 - Fixes rhbz#1778332 python-wcwidth [0.2.5-3] - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430 [0.2.5-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild [0.2.5-1] - Update to 0.2.5 (#1850238) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3733 CVE-2021-3572 CVE-2021-3426 CVE-2021-28957 CVE-2021-33503 CVE-2021-3737 CVE-2021-29921 Oracle Linux 8 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23336 CVE-2021-20095 CVE-2019-18874 CVE-2021-42771 CVE-2021-3572 CVE-2020-28493 CVE-2021-28957 CVE-2021-29921 CVE-2021-3426 CVE-2021-33503 Oracle Linux 8 libguestfs-winsupport [8.2] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) libguestfs [1.40.2-28.0.1] - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.40.2-28] - daemon: lvm: Use lvcreate --yes to avoid interactive prompts resolves: rhbz#1933640 libnbd [1.2.2] - Resolves: bz#1844296 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) [1.2.2-1] - New stable release 1.2.2. libvirt-dbus [1.3.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) libvirt-python [6.0.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) libvirt [6.0.0-37.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] - Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma) - Disable parallel builds (Karl Heubaum) [6.0.0-37] - security: fix SELinux label generation logic (CVE-2021-3631) - storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath (CVE-2021-3667) [6.0.0-36] - network: make it safe to call networkSetupPrivateChains() multiple times (rhbz#1942805) - network: force re-creation of iptables private chains on firewalld restart (rhbz#1942805) - hostdev: Update mdev pointer reference after checking device type (rhbz#1940449) - hostdev: mdev: Lookup mdevs by sysfs path rather than mdev struct (rhbz#1940449) - qemu_firmware: dont error out for unknown firmware features (rhbz#1961562) - docs: improve description of secure attribute for loader element (rhbz#1929357) - conf: introduce virDomainDefParseBootInitOptions (rhbz#1929357) - conf: introduce virDomainDefParseBootKernelOptions (rhbz#1929357) - conf: introduce virDomainDefParseBootFirmwareOptions (rhbz#1929357) - conf: introduce virDomainDefParseBootLoaderOptions (rhbz#1929357) - conf: introduce virDomainDefParseBootAcpiOptions (rhbz#1929357) - conf: use switch in virDomainDefParseBootOptions (rhbz#1929357) - conf: introduce support for firmware auto-selection feature filtering (rhbz#1929357) - qemu: implement support for firmware auto-selection feature filtering (rhbz#1929357) - domain_conf: Dont leak def->os.firmwareFeatures (rhbz#1929357) - conf: remove duplicated firmware type attribute (rhbz#1929357) nbdkit [1.16.2-4.0.1] - Replace upstream references within the description tag [1.16.2] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) [1.16.2] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) perl-Sys-Virt [6.0.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) qemu-kvm [4.2.0-59] - kvm-scsi-make-io_timeout-configurable.patch [bz#1994041] - Resolves: bz#1994041 (qemu-kvm scsi: change default passthrough timeout to non-infinite) [4.2.0-58.el8] - kvm-virtiofsd-Disable-remote-posix-locks-by-default.patch [bz#1967496] - kvm-virtiofsd-Fix-the-help-message-of-posix-lock.patch [bz#1967496] - Resolves: bz#1967496 ([virtio-fs] nfs/xfstest generic/089 generic/478 generic/632 failed) [4.2.0-57] - kvm-aio-wait-delegate-polling-of-main-AioContext-if-BQL-.patch [bz#1969848] - kvm-async-use-explicit-memory-barriers.patch [bz#1969848] - Resolves: bz#1969848 (qemu-img convert hangs on aarch64) [4.2.0-56] - kvm-glib-compat-add-g_unix_get_passwd_entry_qemu.patch [bz#1967716] - kvm-qga-add-ssh-add-remove-authorized-keys.patch [bz#1967716] - kvm-qga-add-reset-argument-to-ssh-add-authorized-keys.patch [bz#1967716] - kvm-qga-add-ssh-get-authorized-keys.patch [bz#1967716] - kvm-Add-mtod_check.patch [bz#1970819 bz#1970835 bz#1970843 bz#1970853] - kvm-bootp-limit-vendor-specific-area-to-input-packet-mem.patch [bz#1970819 bz#1970835 bz#1970843 bz#1970853] - kvm-bootp-check-bootp_input-buffer-size.patch [bz#1970819] - kvm-upd6-check-udp6_input-buffer-size.patch [bz#1970835] - kvm-tftp-check-tftp_input-buffer-size.patch [bz#1970843] - kvm-tftp-introduce-a-header-structure.patch [bz#1970819 bz#1970835 bz#1970843 bz#1970853] - kvm-udp-check-upd_input-buffer-size.patch [bz#1970853] - kvm-Fix-DHCP-broken-in-libslirp-v4.6.0.patch [bz#1970819 bz#1970835 bz#1970843 bz#1970853] - kvm-net-check-if-the-file-descriptor-is-valid-before-usi.patch [bz#1982134] - kvm-net-detect-errors-from-probing-vnet-hdr-flag-for-TAP.patch [bz#1982134] - Resolves: bz#1967716 (RFE: rebuild guest agent to include public ssh injection api support) - Resolves: bz#1970819 (CVE-2021-3592 virt:rhel/qemu-kvm: QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) [rhel-8]) - Resolves: bz#1970835 (CVE-2021-3593 virt:rhel/qemu-kvm: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) [rhel-8]) - Resolves: bz#1970843 (CVE-2021-3595 virt:rhel/qemu-kvm: QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) [rhel-8]) - Resolves: bz#1970853 (CVE-2021-3594 virt:rhel/qemu-kvm: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) [rhel-8]) - Resolves: bz#1982134 (QEMU core dump while booting guest with a non-exist fd on tap) seabios [1.13.0] - Resolves: bz#1844296 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) [1.13.0] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) supermin [5.1.19] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3594 CVE-2021-3667 CVE-2020-15859 CVE-2021-3592 CVE-2021-3593 CVE-2021-3595 CVE-2021-3631 Oracle Linux 8 [2.5.1-7] - Include the /usr/bin/pybabel binary that runs on Python 3.6 in the python3-babel package Resolves: rhbz#1967173 [2.5.1-6] - Fix CVE-2021-20095 Resolves: rhbz#1955615 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20095 CVE-2021-42771 Oracle Linux 8 libzip php [7.4.19-1] - rebase to 7.4.19 #1944110 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-7068 CVE-2020-7069 CVE-2020-7071 CVE-2021-21702 CVE-2020-7070 Oracle Linux 8 buildah [1.11.6-9.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-9] - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel (https://github.com/containers/buildah/commit/6a746dc) - fixes CVE-2021-3602 - Related: #1977942 runc [1.0.0-66.rc10] - set GO111MODULE=off to fix build - Related: #1955651 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3602 Oracle Linux 8 buildah [1.19.9-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 (https://github.com/containers/buildah/commit/c1d6200) - fixes CVE-2021-3602 - Related: #1977943 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3602 Oracle Linux 8 [7.5.9-4] - resolve CVE-2021-39226 [7.5.9-3] - rebuild to resolve CVE-2021-34558 [7.5.9-2] - remove unused dependency property-information - always include FIPS patch in SRPM [7.5.9-1] - update to 7.5.9 tagged upstream community sources, see CHANGELOG [7.5.8-1] - update to 7.5.8 tagged upstream community sources, see CHANGELOG - remove unused dependencies selfsigned, http-signature and gofpdf [7.5.7-2] - remove unused cryptographic implementations - use cryptographic functions from OpenSSL if FIPS mode is enabled [7.5.7-1] - update to 7.5.7 tagged upstream community sources, see CHANGELOG MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3114 CVE-2021-34558 CVE-2021-33195 CVE-2021-27358 CVE-2021-33197 Oracle Linux 8 [1.0.0-5] - Added fixes for rhbz#1956853, rhbz#1956856, rhbz#1956868, rhbz#1956917 MODERATE Copyright 2021 Oracle, Inc. CVE-2018-25014 CVE-2018-25013 CVE-2020-36331 CVE-2020-36330 CVE-2020-36332 CVE-2018-25009 CVE-2018-25010 CVE-2018-25012 Oracle Linux 8 [2.0.14-5] - Fix CVE-2021-26927 (#1933860) - Fix CVE-2021-26926 (#1922316) - Fix CVE-2021-3272 (#1922283) - Fix CVE-2020-27828 (#1905692) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3272 CVE-2021-26927 CVE-2020-27828 CVE-2021-26926 Oracle Linux 8 [14:4.9.3-2] - Resolves: #1860216 - tcpdump can not parse mptcp options - Resolves: #1901635 - ppp decapsulator can be convinced to allocate a large amount of memory - Adding tedude test to gating LOW Copyright 2021 Oracle, Inc. CVE-2020-8037 Oracle Linux 8 [4.0.9-20] - Rebuild for fixed binutils (#1954437) [4.0.9-19] - Fix CVE-2020-35521 (#1945539) - Fix CVE-2020-35522 (#1945555) - Fix CVE-2020-35523 (#1945542) - Fix CVE-2020-35524 (#1945546) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-35521 CVE-2020-35524 CVE-2020-35522 CVE-2020-35523 Oracle Linux 8 [2.4.0-4] - Fix Covscan defect [2.4.0-3] - Fix CVE-2021-3575 (#1969279) - Fix resource leak identified by Covscan [2.4.0-2] - Fix CVE-2021-29338 (#1951332) [2.4.0-1] - Rebase to 2.4.0 - Resolves: CVE-2018-5727 (#1538467) - Resolves: CVE-2018-5785 (#1538556) - Resolves: CVE-2018-20845 (#1730679) - Resolves: CVE-2018-20847 (#1734337) - Resolves: CVE-2019-12973 (#1739076) - Resolves: CVE-2020-15389 (#1855115) - Resolves: CVE-2020-27814 (#1908965) - Resolves: CVE-2020-27823 (#1906222) - Resolves: CVE-2020-27824 (#1906216) - Resolves: CVE-2020-27842 (#1908165) - Resolves: CVE-2020-27843 (#1908164) - Resolves: CVE-2020-27845 (#1908168) MODERATE Copyright 2021 Oracle, Inc. CVE-2018-5785 CVE-2020-27814 CVE-2020-27823 CVE-2020-27824 CVE-2021-29338 CVE-2018-5727 CVE-2018-20845 CVE-2018-20847 CVE-2019-12973 CVE-2020-15389 CVE-2020-27842 CVE-2020-27843 CVE-2020-27845 CVE-2021-3575 Oracle Linux 8 [2.40.1-43] - Fixed races during pdf documentation build which should build docs correctly Related: CVE-2020-18032 [2.40.1-42] - Rebuilt, because pdf documentation were built incorrectly Related: CVE-2020-18032 [2.40.1-41] - Fixed buffer overflow in lib/common/shapes.c Resolves: CVE-2020-18032 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-18032 Oracle Linux 8 httpd [2.4.37-41.0.1] - Add checks on the configured UDS path [Orabug: 33412270][CVE-2021-40438] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracles index page oracle_index.html [2.4.37-41] - Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo [2.4.37-40] - Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts mod_http2 [1.15.7-3] - Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage mod_md [1:2.0.8-8] - Resolves: #1832844 - mod_md does not work with ACME server that does not provide keyChange or revokeCert resources MODERATE Copyright 2021 Oracle, Inc. CVE-2021-26690 CVE-2021-30641 Oracle Linux 8 rust-toolset [1.54.0-1] - Update to Rust and Cargo 1.54.0. [1.53.0-1] - Update to Rust and Cargo 1.53.0. rust [1.54.0-2] - Make std-static-wasm* arch-specific to avoid s390x. [1.54.0-1] - Update to 1.54.0. [1.53.0-2] - Use llvm-ranlib to fix wasm archives. [1.53.0-1] - Update to 1.53.0. [1.52.1-2] - Set rust.codegen-units-std=1 for all targets again. - Add rust-std-static-wasm32-unknown-unknown. MODERATE Copyright 2021 Oracle, Inc. CVE-2021-29922 Oracle Linux 8 [1.5.3-12] - Add missing license file (#1982572) [1.5.3-11] - Fix CVE-2020-17541 (#1972289) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-17541 Oracle Linux 8 libecap squid [7:4.15-1] - new version 4.15 - Resolves: #1964384 - squid:4 rebase to 4.15 [7:4.11-5] - Resolves: #1944261 - CVE-2020-25097 squid:4/squid: improper input validation may allow a trusted client to perform HTTP Request Smuggling MODERATE Copyright 2021 Oracle, Inc. CVE-2021-28651 CVE-2021-31806 CVE-2021-31807 CVE-2021-28662 CVE-2021-31808 CVE-2021-28652 CVE-2021-33620 Oracle Linux 8 [3.4.4-4.el4] - Fix header parsing MODERATE Copyright 2021 Oracle, Inc. CVE-2020-1946 Oracle Linux 8 [0.13.68-9] - Fix CVE-2020-18442 - Resolves: CVE-2020-18442 LOW Copyright 2021 Oracle, Inc. CVE-2020-18442 Oracle Linux 8 [0.26-6] - Fix out-of-bounds read in Exiv2::Jp2Image::printStructure Resolves: bz#1993283 - Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header Resolves: bz#1993246 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-31292 CVE-2021-37618 CVE-2021-37619 Oracle Linux 8 [3.1.1-1] - update to 3.1.1 (#1895005 CVE-2021-3571) - add read-only UDS port (#1929797) - add option to set clockClass threshold (#1980386) - dont repeat some log messages in multi-port configuration (#1980377) - increase default TX timestamp timeout to 10 ms (#1977136) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3571 Oracle Linux 8 [5.4.3-11] - Security fix for CVE-2019-18874: double free because of refcount mishandling Resolves: rhbz#1772014 MODERATE Copyright 2021 Oracle, Inc. CVE-2019-18874 Oracle Linux 8 [2.6.0-12] - Fix a dead code issue in the signature wrapping patch - Resolves: rhbz#1951653 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses [rhel-8] [2.6.0-11] - Bump release to force the package through OSCI as the previous build reached CI just in time for an outage - Related: rhbz#1888195 - [RFE] release (built) python3-lasso pkg (comingfrom lasso) [2.6.0-10] - Resolves: rhbz#1951653 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses [rhel-8] [2.6.0-9] - Resolves: rhbz#1888195 - [RFE] release (built) python3-lasso pkg (coming from lasso) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-28091 Oracle Linux 8 [1.6.8-5] - Fix CVE-2021-31535 (#1962439) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-31535 Oracle Linux 8 [0.3.6-3] + grilo-0.3.6-3 - Fix TLS not being validated correctly - Resolves: rhbz#1997234 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-39365 Oracle Linux 8 [4.18.0-348.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-348] - drm/nouveau/fifo/ga102: initialise chid on return from channel creation (Ben Skeggs) [1997878] - drm/nouveau/ga102-: support ttm buffer moves via copy engine (Ben Skeggs) [1997878] - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (Ben Skeggs) [1997878] - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences (Ben Skeggs) [1997878] - drm/nouveau/disp: power down unused DP links during init (Ben Skeggs) [1997878] - drm/nouveau: recognise GA107 (Ben Skeggs) [1997878] [4.18.0-347] - PCI: Mark TI C667X to avoid bus reset (Alex Williamson) [1975768] [4.18.0-346] - redhat: switch secureboot kernel image signing to release keys (Bruno Meneguele) - CI: handle RT branches in a single config (Veronika Kabatova) - CI: Fix RT check branch name (Veronika Kabatova) - CI: Drop private CI config (Veronika Kabatova) - CI: extend template use (Veronika Kabatova) - Revert 'Merge: mt7921e: enable new Mediatek wireless hardware' (Bruno Meneguele) [2009501] - megaraid_sas: fix concurrent access to ISR between IRQ polling and real interrupt (Tomas Henzl) [2009022] - scsi: megaraid_sas: mq_poll support (Tomas Henzl) [2009022] - [PATCH v2] scsi: qla2xxx: Suppress unnecessary log messages during login (Nilesh Javali) [1982186] - scsi: qla2xxx: Fix excessive messages during device logout (Nilesh Javali) [1982186] - PCI: pciehp: Ignore Link Down/Up caused by DPC (Myron Stowe) [1981741] - arm64: kpti: Fix 'kpti=off' when KASLR is enabled (Mark Salter) [1979731] - arm64: Fix CONFIG_ARCH_RANDOM=n build (Mark Salter) [1979731] - redhat/configs: aarch64: add CONFIG_ARCH_RANDOM (Mark Salter) [1979731] - arm64: Implement archrandom.h for ARMv8.5-RNG (Mark Salter) [1979731] - arm64: kconfig: Fix alignment of E0PD help text (Mark Salter) [1979731] - arm64: Use register field helper in kaslr_requires_kpti() (Mark Salter) [1979731] - arm64: Simplify early check for broken TX1 when KASLR is enabled (Mark Salter) [1979731] - arm64: Use a variable to store non-global mappings decision (Mark Salter) [1979731] - arm64: Dont use KPTI where we have E0PD (Mark Salter) [1979731] - arm64: Factor out checks for KASLR in KPTI code into separate function (Mark Salter) [1979731] - redhat/configs: Add CONFIG_ARM64_E0PD (Mark Salter) [1979731] - arm64: Add initial support for E0PD (Mark Salter) [1979731] - arm64: cpufeature: Export matrix and other features to userspace (Mark Salter) [1980098] - arm64: docs: cpu-feature-registers: Document ID_AA64PFR1_EL1 (Mark Salter) [1980098] - docs/arm64: cpu-feature-registers: Rewrite bitfields that dont follow [e, s] (Mark Salter) [1980098] - docs/arm64: cpu-feature-registers: Documents missing visible fields (Mark Salter) [1980098] - arm64: Introduce system_capabilities_finalized() marker (Mark Salter) [1980098] - arm64: entry.S: Do not preempt from IRQ before all cpufeatures are enabled (Mark Salter) [1980098] - docs/arm64: elf_hwcaps: Document HWCAP_SB (Mark Salter) [1980098] - docs/arm64: elf_hwcaps: sort the HWCAP{, 2} documentation by ascending value (Mark Salter) [1980098] - arm64: cpufeature: Treat ID_AA64ZFR0_EL1 as RAZ when SVE is not enabled (Mark Salter) [1980098] - arm64: cpufeature: Effectively expose FRINT capability to userspace (Mark Salter) [1980098] - arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} (Mark Salter) [1980098] - arm64: Expose FRINT capabilities to userspace (Mark Salter) [1980098] - arm64: Expose ARMv8.5 CondM capability to userspace (Mark Salter) [1980098] - docs: arm64: convert perf.txt to ReST format (Mark Salter) [1980098] - docs: arm64: convert docs to ReST and rename to .rst (Mark Salter) [1980098] - Documentation/arm64: HugeTLB page implementation (Mark Salter) [1980098] - Documentation/arm64/sve: Couple of improvements and typos (Mark Salter) [1980098] - arm64: cpufeature: Fix missing ZFR0 in __read_sysreg_by_encoding() (Mark Salter) [1980098] - arm64: Expose SVE2 features for userspace (Mark Salter) [1980098] - arm64: Advertise ARM64_HAS_DCPODP cpu feature (Mark Salter) [1980098] - arm64: add CVADP support to the cache maintenance helper (Mark Salter) [1980098] - arm64: Fix minor issues with the dcache_by_line_op macro (Mark Salter) [1980098] - arm64: Expose DC CVADP to userspace (Mark Salter) [1980098] - arm64: Handle trapped DC CVADP (Mark Salter) [1980098] - arm64: HWCAP: encapsulate elf_hwcap (Mark Salter) [1980098] - arm64: HWCAP: add support for AT_HWCAP2 (Mark Salter) [1980098] - x86/MCE/AMD, EDAC/mce_amd: Add new SMCA bank types (Aristeu Rozanski) [1965331] - x86/MCE/AMD, EDAC/mce_amd: Remove struct smca_hwid.xec_bitmap (Aristeu Rozanski) [1965331] - EDAC, mce_amd: Print ExtErrorCode and description on a single line (Aristeu Rozanski) [1965331] [4.18.0-345] - e1000e: Do not take care about recovery NVM checksum (Ken Cox) [1984558] - qrtr: disable CONFIG_QRTR for non x86_64 archs (inigo Huguet) [1999642] - ceph: fix possible null-pointer dereference in ceph_mdsmap_decode() (Jeff Layton) [1989999] - ceph: fix dereference of null pointer cf (Jeff Layton) [1989999] - ceph: correctly handle releasing an embedded cap flush (Jeff Layton) [1989999] - ceph: take snap_empty_lock atomically with snaprealm refcount change (Jeff Layton) [1989999] - ceph: dont WARN if were still opening a session to an MDS (Jeff Layton) [1989999] - rbd: dont hold lock_rwsem while running_list is being drained (Jeff Layton) [1989999] - rbd: always kick acquire on 'acquired' and 'released' notifications (Jeff Layton) [1989999] - ceph: take reference to req->r_parent at point of assignment (Jeff Layton) [1989999] - ceph: eliminate ceph_async_iput() (Jeff Layton) [1989999] - ceph: dont take s_mutex in ceph_flush_snaps (Jeff Layton) [1989999] - ceph: dont take s_mutex in try_flush_caps (Jeff Layton) [1989999] - ceph: dont take s_mutex or snap_rwsem in ceph_check_caps (Jeff Layton) [1989999] - ceph: eliminate session->s_gen_ttl_lock (Jeff Layton) [1989999] - ceph: allow ceph_put_mds_session to take NULL or ERR_PTR (Jeff Layton) [1989999] - ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm (Jeff Layton) [1989999] - ceph: add some lockdep assertions around snaprealm handling (Jeff Layton) [1989999] - ceph: decoding error in ceph_update_snap_realm should return -EIO (Jeff Layton) [1989999] - ceph: add IO size metrics support (Jeff Layton) [1989999] - ceph: update and rename __update_latency helper to __update_stdev (Jeff Layton) [1989999] - ceph: simplify the metrics struct (Jeff Layton) [1989999] - libceph: fix doc warnings in cls_lock_client.c (Jeff Layton) [1989999] - libceph: remove unnecessary ret variable in ceph_auth_init() (Jeff Layton) [1989999] - libceph: kill ceph_none_authorizer::reply_buf (Jeff Layton) [1989999] - ceph: make ceph_queue_cap_snap static (Jeff Layton) [1989999] - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton) [1989999] - libceph: set global_id as soon as we get an auth ticket (Jeff Layton) [1989999] - libceph: dont pass result into ac->ops->handle_reply() (Jeff Layton) [1989999] - ceph: fix error handling in ceph_atomic_open and ceph_lookup (Jeff Layton) [1989999] - ceph: must hold snap_rwsem when filling inode for async create (Jeff Layton) [1989999] - libceph: Fix spelling mistakes (Jeff Layton) [1989999] - libceph: dont set global_id until we get an auth ticket (Jeff Layton) [1989999] - libceph: bump CephXAuthenticate encoding version (Jeff Layton) [1989999] - ceph: dont allow access to MDS-private inodes (Jeff Layton) [1989999] - ceph: fix up some bare fetches of i_size (Jeff Layton) [1989999] - ceph: support getting ceph.dir.rsnaps vxattr (Jeff Layton) [1989999] - ceph: drop pinned_page parameter from ceph_get_caps (Jeff Layton) [1989999] - ceph: fix inode leak on getattr error in __fh_to_dentry (Jeff Layton) [1989999] - ceph: only check pool permissions for regular files (Jeff Layton) [1989999] - ceph: send opened files/pinned caps/opened inodes metrics to MDS daemon (Jeff Layton) [1989999] - ceph: avoid counting the same request twice or more (Jeff Layton) [1989999] - ceph: rename the metric helpers (Jeff Layton) [1989999] - ceph: fix kerneldoc copypasta over ceph_start_io_direct (Jeff Layton) [1989999] - ceph: dont use d_add in ceph_handle_snapdir (Jeff Layton) [1989999] - ceph: dont clobber i_snap_caps on non-I_NEW inode (Jeff Layton) [1989999] - ceph: fix fall-through warnings for Clang (Jeff Layton) [1989999] - net: ceph: Fix a typo in osdmap.c (Jeff Layton) [1989999] - ceph: dont allow type or device number to change on non-I_NEW inodes (Jeff Layton) [1989999] - ceph: defer flushing the capsnap if the Fb is used (Jeff Layton) [1989999] - ceph: allow queueing cap/snap handling after putting cap references (Jeff Layton) [1989999] - ceph: clean up inode work queueing (Jeff Layton) [1989999] - ceph: fix flush_snap logic after putting caps (Jeff Layton) [1989999] - libceph: fix 'Boolean result is used in bitwise operation' warning (Jeff Layton) [1989999] - new helper: inode_wrong_type() (Jeff Layton) [1989999] - kabi: Adding symbol single_release (fs/seq_file.c) (cestmir Kalina) [1945486] - kabi: Adding symbol single_open (fs/seq_file.c) (cestmir Kalina) [1945486] - kabi: Adding symbol seq_read (fs/seq_file.c) (cestmir Kalina) [1945486] - kabi: Adding symbol seq_printf (fs/seq_file.c) (cestmir Kalina) [1945486] - kabi: Adding symbol seq_lseek (fs/seq_file.c) (cestmir Kalina) [1945486] - kabi: Adding symbol unregister_chrdev_region (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol cdev_init (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol cdev_del (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol cdev_alloc (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol cdev_add (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol alloc_chrdev_region (fs/char_dev.c) (cestmir Kalina) [1945486] - kabi: Adding symbol pcie_capability_read_word (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pcie_capability_read_dword (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pcie_capability_clear_and_set_word (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_write_config_dword (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_write_config_byte (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_set_power_state (drivers/pci/pci.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_read_config_dword (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_read_config_byte (drivers/pci/access.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_irq_vector (drivers/pci/msi.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_get_device (drivers/pci/search.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_free_irq_vectors (drivers/pci/msi.c) (cestmir Kalina) [1945485] - kabi: Adding symbol pci_alloc_irq_vectors_affinity (drivers/pci/msi.c) (cestmir Kalina) [1945485] - kabi: Adding symbol kexec_crash_loaded (kernel/kexec_core.c) (cestmir Kalina) [1945491] [4.18.0-344] - perf/x86/intel: Fix PEBS-via-PT reload base value for Extended PEBS (Michael Petlan) [1998051] - perf/x86/intel/uncore: Fix Add BW copypasta (Michael Petlan) [1998051] - perf/x86/intel/uncore: Add BW counters for GT, IA and IO breakdown (Michael Petlan) [1998051] - Revert 'ice: Add initial support framework for LAG' (Michal Schmidt) [1999016] - net: re-initialize slow_gro flag at gro_list_prepare time (Paolo Abeni) [2002367] - cxgb4: dont touch blocked freelist bitmap after free (Rahul Lakkireddy) [1998148] - cxgb4vf: configure ports accessible by the VF (Rahul Lakkireddy) [1961329] - scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (Dick Kennedy) [1976332] - scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (Dick Kennedy) [1976332] - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (Dick Kennedy) [1976332] [4.18.0-343] - rcu: Avoid unneeded function call in rcu_read_unlock() (Waiman Long) [1997500] - mt76: connac: do not schedule mac_work if the device is not running (Inigo Huguet) [1956419 1972045] - mt7921e: enable module in config (Inigo Huguet) [1956419 1972045] - Revert tools/power/cpupower: Read energy_perf_bias from sysfs (Steve Best) [1999926] - libnvdimm/namespace: Differentiate between probe mapping and runtime mapping (Jeff Moyer) [1795719] - libnvdimm/pfn_dev: Dont clear device memmap area during generic namespace probe (Jeff Moyer) [1795719] - perf/x86/intel/uncore: Clean up error handling path of iio mapping (Michael Petlan) [1837330] - perf/x86/intel/uncore: Fix for iio mapping on Skylake Server (Michael Petlan) [1837330] - perf/x86/intel/uncore: Generic support for the MMIO type of uncore blocks (Michael Petlan) [1837330] - perf/x86/intel/uncore: Generic support for the PCI type of uncore blocks (Michael Petlan) [1837330] - perf/x86/intel/uncore: Rename uncore_notifier to uncore_pci_sub_notifier (Michael Petlan) [1837330] - perf/x86/intel/uncore: Generic support for the MSR type of uncore blocks (Michael Petlan) [1837330] - perf/x86/intel/uncore: Parse uncore discovery tables (Michael Petlan) [1837330] - perf/x86/intel/uncore: Expose an Uncore unit to IIO PMON mapping (Michael Petlan) [1837330] - perf/x86/intel/uncore: Wrap the max dies calculation into an accessor (Michael Petlan) [1837330] - perf/x86/intel/uncore: Expose an Uncore unit to PMON mapping (Michael Petlan) [1837330] - perf/x86/intel/uncore: Validate MMIO address before accessing (Michael Petlan) [1837330] - perf/x86/intel/uncore: Record the size of mapped area (Michael Petlan) [1837330] - perf/x86/intel/uncore: Fix oops when counting IMC uncore events on some TGL (Michael Petlan) [1837330] - crypto: qat - remove unused macro in FW loader (Vladis Dronov) [1920086] - crypto: qat - check return code of qat_hal_rd_rel_reg() (Vladis Dronov) [1920086] - crypto: qat - report an error if MMP file size is too large (Vladis Dronov) [1920086] - crypto: qat - check MMP size before writing to the SRAM (Vladis Dronov) [1920086] - crypto: qat - return error when failing to map FW (Vladis Dronov) [1920086] - crypto: qat - enable detection of accelerators hang (Vladis Dronov) [1920086] - crypto: qat - Fix a double free in adf_create_ring (Vladis Dronov) [1920086] - crypto: qat - fix error path in adf_isr_resource_alloc() (Vladis Dronov) [1920086] - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (Vladis Dronov) [1920086] - crypto: qat - dont release uninitialized resources (Vladis Dronov) [1920086] - crypto: qat - fix use of 'dma_map_single' (Vladis Dronov) [1920086] - crypto: qat - fix unmap invalid dma address (Vladis Dronov) [1920086] - crypto: qat - fix spelling mistake: 'messge' -> 'message' (Vladis Dronov) [1920086] - crypto: qat - reduce size of mapped region (Vladis Dronov) [1920086] - crypto: qat - change format string and cast ring size (Vladis Dronov) [1920086] - crypto: qat - fix potential spectre issue (Vladis Dronov) [1920086] - crypto: qat - configure arbiter mapping based on engines enabled (Vladis Dronov) [1920086] [4.18.0-342] - selftest: netfilter: add test case for unreplied tcp connections (Florian Westphal) [1991523] - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state (Florian Westphal) [1991523] - net/sched: store the last executed chain also for clsact egress (Davide Caratti) [1980537] - ice: fix Tx queue iteration for Tx timestamp enablement (Ken Cox) [1999743] - perf evsel: Add missing cloning of evsel->use_config_name (Michael Petlan) [1838635] - perf Documentation: Document intel-hybrid support (Michael Petlan) [1838635] - perf tests: Skip 'perf stat metrics (shadow stat) test' for hybrid (Michael Petlan) [1838635] - perf tests: Support 'Convert perf time to TSC' test for hybrid (Michael Petlan) [1838635] - perf tests: Support 'Session topology' test for hybrid (Michael Petlan) [1838635] - perf tests: Support 'Parse and process metrics' test for hybrid (Michael Petlan) [1838635] - perf tests: Support 'Track with sched_switch' test for hybrid (Michael Petlan) [1838635] - perf tests: Skip 'Setup struct perf_event_attr' test for hybrid (Michael Petlan) [1838635] - perf tests: Add hybrid cases for 'Roundtrip evsel->name' test (Michael Petlan) [1838635] - perf tests: Add hybrid cases for 'Parse event definition strings' test (Michael Petlan) [1838635] - perf record: Uniquify hybrid event name (Michael Petlan) [1838635] - perf stat: Warn group events from different hybrid PMU (Michael Petlan) [1838635] - perf stat: Filter out unmatched aggregation for hybrid event (Michael Petlan) [1838635] - perf stat: Add default hybrid events (Michael Petlan) [1838635] - perf record: Create two hybrid 'cycles' events by default (Michael Petlan) [1838635] - perf parse-events: Support event inside hybrid pmu (Michael Petlan) [1838635] - perf parse-events: Compare with hybrid pmu name (Michael Petlan) [1838635] - perf parse-events: Create two hybrid raw events (Michael Petlan) [1838635] - perf parse-events: Create two hybrid cache events (Michael Petlan) [1838635] - perf parse-events: Create two hybrid hardware events (Michael Petlan) [1838635] - perf stat: Uniquify hybrid event name (Michael Petlan) [1838635] - perf pmu: Add hybrid helper functions (Michael Petlan) [1838635] - perf pmu: Save detected hybrid pmus to a global pmu list (Michael Petlan) [1838635] - perf pmu: Save pmu name (Michael Petlan) [1838635] - perf pmu: Simplify arguments of __perf_pmu__new_alias (Michael Petlan) [1838635] - perf jevents: Support unit value 'cpu_core' and 'cpu_atom' (Michael Petlan) [1838635] - tools headers uapi: Update toolss copy of linux/perf_event.h (Michael Petlan) [1838635] [4.18.0-341] - mptcp: Only send extra TCP acks in eligible socket states (Paolo Abeni) [1997178] - mptcp: fix possible divide by zero (Paolo Abeni) [1997178] - mptcp: drop tx skb cache (Paolo Abeni) [1997178] - mptcp: fix memory leak on address flush (Paolo Abeni) [1997178] - ice: Only lock to update netdev dev_addr (Michal Schmidt) [1995868] - ice: restart periodic outputs around time changes (Ken Cox) [1992750] - ice: Fix perout start time rounding (Ken Cox) [1992750] - net/sched: ets: fix crash when flipping from 'strict' to 'quantum' (Davide Caratti) [1981184] - ovl: prevent private clone if bind mount is not allowed (Miklos Szeredi) [1993131] {CVE-2021-3732} - gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) [1997193] - gfs2: dont stop reads while withdraw in progress (Bob Peterson) [1997193] - gfs2: Mark journal inodes as 'dont cache' (Bob Peterson) [1997193] - bpf: bpftool: Add -fno-asynchronous-unwind-tables to BPF Clang invocation (Yauheni Kaliuta) [1997124] - perf/x86/intel: Apply mid ACK for small core (Michael Petlan) [1838573] - perf/x86/intel/lbr: Zero the xstate buffer on allocation (Michael Petlan) [1838573] - perf: Fix task context PMU for Hetero (Michael Petlan) [1838573] - perf/x86/intel: Fix fixed counter check warning for some Alder Lake (Michael Petlan) [1838573] - perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context (Michael Petlan) [1838573] - x86/fpu/xstate: Fix an xstate size check warning with architectural LBRs (Michael Petlan) [1838573] - perf/x86/rapl: Add support for Intel Alder Lake (Michael Petlan) [1838573] - perf/x86/cstate: Add Alder Lake CPU support (Michael Petlan) [1838573] - perf/x86/msr: Add Alder Lake CPU support (Michael Petlan) [1838573] - perf/x86/intel/uncore: Add Alder Lake support (Michael Petlan) [1838573] - perf: Extend PERF_TYPE_HARDWARE and PERF_TYPE_HW_CACHE (Michael Petlan) [1838573] - perf/x86/intel: Add Alder Lake Hybrid support (Michael Petlan) [1838573] - perf/x86: Support filter_match callback (Michael Petlan) [1838573] - perf/x86/intel: Add attr_update for Hybrid PMUs (Michael Petlan) [1838573] - perf/x86: Add structures for the attributes of Hybrid PMUs (Michael Petlan) [1838573] - perf/x86: Register hybrid PMUs (Michael Petlan) [1838573] - perf/x86: Factor out x86_pmu_show_pmu_cap (Michael Petlan) [1838573] - perf/x86: Remove temporary pmu assignment in event_init (Michael Petlan) [1838573] - perf/x86/intel: Factor out intel_pmu_check_extra_regs (Michael Petlan) [1838573] - perf/x86/intel: Factor out intel_pmu_check_event_constraints (Michael Petlan) [1838573] - perf/x86/intel: Factor out intel_pmu_check_num_counters (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for extra_regs (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for event constraints (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for hardware cache event (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for unconstrained (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for counters (Michael Petlan) [1838573] - perf/x86: Hybrid PMU support for intel_ctrl (Michael Petlan) [1838573] - perf/x86/intel: Hybrid PMU support for perf capabilities (Michael Petlan) [1838573] - perf/x86: Track pmu in per-CPU cpu_hw_events (Michael Petlan) [1838573] - perf/x86/intel/lbr: Support XSAVES for arch LBR read (Michael Petlan) [1838573] - perf/x86/intel/lbr: Support XSAVES/XRSTORS for LBR context switch (Michael Petlan) [1838573] - x86/fpu/xstate: Add helpers for LBR dynamic supervisor feature (Michael Petlan) [1838573] - x86/fpu/xstate: Support dynamic supervisor feature for LBR (Michael Petlan) [1838573] - x86/fpu: Use proper mask to replace full instruction mask (Michael Petlan) [1838573] - x86/cpu: Add helper function to get the type of the current hybrid CPU (Michael Petlan) [1838573] - x86/cpufeatures: Enumerate Intel Hybrid Technology feature bit (Michael Petlan) [1838573] - HID: make arrays usage and value to be the same (Benjamin Tissoires) [1974942] - ACPI: PM: s2idle: Invert Microsoft UUID entry and exit (David Arcari) [1960440] - platform/x86: amd-pmc: Fix undefined reference to __udivdi3 (David Arcari) [1960440] - platform/x86: amd-pmc: Fix missing unlock on error in amd_pmc_send_cmd() (David Arcari) [1960440] - platform/x86: amd-pmc: Use return code on suspend (David Arcari) [1960440] - platform/x86: amd-pmc: Add new acpi id for future PMC controllers (David Arcari) [1960440] - platform/x86: amd-pmc: Add support for ACPI ID AMDI0006 (David Arcari) [1960440] - platform/x86: amd-pmc: Add support for logging s0ix counters (David Arcari) [1960440] - platform/x86: amd-pmc: Add support for logging SMU metrics (David Arcari) [1960440] - platform/x86: amd-pmc: call dump registers only once (David Arcari) [1960440] - platform/x86: amd-pmc: Fix SMU firmware reporting mechanism (David Arcari) [1960440] - platform/x86: amd-pmc: Fix command completion code (David Arcari) [1960440] - usb: pci-quirks: disable D3cold on xhci suspend for s2idle on AMD Renoir (David Arcari) [1960440] - ACPI: PM: Only mark EC GPE for wakeup on Intel systems (David Arcari) [1960440] - ACPI: PM: Adjust behavior for field problems on AMD systems (David Arcari) [1960440] - ACPI: PM: s2idle: Add support for new Microsoft UUID (David Arcari) [1960440] - ACPI: PM: s2idle: Add support for multiple func mask (David Arcari) [1960440] - ACPI: PM: s2idle: Refactor common code (David Arcari) [1960440] - ACPI: PM: s2idle: Use correct revision id (David Arcari) [1960440] - ACPI: PM: s2idle: Add missing LPS0 functions for AMD (David Arcari) [1960440] - lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) [1986138] [4.18.0-340] - blk-mq: fix is_flush_rq (Ming Lei) [1992700] - blk-mq: fix kernel panic during iterating over flush request (Ming Lei) [1992700] [4.18.0-339] - smb2: fix use-after-free in smb2_ioctl_query_info() (Ronnie Sahlberg) [1952781] - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Mike Snitzer) [1996854] - md/raid10: Remove rcu_dereference when it doesnt need rcu lock to protect (Nigel Croxon) [1978115] - scsi: csiostor: Mark known unused variable as __always_unused (Raju Rangoju) [1961333] - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() (Raju Rangoju) [1961333] - scsi: csiostor: Remove set but not used variable 'rln' (Raju Rangoju) [1961333] - scsi: csiostor: Return value not required for csio_dfs_destroy (Raju Rangoju) [1961333] - scsi: csiostor: Fix NULL check before debugfs_remove_recursive (Raju Rangoju) [1961333] - scsi: csiostor: Dont enable IRQs too early (Raju Rangoju) [1961333] - scsi: csiostor: Fix spelling typos (Raju Rangoju) [1961333] - scsi: csiostor: Prefer pcie_capability_read_word() (Raju Rangoju) [1961333] - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd() (Raju Rangoju) [1961394] - net: Use skb_frag_off accessors (Raju Rangoju) [1961394] - net: Use skb accessors in network drivers (Raju Rangoju) [1961394] - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds (Raju Rangoju) [1961394] - scsi: libcxgbi: Fix a use after free in cxgbi_conn_xmit_pdu() (Raju Rangoju) [1961394] - scsi: libcxgbi: Use kvzalloc instead of opencoded kzalloc/vzalloc (Raju Rangoju) [1961394] - scsi: libcxgbi: Remove unnecessary NULL checks for 'tdata' pointer (Raju Rangoju) [1961394] - scsi: cxgb4i: Remove an unnecessary NULL check for 'cconn' pointer (Raju Rangoju) [1961394] - scsi: cxgb4i: Clean up a debug printk (Raju Rangoju) [1961394] - scsi: cxgb4i: Fix dereference of pointer tdata before it is null checked (Raju Rangoju) [1961394] - scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() (Raju Rangoju) [1961394] - scsi: libcxgbi: remove unused function to stop warning (Raju Rangoju) [1961394] - scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() (Raju Rangoju) [1961394] - net/chelsio: Delete drive and module versions (Raju Rangoju) [1961394] - chelsio: Replace zero-length array with flexible-array member (Raju Rangoju) [1961394] - [netdrv] treewide: prefix header search paths with / (Raju Rangoju) [1961394] - libcxgb: fix incorrect ppmax calculation (Raju Rangoju) [1961394] - scsi: cxgb4i: Fix TLS dependency (Raju Rangoju) [1961394] - [target] treewide: Use fallthrough pseudo-keyword (Raju Rangoju) [1961394] - scsi: cxgb4i: Add support for iSCSI segmentation offload (Raju Rangoju) [1961394] - [target] treewide: Use sizeof_field() macro (Raju Rangoju) [1961394] - [target] treewide: replace '---help---' in Kconfig files with 'help' (Raju Rangoju) [1961394] - scsi: cxgb4i: Remove superfluous null check (Raju Rangoju) [1961394] [4.18.0-338] - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985413] {CVE-2021-3653} - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) (Jon Maloy) [1985430] {CVE-2021-3656} - drm/i915/rkl: Remove require_force_probe protection (Lyude Paul) [1985159] - drm/i915/display: support ddr5 mem types (Lyude Paul) [1992233] - drm/i915/adl_s: Update ddi buf translation tables (Lyude Paul) [1992233] - drm/i915/adl_s: Wa_14011765242 is also needed on A1 display stepping (Lyude Paul) [1992233] - drm/i915/adl_s: Extend Wa_1406941453 (Lyude Paul) [1992233] - drm/i915: Implement Wa_1508744258 (Lyude Paul) [1992233] - drm/i915/adl_s: Fix dma_mask_size to 39 bit (Lyude Paul) [1992233] - drm/i915: Add the missing adls vswing tables (Lyude Paul) [1992233] - drm/i915: Add Wa_14011060649 (Lyude Paul) [1992233] - drm/i915/adl_s: Add Interrupt Support (Lyude Paul) [1992233] - drm/amdgpu: add another Renoir DID (Lyude Paul) [1980900] [4.18.0-337] - net/mlx5: Fix flow table chaining (Amir Tzin) [1987139] - openvswitch: fix sparse warning incorrect type (Mark Gray) [1992773] - openvswitch: fix alignment issues (Mark Gray) [1992773] - openvswitch: update kdoc OVS_DP_ATTR_PER_CPU_PIDS (Mark Gray) [1992773] - openvswitch: Introduce per-cpu upcall dispatch (Mark Gray) [1992773] - KVM: X86: Expose bus lock debug exception to guest (Paul Lai) [1842322] - KVM: X86: Add support for the emulation of DR6_BUS_LOCK bit (Paul Lai) [1842322] - scsi: libfc: Fix array index out of bound exception (Chris Leech) [1972643] - scsi: libfc: FDMI enhancements (Chris Leech) [1972643] - scsi: libfc: Add FDMI-2 attributes (Chris Leech) [1972643] - scsi: qedf: Add vendor identifier attribute (Chris Leech) [1972643] - scsi: libfc: Initialisation of RHBA and RPA attributes (Chris Leech) [1972643] - scsi: libfc: Correct the condition check and invalid argument passed (Chris Leech) [1972643] - scsi: libfc: Work around -Warray-bounds warning (Chris Leech) [1972643] - scsi: fc: FDMI enhancement (Chris Leech) [1972643] - scsi: libfc: Move scsi/fc_encode.h to libfc (Chris Leech) [1972643] - scsi: fc: Correct RHBA attributes length (Chris Leech) [1972643] - block: return ELEVATOR_DISCARD_MERGE if possible (Ming Lei) [1991976] - x86/fpu: Prevent state corruption in __fpu__restore_sig() (Terry Bowman) [1970086] - x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer (Terry Bowman) [1970086] - x86/pkru: Write hardware init value to PKRU when xstate is init (Terry Bowman) [1970086] - x86/process: Check PF_KTHREAD and not current->mm for kernel threads (Terry Bowman) [1970086] - x86/fpu: Add address range checks to copy_user_to_xstate() (Terry Bowman) [1970086] - selftests/x86: Test signal frame XSTATE header corruption handling (Terry Bowman) [1970086] - Bump DRM backport version to 5.12.14 (Lyude Paul) [1944405] - drm/i915: Use the correct max source link rate for MST (Lyude Paul) [1944405 1966599] - drm/dp_mst: Use Extended Base Receiver Capability DPCD space (Lyude Paul) [1944405 1966599] - drm/i915/display: Defeature PSR2 for RKL and ADL-S (Lyude Paul) [1944405] - drm/i915/adl_s: ADL-S platform Update PCI ids for Mobile BGA (Lyude Paul) [1944405] - drm/amdgpu: wait for moving fence after pinning (Lyude Paul) [1944405] - drm/radeon: wait for moving fence after pinning (Lyude Paul) [1944405] - drm/nouveau: wait for moving fence after pinning v2 (Lyude Paul) [1944405] - radeon: use memcpy_to/fromio for UVD fw upload (Lyude Paul) [1944405] - drm/amd/amdgpu:save psp ring wptr to avoid attack (Lyude Paul) [1944405] - drm/amd/display: Fix potential memory leak in DMUB hw_init (Lyude Paul) [1944405] - drm/amdgpu: refine amdgpu_fru_get_product_info (Lyude Paul) [1944405] - drm/amd/display: Allow bandwidth validation for 0 streams. (Lyude Paul) [1944405] - drm: Lock pointer access in drm_master_release() (Lyude Paul) [1944405] - drm: Fix use-after-free read in drm_getunique() (Lyude Paul) [1944405] - drm/amdgpu: make sure we unpin the UVD BO (Lyude Paul) [1944405] - drm/amdgpu: Dont query CE and UE errors (Lyude Paul) [1944405] - drm/amdgpu/jpeg3: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amdgpu/jpeg2.5: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amdgpu/vcn3: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (Lyude Paul) [1944405] - drm/i915/selftests: Fix return value check in live_breadcrumbs_smoketest() (Lyude Paul) [1944405] - drm/amdgpu: stop touching sched.ready in the backend (Lyude Paul) [1944405] - drm/amd/amdgpu: fix a potential deadlock in gpu reset (Lyude Paul) [1944405] - drm/amdgpu: Fix a use-after-free (Lyude Paul) [1944405] - drm/amd/amdgpu: fix refcount leak (Lyude Paul) [1944405] - drm/amd/display: Disconnect non-DP with no EDID (Lyude Paul) [1944405] - drm/amdgpu/jpeg2.0: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amdkfd: correct sienna_cichlid SDMA RLC register offset error (Lyude Paul) [1944405] - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405] - drm/amd/pm: correct MGpuFanBoost setting (Lyude Paul) [1944405] - drm/i915: Reenable LTTPR non-transparent LT mode for DPCD_REV<1.4 (Lyude Paul) [1944405] - drm/i915/gt: Disable HiZ Raw Stall Optimization on broken gen7 (Lyude Paul) [1944405] - dma-buf: fix unintended pin/unpin warnings (Lyude Paul) [1944405] - drm/amdgpu: update sdma golden setting for Navi12 (Lyude Paul) [1944405] - drm/amdgpu: update gc golden setting for Navi12 (Lyude Paul) [1944405] - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang (Lyude Paul) [1944405] - drm/amdgpu: Fix GPU TLB update error when PAGE_SIZE > AMDGPU_PAGE_SIZE (Lyude Paul) [1944405] - drm/radeon: use the dummy page for GART if needed (Lyude Paul) [1944405] - drm/amd/display: Use the correct max downscaling value for DCN3.x family (Lyude Paul) [1944405] - drm/i915/gem: Pin the L-shape quirked object as unshrinkable (Lyude Paul) [1944405] - drm/ttm: Do not add non-system domain BO into swap list (Lyude Paul) [1944405] - drm/amd/display: Fix two cursor duplication when using overlay (Lyude Paul) [1944405] - amdgpu/pm: Prevent force of DCEFCLK on NAVI10 and SIENNA_CICHLID (Lyude Paul) [1944405] - drm/i915/display: fix compiler warning about array overrun (Lyude Paul) [1944405] - drm/i915: Fix crash in auto_retire (Lyude Paul) [1944405] - drm/i915/overlay: Fix active retire callback alignment (Lyude Paul) [1944405] - drm/i915: Read C0DRB3/C1DRB3 as 16 bits again (Lyude Paul) [1944405] - drm/i915/gt: Fix a double free in gen8_preallocate_top_level_pdp (Lyude Paul) [1944405] - drm/i915/dp: Use slow and wide link training for everything (Lyude Paul) [1944405] - drm/i915: Avoid div-by-zero on gen2 (Lyude Paul) [1944405] - drm/amd/display: Initialize attribute for hdcp_srm sysfs file (Lyude Paul) [1944405] - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (Lyude Paul) [1944405] - drm/radeon: Avoid power table parsing memory leaks (Lyude Paul) [1944405] - drm/radeon: Fix off-by-one power_state index heap overwrite (Lyude Paul) [1944405] - drm/amdgpu: Add mem sync flag for IB allocated by SA (Lyude Paul) [1944405] - drm/amd/display: add handling for hdcp2 rx id list validation (Lyude Paul) [1944405] - drm/amd/display: fixed divide by zero kernel crash during dsc enablement (Lyude Paul) [1944405] - drm/amd/display: Force vsync flip when reconfiguring MPCC (Lyude Paul) [1944405] - arm64: enable tlbi range instructions (Jeremy Linton) [1861872] - arm64: tlb: Use the TLBI RANGE feature in arm64 (Jeremy Linton) [1861872] - arm64: tlb: Detect the ARMv8.4 TLBI RANGE feature (Jeremy Linton) [1861872] - arm64/cpufeature: Add remaining feature bits in ID_AA64ISAR0 register (Jeremy Linton) [1861872] - arm64: tlbflush: Ensure start/end of address range are aligned to stride (Jeremy Linton) [1861872] - arm64: Detect the ARMv8.4 TTL feature (Jeremy Linton) [1861872] - arm64: tlbi: Set MAX_TLBI_OPS to PTRS_PER_PTE (Jeremy Linton) [1861872] [4.18.0-336] - bpf: Fix integer overflow involving bucket_size (Jiri Olsa) [1992588] - bpf: Fix leakage due to insufficient speculative store bypass mitigation (Jiri Olsa) [1992588] - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Jiri Olsa) [1992588] - bpf: Fix OOB read when printing XDP link fdinfo (Jiri Olsa) [1992588] - bpf, test: fix NULL pointer dereference on invalid expected_attach_type (Jiri Olsa) [1992588] - bpf: Fix tail_call_reachable rejection for interpreter when jit failed (Jiri Olsa) [1992588] - bpf: Track subprog poke descriptors correctly and fix use-after-free (Jiri Olsa) [1992588] - bpf: Fix null ptr deref with mixed tail calls and subprogs (Jiri Olsa) [1992588] - bpf: Fix leakage under speculation on mispredicted branches (Jiri Olsa) [1992588] - bpf: Set mac_len in bpf_skb_change_head (Jiri Olsa) [1992588] - bpf: Prevent writable memory-mapping of read-only ringbuf pages (Jiri Olsa) [1992588] - bpf: Fix alu32 const subreg bound tracking on bitwise operations (Jiri Olsa) [1992588] - xsk: Fix broken Tx ring validation (Jiri Olsa) [1992588] - xsk: Fix for xp_aligned_validate_desc() when len == chunk_size (Jiri Olsa) [1992588] - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (Jiri Olsa) [1992588] - bpf: Refcount task stack in bpf_get_task_stack (Jiri Olsa) [1992588] - bpf: Use NOP_ATOMIC5 instead of emit_nops(&prog, 5) for BPF_TRAMP_F_CALL_ORIG (Jiri Olsa) [1992588] - selftest/bpf: Add a test to check trampoline freeing logic. (Jiri Olsa) [1992588] - bpf: Fix fexit trampoline. (Jiri Olsa) [1992588] - ftrace: Fix modify_ftrace_direct. (Jiri Olsa) [1992588] - ftrace: Add a helper function to modify_ftrace_direct() to allow arch optimization (Jiri Olsa) [1992588] - ftrace: Add helper find_direct_entry() to consolidate code (Jiri Olsa) [1992588] - bpf: Fix truncation handling for mod32 dst reg wrt zero (Jiri Olsa) [1992588] - bpf: Fix an unitialized value in bpf_iter (Jiri Olsa) [1992588] - bpf_lru_list: Read double-checked variable once without lock (Jiri Olsa) [1992588] - mt76: validate rx A-MSDU subframes (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144} - ath11k: Drop multicast fragments (Inigo Huguet) [1991459] {CVE-2020-26145} - ath11k: Clear the fragment cache during key install (Inigo Huguet) [1991459] {CVE-2020-24587} - ath10k: Validate first subframe of A-MSDU before processing the list (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144} - ath10k: Fix TKIP Michael MIC verification for PCIe (Inigo Huguet) [1991459] {CVE-2020-26141} - ath10k: drop MPDU which has discard flag set by firmware for SDIO (Inigo Huguet) [1991459] {CVE-2020-24588} - ath10k: drop fragments with multicast DA for SDIO (Inigo Huguet) [1991459] {CVE-2020-26145} - ath10k: drop fragments with multicast DA for PCIe (Inigo Huguet) [1991459] {CVE-2020-26145} - ath10k: add CCMP PN replay protection for fragmented frames for PCIe (Inigo Huguet) [1991459] - mac80211: extend protection against mixed key and fragment cache attacks (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Inigo Huguet) [1991459] {CVE-2020-26139} - mac80211: prevent attacks on TKIP/WEP as well (Inigo Huguet) [1991459] {CVE-2020-26141} - mac80211: check defrag PN against current frame (Inigo Huguet) [1991459] - mac80211: add fragment cache to sta_info (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587} - mac80211: drop A-MSDUs on old ciphers (Inigo Huguet) [1991459] {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Inigo Huguet) [1991459] - mac80211: prevent mixed key and fragment cache attacks (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587} - mac80211: assure all fragments are encrypted (Inigo Huguet) [1991459] {CVE-2020-26147} - tipc: call tipc_wait_for_connect only when dlen is not 0 (Xin Long) [1989361] - mptcp: remove tech preview warning (Florian Westphal) [1985120] - tcp: consistently disable header prediction for mptcp (Florian Westphal) [1985120] - selftests: mptcp: fix case multiple subflows limited by server (Florian Westphal) [1985120] - selftests: mptcp: turn rp_filter off on each NIC (Florian Westphal) [1985120] - selftests: mptcp: display proper reason to abort tests (Florian Westphal) [1985120] - mptcp: properly account bulk freed memory (Florian Westphal) [1985120] - mptcp: fix 'masking a bool' warning (Florian Westphal) [1985120] - mptcp: refine mptcp_cleanup_rbuf (Florian Westphal) [1985120] - mptcp: use fast lock for subflows when possible (Florian Westphal) [1985120] - mptcp: avoid processing packet if a subflow reset (Florian Westphal) [1985120] - mptcp: add sk parameter for mptcp_get_options (Florian Westphal) [1985120] - mptcp: fix syncookie process if mptcp can not_accept new subflow (Florian Westphal) [1985120] - mptcp: fix warning in __skb_flow_dissect() when do syn cookie for subflow join (Florian Westphal) [1985120] - mptcp: avoid race on msk state changes (Florian Westphal) [1985120] - mptcp: fix 32 bit DSN expansion (Florian Westphal) [1985120] - mptcp: fix bad handling of 32 bit ack wrap-around (Florian Westphal) [1985120] - tcp: parse mptcp options contained in reset packets (Florian Westphal) [1985120] - ionic: count csum_none when offload enabled (Jonathan Toppins) [1991646] - ionic: fix up dim accounting for tx and rx (Jonathan Toppins) [1991646] - ionic: remove intr coalesce update from napi (Jonathan Toppins) [1991646] - ionic: catch no ptp support earlier (Jonathan Toppins) [1991646] - ionic: make all rx_mode work threadsafe (Jonathan Toppins) [1991646] - dmaengine: idxd: Fix missing error code in idxd_cdev_open() (Jerry Snitselaar) [1990637] - dmaengine: idxd: add missing dsa driver unregister (Jerry Snitselaar) [1990637] - dmaengine: idxd: add engine 'struct device' missing bus type assignment (Jerry Snitselaar) [1990637] - dmaengine: idxd: remove MSIX masking for interrupt handlers (Jerry Snitselaar) [1990637] - dmaengine: idxd: Use cpu_feature_enabled() (Jerry Snitselaar) [1990637] - dmaengine: idxd: enable SVA feature for IOMMU (Jerry Snitselaar) [1990637] - dmagenine: idxd: Dont add portal offset in idxd_submit_desc (Jerry Snitselaar) [1990637] - ethtool: strset: fix message length calculation (Balazs Nemeth) [1989003] - net: add strict checks in netdev_name_node_alt_destroy() (Andrea Claudi) [1859038] - net: rtnetlink: fix bugs in rtnl_alt_ifname() (Andrea Claudi) [1859038] - net: rtnetlink: add linkprop commands to add and delete alternative ifnames (Andrea Claudi) [1859038] - net: check all name nodes in __dev_alloc_name (Andrea Claudi) [1859038] - net: fix a leak in register_netdevice() (Andrea Claudi) [1859038] - tun: fix memory leak in error path (Andrea Claudi) [1859038] - net: propagate errors correctly in register_netdevice() (Andrea Claudi) [1859038] - net: introduce name_node struct to be used in hashlist (Andrea Claudi) [1859038] - net: procfs: use index hashlist instead of name hashlist (Andrea Claudi) [1859038] - configs: Enable CONFIG_CHELSIO_INLINE_CRYPTO (Raju Rangoju) [1961368] - cxgb4/ch_ktls: Clear resources when pf4 device is removed (Raju Rangoju) [1961374] - ch_ktls: Remove redundant variable result (Raju Rangoju) [1961374] - ch_ktls: do not send snd_una update to TCB in middle (Raju Rangoju) [1961374] - ch_ktls: tcb close causes tls connection failure (Raju Rangoju) [1961374] - ch_ktls: fix device connection close (Raju Rangoju) [1961374] - ch_ktls: Fix kernel panic (Raju Rangoju) [1961374] - ch_ktls: fix enum-conversion warning (Raju Rangoju) [1961374] - net: ethernet: chelsio: inline_crypto: Mundane typos fixed throughout the file chcr_ktls.c (Raju Rangoju) [1961374] - ch_ipsec: Remove initialization of rxq related data (Raju Rangoju) [1961388] - ch_ktls: fix build warning for ipv4-only config (Raju Rangoju) [1961374] - ch_ktls: lock is not freed (Raju Rangoju) [1961374] - ch_ktls: stop the txq if reaches threshold (Raju Rangoju) [1961374] - ch_ktls: tcb update fails sometimes (Raju Rangoju) [1961374] - ch_ktls/cxgb4: handle partial tag alone SKBs (Raju Rangoju) [1961374] - ch_ktls: dont free skb before sending FIN (Raju Rangoju) [1961374] - ch_ktls: packet handling prior to start marker (Raju Rangoju) [1961374] - ch_ktls: Correction in middle record handling (Raju Rangoju) [1961374] - ch_ktls: missing handling of header alone (Raju Rangoju) [1961374] - ch_ktls: Correction in trimmed_len calculation (Raju Rangoju) [1961374] - cxgb4/ch_ktls: creating skbs causes panic (Raju Rangoju) [1961374] - ch_ktls: Update cheksum information (Raju Rangoju) [1961374] - ch_ktls: Correction in finding correct length (Raju Rangoju) [1961374] - cxgb4/ch_ktls: decrypted bit is not enough (Raju Rangoju) [1961374] - cxgb4/ch_ipsec: Replace the module name to ch_ipsec from chcr (Raju Rangoju) [1961388] - cxgb4/ch_ktls: ktls stats are added at port level (Raju Rangoju) [1961374] - ch_ktls: Issue if connection offload fails (Raju Rangoju) [1961374] - chelsio/chtls: Re-add dependencies on CHELSIO_T4 to fix modular CHELSIO_T4 (Raju Rangoju) [1961388] - chelsio/chtls: CHELSIO_INLINE_CRYPTO should depend on CHELSIO_T4 (Raju Rangoju) [1961388] - crypto: chelsio - fix minor indentation issue (Raju Rangoju) [1961368] - crypto/chcr: move nic TLS functionality to drivers/net (Raju Rangoju) [1961368] - cxgb4/ch_ipsec: Registering xfrmdev_ops with cxgb4 (Raju Rangoju) [1961388] - crypto/chcr: Moving chelsios inline ipsec functionality to /drivers/net (Raju Rangoju) [1961368] - chelsio/chtls: separate chelsio tls driver from crypto driver (Raju Rangoju) [1961368] - crypto: chelsio - Fix some pr_xxx messages (Raju Rangoju) [1961368] - crypto: chelsio - Avoid some code duplication (Raju Rangoju) [1961368] - crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY (Raju Rangoju) [1961368] - crypto: aead - remove useless setting of type flags (Raju Rangoju) [1961368] - crypto: Replace zero-length array with flexible-array (Raju Rangoju) [1961368] - [Crypto] treewide: replace '---help---' in Kconfig files with 'help' (Raju Rangoju) [1961368] - Crypto/chcr: Checking cra_refcnt before unregistering the algorithms (Raju Rangoju) [1961368] - Crypto/chcr: Calculate src and dst sg lengths separately for dma map (Raju Rangoju) [1961368] - Crypto/chcr: Fixes a coccinile check error (Raju Rangoju) [1961368] - Crypto/chcr: Fixes compilations warnings (Raju Rangoju) [1961368] - crypto/chcr: IPV6 code needs to be in CONFIG_IPV6 (Raju Rangoju) [1961368] - crypto: lib/sha1 - remove unnecessary includes of linux/cryptohash.h (Raju Rangoju) [1961368] - Crypto/chcr: fix for hmac(sha) test fails (Raju Rangoju) [1961368] - Crypto/chcr: fix for ccm(aes) failed test (Raju Rangoju) [1961368] - Crypto/chcr: fix ctr, cbc, xts and rfc3686-ctr failed tests (Raju Rangoju) [1961368] - crypto: chelsio - remove redundant assignment to variable error (Raju Rangoju) [1961368] - chcr: Fix CPU hard lockup (Raju Rangoju) [1961368] - crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN (Raju Rangoju) [1961368] - crypto: chelsio - switch to skcipher API (Raju Rangoju) [1961368] - crypto: chelsio - Remove VLA usage of skcipher (Raju Rangoju) [1961368] MODERATE Copyright 2021 Oracle, Inc. CVE-2021-29650 CVE-2021-28950 CVE-2021-28971 CVE-2021-20239 CVE-2021-31440 CVE-2021-3348 CVE-2020-0427 CVE-2020-29660 CVE-2020-36158 CVE-2021-31916 CVE-2021-23133 CVE-2020-27777 CVE-2021-3573 CVE-2020-26140 CVE-2021-3679 CVE-2021-3489 CVE-2020-26143 CVE-2020-26144 CVE-2020-26139 CVE-2020-26146 CVE-2020-36386 CVE-2021-29155 CVE-2021-31829 CVE-2020-24586 CVE-2020-26141 CVE-2020-24587 CVE-2020-24588 CVE-2020-26145 CVE-2020-26147 CVE-2021-3564 CVE-2021-0129 CVE-2021-3732 CVE-2020-24502 CVE-2021-33200 CVE-2020-24503 CVE-2020-24504 CVE-2020-29368 CVE-2021-20194 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-29646 Oracle Linux 8 [2.28-164.0.1] - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutex_spin_count tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> - add Ampere emag to tunable cpu list (Patrick McGehearty) - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile - Both should test - if (stream->_flags & _IO_USER_LOCK) == 0) - _IO_lock_lock (*stream->_lock); - OraBug: 28481550. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> [2.28-164] - librt: fix NULL pointer dereference (#1966472). [2.28-163] - CVE-2021-33574: Deep copy pthread attribute in mq_notify (#1966472) [2.28-162] - CVE-2021-35942: wordexp: handle overflow in positional parameter number (#1979127) [2.28-161] - Improve POWER10 performance with POWER9 fallbacks (#1956357) [2.28-160] - Backport POWER10 optimized rawmemchr for ppc64le (#1956357) [2.28-159] - Backport additional ifunc optimizations for ppc64le (#1956357) [2.28-158] - Rebuild with new binutils (#1946518) [2.28-157] - Consistently SXID_ERASE tunables in sxid binaries (#1934155) [2.28-156] - Backport ifunc optimizations for glibc for ppc64le (#1918719) [2.28-155] - CVE-2021-27645: nscd: Fix double free in netgroupcache (#1927877) [2.28-154] - Add IPPROTO_ETHERNET, IPPROTO_MPTCP, and INADDR_ALLSNOOPERS_GROUP defines (#1930302) [2.28-153] - Support SEM_STAT_ANY via semctl. Return EINVAL for unknown commands to semctl, msgctl, and shmctl. (#1912670) [2.28-152] - Update syscall-names.list to 5.7, 5.8, 5.9, 5.10 and 5.11. (#1871386) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-33574 CVE-2021-27645 CVE-2021-35942 Oracle Linux 8 [1.32.10-4.0.1] - add connectivity check via Oracle servers [Orabug: 32051972] - Disable the build of NetworkManager-config-connectivity-* subpackage for 8.3 [1:1.32.10-4] - revert unapproved patches part of 'cloud-setup' change (rh #1977984) [1:1.32.10-3] - preserve the IPv6 multicast route added by kernel (rh #2004212) - cloud-setup: better handle other route configuration (rh #1977984) [1:1.32.10-2] - platform: fix capturing IPv4 addresses from platform for assuming after restart (rh #1988751) [1:1.32.10-1] - update to 1.32.10 release - nm-initrd-generator: add kernel command line options ethtool autoneg and speed (rh #1940934) - IP: fix the order of IP addresses during service restart (rh #1988751) [1:1.32.8-1] - Upgrade to 1.32.8 release - firewalld: configure zones on 'Reloaded' signal (rh #1982403) - ethtool: support configuring newer gigabit ethernet speeds (rh #1897004) - core: fix wrong MTU for bridge interfaces (rh #1973536) - cloud-setup: fix gateway address for Aliyun cloud (rh #1823315) [1:1.32.6-1] - Upgrade to 1.32.6 release - core: fix adding stale local routes when address changes (rh #1979192) - dhcp: handle filename/bootfile_name DHCP option and write it to device state file for initrd/kickstart (rh #1979387) - initrd: add 'ib.pkey=' command line option (rh #1805708) - core: introduce 'keep-configuration' device option to forcefully activate a profile on start (rh #1934122) [1:1.32.4-1] - Upgrade to 1.32.4 with fixes of: - nmcli: show DNS SEARCH field in device information. (rh #1852317) - device: avoid crash setting VPN config during unrealize. (rh #1912423) - core: send ARP announcements when there is carrier. (rh #1956793) - core: add ipv[46].required-timeout option to wait for IP configuration while activating. (rh #1961666) - core: start DHCPv6 when a prefix delegation is needed for shared mode. (rh #1973199) - ifcfg: log warning about invalid keys in ifcfg files. (rh #1959656) - cloud-setup: add support for Aliyun cloud. (rh #1823315) [1:1.32.2-1] - update to 1.32.2 release - device: prefer IPv6 not-deprecated addresses for hostname lookup (rh #1820770) - docs: describe qdiscs and tfilters in nm-settings manpage (rh #1847894) - cloud-setup: preserve IPv4 addresses/routes/rules from profile (rh #1971527) - daemon: performance improvements (rh #1847125) - dhcp/systemd: ignore FORCERENEW requests for DHCPV4 (rh #1961251, CVE-2020-13529) - Add bridge_role in 802-3-ethernet.s390-options using nmcli (rh #1935842) [1:1.32.0-1] - update to 1.32.0 release - veth: fix null error when deleting the device (rh #1915278) - veth: fix crash when deleting the device profile (rh #1915276) - firewall: add new 'nftables' firewall-backend (rh #1548825) - DNS: fix lookup of hostname via DNS (rh #1970335) [1:1.32.0-0.5] - update to 1.32-rc1 (1.31.90) (release candidate) - core: allow to preserved external TFilter and QDisc settings (rh #1928078) - bond: support 'tlb_dynamic_lb' in 'balance-alb' mode (rh #1959934) [1:1.32.0-0.4] - Update to 1.31.5 (development) - core: configure MTU early before DHCP completes (rh #1890234) - core: fix activation handling for ports (rh #1955101, rh #1959961) - core: add support for ethtool pause parameters (rh #1899372) - dhcp: support option 249 (Microsoft Classless Static Route) (rh #1959461) [1:1.32.0-0.3] - Update to 1.31.4 (development) - core: fix assertion failure in activation handling (rh #1933719) [1:1.32.0-0.2] - Update to 1.31.3 (development) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-13529 Oracle Linux 8 [2.30-108.0.2] - Forward-port the following update: [2.30-93.0.4 - Backport fix for fencepost bug in CTF pptrtab usage causing coredumps - Backport test result fixes for new GCC-based CTF generation [Orabug: 33344570] - Reviewed-by: David Faust <david.faust@oracle.com> - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.30-108.0.1] - Forward-port Oracle patches from 2.30-93.0.3 to 2.30-108.0.1 - Reviewed-by: Elena Zannoni <elena.zannoni@oracle.com> MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3487 CVE-2021-20284 CVE-2020-35448 CVE-2021-20197 Oracle Linux 8 [8.0p1-10] - sshd -T requires -C when 'Match' is used in sshd_config (#1836277) [8.0p1-9] - CVE-2020-14145 openssh: Observable Discrepancy leading to an information leak in the algorithm negotiation (#1882252) - Hostbased ssh authentication fails if session ID contains a '/' (#1944125) [8.0p1-8] - ssh doesnt restore the blocking mode on standard output (#1942901) [8.0p1-7 + 0.10.3-7] - SFTP sort upon the modification time (#1909988) - ssh-keygen printing fingerprint issue with Windows keys (#1901518) - PIN is lost when iterating over tokens when adding pkcs11 keys to ssh-agent (#1843372) - ssh-agent segfaults during ssh-add -s pkcs11 (#1868996) - ssh-copy-id could not resolve ipv6 address ends with colon (#1933517) - sshd provides PAM an incorrect error code (#1879503) MODERATE Copyright 2021 Oracle, Inc. CVE-2020-14145 Oracle Linux 8 [8.42-6] - Rebuild for BZ#1954441 [8.42-5] - Fix CVE-2019-20838 (a subject buffer overread in JIT when UTF is disabled and \X or \R has a greater than 1 fixed quantifier) (bug #1852252) - Fix CVE-2020-14155 (an integer overflow when parsing numbers after '(?C')) (bug #1851552) LOW Copyright 2021 Oracle, Inc. CVE-2019-20838 CVE-2020-14155 Oracle Linux 8 [5.33-20] - rebuild (#1954434) [5.33-18] - fix heap-based buffer overflow in cdf_read_property_info() (CVE-2019-18218) [5.33-17] - improve magic for script recognition and other changes (#1903531) MODERATE Copyright 2021 Oracle, Inc. CVE-2019-18218 Oracle Linux 8 accountsservice [0.6.55-2] - Add support for user templates so user can specify default session Resolves: #1812788 gdm [40.0-14] - Fix XDMCP Resolves: #2004170 - Fix crash at shutdown Related: #2004170 [40.0-13] - Disable Wayland on HyperV - Fix Xorg fallback Related: #1998989 [40.0-12] - Redisable on server chips since rebase Related: #1909300 [40.0-11] - Read session settings from users even if theyve never saved before. Needed to support accountsservice templated user defaults. Related: #1812788 [40.0-10] - Let customers using vendor nvidia driver choose wayland sessions Resolves: #1962211 - Drop unused patches [40.0-3] - Disable network items on login screen Resolves: #1935261 [40.0-2] - Fix workaround for systemd bug thats breaking X11 fallback Resolves: #1962049 [40.0-1] - Rebase to 40.0 Resolves: #1909300 gnome-autoar [0.2.3-2] - CVE-2020-36241, CVE-2021-28650: Do not allow symlink in parents (rhbz#1928701) gnome-calculator [3.28.2-2] - Allow disabling downloading by setting refresh interval to 0 Resolves: #1957705 gnome-control-center [3.28.2-28] - Update pt_BR translations - Resolves: #1978612 gnome-online-accounts [3.28.2-3] - Disable the Facebook and Foursquare providers Resolves: #1951086, #1952136 gnome-session [3.28.1-13.0.1] - Update kiosk-session subpackage with Oracle references [Orabug: 32095108] [3.28.1-13] - Add patch to tell grub boot was successful when user is able to explicitly request shutdown/reboot. Resolves: #1914925 [3.28.1-12] - Introduce gnome-wayland session to allow users that use Xorg on the login screen to try wayland for the user session. Related: #1962211 [3.28.1-11] - Exclude kiosk-session from xsession subpackage - Disable VT switching when kiosk-session is installed Related: #1955754 gnome-settings-daemon [3.32.0-16] - Update pt_BR translations - Resolves: #1978612 [3.32.0-15] - Keep auto-logout working inside VMs Resolves: #1904139 gnome-shell [3.32.2-40] - Add bugs introduced in backport for #1651378 Related: #1999758 - Tidy up patch list a bit [3.32.2-39] - Allow extensions on the login screen Related: #1651378 [3.32.2-38] - Only mask text in password entries Resolves: #1987233 [3.32.2-37] - Only warn once when not running under GDM Resolves: #1980661 [3.32.2-36] - Add ability to lock down password showing Resolves: #1770302 - Add requires on newer mutter version Related: #1937866 [3.32.2-35] - Improve style of window preview close buttons Resolves: #1981420 [3.32.2-34] - Add PolicyKit-authentication-agent virtual provides Resolves: #1978287 [3.32.2-33] - Fix warnings on unlock Resolves: #1971534 - Fix gdm lock screen Resolves: #1971507 [3.32.2-32] - Fix network secret requests on login screen Related: #1935261 [3.32.2-31] - Backport of touch mode Resolves: #1937866 gnome-shell-extensions [3.32.1-20] - Add extension for displaying heads up message Related: #1651378 [3.32.1-19] - Dont use status icon wm_class as top bar role Resolves: #1897932 [3.32.1-18] - Add gesture-inhibitor extension Resolves: #1854679 [3.32.1-17] - Handle touchscreens on Wayland in the desktop-icons extension Resolves: #1924725 [3.32.1-16] - Fix opening files with (wrongly) set executable bit Resolves: #1813727 gnome-software [3.36.1-10] - Resolves: #1978505 (Development package is missing important header files) [3.36.1-9] - Resolves: #1972545 (flatpak: Prefer runtime from the same origin as the application) [3.36.1-8] - Resolves: #1888404 (Updates page hides ongoing updates on refresh) [3.36.1-7] - Resolves: #1873297 (Crash when run as root) [3.36.1-6] - Resolves: #1791478 (Cannot completely disable ODRS (GNOME Ratings)) gsettings-desktop-schemas [3.32.0-6] - Add setting for locking down Show Password in entries Related: #1770302 gtk3 [3.22.30-8] - Make reftests work in a vm [3.22.30-7] - Only mention Emoji in context menus when requested (rhbz#1893196) - Fix warnings from non-overlay scrollbars (rhbz#1873488) LibRaw [0.19.5-3] - Backport fix for CVE-2020-24870 from upstream Resolves: #1931841 mutter [3.32.2-60] - Backport fix avoiding DND regression Resolves: #1999120 [3.32.2-59] - Backport fixes avoiding frozen partly off-screen clients Resolves: #1989035 [3.32.2-58] - Backport xauth and xhost patches Resolves: #1949176 vino [3.22.0-11] - Fix crashes under FIPS - Resolves: #1960705 webkit2gtk3 [2.32.3-2] - Fix CVE-2021-30858 - Resolves: #2006428 [2.32.3-1] - Update to 2.32.3 - Related: #1937416 [2.32.2-1] - Update to 2.32.2 - Related: #1937416 [2.32.1-1] - Update to 2.32.1 - Related: #1937416 [2.32.0-1] - Update to 2.32.0 - Related: #1937416 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-13558 CVE-2020-24870 CVE-2020-27918 CVE-2021-1799 CVE-2021-1801 CVE-2021-30689 CVE-2021-30797 CVE-2020-36241 CVE-2021-30795 CVE-2021-1765 CVE-2021-1788 CVE-2021-21775 CVE-2021-1871 CVE-2021-21779 CVE-2021-21806 CVE-2021-28650 CVE-2020-29623 CVE-2021-1789 CVE-2021-1844 CVE-2021-1870 CVE-2021-30799 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30663 CVE-2021-30665 CVE-2021-30682 CVE-2021-30720 CVE-2021-30758 Oracle Linux 8 [0.13.1-2] - rebuild (#1954436) [0.13.1-1] - Fix CVE-2020-12762 out-of-bounds write via a large JSON file - Resolves: rhbz#1835626 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-12762 Oracle Linux 8 [32:9.11.26-6] - Use random entropy to generate unique TKEY identifiers (#1980916) [32:9.11.26-5] - Fix possible assertion failure isc_refcount_current == 0 in free_rbtdb (#1953056) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-25214 Oracle Linux 8 [2.56.4-15] - Fix test failure introduced in previous update - Related: #1971533 [2.56.4-14] - Refresh GHmac patchset - Resolves: #1971533 [2.56.4-13] - Rename and consolidate existing patches for better maintainability - Refresh CVE-2021-27219 patcheset, using better-targeted fixes Resolves: #1939108 [2.56.4-12] - Fix various problems in GMainContext Resolves: #1948988 [2.56.4-11] - Remove CHARSETALIASDIR environment variable Resolves: #1938284 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-28153 CVE-2021-3800 Oracle Linux 8 [8.5.0-3.0.2] - Fix Orabug 33451471 and backport CTF/BTF enhancements ctfc: Free CTF container elements in ctfc_delete_container () ctf: Do not warn for CTF not supported for GNU GIMPLE ICE in btf_finalize when compiling with -gbtf (PR debug/102507, Orabug 33451471) Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [8.5.0-3.0.1] - Merge the following oracle patches to OL8.5 beta: - Fix an aarch64 compilation error triggered by the oracle patch gcc9-multiple-changes-align.patch on OL8U5 source base. gcc-fix-aarch64-tune-params.patch - Fix Orabug 33281392 Update CTF and BTF support in OL8 GCC This commit brings the support for CTF/BTF debug formats at par with upstream. GCC now generates the CTF/BTF debug information by using the internal DWARF representation. For backward compatibility reasons, OL8 GCC continues to support -gt command line option. (Indu Bhagat <indu.bhagat@oracle.com> 8.4.1-1.0.3) - Add complex divide improvement backport of upstream commit 54f0224d55a1b56dde092460ddf76913670e6efc (Patrick.McGehearty <patrick.mcgehearty@oracle.com> 8.4.1-1.0.2) - Fix Orabug 32301371 - bug using gcov with preserve paths option This is the same bug as GCC bug PR gcov-profile/88994 gcc9-pr88994.patch (Qing Zhao <qing.zhao@oracle.com> 8.3.1-5.1.0.2) - Fix generation of CTF type records for completed structs referred thru pointers. Orabug 31095790. (Jose E. Marchesi <jose.marchesi@oracle.com> 8.3.1-5.0.4) - Fix Orabug 29838827 - provide an option to adjust the maximum depth of nested #include This is the same bug as gcc upstream PR90581 from Gcc9: gcc9-pr90581.patch - Fix Orabug 29541051 - confusing error message when there is a problem with ASAN_OPTIONS 'ERROR: expected '='' This is the same bug as gcc upstream PR89832 from Gcc9: gcc9-pr89832.patch (Qing Zhao <qing.zhao@oracle.com> 8.3.1-5.0.3) - Update support for CTF Fix Orabug 30833294 GCC generates incorrect CTF for single element arrays Fix Orabug 30808764 CTF generation fails when __attribute__ ((mode (XX))) is used (Indu Bhagat <indu.bhagat@oracle.com> 8.3.1-5.0.2) - Apply ares/neoverse support patches only ifarch aarch64. (Qing Zhao <qing.zhao@oracle.com> 8.3.1-4.5.0.6) - Add 4 patches from gcc9 to support Arm Ares and Neoverse-N1 for Aarch64 gcc9-add-vec-reverse.patch gcc9-multiple-changes-align.patch gcc9-initial-mcpu-ares-tuning.patch gcc9-add-support-for-neoverse-n1.patch (Indu Bhagat <indu.bhagat@oracle.com> 8.3.1-4.5.0.5) - Update support for CTF Fix Orabug 30778534 gcc should generate CTF for functions at file-scope only Fix Orabug 30779193 CTF generation fails for some flavors of vla Fix Orabug 30784275 Fix issues wtih CTF generation for typedef constructs ctf-3-generation-and-emission-for-a-single-compilation.patch ctf-4-update-ctf-testsuite.patch (Indu Bhagat <indu.bhagat@oracle.com> 8.3.1-4.5.0.4) - Add support for CTF in GCC Fix Orabug 30102948 gcc: Add CTF generation to compiler Fix Orabug 30102949 gcc: Add CTF generation to compiler (aarch64) ctf-1-new-function-lang_GNU_GIMPLE.patch ctf-2-command-line-options-gtLEVEL.patch ctf-3-generation-and-emission-for-a-single-compilation.patch ctf-4-update-ctf-testsuite.patch ctf-5-handle-ctf-sections-when-lto-enabled.patch (Qing Zhao <qing.zhao@oracle.com> 8.3.1-4.5.0.3) - CVE-2018-12207 / Intel SKX102 OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207 - Allow -flto -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries to GNU assembler. Without -lfto, -Wa,-mbranches-within-32B-boundaries to pass -mbranches-within-32B-boundaries to GNU assembler using existing GCC binaries. - Mitigation patch: gcc8-Fix-Wa-with-flto.patch (Qing Zhao <qing.zhao@oracle.com> 8.3.1-4.5.0.2) - Fix Orabug 29968294 - Heap corruption with fprofile-dir=%p prevents profiling parallel processes, needed for RDBMS: Add patch to fix PR86057 from Gcc9: gcc9-pr86057.patch - Fix Orabug 30044244 - Profile directory concatenated with object file path This is the same bug as gcc upstream PR91971: gcc9-pr85759.patch gcc10-pr91971.patch (Indu Bhagat <indu.bhagat@oracle.com> 8.3.1-4.5.0.1) - Fix Orabug 29599147 - Need -fprofile-dir=%q{VAR} backported to gcc8 This is the similar GCC PR47618, add the fix from GCC9: gcc9-pr47618.patch - Fix Orabug 29272977 - DB SUPPORT: Need way to dump inlining report from GCC Add -fopt-info-inline support from GCC9: gcc9-opt-info-inline.patch - Fix Orabug 29273006 - DB SUPPORT: need way to turn off inlining of global functions Add -flive-patching support from GCC9: gcc9-fipa-reference-addressable.patch gcc9-fipa-stack-alignment.patch gcc9-add-fomit-frame-pointer-to-test.patch gcc9-extend-live-patching-option-handling.patch gcc9-ipa-stack-alignment-386-test.patch - Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE. - Backport 17 ampere patches from https://git.theobroma-systems.com/ampere-computing/gcc.git/log/?h=gcc-8_2_0-amp3-branch e18301133ea622f6d6796ded1d15466e70475cf8: Retpoline (Spectre-V2 mitigation) for aarch64. d735f3ae4712f66362326d179b4d7e9332c79677: Revert 2017-10-24 Richard Biener 271e2811e59c0c77fc022fa86a7030f20b4cac8e: Correct the maximum shift amount for shifted 0512749950d927de3dd695f2f2aacdfd30cf32fd: Add CPU support for Ampere Computings eMAG. c8b87078f9e0714cb9cab602e12a18ceb12df05a: eMAG/Xgene: Procedural cost-model for X-Gene 74610471b3577c5d465c3fd095a65b796b1e074c: Updating cost table for xgene1. ddba1553ac412be5596e6e2962c148032c4cf231: [AArch64] Add Xgene1 prefetch tunings. b7ebb0a10a8900324074070188a0936ed81b28a4: [AArch64] Fix in xgene1_addrcost_table 393dc5c50d55d069f91627bf0be5bab812978850: X-Gene: Adapt tuning struct for GCC 8. b9136d58824af2118c4969c3edb42cad3318b08f: tree-ssa-list-find-pipeline: Add pipelining loads for list finds. 095496dd8a9491a17a9caec173281ad02e559df5: uncse: Added pass to undo common subexpression elimination. a7c8dc238e3656e9d2f9256ee76f933c8d7956fb: loop-prefetcher: Adapt defaults for X-Gene cores. 256307f293f1750851576e14c8a42b696eced2da: tree-ssa-cpp: Dont crash on SSA names without definition stmts. 6e32f53be4f6733f6bfe267ad2337aecaf4047f6: Introduce new option -funroll-more. 1ac2485a2fced091a5cce6343fe6a6337f850e73: New option to bypass aliasing-checks. 66d7d833bece61e58998ad53a609cd32e3ee4fad: cfgloopmanip: Allow forced creation of loop preheaders. c4f89d50e200538b1ac8889801705300e0b27ef2: Add new pass to optimise loops. [8.5.0-3] - fix mangling of lambdas in default args (PR c++/91241, #1981822) - add a few Provides: bundled [8.5.0-2] - revert upstream PR85873 gcc-8 fix, apply the fix from gcc-9 (#1960701) - fix 'this' adjustment for devirtualized call (PR c++/100797, #1965951) [8.5.0-1] - update from GCC 8.5 release (#1946758) - this includes a fix for PR target/87839 (#1958295) LOW Copyright 2021 Oracle, Inc. CVE-2018-20673 Oracle Linux 8 [0.9.4-3] - Fix CVE-2020-16135 NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (#1862646) LOW Copyright 2021 Oracle, Inc. CVE-2020-16135 Oracle Linux 8 [1:2.2.6-40] - 1955964 - PreserveJobHistory doesnt work with seconds - 1927452 - CVE-2020-10001 cups: access to uninitialized buffer in ipp.c [rhel-8] [1:2.2.6-39] - 1941437 - cupsd doesnt log job ids when logging into journal - 1782216 - Print queue is paused after ipp backend ends with CUPS_BACKEND_STOP - 1938384 - CUPS doesnt start if sssd starts after cupsd MODERATE Copyright 2021 Oracle, Inc. CVE-2020-10001 Oracle Linux 8 [3.26.0-15] - Removing fix for CVE-2019-19645 (unaffected) - Removing fix for CVE-2019-19880 (unaffected) [3.26.0-14] - Fixed CVE-2019-5827 (#1710184) - Fixed CVE-2019-13750 (#1786510) - Fixed CVE-2019-13751 (#1786522) - Fixed CVE-2019-19603 (#1792013) - Fixed CVE-2020-13435 (#1841233) MODERATE Copyright 2021 Oracle, Inc. CVE-2019-19603 CVE-2020-13435 CVE-2019-5827 CVE-2019-13751 CVE-2019-13750 Oracle Linux 8 [3.6.8-41.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-41] - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz#1995234 [3.6.8-40] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933055 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3426 Oracle Linux 8 [2.0.20-57.0.3] - Merge 8.4 extra patches for SB boot environment [Orabug: 33512440] [2.0.20-57.0.2] - Merge SRPM/ol8-u4 orabug patches into SRPM/ol8-u5 [Orabug: 33471981] [2.0.20-57.0.1] - makedumpfile: Add support for newer kernels up to v5.12 [Orabug: 33250117] [2.0.20-57] - kdumpctl: enable secure boot on ppc64le LPARs [2.0.20-56] - kdumpctl: fix a typo [2.0.20-55] - kdump/ppc64: migration action registration clean up [2.0.20-54] - kdump/ppc64: rebuild initramfs image after migration - Check the existence of /sys/bus/ccwgroup/devices/*/online beforehand - kdump.sysconfig.s390: Remove 'prot_virt' from kdump kernel cmdline [2.0.20-53] - check for invalid physical address of /proc/kcore when making ELF dumpfile - check for invalid physical address of /proc/kcore when finding max_paddr - fix format issue in find_online_znet_device - check the existence of /sys/bus/ccwgroup/devices before trying to find online network device - kdump-lib.sh: fix a warning in prepare_kdump_bootinfo() [2.0.20-52] - Write to /var/lib/kdump if not writable - Iterate /sys/bus/ccwgroup/devices to tell if we should set up rd.znet - mkdumprd: display the absolute path of dump location in the check_user_configured_target() [2.0.20-51] - Stop reloading kdump service on CPU hotplug event for FADump - fadump: improve fadump-howto.txt about remote dump target setup [2.0.20-50] - rd.route should use the name from kdump_setup_ifname - get kdump ifname once in kdump_install_netdev [2.0.20-49] - kdump-lib.sh: fix the case if no enough total RAM for kdump in get_recommend_size() [2.0.20-48] - kdumpctl: Add kdumpctl estimate - mkdumprd: make use of the new get_luks_crypt_dev helper - kdump-lib.sh: introduce a helper to get all crypt dev used by kdump - kdump-lib.sh: introduce a helper to get underlying crypt device - RHEL-only: keep total memory size coherent to RHEL-only kernel patch - Show write byte size in report messages - Add shorthand --show-stats option to show report stats - Add --dry-run option to prevent writing the dumpfile - kdump-lib.sh: introduce functions to return recommened mem size [2.0.20-47] - Implement IP netmask calculation to replace 'ipcalc -m' - kdumpctl: fix check_config error when kdump.conf is empty - Fix incorrect vmcore permissions when dumped through ssh - Fix incorrect permissions on kdump dmesg file LOW Copyright 2021 Oracle, Inc. CVE-2021-20269 Oracle Linux 8 [0.7.19-1] - Update to 0.7.19 - repo_add_conda: add flag to skip v2 packages - fix rare segfault in resolve_jobrules() that could happen if new rules are learnt - fix error handling in solv_xfopen_fd() - fix memory leaks [0.7.17-2] - Fix rpm dependency [0.7.17-1] - Update to 0.7.17 - selected bug fixes: * repo_write: fix handling of nested flexarray * improve choicerule generation a bit more to cover more cases * harden testcase parser against repos being added too late * support python-3.10 * check /var/lib/rpm macro in rpmdb code - new features: * handle default/visible/langonly attributes in comps parser * support multiple collections in updateinfo parser * add '-D' option in rpmdb2solv to set the dbpath LOW Copyright 2021 Oracle, Inc. CVE-2021-3200 Oracle Linux 8 [1.8.5-6] - Fix for CVE-2021-33560 (#1971421) - Enable HW optimizations in FIPS (#1976137) - Performance enchancements for ChaCha20 and Poly1305 (#1855231) [1.8.5-5] - Performance enchancements for AES-GCM, CRC32 and SHA2 (#1855231) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-33560 Oracle Linux 8 [4.1.1-5] - Bump nvr to trigger osci. resolves: rhbz#1965981 [4.1.1-4] - Fix CVE-2021-3565 resolves: rhbz#1965981 [4.1.1-3] - Fix resource leak. - Fix to restrict policy digest size. - Fix incompatible pointer cast. - Fix error message in files_load_##name - Fix issue where execution couldnt reach function return. resolves: rhbz#1920821 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3565 Oracle Linux 8 [1:1.1.1k-4] - Fixes bugs in s390x AES code. - Uses the first detected address family if IPv6 is not available - Reverts the changes in https://github.com/openssl/openssl/pull/13305 as it introduces a regression if server has a DSA key pair, the handshake fails when the protocol is not explicitly set to TLS 1.2. However, if the patch is reverted, it has an effect on the 'ssl_reject_handshake' feature in nginx. Although, this feature will continue to work, TLS 1.3 protocol becomes unavailable/disabled. This is already known - https://trac.nginx.org/nginx/ticket/2071#comment:1 As per https://github.com/openssl/openssl/issues/16075#issuecomment-879939938, nginx could early callback instead of servername callback. - Resolves: rhbz#1978214 - Related: rhbz#1934534 [1:1.1.1k-3] - Cleansup the peer point formats on renegotiation - Resolves rhbz#1965362 [1:1.1.1k-2] - Fixes FIPS_selftest to work in FIPS mode. Resolves: rhbz#1940085 - Using safe primes for FIPS DH self-test [1.1.1k-1] - Update to version 1.1.1k [1.1.1g-16] - Use AI_ADDRCONFIG only when explicit host name is given - Allow only curves defined in RFC 8446 in TLS 1.3 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23840 CVE-2021-23841 Oracle Linux 8 [6.1-9.20180224] - fix tput to accept -x option (#1916340) [6.1-8.20180224] - fix buffer overflow in terminfo entry hashtable (CVE-2019-17594) - handle missing character after backslash in terminfo entry (CVE-2019-17595) MODERATE Copyright 2021 Oracle, Inc. CVE-2019-17594 CVE-2019-17595 Oracle Linux 8 [5.56-1] + bluez-5.56-1 - Fixing (#1965057) - Removing bccmd, enabling hid2hci as upstream removed the support in bluez-5.56 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-26558 Oracle Linux 8 gnutls [3.6.16-4] - p11tool: Document ID reuse behavior when importing certs (#1776250) [3.6.16-3] - Treat SHA-1 signed CA in the trusted set differently (#1965445) [3.6.16-2] - Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216) [3.6.16-1] - Update to upstream 3.6.16 release (#1956783) - Fix potential use-after-free in key_share handling (#1927597) - Fix potential use-after-free in pre_shared_key handling (#1927593) - Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334) - Fix cert expiration issue in tests (#1908110) [3.6.14-10] - Port fixes for potential miscalculation in ecdsa_verify (#1942931) [3.6.14-9] - Revert the previous change nettle [3.4.1-7] - Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990) [3.4.1-6] - Enable CTR mode optimization when the block size is 16 [3.4.1-5] - Backport powerpc64 optimization patches from upstream (#1855228) Patch from Christopher M. Riedl. MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20232 CVE-2021-3580 CVE-2021-20231 Oracle Linux 8 [9.0.3-20] - Fix for CVE-2021-3572 - pip incorrectly handled unicode separators in git references Resolves: rhbz#1962856 LOW Copyright 2021 Oracle, Inc. CVE-2021-3572 Oracle Linux 8 dnf [4.7.0-4.0.1] -Fixed python stack trace with updateinfo list cves command [Orabug: 32749660] - Replaced upstream bugzilla reporting reference. [Orabug: 32829849] [4.7.0-4] - Update translations (RhBug:1961632) [4.7.0-3] - Improve signature checking using rpmkeys (RhBug:1967454) [4.7.0-2] - Fix covscan issue: dnf/rpm/miscutils.py: fix usage of _() [4.7.0-1] - Update to 4.7.0 - New optional parameter for filter_modules enables following modular obsoletes based on a config option module_obsoletes - Fix module remove --all when no match spec (RhBug:1904490) - Make an error message more informative (RhBug:1814831) - Expand history to full term size when output is redirected (RhBug:1852577) (RhBug:1852577,1906970) - Print additional information when verifying GPG key using DNS - Enhanced detection of plugins removed in transaction (RhBug:1929163) - Improve repo config path ordering to fix a comps merging issue (RhBug:1928181) - Keep reason when package is removed (RhBug:1921063) - Improve mechanism for application of security filters (RhBug:1918475) - [API] Add new method for reset of security filters - Remove hardcoded logfile permissions (RhBug:1910084) - Preserve file mode during log rotation (RhBug:1910084) - Increase loglevel in case of invalid config options - Prevent traceback (catch ValueError) if pkg is from cmdline - Check for specific key string when verifing signatures (RhBug:1915990) - Use rpmkeys binary to verify package signature (RhBug:1915990) - [doc] Improve description of modular filtering - [doc] deprecated alias for dnf repoquery --deplist <deplist_option-label> - [doc] Describe install with just a name and obsoletes (RhBug:1902279) - [doc] Fix: 'sslcacert' contains path to the file - [doc] Added proxy ssl configuration options, increase libdnf require - [doc] Update documentation for module_obsoletes and module_stream_switch - [doc] Improve documentation for Hotfix repositories - [doc] fix: 'makecache' command downloads only enabled repositories - [doc] Add info that maximum parallel downloads is 20 - [doc] installonly_limit documentation follows behavior - [doc] Add documentation for config option sslverifystatus (RhBug:1814383) - The noroot plugin no longer exists, remove mention MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3445 Oracle Linux 8 [4.14.3-19] - Unbreak in-tree kmod strip by reverting brp-strip fix (#1967291) [4.14.3-18] - Address important covscan issues (#1996665), vol. 2 [4.14.3-17] - Address important covscan issues (#1996665) [4.14.3-16] - Add support for read-only sqlite rpmdb (#1938928) - Drop compat .decode() method from returned Py3 strings (#1840142) [4.14.3-15] - Add out-of-bounds checks to hdrblobInit() (#1929445) - Fixes CVE-2021-20266 - Fix regression in brp-strip causing kmods to lose SecureBoot sig (#1967291) LOW Copyright 2021 Oracle, Inc. CVE-2021-20266 Oracle Linux 8 [5.3.4-12] - Fix segfault in getlocal and setlocal (#1880445) LOW Copyright 2021 Oracle, Inc. CVE-2020-24370 Oracle Linux 8 [7.61.1-22] - fix STARTTLS protocol injection via MITM (CVE-2021-22947) - fix protocol downgrade required TLS bypass (CVE-2021-22946) [7.61.1-21] - fix TELNET stack contents disclosure again (CVE-2021-22925) - fix TELNET stack contents disclosure (CVE-2021-22898) - fix bad connection reuse due to flawed path name checks (CVE-2021-22924) - disable metalink support to fix the following vulnerabilities CVE-2021-22923 - metalink download sends credentials CVE-2021-22922 - wrong content via metalink not discarded [7.61.1-20] - fix a cppchecks false positive in 0029-curl-7.61.1-CVE-2021-22876.patch [7.61.1-19] - make curl --head file:// work as expected (#1947493) - prevent automatic referer from leaking credentials (CVE-2021-22876) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 Oracle Linux 8 [2.9-3] - cil: Fix out-of-bound read of file context pattern ending with '\' - cil: Destroy classperms list when resetting classpermission (#1983517) - cil: Destroy classperm list when resetting map perms (#1983521) - cil: cil_reset_classperms_set() should not reset classpermission (#1983525) - cil: Set class field to NULL when resetting struct cil_classperms - cil: More strict verification of constraint leaf expressions - cil: Exit with an error if declaration name is a reserved word - cil: Allow permission expressions when using map classes - cil: Reorder checks for invalid rules when building AST - cil: Cleanup build AST helper functions - cil: Create new first child helper function for building AST - cil: Remove unused field from struct cil_args_resolve - cil: Destroy disabled optional blocks after pass is complete - cil: Check if name is a macro parameter first - cil: fix NULL pointer dereference in __cil_insert_name - cil: Report disabling an optional block only at high verbose levels - cil: Use AST to track blocks and optionals when resolving - cil: Reorder checks for invalid rules when resolving AST - cil: Sync checks for invalid rules in booleanifs - cil: Check for statements not allowed in optional blocks (#1983530) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-36084 CVE-2021-36086 CVE-2021-36087 CVE-2021-36085 Oracle Linux 8 [8.0.1763-16.0.1] - - Remove upstream references [Orabug: 31197557] [2:8.0.1763-16] - 2004974 - CVE-2021-3796 vim: use-after-free in nv_replace() in normal.c [rhel-8.5.0] - 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c [rhel-8.5.0] MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3778 CVE-2021-3796 Oracle Linux 8 httpd [2.4.37-43.0.1] - Set vstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle's index page oracle_index.html. [2.4.37-43] - Related: #2007235 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path [2.4.37-42] - Resolves: #2007235 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #2014063 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session [2.4.37-41] - Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo [2.4.37-40] - Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts mod_http2 [1.15.7-3] - Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage mod_md [1:2.0.8-8] - Resolves: #1832844 - mod_md does not work with ACME server that does not provide keyChange or revokeCert resources IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20325 Oracle Linux 8 [10.3.1-1.2.0.1] - Fix Orabug 32423691- gcc10 SEGV for every test in sregress: ORA-7445_ksmplru_add_batchksm same bug as PR tree-optimization/100053: gcc11-pr100053.patch - Fix Orabug 31197798 (Profile data size way too big) same bug as PR gcov-profile/95348: gcc11-pr95348.patch - Introduce 'oracle_release' into .spec file. Echo it to gcc/DEV-PHASE. Reviewed by: TBD [10.3.1-1.2] - add -Wbidirectional patch (#2016244) [10.3.1-1.1] - bump NVR for rebuild (#1995192) [10.3.1-1] - update from Fedora gcc 10.3.1-1 (#1929382) - drop gcc10-pr97060.patch - use --enable-cet - ship gcc-accel-nvptx-none-lto-dump - backport PR96939 fixes MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [11.2.1-1.2.0.1] - Add -ftrivial-auto-var-init support from GCC12 Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> - Add CTF/BTF support Reviewed-by: Qing Zhao <qing.zhao@oracle.com> [11.2.1-1.2] - add -Wbidirectional patch (#2017819) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [8.5.0-4.0.1] - Merge oracle patches to security errata 8.5.0-4. Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [8.5.0-4] - add -Wbidirectional patch (#2008391) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 rust [1.54.0-3] - Lint against Unicode control codepoints. rust-toolset [1.54.0-1] - Update to Rust and Cargo 1.54.0. [1.53.0-1] - Update to Rust and Cargo 1.53.0. MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [9.85-1.1] - Annocheck: Add test for multibyte characters in symbol names. (#2017367) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [9.29-1.2] - Bump and rebuild for new gcc. (#2017782) [9.29-1.1] - Annocheck: Add test for multibyte characters in symbol names. (#2009282) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [9.72-1.2] - Bump NVR and rebuild to use the new gcc. (#2017362) [9.72-1.1] - Annocheck: Add test for multibyte characters in symbol names. (#2017362) [9.72-1] - Rebase to 9.72. (#1960299) - annocheck: Accept 0 as a valid number for gcc minor versions and release numbers. - gcc-plugin: Add support for ARM and RISCV targets. - timing: do not initialise the clock if the timing tool is disabled. - gcc-plugin: Replace ICE messsages with verbose messages. - Fix the testsuite so that it can be run in parallel. - Annocheck: WARN if the annobin plugin was built for a newer version of the compiler than the one on which it was run. (#1950657) - Annocheck: Improve detection of missing GNU-stack support. - Correct a package rename (bug #1949570) - Require docs subpackage by the other ones because of a license - Build-requiring perl-interpreter is enough - Fix bz1949570 - Fix anomolies reported by covscan. - Move documentation into a sub-package. MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [2.36.1-1.0.1.1] - Forward port Oracle patches from 2.36.1-1.0.1 - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.36.1-1.1] - Add ability to control the display of unicode characters. (#2009172) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 [2.30-108.0.2.1] - Forward-port Oracle patches from 2.30-108.0.2 to 2.30-108.0.2.1 - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.30-108.0.2] - Forward-port the following update: * Thu Oct 07 2021 Nick Alcock <nick.alcock@oracle.com> - 2.30-93.0.4 - Backport fix for fencepost bug in CTF pptrtab usage causing coredumps - Backport test result fixes for new GCC-based CTF generation [Orabug: 33344570] - Reviewed-by: David Faust <david.faust@oracle.com> - Reviewed-by: Jose E. Marchesi <jose.marchesi@oracle.com> [2.30-108.1] - Add ability to control the display of unicode characters. (#2009172) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 7 [2:2.2.0-5] - Update: Refactored RPC gateway parser (rhbz#2017944) + fix issues discovered by Covscan [2:2.2.0-4] - Refactored RPC gateway parser (rhbz#2017944) [2.1.1-3] - Add checks for bitmap and glyph width/heigth values (rhbz#2017951) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41159 CVE-2021-41160 Oracle Linux 8 [2:2.2.0-7] - Updated: Refactored RPC gateway parser (rhbz#2017948) + fixed issues discovered by Covscan [2:2.2.0-6] - Refactored RPC gateway parser (rhbz#2017948) [2:2.2.0-5] - Revert: Refactored RPC gateway parser (rhbz#2017948) [2:2.2.0-4] - Refactored RPC gateway parser (rhbz#2017948) [2:2.2.0-3] - Add checks for bitmap and glyph width/heigth values (rhbz#2017955) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41159 CVE-2021-41160 Oracle Linux 8 [4.18.0-348.2.1_5.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-348.2.1_5] - tipc: fix size validations for the MSG_CRYPTO type (Bruno Meneguele) [2020506 2020507] {CVE-2021-43267} - net: Fix skb->csum update in inet_proto_csum_replace16(). (Balazs Nemeth) [2005981 1975193] [4.18.0-348.1.1_5] - lib/timerqueue: Rely on rbtree semantics for next timer (Phil Auld) [2014677 2007099] {CVE-2021-20317} - mm/hmm: make HMM_MIRROR an implicit option (Rafael Aquini) [2017519 1998534] - mm/hmm: allow HMM_MIRROR on all architectures with MMU (Rafael Aquini) [2017519 1998534] - mm: don't select MIGRATE_VMA_HELPER from HMM_MIRROR (Rafael Aquini) [2017519 1998534] - mm: sort out the DEVICE_PRIVATE Kconfig mess (Rafael Aquini) [2017519 1998534] - ceph: skip existing superblocks that are blocklisted or shut down when mounting (Jeffrey Layton) [2017071 2011462] - redhat: switch release to zstream (Bruno Meneguele) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-20317 CVE-2021-43267 Oracle Linux 8 [2.35-8.6] - Add ability to control the display of unicode characters. (#2009176) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 8 clang [12.0.1-4.0.1] - Use all available CPU cores for build - Recognize Oracle Linux distros [OraBug: 29422714] [12.0.1-4] - Trojan source clang-tidy patchset fix [12.0.1-3] - Trojan source clang-tidy patchset MODERATE Copyright 2021 Oracle, Inc. CVE-2021-42574 Oracle Linux 7 [3.10.0-1160.49.1.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9 - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin) [3.10.0-1160.49.1] - NFS: Fix interrupted slots by sending a solo SEQUENCE operation (Scott Mayhew) [2007465] [3.10.0-1160.48.1] - scsi: qedf: Add check to synchronize abort and flush (Nilesh Javali) [1941766] - scsi: ibmvfc: Reinit target retries (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: Avoid move login if fast fail is enabled (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: Handle move login failure (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: Avoid link down on FS9100 canister reboot (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: don't check for failure from mempool_alloc() (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: Use compiler attribute defines instead of __attribute__() (Desnes A. Nunes do Rosario) [1882627] - scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info (Desnes A. Nunes do Rosario) [1882627] [3.10.0-1160.47.1] - PCI: hv: Fix sleep while in non-sleep context when removing child devices from the bus (Mohammed Gamal) [1948961] - PCI: hv: Remove bus device removal unused refcount/functions (Mohammed Gamal) [1948961] - PCI: hv: Fix a race condition when removing the device (Mohammed Gamal) [1948961] - scsi: qla2xxx: Fix use after free in eh_abort path (Nilesh Javali) [1899599] [3.10.0-1160.46.1] - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy (Kamal Heib) [1978075] {CVE-2020-36385} - RDMA/ucma: Fix locking for ctx->events_reported (Kamal Heib) [1978075] {CVE-2020-36385} - RDMA/ucma: Fix the locking of ctx->file (Kamal Heib) [1978075] {CVE-2020-36385} - RDMA/cma: Add missing locking to rdma_accept() (Kamal Heib) [1978075] {CVE-2020-36385} - RDMA/ucma: Add missing locking around rdma_leave_multicast() (Kamal Heib) [1978075] {CVE-2020-36385} - RDMA/ucma: Put a lock around every call to the rdma_cm layer (Kamal Heib) [1978075] {CVE-2020-36385} - nvme-pci: Unblock reset_work on IO failure (Gopal Tiwari) [1981610] - nvme-pci: Don't disable on timeout in reset state (Gopal Tiwari) [1981610] - nvme-pci: shutdown on timeout during deletion (Gopal Tiwari) [1981610] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36385 Oracle Linux 7 [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895] [7.4p1-22 + 0.10.3-2] - avoid segfault in Kerberos cache cleanup (#1999263) - fix CVE-2021-41617 (#2008884) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-41617 Oracle Linux 7 [4.11.3-48] - Fix double-free in previously added patch (#2004228) [4.11.3-47] - Improve range checks on signature and main header tags (#2004228) - Fixes CVE-2021-20271 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20271 Oracle Linux 7 [1.15.1-51.0.1] - Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360] [1.15.1-51] - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) - Resolves: #1997599 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-37750 Oracle Linux 8 [3:2.1.29-12.1] - Fix for CVE-2021-42096 - Fix for CVE-2021-42097 - Resolves: #2021139, #2020692 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-42096 CVE-2021-42097 Oracle Linux 8 [3.67.0-7] - Fix CVE 2021 43527 CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-43527 Oracle Linux 7 [3.67.0-4] - fix CVE-2021-43527 CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-43527 Oracle Linux 7 [3:2.1.15-30.2] - Fix for CVE-2021-44227 - Resolves: #2026866 [3:2.1.15-30.1] - Fix for CVE-2016-6893 - Fix for CVE-2021-42097 - Resolves: #2024884, #2020688 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-42097 CVE-2021-44227 CVE-2016-6893 Oracle Linux 8 [3:2.1.29-12.2] - Fix for CVE-2021-44227 - Resolves: #2026871 [3:2.1.29-12.1] - Fix for CVE-2021-42096 - Fix for CVE-2021-42097 - Resolves: #2021139, #2020692 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-44227 Oracle Linux 8 [91.4.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.4.0-1] - Update to 91.4.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-43536 CVE-2021-43537 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43545 CVE-2021-43538 CVE-2021-43543 CVE-2021-43546 Oracle Linux 7 [91.4.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.4.0-1] - Update to 91.4.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-43536 CVE-2021-43537 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43545 CVE-2021-43538 CVE-2021-43546 CVE-2021-43543 Oracle Linux 8 [91.4.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.4.0-2] - Update to 91.4.0 build2 [91.4.0-1] - Update to 91.4.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-43536 CVE-2021-43537 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43545 CVE-2021-43538 CVE-2021-43543 CVE-2021-43546 CVE-2021-43528 Oracle Linux 7 [91.4.0-3.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.4.0-3] - Bump NVR for ppc64 build [91.4.0-2] - Update to 91.4.0 build2 [91.4.0-1] - Update to 91.4.0 build1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-43536 CVE-2021-43537 CVE-2021-43539 CVE-2021-43541 CVE-2021-43542 CVE-2021-43545 CVE-2021-43538 CVE-2021-43543 CVE-2021-43546 CVE-2021-43528 Oracle Linux 8 [4.14.5-7] - related: rhbz#2021171 - Fix CVE-2020-25717 - Fix running ktest (selftest) [4.14.5-6] - related: rhbz#2021171 - Fix CVE-2020-25717 - Add missing checks for IPA DC server role [4.14.5-5] - resolves: rhbz#2021493 - Add missing PAC buffer types to krb5pac.idl - related: rbhz#2021171 - Fix regression with 'allow trusted domains = no' IMPORTANT Copyright 2021 Oracle, Inc. CVE-2016-2124 CVE-2021-23192 CVE-2020-25717 Oracle Linux 8 ipa [4.9.6-10.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] [4.9.6-10] - Bump realease version due to build issue. Related: RHBZ#2021489 [4.9.6-9] - Hardening for CVE-2020-25717, part 3 Related: RHBZ#2021489 [4.9.6-8] - Hardening for CVE-2020-25717, part 2 - Related: RHBZ#2021171 [4.9.6-7] - Hardening for CVE-2020-25717 - Related: RHBZ#2021171 MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25719 Oracle Linux 8 golang [1.16.12-1] - Rebase to Go 1.16.12 - Resolves: rhbz#2031125 go-toolset [1.16.12-1] - Rebase to Go 1.16.12 - Resolves: rhbz#2031125 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-44716 CVE-2021-44717 Oracle Linux 8 nodejs [16.13.1-3.0.1] - Libraries must not be group-writeable. Change node-gyp permission to 0755 [Orabug: 28451433] [1:16.13.1-3] - Resolves: RHBZ#2027610 - Add corepack to spec [1:16.13.1-2] - Resolves: RHBZ#2027610 - Update npm version test [1:16.13.1-1] - Resolves: RHBZ#2027644, RHBZ#2027643, RHBZ#2027638, RHBZ#2027633 - Resolves: RHBZ#2027610 - Rebase to LTS release and to fix multiple low and medium CVEs nodejs-nodemon [2.0.15-1] - Resolves: RHBZ#2027630 - Resolves CVE-2020-28469 - Rebase to newest version - Change source to npmjs.com MODERATE Copyright 2021 Oracle, Inc. CVE-2020-7788 CVE-2020-28469 CVE-2021-3807 CVE-2021-3918 CVE-2021-33502 CVE-2021-22959 CVE-2021-22960 Oracle Linux 7 [4.10.16-17] - related: #2019673 - Add missing checks for IPA DC server role [4.10.16-16] - resolves: #2019661 - Fix CVE-2016-2124 - resolves: #2019673 - Fix CVE-2020-25717 - resolves: #2021428 - Add missing PAC buffer types to krb5pac.idl IMPORTANT Copyright 2021 Oracle, Inc. CVE-2016-2124 CVE-2020-25717 Oracle Linux 7 [4.6.8-5.0.1] - Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818] [4.6.8-5.el7_9.10] - Resolves: 2025848 - RHEL 8.6 IPA Replica Failed to configure PKINIT setup against a RHEL 7.9 IPA server - Fix cert_request for KDC cert - Resolves: 2021444 - CVE-2020-25719 ipa: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets - SMB: switch IPA domain controller role MODERATE Copyright 2021 Oracle, Inc. CVE-2020-25719 Oracle Linux 7 [0:1.2.17-17] - Fix remote code execution vulnerability - Resolves: CVE-2021-4104 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-4104 Oracle Linux 8 [1:1.1.1k-5] - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#2005400 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3712 Oracle Linux 8 [4.18.0-348.7.1_5.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5 [4.18.0-348.7.1_5] - sched: Fix CPU hotplug / tighten is_per_cpu_kthread() (Waiman Long) [2026450 2024869] - sched: Prepare to use balance_push in ttwu() (Waiman Long) [2026450 2024869] - sched: Don't run cpu-online with balance_push() enabled (Waiman Long) [2026450 2024869] - workqueue: Tag bound workers with KTHREAD_IS_PER_CPU (Waiman Long) [2026450 2024869] - workqueue: Use cpu_possible_mask instead of cpu_active_mask to break affinity (Waiman Long) [2026450 2024869] - sched: Fix hotplug vs CPU bandwidth control (Waiman Long) [2026450 2024869] - workqueue: Manually break affinity on hotplug (Waiman Long) [2026450 2024869] - sched/hotplug: Consolidate task migration on CPU unplug (Waiman Long) [2026450 2024869] - sched/core: Wait for tasks being pushed away on hotplug (Waiman Long) [2026450 2024869] [4.18.0-348.6.1_5] - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically (Prarit Bhargava) [2024678 2021219] [4.18.0-348.5.1_5] - blk-mq: still set q->make_request_fn for blk-mq (Ming Lei) [2016384 1999728] [4.18.0-348.4.1_5] - [RHEL8.6 BZ 1849234] cifs: report error instead of invalid when revalidating a dentry fails (Ronnie Sahlberg) [2017177 1849234] - kthread: Fix PF_KTHREAD vs to_kthread() race (Waiman Long) [2010333 2001497] - sched/fair: Ignore percpu threads for imbalance pulls (Waiman Long) [2010333 2001497] - kthread: Extract KTHREAD_IS_PER_CPU (Waiman Long) [2010333 2001497] - sched: Optimize finish_lock_switch() (Waiman Long) [2010333 2001497] - sched/hotplug: Ensure only per-cpu kthreads run during hotplug (Waiman Long) [2010333 2001497] - sched: Fix balance_callback() (Waiman Long) [2010333 2001497] [4.18.0-348.3.1_5] - net-sysfs: try not to restart the syscall if it will fail eventually (Antoine Tenart) [2021165 2016005] - ovl: fix missing negative dentry check in ovl_rename() (Miklos Szeredi) [2016378 2010887 2013318] {CVE-2021-20321} MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20321 Oracle Linux 8 postgresql [12.9-1] - Update to 12.9 - Resolves: #2024677 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3677 CVE-2021-23214 Oracle Linux 8 postgresql [13.5-1] - Update to 13.5 - Resolves: #2024608 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3677 CVE-2021-23214 Oracle Linux 8 qemu-kvm [4.2.0-59.el8_5] - kvm-hw-scsi-scsi-disk-MODE_PAGE_ALLS-not-allowed-in-MODE.patch [bz#2025605] - kvm-e1000-fix-tx-re-entrancy-problem.patch [bz#2025011] - Resolves: bz#2025605 (CVE-2021-3930 virt:rhel/qemu-kvm: QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c [rhel-8.5.0.z]) - Resolves: bz#2025011 (CVE-2021-20257 virt:rhel/qemu-kvm: QEMU: net: e1000: infinite loop while processing transmit descriptors [rhel-8.5.0.z]) LOW Copyright 2021 Oracle, Inc. CVE-2021-20257 CVE-2021-3930 Oracle Linux 6 Oracle Linux 7 kernel-uek [3.8.13-118.53.1] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176267] - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176267] {CVE-2020-28915} - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187751] {CVE-2020-28974} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28915 CVE-2020-28974 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.46.3] - mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781859] {CVE-2019-14895} {CVE-2019-14895} - ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265320] {CVE-2019-19037} {CVE-2019-19037} - netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350493] {CVE-2020-10711} - scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652} - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652} - USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350967] {CVE-2020-12464} - drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (David Mosberger) [Orabug: 31350967] {CVE-2020-12464} - drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (David Mosberger) [Orabug: 31350967] {CVE-2020-12464} - ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o) [Orabug: 31351014] {CVE-2019-19447} - xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 31984319] - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (Josh Abraham) [Orabug: 31984319] - ext4: fix fencepost in s_first_meta_bg validation (Theodore Ts'o) [Orabug: 32197511] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32202000] - sched/fair: Don't free p->numa_faults with concurrent readers (Jann Horn) [Orabug: 32212524] {CVE-2019-20934} - netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Vasily Averin) [Orabug: 32222844] {CVE-2020-14305} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233360] {CVE-2020-14351} - ext4: fix calculation of meta_bg descriptor backups (Andy Leiserson) [Orabug: 32245133] [4.1.12-124.46.2] - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 31780626] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176264] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176264] {CVE-2020-28915} - page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177993] - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187749] {CVE-2020-28974} - block: Fix use-after-free in blkdev_get() (Jason Yan) [Orabug: 32194609] {CVE-2020-15436} - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227971] {CVE-2020-25705} [4.1.12-124.46.1] - KVM: x86: minor code refactor and comments fixup around dirty logging (Anthony Yznaga) [Orabug: 31722767] - KVM: x86: Manually flush collapsible SPTEs only when toggling flags (Sean Christopherson) [Orabug: 31722767] - KVM: x86: avoid unnecessary rmap walks when creating/moving slots (Anthony Yznaga) [Orabug: 31722767] - KVM: x86: remove unnecessary rmap walk of read-only memslots (Anthony Yznaga) [Orabug: 31722767] - xfs: catch inode allocation state mismatch corruption (Gautham Ananthakrishna) [Orabug: 32071488] - tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) [Orabug: 32122731] {CVE-2020-25668} - IB/mlx4: Adjust delayed work when a dup is observed (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Fix starvation in paravirt mux/demux (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136900] - IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136900] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-14895 CVE-2020-10711 CVE-2020-12464 CVE-2020-12652 CVE-2019-19447 CVE-2019-19037 CVE-2020-14305 CVE-2020-25668 CVE-2020-28915 CVE-2020-28974 CVE-2019-20934 CVE-2020-15436 CVE-2020-14351 CVE-2020-25705 Oracle Linux 7 [4.14.35-2025.404.1.1] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248040] {CVE-2020-28374} [4.14.35-2025.404.1] - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260256] {CVE-2020-29569} [4.14.35-2025.404.0] - vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32201584] - vhost/scsi: Use copy_to_iter() to send control queue response (Bijan Mottahedeh) [Orabug: 32201584] - vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32201584] - scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32201584] - scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32201584] [4.14.35-2025.403.5] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210463] - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() (Andrea Arcangeli) [Orabug: 32212583] {CVE-2020-29368} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233358] {CVE-2020-14351} [4.14.35-2025.403.4] - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227961] {CVE-2020-25705} - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32159055] - hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32159975] - hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32159975] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176263] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176263] {CVE-2020-28915} - block: Fix use-after-free in blkdev_get() (Jason Yan) [Orabug: 32194608] {CVE-2020-15436} - serial: 8250: fix null-ptr-deref in serial8250_start_tx() (Yang Yingliang) [Orabug: 32194712] {CVE-2020-15437} - staging: rts5208: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496] - misc: rtsx: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.102.0.2uek] - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569} - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} [5.4.17-2036.102.0.1uek] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374} [5.4.17-2036.102.0uek] - futex: Fix inode life-time issue (Peter Zijlstra) [Orabug: 32233515] {CVE-2020-14381} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233352] {CVE-2020-14351} - intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32218858] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210418] - vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32167069] - vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32167069] - vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32167069] - vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32167069] - vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32167069] - vhost: Create accessors for virtqueues private_data (Eugenio Perez) [Orabug: 32167069] - vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32167069] - scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32167069] - scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32167069] - scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Get sas_device objects using device's rphy (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Update hba_port's sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32242279] - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227958] {CVE-2020-25705} - perf/x86/intel/uncore: Add box_offsets for free-running counters (Kan Liang) [Orabug: 32020885] - perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (Kan Liang) [Orabug: 32020885] - perf/x86/intel/uncore: Add Ice Lake server uncore support (Kan Liang) [Orabug: 32020885] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-14351 CVE-2020-25705 CVE-2020-14381 CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.102.0.2.el7] - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569} - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374} [5.4.17-2036.102.0.el7] - futex: Fix inode life-time issue (Peter Zijlstra) [Orabug: 32233515] {CVE-2020-14381} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233352] {CVE-2020-14351} - intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32218858] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210418] - vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32167069] - vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32167069] - vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32167069] - vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32167069] - vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32167069] - vhost: Create accessors for virtqueues private_data (Eugenio Perez) [Orabug: 32167069] - vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32167069] - scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32167069] - scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32167069] - scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32242279] - scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Get sas_device objects using device's rphy (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Update hba_port's sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32242279] - scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32242279] - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227958] {CVE-2020-25705} - perf/x86/intel/uncore: Add box_offsets for free-running counters (Kan Liang) [Orabug: 32020885] - perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (Kan Liang) [Orabug: 32020885] - perf/x86/intel/uncore: Add Ice Lake server uncore support (Kan Liang) [Orabug: 32020885] [5.4.17-2036.101.2.el7] - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187738] {CVE-2020-28974} - page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177966] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176254] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176254] {CVE-2020-28915} - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32159053] - net/rds: rds_ib_remove_one() accesses freed memory (Ka-Cheong Poon) [Orabug: 32213896] - hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32159973] - hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32159973] - RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 32005752] - lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 32005752] - arm64:uek/config: Enable ZONE_DMA config (Vijay Kumar) [Orabug: 31970521] - Revert 'arm64/dts: Serial console fix for RPi4' (Vijay Kumar) [Orabug: 31970521] - uek-rpm: aarch64: enable CONFIG_ACPI_APEI_EINJ (Dave Kleikamp) [Orabug: 32182237] - NFSD: fix missing refcount in nfsd4_copy by nfsd4_do_async_copy (Dai Ngo) [Orabug: 32177992] - NFSD: Fix use-after-free warning when doing inter-server copy (Dai Ngo) [Orabug: 32177992] - xen/events: block rogue events for some time (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/pvcallsback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 32177535] {CVE-2020-27673} - xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 32177543] [5.4.17-2036.101.1.el7] - uek-rpm: Enable Intel Speed Select Technology interface support (Somasundaram Krishnasamy) [Orabug: 32161425] - platform/x86: ISST: Increase timeout (Srinivas Pandruvada) [Orabug: 32161425] - platform/x86: ISST: Fix wrong unregister type (Srinivas Pandruvada) [Orabug: 32161425] - platform/x86: ISST: Allow additional core-power mailbox commands (Srinivas Pandruvada) [Orabug: 32161425] - IB/mlx4: Convert rej_tmout radix-tree to XArray (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Adjust delayed work when a dup is observed (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Fix starvation in paravirt mux/demux (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136895] - IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136895] - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (kiyin()) [Orabug: 32131172] {CVE-2020-25704} - vt: keyboard, extend func_buf_lock to readers (Jiri Slaby) [Orabug: 32122948] {CVE-2020-25656} - vt: keyboard, simplify vt_kdgkbsent (Jiri Slaby) [Orabug: 32122948] {CVE-2020-25656} - tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) [Orabug: 32122725] {CVE-2020-25668} - NFSv4.2: Fix NFS4ERR_STALE error when doing inter server copy (Dai Ngo) [Orabug: 31879682] [5.4.17-2036.101.0.el7] - hv_utils: drain the timesync packets on onchannelcallback (Vineeth Pillai) [Orabug: 32152142] - hv_utils: return error if host timesysnc update is stale (Vineeth Pillai) [Orabug: 32152142] - x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Icelakex (Ankur Arora) [Orabug: 32143850] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on AMD Zen (Ankur Arora) [Orabug: 32143850] - x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Broadwellx (Ankur Arora) [Orabug: 32143850] - mm, clear_huge_page: use clear_page_uncached() for gigantic pages (Ankur Arora) [Orabug: 32143850] - x86/clear_page: add clear_page_uncached() (Ankur Arora) [Orabug: 32143850] - x86/asm: add clear_page_nt() (Ankur Arora) [Orabug: 32143850] - perf bench: add memset_movnti() (Ankur Arora) [Orabug: 32143850] - x86/asm: add memset_movnti() (Ankur Arora) [Orabug: 32143850] - x86/cpuid: add X86_FEATURE_NT_GOOD (Ankur Arora) [Orabug: 32143850] - kernel: add panic_on_taint (Rafael Aquini) [Orabug: 32137996] - cifs: handle empty list of targets in cifs_reconnect() (Paulo Alcantara) [Orabug: 32124750] - cifs: get rid of unused parameter in reconn_setup_dfs_targets() (Paulo Alcantara) [Orabug: 32124750] - rds/ib: Fix: (rds: Deregister all FRWR mr with free_mr) (Manjunath Patil) [Orabug: 32113472] - net/rds: Force ARP flush upon RDMA_CM_EVENT_ADDR_CHANGE (Gerd Rausch) [Orabug: 32095959] - uek-rpm: aarch64: increase CONFIG_NODES_SHIFT from 3 to 6 (Dave Kleikamp) [Orabug: 32075923] - rds: Restore MR use-once semantics (Hakon Bugge) [Orabug: 31990092] [Orabug: 32072247] - rds: Fix incorrect cmsg status and use-after-free (Hakon Bugge) [Orabug: 32003078] [Orabug: 32072245] - rds: Force ordering of {set,clear}_bit operating on m_flags (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - rds: Do not send canceled operations to the transport layer (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'RDS: Drop the connection as part of cancel to avoid hangs' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'rds: fix warning in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'rds: Use correct conn when dropping connections due to cancel' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'rds: prevent use-after-free of rds conn in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'rds: Use bitmap to designate dropped connections' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - Revert 'UEK6 compiler warning for /net/rds/send.c' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32072228] - x86/mce/therm_throt: Undo thermal polling properly on CPU offline (Thomas Gleixner) [Orabug: 32048971] - x86/mce/therm_throt: Do not access uninitialized therm_work (Chuansheng Liu) [Orabug: 32048971] - x86/mce/therm_throt: Mark throttle_active_work() as __maybe_unused (Arnd Bergmann) [Orabug: 32048971] - x86/mce/therm_throt: Mask out read-only and reserved MSR bits (Srinivas Pandruvada) [Orabug: 32048971] - x86/mce/therm_throt: Optimize notifications of thermal throttle (Srinivas Pandruvada) [Orabug: 32048971] - ocfs2: fix remounting needed after setfacl command (Gang He) [Orabug: 32042684] - IB/mlx4: disable CQ time stamping (aru kolappan) [Orabug: 32042517] - net/rds: Refactor sendmsg ancillary data processing (Ka-Cheong Poon) [Orabug: 32027845] - Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz) [Orabug: 32021285] {CVE-2020-12352} - ima: Use ima_hash_algo for collision detection in the measurement list (Roberto Sassu) [Orabug: 31973040] - ima: Calculate and extend PCR with digests in ima_template_entry (Roberto Sassu) [Orabug: 31973040] - ima: Allocate and initialize tfm for each PCR bank (Roberto Sassu) [Orabug: 31973040] - ima: Switch to dynamically allocated buffer for template digests (Roberto Sassu) [Orabug: 31973040] - ima: Store template digest directly in ima_template_entry (Roberto Sassu) [Orabug: 31973040] - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (James Smart) [Orabug: 31598148] - net/rds: Check for NULL rds_ibdev in rds_ib_rx() only if rds_ib_srq_enabled (Sharath Srinivasan) [Orabug: 32113840] - A/A Bonding: Increase number and interval of GARPs sent by rdmaip (Sharath Srinivasan) [Orabug: 32095766] - powercap: restrict energy meter to root access (Kanth Ghatraju) [Orabug: 32040802] {CVE-2020-8694} {CVE-2020-8695} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-14351 CVE-2020-25705 CVE-2020-14381 CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 [4.14.35-2025.404.1.1.el7] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248040] {CVE-2020-28374} [4.14.35-2025.404.1.el7] - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253412] {CVE-2020-29568} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260256] {CVE-2020-29569} [4.14.35-2025.404.0.el7] - vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32201584] - vhost/scsi: Use copy_to_iter() to send control queue response (Bijan Mottahedeh) [Orabug: 32201584] - vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32201584] - scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32201584] - scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32201584] [4.14.35-2025.403.5.el7] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210463] - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked() (Andrea Arcangeli) [Orabug: 32212583] {CVE-2020-29368} - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233358] {CVE-2020-14351} [4.14.35-2025.403.4.el7] - icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227961] {CVE-2020-25705} - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32159055] - hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32159975] - hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32159975] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176263] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176263] {CVE-2020-28915} - block: Fix use-after-free in blkdev_get() (Jason Yan) [Orabug: 32194608] {CVE-2020-15436} - serial: 8250: fix null-ptr-deref in serial8250_start_tx() (Yang Yingliang) [Orabug: 32194712] {CVE-2020-15437} - staging: rts5208: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496] - misc: rtsx: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496] [4.14.35-2025.403.3.el7] - RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 32005117] - lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 32005117] - lib/scatterlist: Add SG_CHAIN and SG_END macros for LSB encodings (Anshuman Khandual) [Orabug: 32005117] - lib/scatterlist: Avoid potential scatterlist entry overflow (Tvrtko Ursulin) [Orabug: 32005117] - lib/scatterlist: Fix offset type in sg_alloc_table_from_pages (Tvrtko Ursulin) [Orabug: 32005117] - uek-rpm: Don't build emb2 kernel for mips (Dave Kleikamp) [Orabug: 32176889] - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187748] {CVE-2020-28974} - page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32201999] - xen/events: block rogue events for some time (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/pvcallsback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 32177538] {CVE-2020-27673} - xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 32177548] [4.14.35-2025.403.2.el7] - tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) [Orabug: 32122729] {CVE-2020-25668} - vt: keyboard, extend func_buf_lock to readers (Jiri Slaby) [Orabug: 32122952] {CVE-2020-25656} - vt: keyboard, simplify vt_kdgkbsent (Jiri Slaby) [Orabug: 32122952] {CVE-2020-25656} - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (kiyin()) [Orabug: 32131175] {CVE-2020-25704} - perf/core: Fix bad use of igrab() (Song Liu) [Orabug: 32131175] {CVE-2020-25704} - IB/mlx4: Adjust delayed work when a dup is observed (Hakon Bugge) [Orabug: 32136898] - IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136898] - IB/mlx4: Fix starvation in paravirt mux/demux (Hakon Bugge) [Orabug: 32136898] - IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136898] - IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136898] - IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136898] - xen/gntdev: fix up blockable calls to mn_invl_range_start (Michal Hocko) [Orabug: 32139244] [4.14.35-2025.403.1.el7] - lockdown: By default run in integrity mode. (Konrad Rzeszutek Wilk) [Orabug: 32131561] - Revert 'iomap: Fix pipe page leakage during splicing' (George Kennedy) [Orabug: 32136519] - kernel: add panic_on_taint (Rafael Aquini) [Orabug: 32138016] - Revert 'pci: hardcode enumeration' (Dave Aldridge) [Orabug: 32152249] - hv_utils: drain the timesync packets on onchannelcallback (Vineeth Pillai) [Orabug: 32152144] - hv_utils: return error if host timesysnc update is stale (Vineeth Pillai) [Orabug: 32152144] [4.14.35-2025.403.0.el7] - powercap: restrict energy meter to root access (Kanth Ghatraju) [Orabug: 32138487] {CVE-2020-8694} {CVE-2020-8695} - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Filipe Manana) [Orabug: 31864726] - btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek) [Orabug: 31864726] - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo) [Orabug: 31864726] {CVE-2019-19816} - x86/apic: Get rid of multi CPU affinity (Thomas Gleixner) [Orabug: 31975320] - hv_netvsc: Set probe mode to sync (Haiyang Zhang) [Orabug: 32132413] - net/rds: Check for NULL rds_ibdev in rds_ib_rx() only if rds_ib_srq_enabled (Sharath Srinivasan) [Orabug: 32113843] - perf symbols: Check if we read regular file in dso__load() (Jiri Olsa) [Orabug: 30696035] - rds: Restore MR use-once semantics (Hakon Bugge) [Orabug: 31990092] [Orabug: 31990095] - rds: Fix incorrect cmsg status and use-after-free (Hakon Bugge) [Orabug: 32003078] [Orabug: 32003081] - dm cache: remove all obsolete writethrough-specific code (Mike Snitzer) [Orabug: 32010352] - dm cache: pass cache structure to mode functions (Mike Snitzer) [Orabug: 32010352] - dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() (Ming Lei) [Orabug: 32010352] - bcache: allocate meta data pages as compound pages (Coly Li) [Orabug: 32010352] - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 (ChangSyun Peng) [Orabug: 32010352] - bcache: fix super block seq numbers comparision in register_cache_set() (Coly Li) [Orabug: 32010352] - md-cluster: fix wild pointer of unlock_all_bitmaps() (Zhao Heming) [Orabug: 32010352] - dm: use noio when sending kobject event (Mikulas Patocka) [Orabug: 32010352] - dm zoned: assign max_io_len correctly (Hou Tao) [Orabug: 32010352] - md: add feature flag MD_FEATURE_RAID0_LAYOUT (NeilBrown) [Orabug: 32010352] - dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone (Hannes Reinecke) [Orabug: 32010352] - dm mpath: switch paths in dm_blk_ioctl() code path (Martin Wilck) [Orabug: 32010352] - dm crypt: avoid truncating the logical block size (Eric Biggers) [Orabug: 32010352] - md: don't flush workqueue unconditionally in md_open (Guoqing Jiang) [Orabug: 32010352] - x86/mce/therm_throt: Undo thermal polling properly on CPU offline (Thomas Gleixner) [Orabug: 32010658] - x86/mce/therm_throt: Do not access uninitialized therm_work (Chuansheng Liu) [Orabug: 32010658] - x86/mce/therm_throt: Mark throttle_active_work() as __maybe_unused (Arnd Bergmann) [Orabug: 32010658] - x86/mce/therm_throt: Mask out read-only and reserved MSR bits (Srinivas Pandruvada) [Orabug: 32010658] - x86/mce/therm_throt: Optimize notifications of thermal throttle (Srinivas Pandruvada) [Orabug: 32010658] - jiffies: add utility function to calculate delta in ms (Matteo Croce) [Orabug: 32010658] - rds: Force ordering of {set,clear}_bit operating on m_flags (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - rds: Do not send canceled operations to the transport layer (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Revert 'RDS: Drop the connection as part of cancel to avoid hangs' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Revert 'rds: fix warning in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Revert 'rds: Use correct conn when dropping connections due to cancel' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Revert 'rds: prevent use-after-free of rds conn in rds_send_drop_to()' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Revert 'rds: Use bitmap to designate dropped connections' (Hakon Bugge) [Orabug: 31505749] [Orabug: 32014809] - Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz) [Orabug: 32021288] {CVE-2020-12352} - x86/kvm: move kvm_load/put_guest_xcr0 into atomic context (WANG Chao) [Orabug: 32021855] - arm64: Corrects warning: ISO C90 forbids mixed declarations and code (John Donnelly) [Orabug: 32040061] - hwrng: cavium: Corrects warning: unused variable 'dev_id' (John Donnelly) [Orabug: 32040066] - Lock down /proc/kcore (redux!) (Konrad Rzeszutek Wilk) [Orabug: 32053127] - lockdown: Lock down perf when in confidentiality mode (David Howells) [Orabug: 32053127] - Lock down kprobes (redux!) (Konrad Rzeszutek Wilk) [Orabug: 32053127] - debugfs: whitelist spectre mitigation when locked down (Eric Snowberg) [Orabug: 32053127] - debugfs: Return -EPERM when locked down (Eric Snowberg) [Orabug: 32053127] - debugfs: Restrict debugfs when the kernel is locked down (David Howells) [Orabug: 32053127] - lockdown: Add __kernel_is_confidentiality_mode to figure out whether .. (Konrad Rzeszutek Wilk) [Orabug: 32053127] - dtrace: Restrict access when the kernel is locked down in confidentiality mode (Konrad Rzeszutek Wilk) [Orabug: 32053127] - bpf: Restrict bpf when kernel lockdown is in confidentiality mode (David Howells) [Orabug: 32053127] - security: Add a static lockdown policy LSM [diet-version] (Matthew Garrett) [Orabug: 32053127] - net/rds: Check for NULL rid_dev_rem_complete (Ka-Cheong Poon) [Orabug: 32058618] - scsi: Corrects warning: passing argument 1 of 'wwn_to_u64' mismatch (John Donnelly) [Orabug: 32059622] - ipvlan: Corrects warning: label 'unregister_netdev' defined but not used (John Donnelly) [Orabug: 32059740] - mm, compaction: raise compaction priority after it withdrawns (Vlastimil Babka) [Orabug: 32065218] - mm, reclaim: cleanup should_continue_reclaim() (Vlastimil Babka) [Orabug: 32065218] - mm, reclaim: make should_continue_reclaim perform dryrun detection (Hillf Danton) [Orabug: 32065218] - KVM: Drop 'const' attribute from old memslot in commit_memory_region() (Sean Christopherson) [Orabug: 32068898] - octeontx2-pf: Return proper RSS indirection table size always (Sunil Goutham) [Orabug: 32095651] - octeontx2-af: Free RVU REE irq properly (Smadar Fuks) [Orabug: 32095651] - octeontx2-af: Free RVU NIX IRQs properly. (Rakesh Babu) [Orabug: 32095651] - octeontx2-af: Fix the BPID mask (Subbaraya Sundeep) [Orabug: 32095651] - octeontx2-pf: Fix receive buffer size calculation (Sunil Goutham) [Orabug: 32095651] - octeontx2-af: Fix updating wrong multicast list index in NIX_RX_ACTION (Naveen Mamindlapalli) [Orabug: 32095651] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.46.4.1] - target: fix XCOPY NAA identifier lookup (Mike Christie) [Orabug: 32248041] {CVE-2020-28374} [4.1.12-124.46.4] - xen/events: block rogue events for some time (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32223358] {CVE-2020-29569} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-27673 CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 6 [1.8.6p3-29.0.2.el6_10.3] - backport the fix CVE-2021-3156.patch from ol7. IMPORTANT Copyright 2021 Oracle, Inc. Oracle Linux 7 [4.14.35-2025.404.1.2] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 [4.14.35-2025.404.1.2.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 [4.14.35-2025.404.1.2.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 Oracle Linux 7 Oracle Linux 8 kubernetes [1.18.10-3] - Kata CVE-2020-28914 kata-proxy [1.11.5-1] - Added Oracle Specific Build Files for kata-proxy kata-shim [1.11.5-1] - Added Oracle Specific Build Files for kata-shim kata-ksm-throttler [1.11.5-1] - Added Oracle Specific Build Files for kata-ksm-throttler kata-runtime [1.11.5-1] - Added Oracle Specific Files For kata-runtime kata-agent [1.11.5-1] - Added Oracle Specific Build Files for kata-agent kata-image [1.11.5-1] - Added Oracle Specific Build Files for kata-image kata [1.11.5-2] - Update to kata 1.11.5 olcne [1.2.2-1] - Address CVE-2020-28914: An improper file permissions vulnerability affects Kata Containers prior to 1.11.5 [1.2.1-1] - Enhance the Kubernetes module to restrict the usage of external IPs - Address CVE-2020-8554: man-in-the-middle vulnerability using Kubernetes service External IPs [1.2.0-4] - Add support for deprecating module args IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28914 CVE-2020-8554 Oracle Linux 7 kata-runtime [1.7.3-1.0.7] - Address CVE-2020-28914 kata [1.7.3-1.0.12] - UEKR6 guest kernel support [1.7.3-1.0.11] - Address CVE-2020-28914 kubernetes [1.17.9-1.0.6] - Kata CVE-2020-28914 olcne [1.1.10-1] - Address CVE-2020-28914: An improper file permissions vulnerability affects Kata Containers prior to 1.11.5 [1.1.9-1] - Enhance the Kubernetes module to restrict the usage of external IPs - Address CVE-2020-8554: man-in-the-middle vulnerability using Kubernetes service External IPs IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28914 CVE-2020-8554 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.47.3] - sysctl: handle overflow in proc_get_long (Christian Brauner) [Orabug: 31588015] [4.1.12-124.47.2] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350932] {CVE-2020-12653} - lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 31435700] - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses (Takashi Iwai) [Orabug: 32240688] {CVE-2020-27786} - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568} - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251907] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266682] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266682] {CVE-2020-29660} - tty: core: Use correct spinlock flavor in tiocspgrp() (Peter Hurley) [Orabug: 32266682] {CVE-2020-29660} - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349208] {CVE-2020-36158} [4.1.12-124.47.1] - target: fix XCOPY NAA identifier lookup (Mike Christie) [Orabug: 32374139] {CVE-2020-28374} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-12653 CVE-2020-29568 CVE-2020-27786 CVE-2020-29660 CVE-2020-36158 Oracle Linux 7 [15:4.2.1-4.el7] - Document CVE-2020-25723 as fixed (Mark Kanda) [Orabug: 32222397] {CVE-2020-25084} {CVE-2020-25723} - hw/net/e1000e: advance desc_offset in case of null descriptor (Prasad J Pandit) [Orabug: 32217517] {CVE-2020-28916} - i386: Add 2nd Generation AMD EPYC processors (Moger, Babu) [Orabug: 32217570] - libslirp: Update version to include CVE fixes (Mark Kanda) [Orabug: 32208456] [Orabug: 32208462] {CVE-2020-29129} {CVE-2020-29130} - Document CVE-2020-25624 as fixed (Mark Kanda) [Orabug: 32212527] {CVE-2020-25624} {CVE-2020-25625} - pvpanic: Advertise the PVPANIC_CRASHLOADED event support (Paolo Bonzini) [Orabug: 32102853] - ati: check x y display parameter values (Prasad J Pandit) [Orabug: 32108251] {CVE-2020-27616} - Add AArch64 support for QMP regdump tool and sosreport plugin (Mark Kanda) [Orabug: 32080658] - Add qemu_regdump sosreport plugin support for '-mon' QMP sockets (Mark Kanda) - migration/dirtyrate: present dirty rate only when querying the rate has completed (Chuan Zheng) - migration/dirtyrate: record start_time and calc_time while at the measuring state (Chuan Zheng) - migration/dirtyrate: Add trace_calls to make it easier to debug (Chuan Zheng) - migration/dirtyrate: Implement qmp_cal_dirty_rate()/qmp_get_dirty_rate() function (Chuan Zheng) - migration/dirtyrate: Implement calculate_dirtyrate() function (Chuan Zheng) - migration/dirtyrate: Implement set_sample_page_period() and is_sample_period_valid() (Chuan Zheng) - migration/dirtyrate: skip sampling ramblock with size below MIN_RAMBLOCK_SIZE (Chuan Zheng) - migration/dirtyrate: Compare page hash results for recorded sampled page (Chuan Zheng) - migration/dirtyrate: Record hash results for each sampled page (Chuan Zheng) - migration/dirtyrate: move RAMBLOCK_FOREACH_MIGRATABLE into ram.h (Chuan Zheng) - migration/dirtyrate: Add dirtyrate statistics series functions (Chuan Zheng) - migration/dirtyrate: Add RamblockDirtyInfo to store sampled page info (Chuan Zheng) - migration/dirtyrate: add DirtyRateStatus to denote calculation status (Chuan Zheng) - migration/dirtyrate: setup up query-dirtyrate framwork (Chuan Zheng) - ram_addr: Split RAMBlock definition (Juan Quintela) [15:4.2.1-3.el7] - qemu-kvm.spec: Install block storage module RPMs by default (Karl Heubaum) [Orabug: 31943789] - qemu-kvm.spec: Enable block-ssh module RPM (Karl Heubaum) [Orabug: 31943763] - hw: usb: hcd-ohci: check for processed TD before retire (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625} - hw: usb: hcd-ohci: check len and frame_number variables (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625} - hw: ehci: check return value of 'usb_packet_map' (Li Qiang) [Orabug: 31901649] {CVE-2020-25084} - hw: xhci: check return value of 'usb_packet_map' (Li Qiang) [Orabug: 31901649] {CVE-2020-25084} - qemu.spec: Enable '-Werror' for OL7 builds (Mark Kanda) [Orabug: 31922718] - usb: fix setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 31848849] {CVE-2020-14364} - Document CVE-2020-12829 and CVE-2020-14415 as fixed (Mark Kanda) [Orabug: 31855502] [Orabug: 31855427] {CVE-2020-12829} {CVE-2020-14415} [15:4.2.1-2.el7] - hw/net/xgmac: Fix buffer overflow in xgmac_enet_send() (Mauro Matteo Cascella) [Orabug: 31667649] {CVE-2020-15863} - hw/net/net_tx_pkt: fix assertion failure in net_tx_pkt_add_raw_fragment() (Mauro Matteo Cascella) [Orabug: 31737809] {CVE-2020-16092} - migration: fix memory leak in qmp_migrate_set_parameters (Zheng Chuan) [Orabug: 31806256] - virtio-net: fix removal of failover device (Juan Quintela) [Orabug: 31806255] - pvpanic: implement crashloaded event handling (Zhenwei Pi) [Orabug: 31677154] - pvpanic: introduce crashloaded for pvpanic (Zhenwei Pi) [Orabug: 31677154] [15:4.2.1-1.el7] - hw/sd/sdcard: Do not switch to ReceivingData if address is invalid (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253} - hw/sd/sdcard: Update coding style to make checkpatch.pl happy (Philippe Mathieu-Daude) [Orabug: 31414336] - hw/sd/sdcard: Do not allow invalid SD card sizes (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253} - hw/sd/sdcard: Simplify realize() a bit (Philippe Mathieu-Daude) [Orabug: 31414336] - hw/sd/sdcard: Restrict Class 6 commands to SCSD cards (Philippe Mathieu-Daude) [Orabug: 31414336] - libslirp: Update to v4.3.1 to fix CVE-2020-10756 (Karl Heubaum) [Orabug: 31604999] {CVE-2020-10756} - Document CVEs as fixed 2/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-18043} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858} {CVE-2019-12068} {CVE-2019-15034} {CVE-2019-15890} {CVE-2019-20382} {CVE-2020-10702} {CVE-2020-10761} {CVE-2020-11102} {CVE-2020-11869} {CVE-2020-13361} {CVE-2020-13765} {CVE-2020-13800} {CVE-2020-1711} {CVE-2020-1983} {CVE-2020-8608} - Document CVEs as fixed 1/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2017-9524} {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2018-16872} {CVE-2018-20123} {CVE-2018-20124} {CVE-2018-20125} {CVE-2018-20126} {CVE-2018-20191} {CVE-2018-20216} {CVE-2018-20815} {CVE-2019-11091} {CVE-2019-12155} {CVE-2019-14378} {CVE-2019-3812} {CVE-2019-5008} {CVE-2019-6501} {CVE-2019-6778} {CVE-2019-8934} {CVE-2019-9824} - qemu-kvm.spec: Add .spec file for OL8 (Karl Heubaum) [Orabug: 30618035] - qemu.spec: Add .spec file for OL7 (Karl Heubaum) [Orabug: 30618035] - qemu-submodule-init: Add Git submodule init script (Karl Heubaum) [Orabug: 30618035] - vhost.conf: Initial vhost.conf (Karl Heubaum) [Orabug: 30618035] - parfait: Add buildrpm/parfait-qemu.conf (Karl Heubaum) [Orabug: 30618035] - virtio: Set PCI subsystem vendor ID to Oracle (Karl Heubaum) [Orabug: 30618035] - qemu_regdump.py: Initial qemu_regdump.py (Karl Heubaum) [Orabug: 30618035] - qmp-regdump: Initial qmp-regdump (Karl Heubaum) [Orabug: 30618035] - bridge.conf: Initial bridge.conf (Karl Heubaum) [Orabug: 30618035] - kvm.conf: Initial kvm.conf (Karl Heubaum) [Orabug: 30618035] - 80-kvm.rules: Initial 80-kvm.rules (Karl Heubaum) [Orabug: 30618035] - exec: set map length to zero when returning NULL (Prasad J Pandit) [Orabug: 31439733] {CVE-2020-13659} - megasas: use unsigned type for reply_queue_head and check index (Prasad J Pandit) [Orabug: 31414338] {CVE-2020-13362} - memory: Revert 'memory: accept mismatching sizes in memory_region_access_valid' (Michael S. Tsirkin) [Orabug: 31439736] [Orabug: 31452202] {CVE-2020-13754} {CVE-2020-13791} [15:4.1.1-3.el7] - buildrpm/spec files: Dont package elf2dmp (Karl Heubaum) [Orabug: 31657424] - qemu-kvm.spec: Enable the block-curl package (Karl Heubaum) [Orabug: 31657424] - qemu.spec: enable have_curl in spec (Dongli Zhang) [Orabug: 31657424] [15:4.1.1-2.el7] - Document CVE-2020-13765 as fixed (Karl Heubaum) [Orabug: 31463250] {CVE-2020-13765} - kvm: Reallocate dirty_bmap when we change a slot (Dr. David Alan Gilbert) [Orabug: 31076399] - kvm: split too big memory section on several memslots (Igor Mammedov) [Orabug: 31076399] - target/i386: do not set unsupported VMX secondary execution controls (Vitaly Kuznetsov) [Orabug: 31463710] - target/i386: add VMX definitions (Paolo Bonzini) [Orabug: 31463710] - ati-vga: check mm_index before recursive call (CVE-2020-13800) (Prasad J Pandit) [Orabug: 31452206] {CVE-2020-13800} - es1370: check total frame count against current frame (Prasad J Pandit) [Orabug: 31463235] {CVE-2020-13361} - ati-vga: Fix checks in ati_2d_blt() to avoid crash (BALATON Zoltan) [Orabug: 31238432] {CVE-2020-11869} - libslirp: Update to stable-4.2 to fix CVE-2020-1983 (Karl Heubaum) [Orabug: 31241227] {CVE-2020-1983} - Document CVEs as fixed (Karl Heubaum) {CVE-2019-12068} {CVE-2019-15034} - libslirp: Update to version 4.2.0 to fix CVEs (Karl Heubaum) [Orabug: 30274592] [Orabug: 30869830] {CVE-2019-15890} {CVE-2020-8608} - target/i386: add support for MSR_IA32_TSX_CTRL (Paolo Bonzini) [Orabug: 31124041] - qemu-img: Add --target-is-zero to convert (David Edmondson) - vnc: fix memory leak when vnc disconnect (Li Qiang) [Orabug: 30996427] {CVE-2019-20382} - iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) (Felipe Franciosi) [Orabug: 31124035] {CVE-2020-1711} - qemu.spec: Remove 'BuildRequires: kernel' (Karl Heubaum) [Orabug: 31124047] [15:4.1.1-1.el7] - qemu-submodule-init: Add Git submodule init script IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-14364 CVE-2020-10756 CVE-2020-16092 CVE-2020-13754 CVE-2020-13362 CVE-2020-11102 CVE-2020-15863 CVE-2020-13791 CVE-2020-13659 CVE-2020-13253 CVE-2020-10702 CVE-2019-15034 CVE-2020-12829 CVE-2020-14415 CVE-2020-25625 CVE-2020-25084 CVE-2020-27616 CVE-2020-29129 CVE-2020-29130 CVE-2020-25624 CVE-2020-28916 CVE-2020-25723 Oracle Linux 7 [4.14.35-2025.405.3] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] [4.14.35-2025.405.2] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350995] [4.14.35-2025.405.1] - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372162] - uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32378208] - sysctl: handle overflow in proc_get_long (Christian Brauner) [Orabug: 32382641] - net/mlx5: Use a single MSIX vector for all control EQs in VFs (Ariel Levkovich) [Orabug: 31785275] - net/mlx5: Fix available EQs FW used to reserve (Denis Drozdov) [Orabug: 31785275] - net/mlx5: Use max_num_eqs for calculation of required MSIX vectors (Denis Drozdov) [Orabug: 31785275] - net/mlx5: Expose DEVX specification (Yishai Hadas) [Orabug: 31785275] - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32245085] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248040] {CVE-2020-28374} [4.14.35-2025.405.0] - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251913] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266681] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266681] {CVE-2020-29660} - lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337718] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349207] {CVE-2020-36158} - add license checking to kABI checker (Dan Duval) [Orabug: 32355210] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28374 CVE-2020-29660 CVE-2020-36158 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.103.3] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426610] [5.4.17-2036.103.2] - A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380824] - netfilter: add and use nf_hook_slow_list() (Florian Westphal) [Orabug: 32372530] {CVE-2021-20177} - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372158] - uek-rpm: Report removed symbols also during kabi check (Somasundaram Krishnasamy) [Orabug: 32380061] - uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32378206] - A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350974] - uek-rpm: add nfs_ssc to nano_modules (Calum Mackay) [Orabug: 32346419] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374} [5.4.17-2036.103.1] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349203] {CVE-2020-36158} - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32234812] - add license checking to kABI checker (Dan Duval) [Orabug: 32355206] [5.4.17-2036.103.0] - lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337715] - tools: update header files in the tools directory (Thomas Tai) [Orabug: 32321484] - perf: Fix a kABI breakage in perf_event.h (Thomas Tai) [Orabug: 32321484] - perf/x86: Fix n_metric for cancelled txn (Peter Zijlstra) [Orabug: 32321484] - perf/x86: Fix n_pair for cancelled txn (Peter Zijlstra) [Orabug: 32321484] - perf/x86/intel: Check perf metrics feature for each CPU (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Support per-thread RDPMC TopDown metrics (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Support TopDown metrics on Ice Lake (Kan Liang) [Orabug: 32321484] - perf/x86: Use event_base_rdpmc for the RDPMC userspace support (Kan Liang) [Orabug: 32321484] - perf/x86: Add a macro for RDPMC offset of fixed counters (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Generic support for hardware TopDown metrics (Kan Liang) [Orabug: 32321484] - perf/core: Add a new PERF_EV_CAP_SIBLING event capability (Kan Liang) [Orabug: 32321484] - perf/core: Unify {pinned,flexible}_sched_in() (Peter Zijlstra) [Orabug: 32321484] - perf/x86/intel: Use switch in intel_pmu_disable/enable_event (Kan Liang) [Orabug: 32321484] - perf/x86: Keep LBR records unchanged in host context for guest usage (Like Xu) [Orabug: 32321484] - perf/x86/intel: Fix the name of perf METRICS (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Move BTS index to 47 (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Introduce the fourth fixed counter (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Name the global status bit in NMI handler (Kan Liang) [Orabug: 32321484] - perf/x86: Add constraint to create guest LBR event without hw counter (Like Xu) [Orabug: 32321484] - perf/x86/lbr: Add interface to get LBR information (Like Xu) [Orabug: 32321484] - perf/x86/core: Refactor hw->idx checks and cleanup (Like Xu) [Orabug: 32321484] - perf/x86/intel: Avoid unnecessary PEBS_ENABLE MSR access in PMI (Kan Liang) [Orabug: 32321484] - perf/x86: Provide stubs of KVM helpers for non-Intel CPUs (Sean Christopherson) [Orabug: 32321484] - partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32302136] - Revert 'cpu/hotplug: avoid race between cpuset_hotplug_workfn and later hotplug' (Daniel Jordan) [Orabug: 32295229] - cpuset: fix race between hotplug work and later CPU offline (Daniel Jordan) [Orabug: 32295229] - uek-rpm: aarch64: update PMU configs for Altra (Dave Kleikamp) [Orabug: 32290034] - driver/perf: Add PMU driver for the ARM DMC-620 memory controller (Tuan Phan) [Orabug: 32290034] - perf: arm-cmn: Fix conversion specifiers for node type (Will Deacon) [Orabug: 32290034] - perf: arm-cmn: Fix unsigned comparison to less than zero (Will Deacon) [Orabug: 32290034] - perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 32290034] - perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 32290034] - perf: arm_dsu: Support DSU ACPI devices (Tuan Phan) [Orabug: 32290034] - arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work (James Morse) [Orabug: 32290034] - ACPI: APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 32290034] - iommu/arm-smmu-v3: Don't reserve implementation defined register space (Jean-Philippe Brucker) [Orabug: 32290034] - Revert 'BACKPORT: perf: Add Arm CMN-600 DT binding' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: WIP: perf/arm-cmn: Add ACPI support' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: Add ARM DMC-620 PMU driver.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work' (Dave Kleikamp) [Orabug: 32290034] - Revert 'Perf: arm-cmn: Allow irq to be shared.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_cmn: improve and make it work on 2P.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dsu: Allow IRQ to be shared among devices.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dsu: Support ACPI mode.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dmc620: Update ACPI ID.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: avoid breaking KABI by reusing enum' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf/smmuv3: Allow sharing MMIO registers with the SMMU driver' (Dave Kleikamp) [Orabug: 32290034] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266677] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266677] {CVE-2020-29660} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569} - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251910] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 CVE-2020-29660 CVE-2020-36158 CVE-2021-20177 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.103.3.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426610] [5.4.17-2036.103.2.el7] - A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380824] - netfilter: add and use nf_hook_slow_list() (Florian Westphal) [Orabug: 32372530] {CVE-2021-20177} - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372158] - uek-rpm: Report removed symbols also during kabi check (Somasundaram Krishnasamy) [Orabug: 32380061] - A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350974] - uek-rpm: add nfs_ssc to nano_modules (Calum Mackay) [Orabug: 32346419] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374} [5.4.17-2036.103.1.el7] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349203] {CVE-2020-36158} - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32234812] - add license checking to kABI checker (Dan Duval) [Orabug: 32355206] [5.4.17-2036.103.0.el7] - lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337715] - tools: update header files in the tools directory (Thomas Tai) [Orabug: 32321484] - perf: Fix a kABI breakage in perf_event.h (Thomas Tai) [Orabug: 32321484] - perf/x86: Fix n_metric for cancelled txn (Peter Zijlstra) [Orabug: 32321484] - perf/x86: Fix n_pair for cancelled txn (Peter Zijlstra) [Orabug: 32321484] - perf/x86/intel: Check perf metrics feature for each CPU (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Support per-thread RDPMC TopDown metrics (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Support TopDown metrics on Ice Lake (Kan Liang) [Orabug: 32321484] - perf/x86: Use event_base_rdpmc for the RDPMC userspace support (Kan Liang) [Orabug: 32321484] - perf/x86: Add a macro for RDPMC offset of fixed counters (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Generic support for hardware TopDown metrics (Kan Liang) [Orabug: 32321484] - perf/core: Add a new PERF_EV_CAP_SIBLING event capability (Kan Liang) [Orabug: 32321484] - perf/core: Unify {pinned,flexible}_sched_in() (Peter Zijlstra) [Orabug: 32321484] - perf/x86/intel: Use switch in intel_pmu_disable/enable_event (Kan Liang) [Orabug: 32321484] - perf/x86: Keep LBR records unchanged in host context for guest usage (Like Xu) [Orabug: 32321484] - perf/x86/intel: Fix the name of perf METRICS (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Move BTS index to 47 (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Introduce the fourth fixed counter (Kan Liang) [Orabug: 32321484] - perf/x86/intel: Name the global status bit in NMI handler (Kan Liang) [Orabug: 32321484] - perf/x86: Add constraint to create guest LBR event without hw counter (Like Xu) [Orabug: 32321484] - perf/x86/lbr: Add interface to get LBR information (Like Xu) [Orabug: 32321484] - perf/x86/core: Refactor hw->idx checks and cleanup (Like Xu) [Orabug: 32321484] - perf/x86/intel: Avoid unnecessary PEBS_ENABLE MSR access in PMI (Kan Liang) [Orabug: 32321484] - perf/x86: Provide stubs of KVM helpers for non-Intel CPUs (Sean Christopherson) [Orabug: 32321484] - partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32302136] - Revert 'cpu/hotplug: avoid race between cpuset_hotplug_workfn and later hotplug' (Daniel Jordan) [Orabug: 32295229] - cpuset: fix race between hotplug work and later CPU offline (Daniel Jordan) [Orabug: 32295229] - uek-rpm: aarch64: update PMU configs for Altra (Dave Kleikamp) [Orabug: 32290034] - driver/perf: Add PMU driver for the ARM DMC-620 memory controller (Tuan Phan) [Orabug: 32290034] - perf: arm-cmn: Fix conversion specifiers for node type (Will Deacon) [Orabug: 32290034] - perf: arm-cmn: Fix unsigned comparison to less than zero (Will Deacon) [Orabug: 32290034] - perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 32290034] - perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 32290034] - perf: arm_dsu: Support DSU ACPI devices (Tuan Phan) [Orabug: 32290034] - arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work (James Morse) [Orabug: 32290034] - ACPI: APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 32290034] - iommu/arm-smmu-v3: Don't reserve implementation defined register space (Jean-Philippe Brucker) [Orabug: 32290034] - Revert 'BACKPORT: perf: Add Arm CMN-600 DT binding' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: WIP: perf/arm-cmn: Add ACPI support' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: Add ARM DMC-620 PMU driver.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors' (Dave Kleikamp) [Orabug: 32290034] - Revert 'BACKPORT: arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work' (Dave Kleikamp) [Orabug: 32290034] - Revert 'Perf: arm-cmn: Allow irq to be shared.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_cmn: improve and make it work on 2P.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dsu: Allow IRQ to be shared among devices.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dsu: Support ACPI mode.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: arm_dmc620: Update ACPI ID.' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf: avoid breaking KABI by reusing enum' (Dave Kleikamp) [Orabug: 32290034] - Revert 'perf/smmuv3: Allow sharing MMIO registers with the SMMU driver' (Dave Kleikamp) [Orabug: 32290034] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266677] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266677] {CVE-2020-29660} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569} - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568} - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251910] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29568 CVE-2020-29569 CVE-2020-28374 CVE-2020-29660 CVE-2020-36158 CVE-2021-20177 Oracle Linux 7 [4.14.35-2025.405.3.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426280] [4.14.35-2025.405.2.el7] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350995] [4.14.35-2025.405.1.el7] - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372162] - uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32378208] - sysctl: handle overflow in proc_get_long (Christian Brauner) [Orabug: 32382641] - net/mlx5: Use a single MSIX vector for all control EQs in VFs (Ariel Levkovich) [Orabug: 31785275] - net/mlx5: Fix available EQs FW used to reserve (Denis Drozdov) [Orabug: 31785275] - net/mlx5: Use max_num_eqs for calculation of required MSIX vectors (Denis Drozdov) [Orabug: 31785275] - net/mlx5: Expose DEVX specification (Yishai Hadas) [Orabug: 31785275] - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32245085] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248040] {CVE-2020-28374} [4.14.35-2025.405.0.el7] - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251913] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266681] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266681] {CVE-2020-29660} - lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337718] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349207] {CVE-2020-36158} - add license checking to kABI checker (Dan Duval) [Orabug: 32355210] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28374 CVE-2020-29660 CVE-2020-36158 Oracle Linux 6 Oracle Linux 7 kernel-uek [3.8.13-118.54.1] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349209] {CVE-2020-36158} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36158 Oracle Linux 6 Oracle Linux 7 kernel-uek [3.8.13-118.54.1] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349209] {CVE-2020-36158} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36158 Oracle Linux 6 [2.6.39-400.330.1] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349211] {CVE-2020-36158} [2.6.39-400.329.1] - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) [Orabug: 32176268] {CVE-2020-28915} - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye) [Orabug: 32176268] {CVE-2020-28915} - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) [Orabug: 32187752] {CVE-2020-28974} - vt: sort out locking for font handling (Alan Cox) [Orabug: 32187752] {CVE-2020-28974} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28915 CVE-2020-28974 CVE-2020-36158 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.48.3.1] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492113] {CVE-2021-26930} - xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492105] {CVE-2021-26931} - xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492105] {CVE-2021-26931} - xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492105] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492098] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492098] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492098] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492098] {CVE-2021-26932} [4.1.12-124.48.3] - bnxt_en: Fix ethtool -x crash when device is down. (Michael Chan) [Orabug: 32466092] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 Oracle Linux 7 [4.14.35-2047.500.9.1] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-netback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-blkback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: dont bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} [4.14.35-2047.500.9] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426612] - A/A Bonding: Add synchronized bundle failback (Gerd Rausch) [Orabug: 31175013] - net/rds: Incorrect RDS protocol version fall back (Ka-Cheong Poon) [Orabug: 32376163] - net/rds: Missing RDS/RDMA private data in response to connection request (Ka-Cheong Poon) [Orabug: 32388407] [4.14.35-2047.500.8] - uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32341032] - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372161] - A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380826] - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32245078] - A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350976] - net/mlx5: Use a single MSIX vector for all control EQs in VFs (Ariel Levkovich) [Orabug: 32368440] - net/mlx5: Fix available EQs FW used to reserve (Denis Drozdov) [Orabug: 32368440] - net/mlx5: Use max_num_eqs for calculation of required MSIX vectors (Denis Drozdov) [Orabug: 32368440] - net/mlx5: Expose DEVX specification (Yishai Hadas) [Orabug: 32368440] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248037] {CVE-2020-28374} [4.14.35-2047.500.7] - partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32047319] - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568} - xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568} - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260255] {CVE-2020-29569} - lockd: dont use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337717] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349205] {CVE-2020-36158} - add license checking to kABI checker (Dan Duval) [Orabug: 32355208] [4.14.35-2047.500.6] - net/rds: Only yield with a valid 'i_connecting_ts' timestamp (Gerd Rausch) [Orabug: 31030774] - net/rds: Only increment rdma_resolve_route timeout on error (Gerd Rausch) [Orabug: 31030774] - net/rds: Dont block workqueues 'cma_wq' and 'cm.wq' (Gerd Rausch) [Orabug: 31030774] - net/rds: Dont drop neighbor loopback connection (Gerd Rausch) [Orabug: 31030774] - net/rds: Take the GID offset into account for IB devices (Gerd Rausch) [Orabug: 31030774] - net/rds: Leave the neighbor cache alone (Gerd Rausch) [Orabug: 31030774] - net/rds: Give each connection its own workqueue (Gerd Rausch) [Orabug: 31030774] - net/rds: Disassociate ic and cm_id before rdma_destroy_id (Gerd Rausch) [Orabug: 31030774] - Revert 'rds: ib: Implement proper cm_id compare' (Gerd Rausch) [Orabug: 31030774] - net/rds: Add a rdma_cm watchdog timer (Gerd Rausch) [Orabug: 31030774] - Revert 'RDS: IB: fix panic with handlers running post teardown' (Gerd Rausch) [Orabug: 31030774] - net/rds: Release all resources allocated by 'rds_ib_setup_qp' (Gerd Rausch) [Orabug: 31030774] - net/rds: Change the 'rds_aux_wq' workqueue to loose order (Gerd Rausch) [Orabug: 31030774] - net/rds: Dont sleep inside worker threads (Gerd Rausch) [Orabug: 31030774] - net/rds: Fix a few race conditions (Gerd Rausch) [Orabug: 31030774] - net/rds: Execute 'rdma_destroy_id' in the background (Gerd Rausch) [Orabug: 31030774] - net/rds: Delay reconnects from passive side by 3 seconds (Gerd Rausch) [Orabug: 31030774] - net/rds: Drop connections when peers perform failover (Gerd Rausch) [Orabug: 31030774] - net/rds: Yield to incoming connection requests (Gerd Rausch) [Orabug: 31030774] - net/rds: Remove stale comments about random backoff (Gerd Rausch) [Orabug: 31030774] [4.14.35-2047.500.5] - KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251912] - tty: Fix ->session locking (Jann Horn) [Orabug: 32266679] {CVE-2020-29660} - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266679] {CVE-2020-29660} [4.14.35-2047.500.4] - bnxt_en: Release PCI regions when DMA mask setup fails during probe. (Michael Chan) [Orabug: 32223677] - bnxt_en: fix error return code in bnxt_init_board() (Zhang Changzhong) [Orabug: 32223677] - bnxt_en: fix error return code in bnxt_init_one() (Zhang Changzhong) [Orabug: 32223677] - bnxt_en: Fix counter overflow logic. (Michael Chan) [Orabug: 32223677] - bnxt_en: read EEPROM A2h address using page 0 (Edwin Peer) [Orabug: 32223677] - bnxt_en: Re-write PCI BARs after PCI fatal error. (Vasundhara Volam) [Orabug: 32223677] - bnxt_en: Set driver default message level. (Michael Chan) [Orabug: 32223677] - bnxt_en: Enable online self tests for multi-host/NPAR mode. (Vasundhara Volam) [Orabug: 32223677] - bnxt_en: Eliminate unnecessary RX resets. (Michael Chan) [Orabug: 32223677] - bnxt_en: Reduce unnecessary message log during RX errors. (Michael Chan) [Orabug: 32223677] - bnxt_en: Add a software counter for RX ring reset. (Michael Chan) [Orabug: 32223677] - bnxt_en: Implement RX ring reset in response to buffer errors. (Michael Chan) [Orabug: 32223677] - bnxt_en: Refactor bnxt_init_one_rx_ring(). (Michael Chan) [Orabug: 32223677] - bnxt_en: Refactor bnxt_free_rx_skbs(). (Michael Chan) [Orabug: 32223677] - bnxt_en: Update firmware interface spec to 1.10.1.68. (Vasundhara Volam) [Orabug: 32223677] - bnxt_en: Improve preset max value for ethtool -l. (Michael Chan) [Orabug: 32223677] - bnxt_en: Handle ethernet link being disabled by firmware. (Michael Chan) [Orabug: 32223677] - bnxt_en: add basic infrastructure to support PAM4 link speeds (Edwin Peer) [Orabug: 32223677] - bnxt_en: refactor bnxt_get_fw_speed() (Edwin Peer) [Orabug: 32223677] - bnxt_en: refactor code to limit speed advertising (Edwin Peer) [Orabug: 32223677] - bnxt_en: Update firmware interface spec to 1.10.1.65. (Michael Chan) [Orabug: 32223677] - bnxt_en: Fix wrong flag value passed to HWRM_PORT_QSTATS_EXT fw call. (Michael Chan) [Orabug: 32223677] - bnxt_en: Fix HWRM_FUNC_QSTATS_EXT firmware call. (Michael Chan) [Orabug: 32223677] - bnxt_en: Return -EOPNOTSUPP for ETHTOOL_GREGS on VFs. (Vasundhara Volam) [Orabug: 32223677] - bnxt_en: return proper error codes in bnxt_show_temp (Edwin Peer) [Orabug: 32223677] - bnxt_en: Setup default RSS map in all scenarios. (Michael Chan) [Orabug: 32223677] - bnxt_en: init RSS table for Minimal-Static VF reservation (Edwin Peer) [Orabug: 32223677] - bnxt_en: fix HWRM error when querying VF temperature (Edwin Peer) [Orabug: 32223677] - bnxt_en: Fix ethtool -S statitics with XDP or TCs enabled. (Michael Chan) [Orabug: 32223677] - bnxt_en: Dont query FW when netif_running() is false. (Pavan Chebbi) [Orabug: 32223677] - bnxt_en: Add support for 'ethtool -d' (Vasundhara Volam) [Orabug: 32223677] - bnxt_en: Switch over to use the 64-bit software accumulated counters. (Michael Chan) [Orabug: 32223677] - bnxt_en: Accumulate all counters. (Michael Chan) [Orabug: 32223677] - bnxt_en: Retrieve hardware masks for port counters. (Michael Chan) [Orabug: 32223677] - bnxt_en: Retrieve hardware counter masks from firmware if available. (Michael Chan) [Orabug: 32223677] - bnxt_en: Allocate additional memory for all statistics blocks. (Michael Chan) [Orabug: 32223677] - bnxt_en: Refactor statistics code and structures. (Michael Chan) [Orabug: 32223677] - bnxt_en: Use macros to define port statistics size and offset. (Michael Chan) [Orabug: 32223677] - bnxt_en: Update firmware interface to 1.10.1.54. (Michael Chan) [Orabug: 32223677] - bnxt_en: Remove PCIe non-counters from ethtool statistics (Vasundhara Volam) [Orabug: 32223677] - net: bnxt: don't complain if TC flower can't be supported (Jakub Kicinski) [Orabug: 32223677] - bnxt_en: Fix completion ring sizing with TPA enabled. (Michael Chan) [Orabug: 32223677] - bnxt_en: Init ethtool link settings after reading updated PHY configuration. (Vasundhara Volam) [Orabug: 32223677] - perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233354] {CVE-2020-14351} - vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32201608] - vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32201608] - vhost/scsi: Use copy_to_iter() to send control queue response (Bijan Mottahedeh) [Orabug: 32201608] - vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32201608] - vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32201608] - vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32201608] - vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32201608] - scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32201608] - scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32201608] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210458] - intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32219015] - qla2xxx: Add missing module version banner (John Donnelly) [Orabug: 32244934] - scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Get sas_device objects using devices rphy (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Update hba_ports sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: A small correction in _base_process_reply_queue (Tomas Henzl) [Orabug: 32223781] - scsi: mpt3sas: Fix sync irqs (Tomas Henzl) [Orabug: 32223781] - scsi: mpt3sas: Detect tampered Aero and Sea adapters (Sreekanth Reddy) [Orabug: 32223781] - scsi: mpt3sas: Dont call disable_irq from IRQ poll handler (Tomas Henzl) [Orabug: 32223781] - scsi: mpt3sas: Remove pci-dma-compat wrapper API (Suraj Upadhyay) [Orabug: 32223781] - scsi: mpt3sas: Remove superfluous memset() (Li Heng) [Orabug: 32223781] - scsi: mpt3sas: Update driver version to 35.100.00.00 (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Postprocessing of target and LUN reset (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Add functions to check if any cmd is outstanding on Target and LUN (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Rename and export interrupt mask/unmask functions (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Cancel the running work during host reset (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Dump system registers for debugging (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Memset config_cmds.reply buffer with zeros (Suganath Prabu S) [Orabug: 32223781] - scsi: mpt3sas: Fix kdoc comments format (Damien Le Moal) [Orabug: 32223781] - scsi: mpt3sas: Fix set but unused variable (Damien Le Moal) [Orabug: 32223781] - scsi: mpt3sas: Fix error returns in BRM_status_show (Johannes Thumshirn) [Orabug: 32223781] - scsi: mpt3sas: Fix unlock imbalance (Damien Le Moal) [Orabug: 32223781] - scsi: mpt3sas: Fix spelling mistake (Flavio Suligoi) [Orabug: 32223781] [4.14.35-2047.500.3] - hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32173883] - hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32173883] - ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32177802] - scsi: qla2xxx: Update version to 10.02.00.103-k (Nilesh Javali) [Orabug: 32213922] - qla2xxx: back port upstream patch (Quinn Tran) [Orabug: 32213922] - scsi: scsi_transport_fc: Add FPIN fc event codes (James Smart) [Orabug: 32213922] - scsi: scsi_transport_fc: refactor event posting routines (James Smart) [Orabug: 32213922] - Revert 'scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe' (Quinn Tran) [Orabug: 32213922] - Revert 'scsi: qla2xxx: Fix crash on qla2x00_mailbox_command' (Saurav Kashyap) [Orabug: 32213922] - scsi: qla2xxx: Check if FW supports MQ before enabling (Saurav Kashyap) [Orabug: 32213922] - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Reduce noisy debug message (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Reduce duplicate code in reporting speed (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Indicate correct supported speeds for Mezz card (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Flush I/O on zone disable (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Flush all sessions on zone disable (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: remove incorrect sparse #ifdef (Linus Torvalds) [Orabug: 32213922] - scsi: qla2xxx: Return EBUSY on fcport deletion (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Fix return of uninitialized value in rval (Colin Ian King) [Orabug: 32213922] - scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (Tom Rix) [Orabug: 32213922] - scsi: qla2xxx: Do not consume srb greedily (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Use constant when it is known (Pavel Machek (CIP)) [Orabug: 32213922] - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (Ye Bin) [Orabug: 32213922] - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (Ye Bin) [Orabug: 32213922] - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (Ye Bin) [Orabug: 32213922] - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Fix crash on session cleanup with unload (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Fix reset of MPI firmware (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Fix MPI reset needed message (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Fix buffer-buffer credit extraction error (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Correct the check for sscanf() return value (Saurav Kashyap) [Orabug: 32213922] - scsi: qla2xxx: Update version to 10.02.00.102-k (Nilesh Javali) [Orabug: 32213922] - scsi: qla2xxx: Add SLER and PI control support (Saurav Kashyap) [Orabug: 32213922] - scsi: qla2xxx: Add IOCB resource tracking (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Add rport fields in debugfs (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Make tgt_port_database available in initiator mode (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Fix I/O errors during LIP reset tests (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Performance tweak (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Fix memory size truncation (Quinn Tran) [Orabug: 32213922] - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Setup debugfs entries for remote ports (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (Arun Easi) [Orabug: 32213922] - scsi: qla2xxx: Remove unneeded variable 'rval' (Jason Yan) [Orabug: 32213922] - scsi: qla2xxx: Handle incorrect entry_type entries (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (Daniel Wagner) [Orabug: 32213922] - scsi: qla2xxx: Fix the return value (Xianting Tian) [Orabug: 32213922] - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (Tianjia Zhang) [Orabug: 32213922] - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (Tianjia Zhang) [Orabug: 32213922] - scsi: qla2xxx: Remove redundant variable initialization (Tianjia Zhang) [Orabug: 32213922] - scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (Christophe JAILLET) [Orabug: 32213922] - scsi: qla2xxx: Remove pci-dma-compat wrapper API (Suraj Upadhyay) [Orabug: 32213922] - scsi: qla2xxx: Remove superfluous memset() (Li Heng) [Orabug: 32213922] - scsi: qla2xxx: Fix regression on sparc64 (Rene Rebe) [Orabug: 32213922] - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (Enzo Matsumiya) [Orabug: 32213922] - scsi: qla2xxx: Address a set of sparse warnings (Shyam Sundar) [Orabug: 32213922] - scsi: qla2xxx: SAN congestion management implementation (Shyam Sundar) [Orabug: 32213922] - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (Shyam Sundar) [Orabug: 32213922] - scsi: qla2xxx: Introduce a function for computing the debug message prefix (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Remove a superfluous cast (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Initialize 'n' before using it (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (Bart Van Assche) [Orabug: 32213922] - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (Bart Van Assche) [Orabug: 32213922] - scsi: fc: Update Descriptor definition and add RDF and Link Integrity FPINs (James Smart) [Orabug: 32213922] - scsi: fc: add FPIN ELS definition (James Smart) [Orabug: 32213922] - staging: rts5208: rename SG_END macro (Arnd Bergmann) [Orabug: 32218536] - misc: rtsx: rename SG_END macro (Arnd Bergmann) [Orabug: 32218536] - ACPI: NFIT: Add runtime firmware activate support (Dan Williams) [Orabug: 32224144] - PM, libnvdimm: Add runtime firmware activation support (Dan Williams) [Orabug: 32224144] - libnvdimm: Convert to DEVICE_ATTR_ADMIN_RO() (Dan Williams) [Orabug: 32224144] - driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW} (Dan Williams) [Orabug: 32224144] - tools/testing/nvdimm: Emulate firmware activation commands (Dan Williams) [Orabug: 32224144] - tools/testing/nvdimm: Prepare nfit_ctl_test() for ND_CMD_CALL emulation (Dan Williams) [Orabug: 32224144] - tools/testing/nvdimm: Add command debug messages (Dan Williams) [Orabug: 32224144] - tools/testing/nvdimm: Cleanup dimm index passing (Dan Williams) [Orabug: 32224144] - ACPI: NFIT: Define runtime firmware activation commands (Dan Williams) [Orabug: 32224144] - ACPI: NFIT: Move bus_dsm_mask out of generic nvdimm_bus_descriptor (Dan Williams) [Orabug: 32224144] - libnvdimm: Validate command family indices (Dan Williams) [Orabug: 32224144] - PM: hibernate: Incorporate concurrency handling (Domenico Andreoli) [Orabug: 32224144] - libnvdimm: Move nvdimm_bus_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm/of_pmem: Provide a unique name for bus provider (Aneesh Kumar K.V) [Orabug: 32224144] - libnvdimm: Move nvdimm_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm: Move nd_mapping_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm: Move nd_region_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm: Move nd_numa_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm: Move nd_device_attribute_group to device_type (Dan Williams) [Orabug: 32224144] - libnvdimm: Move region attribute group definition (Dan Williams) [Orabug: 32224144] - libnvdimm/region: Rewrite _probe_success() to _advance_seeds() (Dan Williams) [Orabug: 32224144] - libnvdimm: Move attribute groups to device type (Dan Williams) [Orabug: 32224144] - acpi/nfit: improve bounds checking for 'func' (Dan Carpenter) [Orabug: 32224144] - ACPI/nfit: delete the function to_acpi_nfit_desc (Xiaochun Lee) [Orabug: 32224144] [4.14.35-2047.500.2] - lockdown: make lockdown mode available in securityfs (Alan Maguire) [Orabug: 32176137] - uek-rpm: Dont build emb2 kernel for mips (Dave Kleikamp) [Orabug: 32176895] - xen/events: block rogue events for some time (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/pvcallsback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673} - page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177989] - RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 32195765] - lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 32195765] - lib/scatterlist: Add SG_CHAIN and SG_END macros for LSB encodings (Anshuman Khandual) [Orabug: 32195765] - lib/scatterlist: Avoid potential scatterlist entry overflow (Tvrtko Ursulin) [Orabug: 32195765] - lib/scatterlist: Fix offset type in sg_alloc_table_from_pages (Tvrtko Ursulin) [Orabug: 32195765] - rds: fix out-of-tree build broken by tracepoints (Alan Maguire) [Orabug: 32185345] - xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 32177547] [4.14.35-2047.500.1] - perf/core: Fix a memory leak in perf_event_parse_addr_filter() (kiyin( )) [Orabug: 32131174] {CVE-2020-25704} - perf/core: Fix bad use of igrab() (Song Liu) [Orabug: 32131174] {CVE-2020-25704} - IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136897] - IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136897] - IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136897] - IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136897] - xen/gntdev: fix up blockable calls to mn_invl_range_start (Michal Hocko) [Orabug: 32139243] - uek-rpm: Enable Intel Speed Select Technology interface support (Somasundaram Krishnasamy) [Orabug: 32047440] - platform/x86: ISST: Add new PCI device ids (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Increase timeout (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Fix wrong unregister type (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Allow additional core-power mailbox commands (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Allow additional TRL MSRs (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Use dev_get_drvdata (Chuhong Yuan) [Orabug: 32047440] - platform/x86: ISST: Restore state on resume (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add Intel Speed Select PUNIT MSR interface (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add Intel Speed Select mailbox interface via MSRs (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add Intel Speed Select mailbox interface via PCI (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add Intel Speed Select mmio interface (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add IOCTL to Translate Linux logical CPU to PUNIT CPU number (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Store per CPU information (Srinivas Pandruvada) [Orabug: 32047440] - platform/x86: ISST: Add common API to register and handle ioctls (Srinivas Pandruvada) [Orabug: 32047440] [4.14.35-2046] - lockdown: By default run in integrity mode. (Konrad Rzeszutek Wilk) [Orabug: 32131560] - kernel: add panic_on_taint (Rafael Aquini) [Orabug: 32138009] - Revert 'pci: hardcode enumeration' (Dave Aldridge) [Orabug: 32152281] - hv_utils: drain the timesync packets on onchannelcallback (Vineeth Pillai) [Orabug: 32152143] - hv_utils: return error if host timesysnc update is stale (Vineeth Pillai) [Orabug: 32152143] - Revert 'iomap: Fix pipe page leakage during splicing' (George Kennedy) [Orabug: 30848187] - x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Icelakx (Ankur Arora) [Orabug: 32080078] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on AMD Zen (Ankur Arora) [Orabug: 32080078] - x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Broadwellx (Ankur Arora) [Orabug: 32080078] - mm, clear_huge_page: use clear_page_uncached() for gigantic pages (Ankur Arora) [Orabug: 32080078] - x86/clear_page: add clear_page_uncached() (Ankur Arora) [Orabug: 32080078] - x86/asm: add clear_page_nt() (Ankur Arora) [Orabug: 32080078] - perf bench: add memset_movnti() (Ankur Arora) [Orabug: 32080078] - x86/asm: add memset_movnti() (Ankur Arora) [Orabug: 32080078] - x86/cpuid: add X86_FEATURE_NT_GOOD (Ankur Arora) [Orabug: 32080078] - Linux 4.14.206 (Greg Kroah-Hartman) - powercap: restrict energy meter to root access (Len Brown) - Linux 4.14.205 (Greg Kroah-Hartman) [Orabug: 32041544] - arm64: dts: marvell: espressobin: add ethernet alias (Tomasz Maciej Nowak) - PM: runtime: Resume the device earlier in __device_release_driver() (Rafael J. Wysocki) - Revert 'ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE' (Vineet Gupta) - ARC: stack unwinding: avoid indefinite looping (Vineet Gupta) - usb: mtu3: fix panic in mtu3_gadget_stop() (Macpaul Lin) - USB: Add NO_LPM quirk for Kingston flash drive (Alan Stern) - USB: serial: option: add Telit FN980 composition 0x1055 (Daniele Palmas) - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (Daniele Palmas) - USB: serial: option: add Quectel EC200T module support (Ziyi Cao) - USB: serial: cyberjack: fix write-URB completion race (Johan Hovold) - serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (Qinglang Miao) - serial: 8250_mtk: Fix uart_get_baud_rate warning (Claire Chang) - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent (Eddy Wu) - vt: Disable KD_FONT_OP_COPY (Daniel Vetter) - ACPI: NFIT: Fix comparison to '-ENXIO' (Zhang Qilong) - drm/vc4: drv: Add error handding for bind (Hoegeun Kwon) - vsock: use ns_capable_noaudit() on socket create (Jeff Vander Stoep) - scsi: core: Dont start concurrent async scan on same host (Ming Lei) - blk-cgroup: Pre-allocate tree node on blkg_conf_prep (Gabriel Krisman Bertazi) - blk-cgroup: Fix memleak on error path (Gabriel Krisman Bertazi) - of: Fix reserved-memory overlap detection (Vincent Whitchurch) - x86/kexec: Use up-to-dated screen_info copy to fill boot params (Kairui Song) - ARM: dts: sun4i-a10: fix cpu_alert temperature (Clement Peron) - futex: Handle transient 'ownerless' rtmutex state correctly (Mike Galbraith) - tracing: Fix out of bounds write in get_trace_buf (Qiujun Huang) - ftrace: Handle tracing when switching between context (Steven Rostedt (VMware)) - ftrace: Fix recursion check for NMI test (Steven Rostedt (VMware)) - gfs2: Wake up when sd_glock_disposal becomes zero (Alexander Aring) - mm: always have io_remap_pfn_range() set pgprot_decrypted() (Jason Gunthorpe) - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (Zqiang) - lib/crc32test: remove extra local_irq_disable/enable (Vasily Gorbik) - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (Geoffrey D. Bennett) - Fonts: Replace discarded const qualifier (Lee Jones) - blktrace: fix debugfs use after free (Luis Chamberlain) {CVE-2019-19770} - Blktrace: bail out early if block debugfs is not configured (Liu Bo) - sfp: Fix error handing in sfp_probe() (YueHaibing) - sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms (Petr Malat) - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (Daniele Palmas) - gianfar: Account for Tx PTP timestamp in the skb headroom (Claudiu Manoil) - gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP (Claudiu Manoil) - tipc: fix use-after-free in tipc_bcast_get_mode (Hoang Huu Le) - drm/i915: Break up error capture compression loops with cond_resched() (Chris Wilson) - Linux 4.14.204 (Greg Kroah-Hartman) - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (Ian Abbott) - KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR (Marc Zyngier) - device property: Dont clear secondary pointer for shared primary firmware node (Andy Shevchenko) - device property: Keep secondary firmware node secondary by type (Andy Shevchenko) - ARM: s3c24xx: fix missing system reset (Krzysztof Kozlowski) - ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (Krzysztof Kozlowski) - arm: dts: mt7623: add missing pause for switchport (Frank Wunderlich) - hil/parisc: Disable HIL driver when it gets stuck (Helge Deller) - cachefiles: Handle readpage error correctly (Matthew Wilcox (Oracle)) - arm64: berlin: Select DW_APB_TIMER_OF (Jisheng Zhang) - tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds) - rtc: rx8010: dont modify the global rtc ops (Bartosz Golaszewski) - drm/ttm: fix eviction valuable range check. (Dave Airlie) - ext4: fix invalid inode checksum (Luo Meng) - ext4: fix error handling code in add_new_gdb (Dinghao Liu) - ext4: fix leaking sysfs kobject after failed mount (Eric Biggers) - vringh: fix __vringh_iov() when riov and wiov are different (Stefano Garzarella) - ring-buffer: Return 0 on success from ring_buffer_resize() (Qiujun Huang) - 9P: Cast to loff_t before multiplying (Matthew Wilcox (Oracle)) - libceph: clear con->out_msg on Policy::stateful_server faults (Ilya Dryomov) - ceph: promote to unsigned long long before shifting (Matthew Wilcox (Oracle)) - drm/amdgpu: dont map BO in reserved region (Madhav Chauhan) - ia64: fix build error with !COREDUMP (Krzysztof Kozlowski) - ubi: check kthread_should_stop() after the setting of task state (Zhihao Cheng) - perf python scripting: Fix printable strings in python3 scripts (Jiri Olsa) - ubifs: dent: Fix some potential memory leaks while iterating entries (Zhihao Cheng) - NFSD: Add missing NFSv2 .pc_func methods (Chuck Lever) - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (Olga Kornievskaia) - powerpc/powernv/elog: Fix race while processing OPAL error log event. (Mahesh Salgaonkar) - powerpc: Warn about use of smt_snooze_delay (Joel Stanley) - powerpc/rtas: Restrict RTAS requests from userspace (Andrew Donnellan) - s390/stp: add locking to sysfs functions (Sven Schnelle) - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio:adc:ti-adc12138 Fix alignment issue with timestamp (Jonathan Cameron) - iio:adc:ti-adc0832 Fix alignment issue with timestamp (Jonathan Cameron) - iio:light:si1145: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (Paul Cercueil) - vt: keyboard, extend func_buf_lock to readers (Jiri Slaby) {CVE-2020-25656} - vt: keyboard, simplify vt_kdgkbsent (Jiri Slaby) - drm/i915: Force VTd workarounds when running as a guest OS (Chris Wilson) - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (Ran Wang) - usb: cdc-acm: fix cooldown mechanism (Jerome Brunet) - usb: dwc3: core: dont trigger runtime pm when remove driver (Li Jun) - usb: dwc3: core: add phy cleanup for probe error handling (Li Jun) - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (Thinh Nguyen) - btrfs: fix use-after-free on readahead extent after failure to create it (Filipe Manana) - btrfs: cleanup cow block on error (Josef Bacik) - btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() (Denis Efremov) - btrfs: send, recompute reference path after orphanization of a directory (Filipe Manana) - btrfs: reschedule if necessary when logging directory items (Filipe Manana) - scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() (Helge Deller) - w1: mxc_w1: Fix timeout resolution problem leading to bus error (Martin Fuzzey) - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (Wei Huang) - ACPI: debug: dont allow debugging when ACPI is disabled (Jamie Iles) - ACPI: video: use ACPI backlight for HP 635 Notebook (Alex Hung) - ACPI / extlog: Check for RDMSR failure (Ben Hutchings) - NFS: fix nfs_path in case of a rename retry (Ashish Sangwan) - fs: Dont invalidate page buffers in block_write_full_page() (Jan Kara) - leds: bcm6328, bcm6358: use devres LED registering function (Marek Behun) - perf/x86/amd/ibs: Fix raw sample data accumulation (Kim Phillips) - perf/x86/amd/ibs: Dont include randomized bits in get_ibs_op_count() (Kim Phillips) - md/raid5: fix oops during stripe resizing (Song Liu) - nvme-rdma: fix crash when connect rejected (Chao Leng) - sgl_alloc_order: fix memory leak (Douglas Gilbert) - nbd: make the config put is called before the notifying the waiter (Xiubo Li) - ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node (Krzysztof Kozlowski) - ARM: dts: s5pv210: move PMU node out of clock controller (Krzysztof Kozlowski) - ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings (Krzysztof Kozlowski) - memory: emif: Remove bogus debugfs error handling (Dan Carpenter) - arm64: dts: renesas: ulcb: add full-pwr-cycle-in-suspend into eMMC nodes (Yoshihiro Shimoda) - gfs2: add validation checks for size of superblock (Anant Thazhemadam) - ext4: Detect already used quota file early (Jan Kara) - drivers: watchdog: rdc321x_wdt: Fix race condition bugs (Madhuparna Bhowmik) - net: 9p: initialize sun_server.sun_path to have addrs value only when addr is valid (Anant Thazhemadam) - clk: ti: clockdomain: fix static checker warning (Tero Kristo) - bnxt_en: Log unknown link speed appropriately. (Michael Chan) - md/bitmap: md_bitmap_get_counter returns wrong blocks (Zhao Heming) - power: supply: test_power: add missing newlines when printing parameters by sysfs (Xiongfeng Wang) - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (Diana Craciun) - drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values (Xie He) - ACPI: Add out of bounds and numa_off protections to pxm_to_node() (Jonathan Cameron) - arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE (Zhengyuan Liu) - uio: free uio id after uio file node is freed (Lang Dai) - USB: adutux: fix debugging (Oliver Neukum) - cpufreq: sti-cpufreq: add stih418 support (Alain Volmat) - kgdb: Make 'kgdbcon' work properly with 'kgdb_earlycon' (Douglas Anderson) - printk: reduce LOG_BUF_SHIFT range for H8300 (John Ogness) - drm/bridge/synopsys: dsi: add support for non-continuous HS clock (Antonio Borneo) - mmc: via-sdmmc: Fix data race bug (Madhuparna Bhowmik) - media: tw5864: check status of tw5864_frameinterval_get (Tom Rix) - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (Badhri Jagan Sridharan) - media: platform: Improve queue set up flow for bug fixing (Xia Jiang) - media: videodev2.h: RGB BT2020 and HSV are always full range (Hans Verkuil) - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (Nadezda Lutovinova) - ath10k: fix VHT NSS calculation when STBC is enabled (Sathishkumar Muruganandam) - ath10k: start recovery process when payload length exceeds max htc length for sdio (Wen Gong) - video: fbdev: pvr2fb: initialize variables (Tom Rix) - xfs: fix realtime bitmap/summary file truncation when growing rt volume (Darrick J. Wong) - ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses (Douglas Anderson) - um: change sigio_spinlock to a mutex (Johannes Berg) - f2fs: fix to check segment boundary during SIT page readahead (Chao Yu) - f2fs: add trace exit in exception path (Zhang Qilong) - sparc64: remove mm_cpumask clearing to fix kthread_use_mm race (Nicholas Piggin) - powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (Nicholas Piggin) - powerpc/powernv/smp: Fix spurious DBG() warning (Oliver O Halloran) - futex: Fix incorrect should_fail_futex() handling (Mateusz Nosek) - mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() (Amit Cohen) - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (Jiri Slaby) - fscrypt: return -EXDEV for incompatible rename or link into encrypted dir (Eric Biggers) - ata: sata_rcar: Fix DMA boundary mask (Geert Uytterhoeven) - mtd: lpddr: Fix bad logic in print_drs_error (Gustavo A. R. Silva) - p54: avoid accessing the data mapped to streaming DMA (Jia-Ju Bai) - fuse: fix page dereference after free (Miklos Szeredi) - x86/xen: disable Firmware First mode for correctable memory errors (Juergen Gross) - arch/x86/amd/ibs: Fix re-arming IBS Fetch (Kim Phillips) - tipc: fix memory leak caused by tipc_buf_append() (Tung Nguyen) - ravb: Fix bit fields checking in ravb_hwtstamp_get() (Andrew Gabbasov) - gtp: fix an use-before-init in gtp_newlink() (Masahiro Fujiwara) - efivarfs: Replace invalid slashes with exclamation marks in dentries. (Michael Schaller) - arm64: link with -z norelro regardless of CONFIG_RELOCATABLE (Nick Desaulniers) - scripts/setlocalversion: make git describe output more reliable (Rasmus Villemoes) - Btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Filipe Manana) [Orabug: 31864725] {CVE-2019-19816} - btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek) [Orabug: 31864725] {CVE-2019-19816} - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo) [Orabug: 31864725] {CVE-2019-19816} - hv_netvsc: Set probe mode to sync (Haiyang Zhang) [Orabug: 32120118] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.103.3.1uek] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492109] {CVE-2021-26930} - xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.103.3.1.el7] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492109] {CVE-2021-26930} - xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 Oracle Linux 7 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 Oracle Linux 6 [253-1.0.1] - fix xutf8.h to work with up-to-date Xlib - fix crash in combining character support {CVE-2021-27135} [orabug 32496959] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27135 Oracle Linux 7 [4.14.35-2047.500.10.el7uek] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: don't handle error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-netback: don't handle error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-blkback: don't handle error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - tap: fix use-after-free (Michael S. Tsirkin) [Orabug: 32466083] - vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471695] - Fix double free KASAN warnings and use after free of kmalloc-32 object. (Imran Khan) [Orabug: 32480357] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 [4.14.35-2047.500.10.el7] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - tap: fix use-after-free (Michael S. Tsirkin) [Orabug: 32466083] - vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471695] - Fix double free KASAN warnings and use after free of kmalloc-32 object. (Imran Khan) [Orabug: 32480357] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 [2.02-0.87.0.7] - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 [Orabug: 32530657] - Fix various coverity issues [Orabug: 32530657] - Add SBAT metadata to grubx64.efi [Orabug: 32530657] [2.02-0.87.0.5] - Use similar format for menu entry in grub environment block - config file. [Orabug: 32172943] [2.02-0.87.0.3] - Fix degradation in multiboot2 code [Orabug: 32069510] [2.02-0.87.0.1] - Update signing certificate for efi binaries - Update upstream references [Orabug: 30138841] - Restore symlink to grub environment file, that was removed during grub2-efi update if grub2 package is also installed on UEFI machines [Orabug: 27345750] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for [Orabug: 18504756] - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev) - Put 'with' in menuentry instead of 'using' [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Oracle Linux 8 [2.02-90.0.2] - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 [Orabug: 32530657] - Fix various coverity issues [Orabug: 32530657] - Disable os-prober by default [Orabug: 32530657] - Add SBAT metadata to grubx64.efi [Orabug: 32530657] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Oracle Linux 6 Oracle Linux 7 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2020-0431 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 [4.14.35-2047.501.1.el7uek] - ovl: restore creds in all return paths of ovl_iterate (Somasundaram Krishnasamy) [Orabug: 32620381] [4.14.35-2047.501.0] - block/diskstats: accumulate all per-cpu counters in one pass (Konstantin Khlebnikov) [Orabug: 32531559] - uek-rpm: config-aarch-embedded2 update for Jan 2021 Elba patches (Dave Kleikamp) [Orabug: 32532588] - dts/pensando: Fix compatile -> compatible typeo. (David Clear) [Orabug: 32532588] - Interrupt domain controllers for Elba ASIC. (David Clear) [Orabug: 32532588] - elba_defconfig: CONFIG_PTP_1588_CLOCK=y (David Clear) [Orabug: 32532588] - soc/pensando: pcie driver (David Clear) [Orabug: 32532588] - pcie: control access to pcie clock domain registers (David Clear) [Orabug: 32532588] - mmc: sdhci-cadence-elba ADMA and HS200 tuning support (David Clear) [Orabug: 32532588] - enable rcu callback offloading & adaptive tick mode to reduce jitter (David Clear) [Orabug: 32532588] - uek-rpm: Enable perf trace support for OL7 kernel builds. (Mridula Shastry) [Orabug: 32528194] - uek-rpm: update config-aarch-embedded2 for Elba (Dave Kleikamp) [Orabug: 32361844] - elba: u-boot environment partitions in the device-tree (David Clear) [Orabug: 32361844] - i2c: Add Elba Ortano Lattice RD1173 I2C controller driver. (David Clear) [Orabug: 32361844] - elba: one more mnet for elba.dtsi (David Clear) [Orabug: 32361844] - elba: Add IPv6 support to elba_defconfig (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence-elba sdhci driver cleanup (David Clear) [Orabug: 32361844] - spi-dw: custom chip-select handler for elba (David Clear) [Orabug: 32361844] - arch/arm64: Pensando elba dts and config files (David Clear) [Orabug: 32361844] - drivers/soc/pensando: crash dump driver. (David Clear) [Orabug: 32361844] - drivers/pensando/soc: Boot State Machine (BSM) integration. (David Clear) [Orabug: 32361844] - drivers/soc/pensando: /dev/capmem driver. (David Clear) [Orabug: 32361844] - drivers/mmc/host: Pensando Elba support in the Cadence EMMC host controller (David Clear) [Orabug: 32361844] - drivers/gpio: support the Elba SPI chip-selects. (David Clear) [Orabug: 32361844] - arch/arm64: Pensando Elba SoC declaration. (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence: fix PHY write (Vladimir Kondratiev) [Orabug: 32361844] - mmc: sdhci-cadence: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN for UniPhier (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: remove unneeded 'inline' marker (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use struct_size() helper (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: fix logically and structurally dead code (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: send tune request twice to work around errata (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use bitfield access macros for cleanup (Masahiro Yamada) [Orabug: 32361844] - Revert 'Support the reset pulse width from the device-tree.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Initial Pensando Capri SoC declaration' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add Capri EMMC phy and instantiate the driver in the dts' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Capri SPI driver' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Interrupt domain controllers for Capri ASIC.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add uio support for Capri PCIE and Link interrupts' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando/Capri PCIE panic handler.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando crash dump driver' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando Boot State Machine (BSM) integration.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add mnic nodes to the Pensando devicetree' (Dave Kleikamp) [Orabug: 32361844] - Revert 'mtd/spi-nor/cadence-quadspi.c: Speed up reads.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add /proc/xmaps' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add Pensando Capri board .dts files and default configs' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Provide for precise control of pgprot for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Kconfig option to disable outer-cache-allocate for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add /dev/capmem driver for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Make low-speed APB bus accesses single threaded' (Dave Kleikamp) [Orabug: 32361844] - sched/topology: Assert non-NUMA topology masks don't (partially) overlap (Valentin Schneider) [Orabug: 32485794] - x86/msr: Add a pointer to an URL which contains further details (Borislav Petkov) [Orabug: 32409137] - x86/msr: Downgrade unrecognized MSR message (Borislav Petkov) [Orabug: 32409137] - x86/msr: Do not allow writes to MSR_IA32_ENERGY_PERF_BIAS (Borislav Petkov) [Orabug: 32409137] - x86/msr: Prevent userspace MSR access from dominating the console (Chris Down) [Orabug: 32409137] - x86/msr: Filter MSR writes (Borislav Petkov) [Orabug: 32409137] - tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/turbostat: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/cpupower: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422664] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422664] - ovl: verify permissions in ovl_path_open() (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: switch to mounter creds in readdir (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: pass correct flags for opening real directory (Miklos Szeredi) [Orabug: 32435220] - l2tp: fix race in pppol2tp_release with session object destroy (James Chapman) [Orabug: 32435324] - l2tp: fix races with tunnel socket close (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on ppp session destroy (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on tunnel destroy (James Chapman) [Orabug: 32435324] - l2tp: exit_net cleanup check added (Vasily Averin) [Orabug: 32435324] - l2tp: remove the .tunnel_sock field from struct pppol2tp_session (Guillaume Nault) [Orabug: 32435324] - l2tp: avoid using ->tunnel_sock for getting session's parent tunnel (Guillaume Nault) [Orabug: 32435324] - l2tp: remove .tunnel_sock from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: don't close sessions in l2tp_tunnel_destruct() (Guillaume Nault) [Orabug: 32435324] - l2tp: remove field 'dev' from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: remove l2tp_tunnel_count and l2tp_session_count (Guillaume Nault) [Orabug: 32435324] - l2tp: remove ->ref() and ->deref() (Guillaume Nault) [Orabug: 32435324] - net: l2tp: mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 32435324] - l2tp: initialise PPP sessions before registering them (Guillaume Nault) [Orabug: 32435324] - rds: CONFIG_RDS_DEBUG + tracepoints breaks rds build (Alan Maguire) [Orabug: 32442506] - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Don't enable IRQs unconditionally in put_pi_state() (Dan Carpenter) [Orabug: 32447189] {CVE-2021-3347} - nbd: freeze the queue while we're adding connections (Josef Bacik) [Orabug: 32447287] {CVE-2021-3348} - rds: avoid crash on IB conn path shutdown prepare (Alan Maguire) [Orabug: 32457375] - net/rds: WARNING in rds_conn_drop (Ka-Cheong Poon) [Orabug: 32481707] - rds: tracepoints incorrectly reporting valid rds ping as drop (Alan Maguire) [Orabug: 32490010] - rds: tracepoint-related KASAN: use-after-free Read in rds_send_xmit (Alan Maguire) [Orabug: 32490032] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492279] - selinux: allow labeling before policy is loaded (Jonathan Lebon) [Orabug: 32492279] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-16120 CVE-2021-3347 CVE-2021-3348 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.104.4.el8uek] - KVM: arm64: guest context in x18 instead of x29 (Mihai Carabas) [Orabug: 32545182] [5.4.17-2036.104.3.el8uek] - config: enable CONFIG_MLX5_MPFS (Brian Maly) [Orabug: 32249042] - net: Fix bridge enslavement failure (Ido Schimmel) [Orabug: 32503298] - inet: do not call sublist_rcv on empty list (Florian Westphal) [Orabug: 32512814] - KVM: arm64: pmu: Dont mark a counter as chained if the odd one is disabled (Eric Auger) [Orabug: 32499188] - random: wire /dev/random with a DRBG instance (Saeed Mirzamohammadi) [Orabug: 32522087] - crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) [Orabug: 32522087] - crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) [Orabug: 32522087] - crypto: jitter - SP800-90B compliance (Stephan Muller) [Orabug: 32522087] - crypto: jitter - add header to fix buildwarnings (Ben Dooks) [Orabug: 32522087] - crypto: jitter - fix comments (Alexander E. Patrakov) [Orabug: 32522087] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492109] {CVE-2021-26930} - xen-scsiback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-netback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-blkback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: dont bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} [5.4.17-2036.104.2.el8uek] - tcp: fix to update snd_wl1 in bulk receiver fast path (Neal Cardwell) [Orabug: 32498822] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492277] - selinux: allow labeling before policy is loaded (Jonathan Lebon) [Orabug: 32492277] - KVM: SVM: Initialize prev_ga_tag before use (Suravee Suthikulpanit) [Orabug: 32478549] - tools/power turbostat: Support additional CPU model numbers (Len Brown) [Orabug: 32422451] - x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (Tony Luck) [Orabug: 32422451] - x86/cpu: Add Sapphire Rapids CPU model number (Tony Luck) [Orabug: 32422451] - tools/power turbostat: Support Tiger Lake (Chen Yu) [Orabug: 32422451] - uek-rpm: config-aarch64: enable MEMORY HOTREMOVE (Mihai Carabas) [Orabug: 32353851] - arm64/mm/hotplug: Ensure early memory sections are all online (Anshuman Khandual) [Orabug: 32353851] - arm64/mm/hotplug: Enable MEM_OFFLINE event handling (Anshuman Khandual) [Orabug: 32353851] - arm64/mm/hotplug: Register boot memory hot remove notifier earlier (Anshuman Khandual) [Orabug: 32353851] - arm64/mm: Enable memory hot remove (Anshuman Khandual) [Orabug: 32353851] - arm64/mm: Hold memory hotplug lock while walking for kernel page table dump (Anshuman Khandual) [Orabug: 32353851] - KVM: arm64: Save/restore sp_el0 as part of __guest_enter (Marc Zyngier) [Orabug: 32171445] - net/mlx4_en: Handle TX error CQE (Moshe Shemesh) [Orabug: 32492969] - net/mlx4_en: Avoid scheduling restart task if it is already running (Moshe Shemesh) [Orabug: 32492969] [5.4.17-2036.104.1.el8uek] - vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471677] - HID: hid-input: fix stylus battery reporting (Dmitry Torokhov) [Orabug: 32464784] {CVE-2020-0431} - nbd: freeze the queue while were adding connections (Josef Bacik) [Orabug: 32447285] {CVE-2021-3348} - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Dont enable IRQs unconditionally in put_pi_state() (Dan Carpenter) [Orabug: 32447187] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422662] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422662] - arm64: Reserve only 256M on RPi for crashkernel=auto (Vijay Kumar) [Orabug: 32301026] [5.4.17-2036.104.0.el8uek] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426610] - thermal: intel_pch_thermal: Add PCI ids for Lewisburg PCH. (Andres Freund) [Orabug: 32424705] - thermal: intel: intel_pch_thermal: Add Cannon Lake Low Power PCH support (Sumeet Pawnikar) [Orabug: 32424705] - thermal: intel: intel_pch_thermal: Add Comet Lake (CML) platform support (Gayatri Kammela) [Orabug: 32424705] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350989] - ovl: check permission to open real file (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: verify permissions in ovl_path_open() (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: switch to mounter creds in readdir (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: pass correct flags for opening real directory (Miklos Szeredi) [Orabug: 32046372] - A/A Bonding: Add synchronized bundle failback (Gerd Rausch) [Orabug: 32381883] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2020-0431 CVE-2020-16120 CVE-2021-3347 CVE-2021-3348 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.104.4.el7] - KVM: arm64: guest context in x18 instead of x29 (Mihai Carabas) [Orabug: 32545182] [5.4.17-2036.104.3.el7] - config: enable CONFIG_MLX5_MPFS (Brian Maly) [Orabug: 32249042] - net: Fix bridge enslavement failure (Ido Schimmel) [Orabug: 32503298] - inet: do not call sublist_rcv on empty list (Florian Westphal) [Orabug: 32512814] - KVM: arm64: pmu: Dont mark a counter as chained if the odd one is disabled (Eric Auger) [Orabug: 32499188] - random: wire /dev/random with a DRBG instance (Saeed Mirzamohammadi) [Orabug: 32522087] - crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) [Orabug: 32522087] - crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) [Orabug: 32522087] - crypto: jitter - SP800-90B compliance (Stephan Muller) [Orabug: 32522087] - crypto: jitter - add header to fix buildwarnings (Ben Dooks) [Orabug: 32522087] - crypto: jitter - fix comments (Alexander E. Patrakov) [Orabug: 32522087] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492109] {CVE-2021-26930} - xen-scsiback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-netback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - xen-blkback: dont 'handle' error by BUG() (Jan Beulich) [Orabug: 32492101] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} - Xen/x86: dont bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492093] {CVE-2021-26932} [5.4.17-2036.104.2.el7] - tcp: fix to update snd_wl1 in bulk receiver fast path (Neal Cardwell) [Orabug: 32498822] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492277] - selinux: allow labeling before policy is loaded (Jonathan Lebon) [Orabug: 32492277] - KVM: SVM: Initialize prev_ga_tag before use (Suravee Suthikulpanit) [Orabug: 32478549] - tools/power turbostat: Support additional CPU model numbers (Len Brown) [Orabug: 32422451] - x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (Tony Luck) [Orabug: 32422451] - x86/cpu: Add Sapphire Rapids CPU model number (Tony Luck) [Orabug: 32422451] - tools/power turbostat: Support Tiger Lake (Chen Yu) [Orabug: 32422451] - uek-rpm: config-aarch64: enable MEMORY HOTREMOVE (Mihai Carabas) [Orabug: 32353851] - arm64/mm/hotplug: Ensure early memory sections are all online (Anshuman Khandual) [Orabug: 32353851] - arm64/mm/hotplug: Enable MEM_OFFLINE event handling (Anshuman Khandual) [Orabug: 32353851] - arm64/mm/hotplug: Register boot memory hot remove notifier earlier (Anshuman Khandual) [Orabug: 32353851] - arm64/mm: Enable memory hot remove (Anshuman Khandual) [Orabug: 32353851] - arm64/mm: Hold memory hotplug lock while walking for kernel page table dump (Anshuman Khandual) [Orabug: 32353851] - KVM: arm64: Save/restore sp_el0 as part of __guest_enter (Marc Zyngier) [Orabug: 32171445] - net/mlx4_en: Handle TX error CQE (Moshe Shemesh) [Orabug: 32492969] - net/mlx4_en: Avoid scheduling restart task if it is already running (Moshe Shemesh) [Orabug: 32492969] [5.4.17-2036.104.1.el7] - vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471677] - HID: hid-input: fix stylus battery reporting (Dmitry Torokhov) [Orabug: 32464784] {CVE-2020-0431} - nbd: freeze the queue while were adding connections (Josef Bacik) [Orabug: 32447285] {CVE-2021-3348} - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Dont enable IRQs unconditionally in put_pi_state() (Dan Carpenter) [Orabug: 32447187] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447187] {CVE-2021-3347} - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422662] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422662] - arm64: Reserve only 256M on RPi for crashkernel=auto (Vijay Kumar) [Orabug: 32301026] [5.4.17-2036.104.0.el7] - Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426610] - thermal: intel_pch_thermal: Add PCI ids for Lewisburg PCH. (Andres Freund) [Orabug: 32424705] - thermal: intel: intel_pch_thermal: Add Cannon Lake Low Power PCH support (Sumeet Pawnikar) [Orabug: 32424705] - thermal: intel: intel_pch_thermal: Add Comet Lake (CML) platform support (Gayatri Kammela) [Orabug: 32424705] - nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350989] - ovl: check permission to open real file (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: verify permissions in ovl_path_open() (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: switch to mounter creds in readdir (Miklos Szeredi) [Orabug: 32046372] {CVE-2020-16120} - ovl: pass correct flags for opening real directory (Miklos Szeredi) [Orabug: 32046372] - A/A Bonding: Add synchronized bundle failback (Gerd Rausch) [Orabug: 32381883] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2020-0431 CVE-2020-16120 CVE-2021-3347 CVE-2021-3348 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 [4.14.35-2047.501.0.el7] - block/diskstats: accumulate all per-cpu counters in one pass (Konstantin Khlebnikov) [Orabug: 32531559] - uek-rpm: config-aarch-embedded2 update for Jan 2021 Elba patches (Dave Kleikamp) [Orabug: 32532588] - dts/pensando: Fix compatile -> compatible typeo. (David Clear) [Orabug: 32532588] - Interrupt domain controllers for Elba ASIC. (David Clear) [Orabug: 32532588] - elba_defconfig: CONFIG_PTP_1588_CLOCK=y (David Clear) [Orabug: 32532588] - soc/pensando: pcie driver (David Clear) [Orabug: 32532588] - pcie: control access to pcie clock domain registers (David Clear) [Orabug: 32532588] - mmc: sdhci-cadence-elba ADMA and HS200 tuning support (David Clear) [Orabug: 32532588] - enable rcu callback offloading & adaptive tick mode to reduce jitter (David Clear) [Orabug: 32532588] - uek-rpm: Enable perf trace support for OL7 kernel builds. (Mridula Shastry) [Orabug: 32528194] - uek-rpm: update config-aarch-embedded2 for Elba (Dave Kleikamp) [Orabug: 32361844] - elba: u-boot environment partitions in the device-tree (David Clear) [Orabug: 32361844] - i2c: Add Elba Ortano Lattice RD1173 I2C controller driver. (David Clear) [Orabug: 32361844] - elba: one more mnet for elba.dtsi (David Clear) [Orabug: 32361844] - elba: Add IPv6 support to elba_defconfig (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence-elba sdhci driver cleanup (David Clear) [Orabug: 32361844] - spi-dw: custom chip-select handler for elba (David Clear) [Orabug: 32361844] - arch/arm64: Pensando elba dts and config files (David Clear) [Orabug: 32361844] - drivers/soc/pensando: crash dump driver. (David Clear) [Orabug: 32361844] - drivers/pensando/soc: Boot State Machine (BSM) integration. (David Clear) [Orabug: 32361844] - drivers/soc/pensando: /dev/capmem driver. (David Clear) [Orabug: 32361844] - drivers/mmc/host: Pensando Elba support in the Cadence EMMC host controller (David Clear) [Orabug: 32361844] - drivers/gpio: support the Elba SPI chip-selects. (David Clear) [Orabug: 32361844] - arch/arm64: Pensando Elba SoC declaration. (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence: fix PHY write (Vladimir Kondratiev) [Orabug: 32361844] - mmc: sdhci-cadence: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN for UniPhier (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: remove unneeded 'inline' marker (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use struct_size() helper (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: fix logically and structurally dead code (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: send tune request twice to work around errata (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use bitfield access macros for cleanup (Masahiro Yamada) [Orabug: 32361844] - Revert 'Support the reset pulse width from the device-tree.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Initial Pensando Capri SoC declaration' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add Capri EMMC phy and instantiate the driver in the dts' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Capri SPI driver' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Interrupt domain controllers for Capri ASIC.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add uio support for Capri PCIE and Link interrupts' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando/Capri PCIE panic handler.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando crash dump driver' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Pensando Boot State Machine (BSM) integration.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add mnic nodes to the Pensando devicetree' (Dave Kleikamp) [Orabug: 32361844] - Revert 'mtd/spi-nor/cadence-quadspi.c: Speed up reads.' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add /proc/xmaps' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add Pensando Capri board .dts files and default configs' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Provide for precise control of pgprot for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Kconfig option to disable outer-cache-allocate for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Add /dev/capmem driver for Pensando' (Dave Kleikamp) [Orabug: 32361844] - Revert 'Make low-speed APB bus accesses single threaded' (Dave Kleikamp) [Orabug: 32361844] - sched/topology: Assert non-NUMA topology masks don't (partially) overlap (Valentin Schneider) [Orabug: 32485794] - x86/msr: Add a pointer to an URL which contains further details (Borislav Petkov) [Orabug: 32409137] - x86/msr: Downgrade unrecognized MSR message (Borislav Petkov) [Orabug: 32409137] - x86/msr: Do not allow writes to MSR_IA32_ENERGY_PERF_BIAS (Borislav Petkov) [Orabug: 32409137] - x86/msr: Prevent userspace MSR access from dominating the console (Chris Down) [Orabug: 32409137] - x86/msr: Filter MSR writes (Borislav Petkov) [Orabug: 32409137] - tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/turbostat: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/cpupower: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422664] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422664] - ovl: verify permissions in ovl_path_open() (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: switch to mounter creds in readdir (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: pass correct flags for opening real directory (Miklos Szeredi) [Orabug: 32435220] - l2tp: fix race in pppol2tp_release with session object destroy (James Chapman) [Orabug: 32435324] - l2tp: fix races with tunnel socket close (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on ppp session destroy (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on tunnel destroy (James Chapman) [Orabug: 32435324] - l2tp: exit_net cleanup check added (Vasily Averin) [Orabug: 32435324] - l2tp: remove the .tunnel_sock field from struct pppol2tp_session (Guillaume Nault) [Orabug: 32435324] - l2tp: avoid using ->tunnel_sock for getting session's parent tunnel (Guillaume Nault) [Orabug: 32435324] - l2tp: remove .tunnel_sock from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: don't close sessions in l2tp_tunnel_destruct() (Guillaume Nault) [Orabug: 32435324] - l2tp: remove field 'dev' from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: remove l2tp_tunnel_count and l2tp_session_count (Guillaume Nault) [Orabug: 32435324] - l2tp: remove ->ref() and ->deref() (Guillaume Nault) [Orabug: 32435324] - net: l2tp: mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 32435324] - rds: CONFIG_RDS_DEBUG + tracepoints breaks rds build (Alan Maguire) [Orabug: 32442506] - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Don't enable IRQs unconditionally in put_pi_state() (Dan Carpenter) [Orabug: 32447189] {CVE-2021-3347} - nbd: freeze the queue while we're adding connections (Josef Bacik) [Orabug: 32447287] {CVE-2021-3348} - rds: avoid crash on IB conn path shutdown prepare (Alan Maguire) [Orabug: 32457375] - net/rds: WARNING in rds_conn_drop (Ka-Cheong Poon) [Orabug: 32481707] - rds: tracepoints incorrectly reporting valid rds ping as drop (Alan Maguire) [Orabug: 32490010] - rds: tracepoint-related KASAN: use-after-free Read in rds_send_xmit (Alan Maguire) [Orabug: 32490032] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492279] - selinux: allow labeling before policy is loaded (Jonathan Lebon) [Orabug: 32492279] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-16120 CVE-2021-3347 CVE-2021-3348 Oracle Linux 8 [3.6.8-31.0.3] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 7 [3.6.8-18.0.3] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 7 [15:4.2.1-5.el7] - qemu.spec: use --tls-priority=NORMAL for OL7 (Elena Ufimtseva) - hostmem: fix default 'prealloc-threads' count (Mark Kanda) [Orabug: 32472127] - hostmem: introduce 'prealloc-threads' property (Igor Mammedov) - qom: introduce object_register_sugar_prop (Paolo Bonzini) - migration/multifd: Do error_free after migrate_set_error to avoid memleaks (Pan Nengyuan) - multifd/tls: fix memoryleak of the QIOChannelSocket object when cancelling migration (Chuan Zheng) - migration/multifd: fix hangup with TLS-Multifd due to blocking handshake (Chuan Zheng) - migration/tls: add trace points for multifd-tls (Chuan Zheng) - migration/tls: add support for multifd tls-handshake (Chuan Zheng) - migration/tls: extract cleanup function for common-use (Chuan Zheng) - migration/multifd: fix memleaks in multifd_new_send_channel_async (Pan Nengyuan) - migration/multifd: fix nullptr access in multifd_send_terminate_threads (Zhimin Feng) - migration/tls: add tls_hostname into MultiFDSendParams (Chuan Zheng) - migration/tls: extract migration_tls_client_create for common-use (Chuan Zheng) - migration/tls: save hostname into MigrationState (Chuan Zheng) - tests/qtest: add a test case for pvpanic-pci (Mihai Carabas) - pvpanic : update pvpanic spec document (Mihai Carabas) - hw/misc/pvpanic: add PCI interface support (Mihai Carabas) - hw/misc/pvpanic: split-out generic and bus dependent code (Mihai Carabas) - 9pfs: Fully restart unreclaim loop (CVE-2021-20181) (Greg Kurz) [Orabug: 32441198] {CVE-2021-20181} - ide: atapi: check logical block address and read size (CVE-2020-29443) (Prasad J Pandit) [Orabug: 32393835] {CVE-2020-29443} - Document CVE-2019-20808 as fixed (Mark Kanda) [Orabug: 32339196] {CVE-2019-20808} - block/iscsi:fix heap-buffer-overflow in iscsi_aio_ioctl_cb (Chen Qun) [Orabug: 32339207] {CVE-2020-11947} - net: remove an assert call in eth_get_gso_type (Prasad J Pandit) [Orabug: 32102583] {CVE-2020-27617} - nvdimm: honor -object memory-backend-file, readonly=on option (Stefan Hajnoczi) [Orabug: 32265408] - hostmem-file: add readonly=on|off option (Stefan Hajnoczi) [Orabug: 32265408] - memory: add readonly support to memory_region_init_ram_from_file() (Stefan Hajnoczi) [Orabug: 32265408] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-11947 CVE-2020-29443 CVE-2020-27617 CVE-2019-20808 CVE-2021-20181 Oracle Linux 7 [2.7.5-90.0.3] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 7 [15:4.2.1-5.el7] - qemu.spec: use --tls-priority=NORMAL for OL7 (Elena Ufimtseva) - hostmem: fix default 'prealloc-threads' count (Mark Kanda) [Orabug: 32472127] - hostmem: introduce 'prealloc-threads' property (Igor Mammedov) - qom: introduce object_register_sugar_prop (Paolo Bonzini) - migration/multifd: Do error_free after migrate_set_error to avoid memleaks (Pan Nengyuan) - multifd/tls: fix memoryleak of the QIOChannelSocket object when cancelling migration (Chuan Zheng) - migration/multifd: fix hangup with TLS-Multifd due to blocking handshake (Chuan Zheng) - migration/tls: add trace points for multifd-tls (Chuan Zheng) - migration/tls: add support for multifd tls-handshake (Chuan Zheng) - migration/tls: extract cleanup function for common-use (Chuan Zheng) - migration/multifd: fix memleaks in multifd_new_send_channel_async (Pan Nengyuan) - migration/multifd: fix nullptr access in multifd_send_terminate_threads (Zhimin Feng) - migration/tls: add tls_hostname into MultiFDSendParams (Chuan Zheng) - migration/tls: extract migration_tls_client_create for common-use (Chuan Zheng) - migration/tls: save hostname into MigrationState (Chuan Zheng) - tests/qtest: add a test case for pvpanic-pci (Mihai Carabas) - pvpanic : update pvpanic spec document (Mihai Carabas) - hw/misc/pvpanic: add PCI interface support (Mihai Carabas) - hw/misc/pvpanic: split-out generic and bus dependent code (Mihai Carabas) - 9pfs: Fully restart unreclaim loop (CVE-2021-20181) (Greg Kurz) [Orabug: 32441198] {CVE-2021-20181} - ide: atapi: check logical block address and read size (CVE-2020-29443) (Prasad J Pandit) [Orabug: 32393835] {CVE-2020-29443} - Document CVE-2019-20808 as fixed (Mark Kanda) [Orabug: 32339196] {CVE-2019-20808} - block/iscsi:fix heap-buffer-overflow in iscsi_aio_ioctl_cb (Chen Qun) [Orabug: 32339207] {CVE-2020-11947} - net: remove an assert call in eth_get_gso_type (Prasad J Pandit) [Orabug: 32102583] {CVE-2020-27617} - nvdimm: honor -object memory-backend-file, readonly=on option (Stefan Hajnoczi) [Orabug: 32265408] - hostmem-file: add readonly=on|off option (Stefan Hajnoczi) [Orabug: 32265408] - memory: add readonly support to memory_region_init_ram_from_file() (Stefan Hajnoczi) [Orabug: 32265408] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-11947 CVE-2020-29443 CVE-2020-27617 CVE-2019-20808 CVE-2021-20181 Oracle Linux 7 [4.14.35-2047.501.2] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.48.6] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603382] - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603382] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603382] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603382] - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603382] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.104.5] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 Oracle Linux 8 [5.4.17-2036.104.5.el7] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 [4.14.35-2047.501.2.el7] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32634994] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 6 [32:9.8.2-0.68.rc1.0.1.8] - Backport the fix for buffer overflow (CVE-2020-8625) (Orabug: 32588749) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-8625 Oracle Linux 7 [1.0.2k-21] - remove ASN1_F_ASN1_ITEM_EMBED_D2I from openssl-1.0.2k-cve-2020-1971.patch [1.0.2k-20] - fix CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference [1.0.2k-19] - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel (#1649568) [1.0.2k-18] - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done EM side channel (#1619558) [1.0.2k-17] - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 (and CVE-2018-0735) - EC signature local timing side-channel key extraction IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-1971 Oracle Linux 8 python2 [2.7.17-2.0.2] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 8 python36 [3.6.8-2.0.1] - Rebuild with python containing fix for [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 8 python38 [3.8.3-3.0.1] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3177 Oracle Linux 7 [4.14.35-2047.500.9.3.el7uek] - net/rds: Reject error code change (Ka-Cheong Poon) [Orabug: 32577425] - PCI: hotplug: Add module parameter to allow user control of LEDs (James Puthukattukaran) [Orabug: 32577399] - net/rds: increase 1MB MR pool size for RDS (Manjunath Patil) [Orabug: 32577394] [4.14.35-2047.500.9.2.el7uek] - Fix double free KASAN warnings and use after free of kmalloc-32 object. (Imran Khan) [Orabug: 32515995] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2021-26930 CVE-2021-26931 Oracle Linux 7 [4.14.35-2047.500.9.3.el7] - net/rds: Reject error code change (Ka-Cheong Poon) [Orabug: 32577425] - PCI: hotplug: Add module parameter to allow user control of LEDs (James Puthukattukaran) [Orabug: 32577399] - net/rds: increase 1MB MR pool size for RDS (Manjunath Patil) [Orabug: 32577394] [4.14.35-2047.500.9.2.el7] - Fix double free KASAN warnings and use after free of kmalloc-32 object. (Imran Khan) [Orabug: 32515995] [4.14.35-2047.500.9.1.el7] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930} - xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26932 CVE-2021-26930 CVE-2021-26931 Oracle Linux 6 [1.0.1e-59.0.1] - Backport fixes for CVE-2020-1971 [Orabug: 32654738] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-1971 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.200.13] - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - selftests/bpf: Test access to bpf map pointer (Andrey Ignatov) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Fix truncation handling for mod32 dst reg wrt zero (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444} - bpf: Fix 32 bit src register truncation on div/mod (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444} [5.4.17-2102.200.12] - Revert x86/platform/uv: Update UV MMRs for UV5 (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Add UV5 direct references (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Add and decode Arch Type in UVsystab (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update MMIOH references based on new UV5 MMRs (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Adjust GAM MMR references affected by UV5 updates (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update UV5 MMR references in UV GRU (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update node present counting (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update UV5 TSC checking (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update for UV5 NMI MMR changes (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Update Copyrights to conform to HPE standards (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Fix missing OEM_TABLE_ID (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Remove spaces from OEM IDs (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Recognize UV5 hubless system identifier (Jack Vogel) [Orabug: 32651197] - Revert x86/tlb/uv: Add a forward declaration for struct flush_tlb_info (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Drop last traces of uv_flush_tlb_others (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Fix copied UV5 output archtype (Jack Vogel) [Orabug: 32651197] - Revert x86/platform/uv: Fix UV4 hub revision adjustment (Jack Vogel) [Orabug: 32651197] [5.4.17-2102.200.11] - mm/vmscan: fix infinite loop in drop_slab_node (Chunxin Zang) [Orabug: 32620155] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - drm/nouveau: bail out of nouveau_channel_new if channel init fails (Frantisek Hrbata) [Orabug: 32591559] {CVE-2020-25639} - mm: support memblock alloc on the exact node for sparse_buffer_init() (Yunfeng Ye) [Orabug: 32613823] - mm/sparse.c: do not waste pre allocated memmap space (Michal Hocko) [Orabug: 32613823] - mm/sparse: consistently do not zero memmap (Vincent Whitchurch) [Orabug: 32613823] [5.4.17-2102.200.10] - scsi: target: core: Make completion affinity configurable (Mike Christie) [Orabug: 32403502] - target: flush submission work during TMR processing (Mike Christie) [Orabug: 32403502] - target iblock: add backend plug/unplug callouts (Mike Christie) [Orabug: 32403502] - target: fix backend plugging (Mike Christie) [Orabug: 32403502] - target: cleanup cmd flag bits (Mike Christie) [Orabug: 32403502] - tcm loop: use lio wq cmd submission helper (Mike Christie) [Orabug: 32403502] - tcm loop: use blk cmd allocator for se_cmds (Mike Christie) [Orabug: 32403502] - vhost scsi: use lio wq cmd submission helper (Mike Christie) [Orabug: 32403502] - target: add workqueue based cmd submission (Mike Christie) [Orabug: 32403502] - target: add gfp_t arg to target_cmd_init_cdb (Mike Christie) [Orabug: 32403502] - target: remove target_submit_cmd_map_sgls (Mike Christie) [Orabug: 32403502] - tcm_fc: Convert to new submission API (Mike Christie) [Orabug: 32403502] - xen-scsiback: Convert to new submission API (Mike Christie) [Orabug: 32403502] - vhost-scsi: Convert to new submission API (Mike Christie) [Orabug: 32403502] - usb gadget: Convert to new submission API (Mike Christie) [Orabug: 32403502] - sbp_target: Convert to new submission API (Mike Christie) [Orabug: 32403502] - tcm_loop: Convert to new submission API (Mike Christie) [Orabug: 32403502] - qla2xxx: Convert to new submission API (Mike Christie) [Orabug: 32403502] - ibmvscsi_tgt: Convert to new submission API (Mike Christie) [Orabug: 32403502] - srpt: Convert to new submission API (Mike Christie) [Orabug: 32403502] - target: break up target_submit_cmd_map_sgls (Mike Christie) [Orabug: 32403502] - target: rename transport_init_se_cmd (Mike Christie) [Orabug: 32403502] - target: drop kref_get_unless_zero in target_get_sess_cmd (Mike Christie) [Orabug: 32403502] - target: move t_task_cdb initialization (Mike Christie) [Orabug: 32403502] - scsi: tcm_loop: Allow queues, can_queue and cmd_per_lun to be settable (Mike Christie) [Orabug: 32403502] - scsi: target: Make state_list per CPU (Mike Christie) [Orabug: 32403502] - scsi: target: Drop sess_cmd_lock from I/O path (Mike Christie) [Orabug: 32403502] - scsi: qla2xxx: Move sess cmd list/lock to driver (Mike Christie) [Orabug: 32403502] - scsi: target: Remove TARGET_SCF_LOOKUP_LUN_FROM_TAG (Mike Christie) [Orabug: 32403502] - scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (Mike Christie) [Orabug: 32403502] - scsi: target: Fix cmd_count ref leak (Mike Christie) [Orabug: 32403502] - scsi: target: Fix LUN ref count handling (Mike Christie) [Orabug: 32403502] - scsi: target: Fix lun lookup for TARGET_SCF_LOOKUP_LUN_FROM_TAG case (Sudhakar Panneerselvam) [Orabug: 32403502] - scsi: target: Rename target_setup_cmd_from_cdb() to target_cmd_parse_cdb() (Sudhakar Panneerselvam) [Orabug: 32403502] - scsi: target: Fix NULL pointer dereference (Sudhakar Panneerselvam) [Orabug: 32403502] - scsi: target: Initialize LUN in transport_init_se_cmd() (Sudhakar Panneerselvam) [Orabug: 32403502] - scsi: target: Factor out a new helper, target_cmd_init_cdb() (Sudhakar Panneerselvam) [Orabug: 32403502] - mm: memcontrol: decouple reference counting from page accounting (Johannes Weiner) - uek-rpm: add opbmc to nano-kernel (Eric Snowberg) [Orabug: 32555675] - rds: rds_drop_egress events should be enabled as part of RDS_RTD_SND (Alan Maguire) [Orabug: 32587016] - rds: use dedicated rds_send_lock_contention tracepoint instead of drop (Alan Maguire) [Orabug: 32587016] - rds: ensure saddr/daddr for tracepoints is not NULL (Alan Maguire) [Orabug: 32580940] - hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug: 32576070] - PCI: hotplug: Add module parameter to allow user control of LEDs (Thomas Tai) [Orabug: 32556980] - net/rds: increase 1MB MR pool size for RDS (Manjunath Patil) - block/diskstats: accumulate all per-cpu counters in one pass (Konstantin Khlebnikov) [Orabug: 32531556] - arm64/crash_core: fix TCR_EL1.T1SZ in vmcoreinfo (John Donnelly) [Orabug: 32559514] - x86/platform/uv: Fix UV4 hub revision adjustment (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Fix copied UV5 output archtype (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Drop last traces of uv_flush_tlb_others (Jiri Slaby) [Orabug: 32527680] - x86/tlb/uv: Add a forward declaration for struct flush_tlb_info (Borislav Petkov) [Orabug: 32527680] - x86/platform/uv: Recognize UV5 hubless system identifier (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Remove spaces from OEM IDs (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Fix missing OEM_TABLE_ID (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update Copyrights to conform to HPE standards (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update for UV5 NMI MMR changes (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update UV5 TSC checking (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update node present counting (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update UV5 MMR references in UV GRU (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Adjust GAM MMR references affected by UV5 updates (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update MMIOH references based on new UV5 MMRs (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Add and decode Arch Type in UVsystab (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Add UV5 direct references (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Update UV MMRs for UV5 (Mike Travis) [Orabug: 32527680] - drivers/misc/sgi-xp: Adjust references in UV kernel modules (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Remove SCIR MMR references for UV systems (Mike Travis) [Orabug: 32527680] - x86/platform/uv: Remove UV BAU TLB Shootdown Handler (Mike Travis) [Orabug: 32527680] - x86/apic/uv: Avoid unused variable warning (Arnd Bergmann) [Orabug: 32527680] - x86/platform/uv: Remove vestigial mention of UV1 platform from bios header (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from uv (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for uv1 platform from uv_hub (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from uv_bau (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from uv_mmrs (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from x2apic_uv_x (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from uv_tlb (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove support for UV1 platform from uv_time (steve.wahl@hpe.com) [Orabug: 32527680] - x86/platform/uv: Remove the unused _uv_cpu_blade_processor_id() macro (Christoph Hellwig) [Orabug: 32527680] - x86/platform/uv: Unexport uv_apicid_hibits (Christoph Hellwig) [Orabug: 32527680] - x86/platform/uv: Remove _uv_hub_info_check() (Christoph Hellwig) [Orabug: 32527680] - x86/platform/uv: Simplify uv_send_IPI_one() (Christoph Hellwig) [Orabug: 32527680] - x86/platform/uv: Remove the UV*_HUB_IS_SUPPORTED macros (Christoph Hellwig) [Orabug: 32527680] - x86/platform/uv: Remove the uv_partition_coherence_id() macro (Christoph Hellwig) [Orabug: 32527680] - x86/apic/uv: Remove code for unused distributed GRU mode (Steve Wahl) [Orabug: 32527680] - cper,edac,efi: Memory Error Record: bank group/address and chip id (Alex Kluver) [Orabug: 32526741] - edac,ghes,cper: Add Row Extension to Memory Error Record (Alex Kluver) [Orabug: 32526741] - perf/x86/intel/uncore: With > 8 nodes, get pci bus die id from NUMA info (Steve Wahl) [Orabug: 32526200] - perf/x86/intel/uncore: Store the logical die id instead of the physical die id. (Steve Wahl) [Orabug: 32526200] - perf/x86/intel/uncore: Generic support for the PCI sub driver (Kan Liang) [Orabug: 32526200] - perf/x86/intel/uncore: Factor out uncore_pci_pmu_unregister() (Kan Liang) [Orabug: 32526200] - perf/x86/intel/uncore: Factor out uncore_pci_pmu_register() (Kan Liang) [Orabug: 32526200] - perf/x86/intel/uncore: Factor out uncore_pci_find_dev_pmu() (Kan Liang) [Orabug: 32526200] - perf/x86/intel/uncore: Factor out uncore_pci_get_dev_die_info() (Kan Liang) [Orabug: 32526200] [5.4.17-2102.200.9] - KVM: arm64: guest context in x18 instead of x29 (Mihai Carabas) [Orabug: 32563746] [5.4.17-2102.200.8] - config: enable CONFIG_MLX5_MPFS (Brian Maly) [Orabug: 32522477] - random: wire /dev/random with a DRBG instance (Saeed Mirzamohammadi) [Orabug: 32522086] - crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) [Orabug: 32522086] - crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) [Orabug: 32522086] - crypto: jitter - SP800-90B compliance (Stephan Muller) [Orabug: 32522086] - crypto: jitter - add header to fix buildwarnings (Ben Dooks) [Orabug: 32522086] - crypto: jitter - fix comments (Alexander E. Patrakov) [Orabug: 32522086] - Revert RDMA/umem: Move to allocate SG table from pages (John Donnelly) [Orabug: 32481224] - Revert lib/scatterlist: Add support in dynamic allocation of SG table from pages (John Donnelly) [Orabug: 32481224] - Revert Maintainer: Fix build warning introduced in commit 99b99d76e6732 (John Donnelly) [Orabug: 32481224] [5.4.17-2102.200.7] - KVM: arm64: pmu: Dont mark a counter as chained if the odd one is disabled (Eric Auger) [Orabug: 32504832] - xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492108] {CVE-2021-26930} - xen-scsiback: dont handle error by BUG() (Jan Beulich) [Orabug: 32492100] {CVE-2021-26931} - xen-netback: dont handle error by BUG() (Jan Beulich) [Orabug: 32492100] {CVE-2021-26931} - xen-blkback: dont handle error by BUG() (Jan Beulich) [Orabug: 32492100] {CVE-2021-26931} - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492092] {CVE-2021-26932} - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492092] {CVE-2021-26932} - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492092] {CVE-2021-26932} - Xen/x86: dont bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492092] {CVE-2021-26932} [5.4.17-2102.200.6] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492276] - rds: tracepoints incorrectly reporting valid rds ping as drop (Alan Maguire) [Orabug: 32490004] - KVM: arm64: Save/restore sp_el0 as part of __guest_enter (Marc Zyngier) [Orabug: 32488537] - uek-rpm: config-aarch64: enable MEMORY HOTREMOVE (Mihai Carabas) [Orabug: 32353873] - arm64/mm/hotplug: Ensure early memory sections are all online (Anshuman Khandual) [Orabug: 32353873] - arm64/mm/hotplug: Enable MEM_OFFLINE event handling (Anshuman Khandual) [Orabug: 32353873] - arm64/mm/hotplug: Register boot memory hot remove notifier earlier (Anshuman Khandual) [Orabug: 32353873] - arm64/mm: Enable memory hot remove (Anshuman Khandual) [Orabug: 32353873] - arm64/mm: Hold memory hotplug lock while walking for kernel page table dump (Anshuman Khandual) [Orabug: 32353873] - rds: tracepoint-related KASAN: use-after-free Read in rds_send_xmit (Alan Maguire) [Orabug: 32490030] - inet: do not call sublist_rcv on empty list (Florian Westphal) [Orabug: 32422895] - net/mlx4_en: Handle TX error CQE (Moshe Shemesh) [Orabug: 32485133] - net/mlx4_en: Avoid scheduling restart task if it is already running (Moshe Shemesh) [Orabug: 32485133] - vdpa/mlx5: allow Jumbo MTU config other than standard sized MTU (Si-Wei Liu) [Orabug: 32480078] - vdpa/mlx5: should exclude header length and fcs from mtu (Si-Wei Liu) [Orabug: 32480078] - vdpa/mlx5: Fix memory key MTT population (Eli Cohen) [Orabug: 32480078] - vdpa: Use simpler version of ida allocation (Parav Pandit) [Orabug: 32480078] - vdpa: Add missing comment for virtqueue count (Parav Pandit) [Orabug: 32480078] - vdpa/mlx5: Use write memory barrier after updating CQ index (Eli Cohen) [Orabug: 32480078] - vdpa: remove unnecessary default n in Kconfig entries (Stefano Garzarella) [Orabug: 32480078] - vhost_vdpa: switch to vmemdup_user() (Tian Tao) [Orabug: 32480078] - vhost_vdpa: return -EFAULT if copy_to_user() fails (Dan Carpenter) [Orabug: 32480078] - vdpa: mlx5: fix vdpa/vhost dependencies (Randy Dunlap) [Orabug: 32480078] - vdpa/mlx5: Setup driver only if VIRTIO_CONFIG_S_DRIVER_OK (Eli Cohen) [Orabug: 32480078] - vdpa/mlx5: Fix failure to bring link up (Eli Cohen) [Orabug: 32480078] - vdpa/mlx5: Make use of a specific 16 bit endianness API (Eli Cohen) [Orabug: 32480078] - vdpasim: fix mac_pton undefined error (Laurent Vivier) [Orabug: 32480078] - vdpasim: allow to assign a MAC address (Laurent Vivier) [Orabug: 32480078] - vdpasim: fix MAC address configuration (Laurent Vivier) [Orabug: 32480078] - vdpa: handle irq bypass register failure case (Zhu Lingshan) [Orabug: 32480078] - vdpa_sim: Fix DMA mask (Laurent Vivier) [Orabug: 32480078] - vdpa/mlx5: Fix error return in map_direct_mr() (Jing Xiangfeng) [Orabug: 32480078] - vhost_vdpa: Return -EFAULT if copy_from_user() fails (Dan Carpenter) [Orabug: 32480078] - vdpa_sim: implement get_iova_range() (Jason Wang) [Orabug: 32480078] - vhost: vdpa: report iova range (Jason Wang) [Orabug: 32480078] - vdpa: introduce config op to get valid iova range (Jason Wang) [Orabug: 32480078] - vhost_vdpa: remove unnecessary spin_lock in vhost_vring_call (Zhu Lingshan) [Orabug: 32480078] - vhost_vdpa: Fix duplicate included kernel.h (Tian Tao) [Orabug: 32480078] - rds: CONFIG_RDS_DEBUG + tracepoints breaks rds build (Alan Maguire) [Orabug: 32442487] - tools/power turbostat: Support additional CPU model numbers (Len Brown) [Orabug: 32422450] - tools/power turbostat: Support Tiger Lake (Chen Yu) [Orabug: 32422450] [5.4.17-2102.200.5] - vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471659] - arm64: Reserve only 256M on RPi for crashkernel=auto (Vijay Kumar) [Orabug: 32454711] - nbd: freeze the queue while were adding connections (Josef Bacik) [Orabug: 32447284] {CVE-2021-3348} - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447185] {CVE-2021-3347} - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422661] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422661] - rds: avoid crash on IB conn path shutdown prepare (Alan Maguire) [Orabug: 32466763] - mm/memcontrol: Increase threshold for draining per-cpu stocked bytes (Imran Khan) [Orabug: 32314559] [5.4.17-2102.200.4] - Revert rds: Deregister all FRWR mr with free_mr (aru kolappan) [Orabug: 32426609] - thermal: intel_pch_thermal: Add PCI ids for Lewisburg PCH. (Andres Freund) [Orabug: 32424704] - thermal: intel: intel_pch_thermal: Add Cannon Lake Low Power PCH support (Sumeet Pawnikar) [Orabug: 32424704] - thermal: intel: intel_pch_thermal: Add Comet Lake (CML) platform support (Gayatri Kammela) [Orabug: 32424704] - KVM: x86: Expose AVX512_FP16 for supported CPUID (Cathy Zhang) [Orabug: 32424461] - x86/kvm: Expose TSX Suspend Load Tracking feature (Cathy Zhang) [Orabug: 32424461] - x86: Expose SERIALIZE for supported cpuid (Paolo Bonzini) [Orabug: 32424461] - KVM: x86: Expose fast short REP MOV for supported cpuid (Zhenyu Wang) [Orabug: 32424461] - KVM: x86: Expose AVX512 VP2INTERSECT in cpuid for TGL (Zhenyu Wang) [Orabug: 32424461] - tools: update header files in the tools directory (Thomas Tai) [Orabug: 32424461] - x86: Enumerate AVX512 FP16 CPUID feature flag (Kyung Min Park) [Orabug: 32424461] - EDAC/i10nm: Add Intel Sapphire Rapids server support (Qiuxu Zhuo) [Orabug: 32424461] - EDAC/i10nm: Use readl() to access MMIO registers (Qiuxu Zhuo) [Orabug: 32424461] - EDAC: Add DDR5 new memory type (Qiuxu Zhuo) [Orabug: 32424461] - EDAC: Add three new memory types (Qiuxu Zhuo) [Orabug: 32424461] - x86/cpufeatures: Enumerate ENQCMD and ENQCMDS instructions (Fenghua Yu) [Orabug: 32424461] - x86/cpufeatures: Enumerate TSX suspend load address tracking instructions (Kyung Min Park) [Orabug: 32424461] - x86/cpufeatures: Add enumeration for SERIALIZE instruction (Ricardo Neri) [Orabug: 32424461] - x86/split_lock: Enable the split lock feature on Sapphire Rapids and Alder Lake CPUs (Fenghua Yu) [Orabug: 32424461] - x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (Tony Luck) [Orabug: 32424461] - x86/cpufeatures: Add Architectural LBRs feature bit (Kan Liang) [Orabug: 32424461] - powercap: intel_rapl: add support for Sapphire Rapids (Zhang Rui) [Orabug: 32424461] - x86/cpu: Add Sapphire Rapids CPU model number (Tony Luck) [Orabug: 32424461] - EDAC, {skx,i10nm}: Use CPU stepping macro to pass configurations (Qiuxu Zhuo) [Orabug: 32424461] - x86/cpu: Add a X86_MATCH_INTEL_FAM6_MODEL_STEPPINGS() macro (Borislav Petkov) [Orabug: 32424461] - powercap/intel_rapl: Convert to new X86 CPU match macros (Thomas Gleixner) [Orabug: 32424461] - powercap/intel_rapl: add support for TigerLake Mobile (Zhang Rui) [Orabug: 32424461] - powercap/intel_rapl: add support for JasperLake (Zhang Rui) [Orabug: 32424461] - x86/cpufeatures: Add support for fast short REP; MOVSB (Tony Luck) [Orabug: 32424461] - powercap/intel_rapl: add support for Cometlake desktop (Zhang Rui) [Orabug: 32424461] - powercap/intel_rapl: add support for CometLake Mobile (Zhang Rui) [Orabug: 32424461] - crypto: lib/chacha20poly1305 - define empty module exit function (Jason A. Donenfeld) [Orabug: 32417868] - A/A Bonding: Add synchronized bundle failback (Gerd Rausch) [Orabug: 32381881] [5.4.17-2102.200.3] - x86/msr: Add a pointer to an URL which contains further details (Borislav Petkov) [Orabug: 32402424] - x86/msr: Downgrade unrecognized MSR message (Borislav Petkov) [Orabug: 32402424] - x86/msr: Do not allow writes to MSR_IA32_ENERGY_PERF_BIAS (Borislav Petkov) [Orabug: 32402424] - x86/msr: Filter MSR writes (Borislav Petkov) [Orabug: 32402424] - tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32402424] - tools/power/turbostat: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32402424] - tools/power/cpupower: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32402424] - scsi: qla2xxx: Fix return of uninitialized value in rval (Colin Ian King) [Orabug: 32401797] [5.4.17-2102.200.2] - A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380823] - uek-rpm: Report removed symbols also during kabi check (Somasundaram Krishnasamy) [Orabug: 32380065] - netfilter: add and use nf_hook_slow_list() (Florian Westphal) [Orabug: 32372529] {CVE-2021-20177} - net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372157] - uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32341061] - scsi: qla2xxx: Do not consume srb greedily (Daniel Wagner) [Orabug: 32346794] - scsi: qla2xxx: Use constant when it is known (Pavel Machek (CIP)) [Orabug: 32346794] - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (Ye Bin) [Orabug: 32346794] - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (Ye Bin) [Orabug: 32346794] - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (Ye Bin) [Orabug: 32346794] - scsi: qla2xxx: Update version to 10.02.00.103-k (Nilesh Javali) [Orabug: 32346794] - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Fix reset of MPI firmware (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Fix MPI reset needed message (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Fix buffer-buffer credit extraction error (Quinn Tran) [Orabug: 32346794] - scsi: qla2xxx: Correct the check for sscanf() return value (Saurav Kashyap) [Orabug: 32346794] - scsi: qla2xxx: Update version to 10.02.00.102-k (Nilesh Javali) [Orabug: 32346794] - scsi: qla2xxx: Add SLER and PI control support (Saurav Kashyap) [Orabug: 32346794] - scsi: qla2xxx: Add IOCB resource tracking (Quinn Tran) [Orabug: 32346794] - scsi: qla2xxx: Add rport fields in debugfs (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Make tgt_port_database available in initiator mode (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Fix I/O errors during LIP reset tests (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Performance tweak (Quinn Tran) [Orabug: 32346794] - scsi: qla2xxx: Fix memory size truncation (Quinn Tran) [Orabug: 32346794] - scsi: qla2xxx: Reduce duplicate code in reporting speed (Quinn Tran) [Orabug: 32346794] - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Setup debugfs entries for remote ports (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (Arun Easi) [Orabug: 32346794] - scsi: qla2xxx: Remove unneeded variable rval (Jason Yan) [Orabug: 32346794] - scsi: qla2xxx: Handle incorrect entry_type entries (Daniel Wagner) [Orabug: 32346794] - scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32346794] - scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32346794] - scsi: qla2xxx: Fix the return value (Xianting Tian) [Orabug: 32346794] - scsi: qla2xxx: Fix the size used in a dma_free_coherent() call (Christophe JAILLET) [Orabug: 32346794] - scsi: qla2xxx: Remove pci-dma-compat wrapper API (Suraj Upadhyay) [Orabug: 32346794] - scsi: qla2xxx: Remove superfluous memset() (Li Heng) [Orabug: 32346794] - scsi: qla2xxx: Fix regression on sparc64 (Rene Rebe) [Orabug: 32346794] - scsi: qla2xxx: Address a set of sparse warnings (Shyam Sundar) [Orabug: 32346794] - scsi: qla2xxx: SAN congestion management implementation (Shyam Sundar) [Orabug: 32346794] - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (Shyam Sundar) [Orabug: 32346794] - scsi: qla2xxx: Introduce a function for computing the debug message prefix (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Remove a superfluous cast (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Initialize n before using it (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (Bart Van Assche) [Orabug: 32346794] - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (Bart Van Assche) [Orabug: 32346794] - target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32374281] {CVE-2020-28374} - A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350973] - uek-rpm: add nfs_ssc to nano_modules (Calum Mackay) [Orabug: 32351789] [5.4.17-2102.200.1] - x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32361529] - selftests/net: remove rds.h from rds_echo.c (John Donnelly) [Orabug: 32351408] - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349202] {CVE-2020-36158} - add license checking to kABI checker (Dan Duval) [Orabug: 32355205] [5.4.17-2102.200.0] - lockd: dont use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337714] - tools: update header files in the tools directory (Thomas Tai) [Orabug: 32316504] - perf: Fix a kABI breakage in perf_event.h (Thomas Tai) [Orabug: 32316504] - perf/x86: Fix n_metric for cancelled txn (Peter Zijlstra) [Orabug: 32316504] - perf/x86: Fix n_pair for cancelled txn (Peter Zijlstra) [Orabug: 32316504] - perf/x86/intel: Check perf metrics feature for each CPU (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Support per-thread RDPMC TopDown metrics (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Support TopDown metrics on Ice Lake (Kan Liang) [Orabug: 32316504] - perf/x86: Use event_base_rdpmc for the RDPMC userspace support (Kan Liang) [Orabug: 32316504] - perf/x86: Add a macro for RDPMC offset of fixed counters (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Generic support for hardware TopDown metrics (Kan Liang) [Orabug: 32316504] - perf/core: Add a new PERF_EV_CAP_SIBLING event capability (Kan Liang) [Orabug: 32316504] - perf/core: Unify {pinned,flexible}_sched_in() (Peter Zijlstra) [Orabug: 32316504] - perf/x86/intel: Use switch in intel_pmu_disable/enable_event (Kan Liang) [Orabug: 32316504] - perf/x86: Keep LBR records unchanged in host context for guest usage (Like Xu) [Orabug: 32316504] - perf/x86/intel: Fix the name of perf METRICS (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Move BTS index to 47 (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Introduce the fourth fixed counter (Kan Liang) [Orabug: 32316504] - perf/x86/intel: Name the global status bit in NMI handler (Kan Liang) [Orabug: 32316504] - perf/x86: Add constraint to create guest LBR event without hw counter (Like Xu) [Orabug: 32316504] - perf/x86/lbr: Add interface to get LBR information (Like Xu) [Orabug: 32316504] - perf/x86/core: Refactor hw->idx checks and cleanup (Like Xu) [Orabug: 32316504] - perf/x86/intel: Avoid unnecessary PEBS_ENABLE MSR access in PMI (Kan Liang) [Orabug: 32316504] - perf/x86: Provide stubs of KVM helpers for non-Intel CPUs (Sean Christopherson) [Orabug: 32316504] - partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32302135] - xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260251] {CVE-2020-29569} - Revert cpu/hotplug: avoid race between cpuset_hotplug_workfn and later hotplug (Daniel Jordan) [Orabug: 32295228] - cpuset: fix race between hotplug work and later CPU offline (Daniel Jordan) [Orabug: 32295228] - uek-rpm: aarch64: update PMU configs for Altra (Dave Kleikamp) [Orabug: 32290042] - driver/perf: Add PMU driver for the ARM DMC-620 memory controller (Tuan Phan) [Orabug: 32290042] - perf: arm-cmn: Fix conversion specifiers for node type (Will Deacon) [Orabug: 32290042] - perf: arm-cmn: Fix unsigned comparison to less than zero (Will Deacon) [Orabug: 32290042] - perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 32290042] - perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 32290042] - perf: arm_dsu: Support DSU ACPI devices (Tuan Phan) [Orabug: 32290042] - ACPI: APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 32290042] - iommu/arm-smmu-v3: Dont reserve implementation defined register space (Jean-Philippe Brucker) [Orabug: 32290042] - Revert BACKPORT: perf: Add Arm CMN-600 DT binding (Dave Kleikamp) [Orabug: 32290042] - Revert BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver (Dave Kleikamp) [Orabug: 32290042] - Revert BACKPORT: WIP: perf/arm-cmn: Add ACPI support (Dave Kleikamp) [Orabug: 32290042] - Revert perf: Add ARM DMC-620 PMU driver. (Dave Kleikamp) [Orabug: 32290042] - Revert BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors (Dave Kleikamp) [Orabug: 32290042] - Revert Perf: arm-cmn: Allow irq to be shared. (Dave Kleikamp) [Orabug: 32290042] - Revert perf: arm_cmn: improve and make it work on 2P. (Dave Kleikamp) [Orabug: 32290042] - Revert perf: arm_dsu: Allow IRQ to be shared among devices. (Dave Kleikamp) [Orabug: 32290042] - Revert perf: arm_dsu: Support ACPI mode. (Dave Kleikamp) [Orabug: 32290042] - Revert perf: arm_dmc620: Update ACPI ID. (Dave Kleikamp) [Orabug: 32290042] - Revert perf: avoid breaking KABI by reusing enum (Dave Kleikamp) [Orabug: 32290042] - Revert perf/smmuv3: Allow sharing MMIO registers with the SMMU driver (Dave Kleikamp) [Orabug: 32290042] - xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253408] {CVE-2020-29568} - xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253408] {CVE-2020-29568} - xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253408] {CVE-2020-29568} - xen/xenbus: Add will_handle callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253408] {CVE-2020-29568} - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253408] {CVE-2020-29568} [5.4.17-2051] - futex: Fix inode life-time issue (Peter Zijlstra) [Orabug: 32233513] {CVE-2020-14381} - uek-rpm: Add nvme-tcp and nvme-rdma to ol7 and ol8 nano kernels (Alan Adamson) [Orabug: 32230382] - intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32218857] - dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210420] - uek-rpm: enable VDPA subsystem and drivers (Si-Wei Liu) [Orabug: 32121107] - vdpa/mlx5: Fix dependency on MLX5_CORE (Eli Cohen) [Orabug: 32121107] - vdpa/mlx5: should keep avail_index despite device status (Si-Wei Liu) [Orabug: 32121107] - vdpa/mlx5: Avoid warnings about shifts on 32-bit platforms (Nathan Chancellor) [Orabug: 32121107] - vdpa/mlx5: fix up endian-ness for mtu (Michael S. Tsirkin) [Orabug: 32121107] - vdpa/mlx5: Fix pointer math in mlx5_vdpa_get_config() (Dan Carpenter) [Orabug: 32121107] - vdpa/mlx5: fix memory allocation failure checks (Colin Ian King) [Orabug: 32121107] - vdpa/mlx5: Fix uninitialised variable in core/mr.c (Alex Dewar) [Orabug: 32121107] - vdpa/mlx5: Add VDPA driver for supported mlx5 devices (Eli Cohen) [Orabug: 32121107] - vdpa/mlx5: Add shared memory registration code (Eli Cohen) [Orabug: 32121107] - vdpa/mlx5: Add support library for mlx5 VDPA implementation (Eli Cohen) [Orabug: 32121107] - vdpa/mlx5: Add hardware descriptive header file (Eli Cohen) [Orabug: 32121107] - net/mlx5: Add interface changes required for VDPA (Eli Cohen) [Orabug: 32121107] - net/mlx5: Expose vDPA emulation device capabilities (Yishai Hadas) [Orabug: 32121107] - net/mlx5: Add Virtio Emulation related device capabilities (Yishai Hadas) [Orabug: 32121107] - net/mlx5: Add VDPA interface type to supported enumerations (Eli Cohen) [Orabug: 32121107] - net/mlx5: Support setting access rights of dma addresses (Eli Cohen) [Orabug: 32121107] - net/mlx5: Provide simplified command interfaces (Leon Romanovsky) [Orabug: 32121107] - vhost-vdpa: fix page pinning leakage in error path (rework) (Si-Wei Liu) [Orabug: 32121107] - vhost-vdpa: fix vhost_vdpa_map() on error condition (Si-Wei Liu) [Orabug: 32121107] - vhost: Dont call log_access_ok() when using IOTLB (Greg Kurz) [Orabug: 32121107] - vhost vdpa: fix vhost_vdpa_open error handling (Mike Christie) [Orabug: 32121107] - vhost-vdpa: fix backend feature ioctls (Jason Wang) [Orabug: 32121107] - vhost: Fix documentation (Eli Cohen) [Orabug: 32121107] - vhost-iotlb: fix vhost_iotlb_itree_next() documentation (Stefano Garzarella) [Orabug: 32121107] - vdpa: Fix pointer math bug in vdpasim_get_config() (Dan Carpenter) [Orabug: 32121107] - vdpa_sim: init iommu lock (Michael S. Tsirkin) [Orabug: 32121107] - vdpa: Modify get_vq_state() to return error code (Eli Cohen) [Orabug: 32121107] - net/vdpa: Use struct for set/get vq state (Eli Cohen) [Orabug: 32121107] - vdpa: remove hard coded virtq num (Max Gurtovoy) [Orabug: 32121107] - vdpasim: support batch updating (Jason Wang) [Orabug: 32121107] - vhost-vdpa: support IOTLB batching hints (Jason Wang) [Orabug: 32121107] - vhost-vdpa: support get/set backend features (Jason Wang) [Orabug: 32121107] - vhost: generialize backend features setting/getting (Jason Wang) [Orabug: 32121107] - vhost-vdpa: refine ioctl pre-processing (Jason Wang) [Orabug: 32121107] - vDPA: dont change vq irq after DRIVER_OK (Zhu Lingshan) [Orabug: 32121107] - irqbypass: do not start cons/prod when failed connect (Zhu Lingshan) [Orabug: 32121107] - vhost_vdpa: implement IRQ offloading in vhost_vdpa (Zhu Lingshan) [Orabug: 32121107] - vDPA: add get_vq_irq() in vdpa_config_ops (Zhu Lingshan) [Orabug: 32121107] - kvm: detect assigned device via irqbypass manager (Zhu Lingshan) [Orabug: 32121107] - vhost: introduce vhost_vring_call (Zhu Lingshan) [Orabug: 32121107] - vdpasim: protect concurrent access to iommu iotlb (Max Gurtovoy) [Orabug: 32121107] - vhost: vdpa: remove per device feature whitelist (Jason Wang) [Orabug: 32121107] - virtio_net: use LE accessors for speed/duplex (Michael S. Tsirkin) [Orabug: 32121107] - virtio-iommu: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - drm/virtio: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_pmem: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_crypto: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_fs: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_input: convert to LE accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_balloon: use LE config space accesses (Michael S. Tsirkin) [Orabug: 32121107] - virtio_config: rewrite LE accessors without _Generic (Si-Wei Liu) [Orabug: 32121107] - virtio_config: fix up warnings on parisc (Michael S. Tsirkin) [Orabug: 32121107] - virtio_config: add virtio_cread_le_feature (Michael S. Tsirkin) [Orabug: 32121107] - virtio_caif: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_config: LE config space accessors (Michael S. Tsirkin) [Orabug: 32121107] - virtio_config: cread/write cleanup (Michael S. Tsirkin) [Orabug: 32121107] - vdpa_sim: fix endian-ness of config space (Michael S. Tsirkin) [Orabug: 32121107] - virtio_vdpa: legacy features handling (Michael S. Tsirkin) [Orabug: 32121107] - vhost/vdpa: switch to new helpers (Michael S. Tsirkin) [Orabug: 32121107] - vdpa: make sure set_features is invoked for legacy (Michael S. Tsirkin) [Orabug: 32121107] - mlxbf-tmfifo: sparse tags for config access (Michael S. Tsirkin) [Orabug: 32121107] - virtio_scsi: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_pmem: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_net: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_input: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_gpu: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_fs: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_crypto: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_console: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_blk: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_balloon: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio_9p: correct tags for config space fields (Michael S. Tsirkin) [Orabug: 32121107] - virtio: allow __virtioXX, __leXX in config space (Michael S. Tsirkin) [Orabug: 32121107] - virtio_ring: sparse warning fixup (Michael S. Tsirkin) [Orabug: 32121107] - virtio: VIRTIO_F_IOMMU_PLATFORM -> VIRTIO_F_ACCESS_PLATFORM (Michael S. Tsirkin) [Orabug: 32121107] - vhost_vdpa: Fix potential underflow in vhost_vdpa_mmap() (Dan Carpenter) [Orabug: 32121107] - vdpa: fix typos in the comments for __vdpa_alloc_device() (Jason Wang) [Orabug: 32121107] - vhost_vdpa: Support config interrupt in vdpa (Zhu Lingshan) [Orabug: 32121107] - vdpasim: Fix some coccinelle warnings (Samuel Zou) [Orabug: 32121107] - vhost_vdpa: disable doorbell mapping for !MMU (Michael S. Tsirkin) [Orabug: 32121107] - vhost_vdpa: support doorbell mapping via mmap (Jason Wang) [Orabug: 32121107] - vdpa: introduce get_vq_notification method (Jason Wang) [Orabug: 32121107] - vdpasim: remove unused variable ret (YueHaibing) [Orabug: 32121107] - vdpa: fix comment of vdpa_register_device() (Jason Wang) [Orabug: 32121107] - vdpa: make vhost, virtio depend on menu (Michael S. Tsirkin) [Orabug: 32121107] - vdpa: allow a 32 bit vq alignment (Michael S. Tsirkin) [Orabug: 32121107] - vdpasim: Return status in vdpasim_get_status (YueHaibing) [Orabug: 32121107] - vhost: remove set but not used variable status (Jason Yan) [Orabug: 32121107] - vhost: vdpa: remove unnecessary null check (Gustavo A. R. Silva) [Orabug: 32121107] - vdpa-sim: depend on HAS_DMA (Michael S. Tsirkin) [Orabug: 32121107] - vdpa: move to drivers/vdpa (Michael S. Tsirkin) [Orabug: 32121107] - vdpasim: vDPA device simulator (Jason Wang) [Orabug: 32121107] - vhost: introduce vDPA-based backend (Tiwei Bie) [Orabug: 32121107] - virtio: introduce a vDPA based transport (Jason Wang) [Orabug: 32121107] - vDPA: introduce vDPA bus (Jason Wang) [Orabug: 32121107] - scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32242278] - scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Get sas_device objects using devices rphy (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Update hba_ports sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32242278] - scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32242278] - kabi: fix issues with slab memory allocator. (Libo Chen) [Orabug: 32119767] - mm: memcg/slab: uncharge during kmem_cache_free_bulk() (Bharata B Rao) [Orabug: 32119767] - mm: memcg/slab: fix racy access to page->mem_cgroup in mem_cgroup_from_obj() (Roman Gushchin) [Orabug: 32119767] - mm: slab: fix potential double free in ___cache_free (Shakeel Butt) [Orabug: 32119767] - mm: memcontrol: restore proper dirty throttling when memory.high changes (Johannes Weiner) [Orabug: 32119767] - mm: memcontrol: avoid workload stalls when lowering memory.high (Roman Gushchin) [Orabug: 32119767] - mm: kmem: switch to static_branch_likely() in memcg_kmem_enabled() (Roman Gushchin) [Orabug: 32119767] - mm: slab: rename (un)charge_slab_page() to (un)account_slab_page() (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: remove unused argument by charge_slab_page() (Roman Gushchin) [Orabug: 32119767] - tools/cgroup: add memcg_slabinfo.py tool (Roman Gushchin) [Orabug: 32119767] - kselftests: cgroup: add kernel memory accounting tests (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: use a single set of kmem_caches for all allocations (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: remove redundant check in memcg_accumulate_slabinfo() (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: deprecate slab_root_caches (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: remove memcg_kmem_get_cache() (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: simplify memcg cache creation (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: use a single set of kmem_caches for all accounted allocations (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: move memcg_kmem_bypass() to memcontrol.h (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: deprecate memory.kmem.slabinfo (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: charge individual slab objects instead of pages (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: save obj_cgroup for non-root slab objects (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: allocate obj_cgroups for non-root slab pages (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: obj_cgroup API (Roman Gushchin) [Orabug: 32119767] - mm: slub: implement SLUB version of obj_to_index() (Roman Gushchin) [Orabug: 32119767] - mm: memcg: convert vmstat slab counters to bytes (Roman Gushchin) [Orabug: 32119767] - mm: memcg: prepare for byte-sized vmstat items (Roman Gushchin) [Orabug: 32119767] - mm: memcg: factor out memcg- and lruvec-level changes out of __mod_lruvec_state() (Roman Gushchin) [Orabug: 32119767] - mm: kmem: make memcg_kmem_enabled() irreversible (Roman Gushchin) [Orabug: 32119767] - mm, slab/slub: improve error reporting and overhead of cache_from_obj() (Vlastimil Babka) [Orabug: 32119767] - mm, slub: introduce kmem_cache_debug_flags() (Vlastimil Babka) [Orabug: 32119767] - mm, slab: fix sign conversion problem in memcg_uncharge_slab() (Waiman Long) [Orabug: 32119767] - memcg: fix memcg_kmem_bypass() for remote memcg charging (Zefan Li) [Orabug: 32119767] - slub: Remove userspace notifier for cache add/remove (Christoph Lameter) [Orabug: 32119767] - mm: kmem: rename (__)memcg_kmem_(un)charge_memcg() to __memcg_kmem_(un)charge() (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: cache page number in memcg_(un)charge_slab() (Roman Gushchin) [Orabug: 32119767] - mm: kmem: switch to nr_pages in (__)memcg_kmem_charge_memcg() (Roman Gushchin) [Orabug: 32119767] - mm: kmem: rename memcg_kmem_(un)charge() into memcg_kmem_(un)charge_page() (Roman Gushchin) [Orabug: 32119767] - mm: kmem: cleanup memcg_kmem_uncharge_memcg() arguments (Roman Gushchin) [Orabug: 32119767] - mm: kmem: cleanup (__)memcg_kmem_charge_memcg() arguments (Roman Gushchin) [Orabug: 32119767] - mm: memcg/slab: use mem_cgroup_from_obj() (Roman Gushchin) [Orabug: 32119767] - mm/slub.c: avoid slub allocation while holding list_lock (Yu Zhao) [Orabug: 32119767] - mm: clean up and clarify lruvec lookup procedure (Johannes Weiner) [Orabug: 32119767] - mm: memcontrol: try harder to set a new memory.high (Johannes Weiner) [Orabug: 32119767] - mm/slub.c: clean up validate_slab() (Yu Zhao) [Orabug: 32119767] - Linux 5.4.83 (Greg Kroah-Hartman) - Revert geneve: pull IP header before ECN decapsulation (Jakub Kicinski) - x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (Masami Hiramatsu) - netfilter: nftables_offload: set address type in control dissector (Pablo Neira Ayuso) - netfilter: nf_tables: avoid false-postive lockdep splat (Florian Westphal) - Input: i8042 - fix error return code in i8042_setup_aux() (Luo Meng) - dm writecache: remove BUG() and fail gracefully instead (Mike Snitzer) - i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (Zhihao Cheng) - rtw88: debug: Fix uninitialized memory in debugfs code (Dan Carpenter) - ASoC: wm_adsp: fix error return code in wm_adsp_load() (Luo Meng) - tipc: fix a deadlock when flushing scheduled work (Hoang Huu Le) - netfilter: ipset: prevent uninit-value in hash_ip6_add (Eric Dumazet) - gfs2: check for empty rgrp tree in gfs2_ri_update (Bob Peterson) - can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check (Oliver Hartkopp) - lib/syscall: fix syscall registers retrieval on 32-bit platforms (Willy Tarreau) {CVE-2020-28588} - tracing: Fix userstacktrace option for instances (Steven Rostedt (VMware)) - iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (Suravee Suthikulpanit) - spi: bcm2835: Release the DMA channel if probe fails after dma_init (Peter Ujfalusi) - i2c: imx: Check for I2SR_IAL after every byte (Christian Eggers) - i2c: imx: Fix reset of I2SR_IAL flag (Christian Eggers) - speakup: Reject setting the speakup line discipline outside of speakup (Samuel Thibault) - mm/swapfile: do not sleep with a spin lock held (Qian Cai) - mm: list_lru: set shrinker map bit when child nr_items is not zero (Yang Shi) - coredump: fix core_pattern parse error (Menglong Dong) - x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (Masami Hiramatsu) - dm: remove invalid sparse __acquires and __releases annotations (Mike Snitzer) - dm: fix bug with RCU locking in dm_blk_report_zones (Sergei Shtepa) - powerpc/pseries: Pass MSI affinity to irq_create_mapping() (Laurent Vivier) - genirq/irqdomain: Add an irq_create_mapping_affinity() function (Laurent Vivier) - powerpc/64s/powernv: Fix memory corruption when saving SLB entries on MCE (Nicholas Piggin) - dm writecache: fix the maximum number of arguments (Mikulas Patocka) - scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) - drm/i915/gt: Program mocs:63 for cache eviction on gen9 (Chris Wilson) - thunderbolt: Fix use-after-free in remove_unplugged_switch() (Mika Westerberg) - i2c: imx: Dont generate STOP condition if arbitration has been lost (Christian Eggers) - cifs: fix potential use-after-free in cifs_echo_request() (Paulo Alcantara) - cifs: allow syscalls to be restarted in __smb_send_rqst() (Paulo Alcantara) - ftrace: Fix updating FTRACE_FL_TRAMP (Naveen N. Rao) - ALSA: hda/generic: Add option to enforce preferred_dacs pairs (Takashi Iwai) - ALSA: hda/realtek - Add new codec supported for ALC897 (Kailang Yang) - ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (Jian-Hong Pan) - ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (Takashi Iwai) - ALSA: hda/realtek: Fix bass speaker DAC assignment on Asus Zephyrus G14 (Takashi Iwai) - tty: Fix ->session locking (Jann Horn) - tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) - USB: serial: option: fix Quectel BG96 matching (Bjorn Mork) - USB: serial: option: add support for Thales Cinterion EXS82 (Giacinto Cifelli) - USB: serial: option: add Fibocom NL668 variants (Vincent Palatin) - USB: serial: ch341: sort device-id entries (Johan Hovold) - USB: serial: ch341: add new Product ID for CH341A (Jan-Niklas Burfeind) - USB: serial: kl5kusb105: fix memleak on open (Johan Hovold) - usb: gadget: f_fs: Use local copy of descriptors for userspace copy (Vamsi Krishna Samavedam) - Partially revert bpf: Zero-fill re-used per-cpu map element (Sasha Levin) - pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) (Hans de Goede) - pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output (Hans de Goede) - Linux 5.4.82 (Greg Kroah-Hartman) - RDMA/i40iw: Address an mmap handler exploit in i40iw (Shiraz Saleem) - tracing: Remove WARN_ON in start_thread() (Vasily Averin) - Input: i8042 - add ByteSpeed touchpad to noloop table (Po-Hsu Lin) - Input: xpad - support Ardwiino Controllers (Sanjay Govind) - ALSA: usb-audio: US16x08: fix value count for level meters (Hector Martin) - net/mlx5: Fix wrong address reclaim when command interface is down (Eran Ben Elisha) - net/mlx5: DR, Proper handling of unsupported Connect-X6DX SW steering (Yevgeny Kliteynik) - net/sched: act_mpls: ensure LSE is pullable before reading it (Davide Caratti) - net: openvswitch: ensure LSE is pullable before reading it (Davide Caratti) - net: skbuff: ensure LSE is pullable before decrementing the MPLS ttl (Davide Caratti) - net: mvpp2: Fix error return code in mvpp2_open() (Wang Hai) - chelsio/chtls: fix a double free in chtls_setkey() (Dan Carpenter) - vxlan: fix error return code in __vxlan_dev_create() (Zhang Changzhong) - net: pasemi: fix error return code in pasemi_mac_open() (Zhang Changzhong) - cxgb3: fix error return code in t3_sge_alloc_qset() (Zhang Changzhong) - net/x25: prevent a couple of overflows (Dan Carpenter) - net: ip6_gre: set dev->hard_header_len when using header_ops (Antoine Tenart) - geneve: pull IP header before ECN decapsulation (Eric Dumazet) - inet_ecn: Fix endianness of checksum update when setting ECT(1) (Toke Hoiland-Jorgensen) - ibmvnic: Fix TX completion error handling (Thomas Falcon) - ibmvnic: Ensure that SCRQ entry reads are correctly ordered (Thomas Falcon) - chelsio/chtls: fix panic during unload reload chtls (Vinay Kumar Yadav) - dt-bindings: net: correct interrupt flags in examples (Krzysztof Kozlowski) - ipv4: Fix tos mask in inet_rtm_getroute() (Guillaume Nault) - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal (Antoine Tenart) - sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (Vincent Guittot) - ima: extend boot_aggregate with kernel measurements (Maurizio Drocco) - staging/octeon: fix up merge error (Randy Dunlap) - bonding: wait for sysfs kobject destruction before freeing struct slave (Jamie Iles) - usbnet: ipheth: fix connectivity with iOS 14 (Yves-Alexis Perez) - tun: honor IOCB_NOWAIT flag (Jens Axboe) - tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (Alexander Duyck) - sock: set sk_err to ee_errno on dequeue from errq (Willem de Bruijn) - rose: Fix Null pointer dereference in rose_send_frame() (Anmol Karn) - net/tls: Protect from calling tls_dev_del for TLS RX twice (Maxim Mikityanskiy) - net/tls: missing received data after fast remote close (Vadim Fedorenko) - net/af_iucv: set correct sk_protocol for child sockets (Julian Wiedmann) - ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init (Wang Hai) - devlink: Hold rtnl lock while reading netdev attributes (Parav Pandit) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25639 CVE-2020-27170 CVE-2020-27171 CVE-2020-28588 CVE-2021-3444 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.200.13.el7] - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - selftests/bpf: Test access to bpf map pointer (Andrey Ignatov) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171} - bpf: Fix truncation handling for mod32 dst reg wrt zero (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444} - bpf: Fix 32 bit src register truncation on div/mod (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444} [5.4.17-2102.200.12.el7] - Revert 'x86/platform/uv: Update UV MMRs for UV5' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Add UV5 direct references' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Add and decode Arch Type in UVsystab' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update MMIOH references based on new UV5 MMRs' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Adjust GAM MMR references affected by UV5 updates' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update UV5 MMR references in UV GRU' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update node present counting' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update UV5 TSC checking' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update for UV5 NMI MMR changes' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Update Copyrights to conform to HPE standards' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Fix missing OEM_TABLE_ID' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Remove spaces from OEM IDs' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Recognize UV5 hubless system identifier' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/tlb/uv: Add a forward declaration for struct flush_tlb_info' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Drop last traces of uv_flush_tlb_others' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Fix copied UV5 output archtype' (Jack Vogel) [Orabug: 32651197] - Revert 'x86/platform/uv: Fix UV4 hub revision adjustment' (Jack Vogel) [Orabug: 32651197] [5.4.17-2102.200.11.el7] - mm/vmscan: fix infinite loop in drop_slab_node (Chunxin Zang) [Orabug: 32620155] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603378] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - drm/nouveau: bail out of nouveau_channel_new if channel init fails (Frantisek Hrbata) [Orabug: 32591559] {CVE-2020-25639} - mm: support memblock alloc on the exact node for sparse_buffer_init() (Yunfeng Ye) [Orabug: 32613823] - mm/sparse.c: do not waste pre allocated memmap space (Michal Hocko) [Orabug: 32613823] - mm/sparse: consistently do not zero memmap (Vincent Whitchurch) [Orabug: 32613823] [5.4.17-2102.200.10.el7] - scsi: target: core: Make completion affinity configurable [4.14.14-2.el7] - BUILDINFO: commit=6bb6e206facd0c0277275ac8b9e82737380c9040 - Bump release to 4.14.14-2. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25639 CVE-2020-27170 CVE-2020-27171 CVE-2020-28588 CVE-2021-3444 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 6 [1.0.1e-59.0.1] - Backport fixes for CVE-2020-1971 [Orabug: 32654738] [1.0.1e-58.0.1] - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz - sha256 is used for the RSA pairwise consistency test instead of sha1 [1.0.1e-58] - fix CVE-2019-1559 - 0-byte record padding oracle [1.0.1e-57] - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher [1.0.1e-55] - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts [1.0.1e-54] - fix handling of ciphersuites present after the FALLBACK_SCSV ciphersuite entry (#1386350) [1.0.1e-53] - add README.legacy-settings [1.0.1e-52] - deprecate and disable verification of insecure hash algorithms - disallow DH keys with less than 1024 bits in TLS client - remove support for weak and export ciphersuites - use correct digest when exporting keying material in TLS1.2 (#1376741) [1.0.1e-50] - fix CVE-2016-2177 - possible integer overflow - fix CVE-2016-2178 - non-constant time DSA operations - fix CVE-2016-2179 - further DoS issues in DTLS - fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio() - fix CVE-2016-2181 - DTLS1 replay protection and unprocessed records issue - fix CVE-2016-2182 - possible buffer overflow in BN_bn2dec() - fix CVE-2016-6302 - insufficient TLS session ticket HMAC length check - fix CVE-2016-6304 - unbound memory growth with OCSP status request - fix CVE-2016-6306 - certificate message OOB reads - mitigate CVE-2016-2183 - degrade all 64bit block ciphers and RC4 to 112 bit effective strength - replace expired testing certificates [1.0.1e-49] - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate() - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO - fix CVE-2016-0799 - memory issues in BIO_printf [1.0.1e-48] - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn [1.0.1e-47] - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generic TLS method [1.0.1e-46] - fix 1-byte memory leak in pkcs12 parse (#1229871) - document some options of the speed command (#1197095) [1.0.1e-45] - fix high-precision timestamps in timestamping authority [1.0.1e-44] - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 [1.0.1e-43] - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509_ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint [1.0.1e-42] - fix regression caused by mistake in fix for CVE-2015-1791 [1.0.1e-41] - improved fix for CVE-2015-1791 - add missing parts of CVE-2015-0209 fix for corectness although unexploitable [1.0.1e-40] - fix CVE-2014-8176 - invalid free in DTLS buffering code - fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function [1.0.1e-39] - fix CVE-2015-3216 - regression in RAND locking that can cause segfaults on read in multithreaded applications [1.0.1e-38] - fix CVE-2015-4000 - prevent the logjam attack on client - restrict the DH key size to at least 768 bits (limit will be increased in future) [1.0.1e-37] - drop the AES-GCM restriction of 2^32 operations because the IV is always 96 bits (32 bit fixed field + 64 bit invocation field) [1.0.1e-36] - update fix for CVE-2015-0287 to what was released upstream [1.0.1e-35] - fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey() - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix CVE-2015-0288 - X509_to_X509_REQ NULL pointer dereference - fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data - fix CVE-2015-0292 - integer underflow in base64 decoder - fix CVE-2015-0293 - triggerable assert in SSLv2 server [1.0.1e-34] - copy digest algorithm when handling SNI context switch - improve documentation of ciphersuites - patch by Hubert Kario - add support for setting Kerberos service and keytab in s_server and s_client [1.0.1e-33] - fix CVE-2014-3570 - incorrect computation in BN_sqr() - fix CVE-2014-3571 - possible crash in dtls1_get_record() - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support for RSA ephemeral keys for non-export ciphersuites and on server - fix CVE-2015-0205 - do not allow unauthenticated client DH certificate - fix CVE-2015-0206 - possible memory leak when buffering DTLS records [1.0.1e-32] - use FIPS approved method for computation of d in RSA [1.0.1e-31] - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate CVE-2014-3566 (padding attack on SSL3) [1.0.1e-30] - add ECC TLS extensions to DTLS (#1119800) [1.0.1e-29] - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation [1.0.1e-28] - fix CVE-2014-0224 fix that broke EAP-FAST session resumption support [1.0.1e-26] - drop EXPORT, RC2, and DES from the default cipher list (#1057520) - print ephemeral key size negotiated in TLS handshake (#1057715) - do not include ECC ciphersuites in SSLv2 client hello (#1090952) - properly detect encryption failure in BIO (#1100819) - fail on hmac integrity check if the .hmac file is empty (#1105567) - FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set [1.0.1e-25] - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH [1.0.1e-24] - add back support for secp521r1 EC curve [1.0.1e-23] - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension [1.0.1e-22] - use 2048 bit RSA key in FIPS selftests [1.0.1e-21] - add DH_compute_key_padded needed for FIPS CAVS testing - make 3des strength to be 128 bits instead of 168 (#1056616) - FIPS mode: do not generate DSA keys and DH parameters < 2048 bits - FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys) - FIPS mode: add DH selftest - FIPS mode: reseed DRBG properly on RAND_add() - FIPS mode: add RSA encrypt/decrypt selftest - FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key - use the key length from configuration file if req -newkey rsa is invoked [1.0.1e-20] - fix CVE-2013-4353 - Invalid TLS handshake crash [1.0.1e-19] - fix CVE-2013-6450 - possible MiTM attack on DTLS1 [1.0.1e-18] - fix CVE-2013-6449 - crash when version in SSL structure is incorrect [1.0.1e-17] - add back some no-op symbols that were inadvertently dropped [1.0.1e-16] - do not advertise ECC curves we do not support - fix CPU identification on Cyrix CPUs [1.0.1e-15] - make DTLS1 work in FIPS mode - avoid RSA and DSA 512 bits and Whirlpool in 'openssl speed' in FIPS mode [1.0.1e-14] - installation of dracut-fips marks that the FIPS module is installed [1.0.1e-13] - avoid dlopening libssl.so from libcrypto [1.0.1e-12] - fix small memory leak in FIPS aes selftest - fix segfault in openssl speed hmac in the FIPS mode [1.0.1e-11] - document the nextprotoneg option in manual pages original patch by Hubert Kario [1.0.1e-9] - always perform the FIPS selftests in library constructor if FIPS module is installed [1.0.1e-8] - fix use of rdrand if available - more commits cherry picked from upstream - documentation fixes [1.0.1e-7] - additional manual page fix - use symbol versioning also for the textual version [1.0.1e-6] - additional manual page fixes - cleanup speed command output for ECDH ECDSA [1.0.1e-5] - use _prefix macro [1.0.1e-4] - add relro linking flag [1.0.1e-2] - add support for the -trusted_first option for certificate chain verification [1.0.1e-1] - rebase to the 1.0.1e upstream version [1.0.0-28] - fix for CVE-2013-0169 - SSL/TLS CBC timing attack (#907589) - fix for CVE-2013-0166 - DoS in OCSP signatures checking (#908052) - enable compression only if explicitly asked for or OPENSSL_DEFAULT_ZLIB environment variable is set (fixes CVE-2012-4929 #857051) - use __secure_getenv() everywhere instead of getenv() (#839735) [1.0.0-27] - fix sslrand(1) and sslpasswd(1) reference in openssl(1) manpage (#841645) - drop superfluous lib64 fixup in pkgconfig .pc files (#770872) - force BIO_accept_new(*:<port-number>) to listen on IPv4 [1.0.0-26] - use PKCS#8 when writing private keys in FIPS mode as the old PEM encryption mode is not FIPS compatible (#812348) [1.0.0-25] - fix for CVE-2012-2333 - improper checking for record length in DTLS (#820686) - properly initialize tkeylen in the CVE-2012-0884 fix [1.0.0-24] - fix for CVE-2012-2110 - memory corruption in asn1_d2i_read_bio() (#814185) [1.0.0-23] - fix problem with the SGC restart patch that might terminate handshake incorrectly - fix for CVE-2012-0884 - MMA weakness in CMS and PKCS#7 code (#802725) - fix for CVE-2012-1165 - NULL read dereference on bad MIME headers (#802489) [1.0.0-22] - fix incorrect encryption of unaligned chunks in CFB, OFB and CTR modes [1.0.0-21] - fix for CVE-2011-4108 & CVE-2012-0050 - DTLS plaintext recovery vulnerability and additional DTLS fixes (#771770) - fix for CVE-2011-4576 - uninitialized SSL 3.0 padding (#771775) - fix for CVE-2011-4577 - possible DoS through malformed RFC 3779 data (#771778) - fix for CVE-2011-4619 - SGC restart DoS attack (#771780) [1.0.0-20] - fix x86cpuid.pl - patch by Paolo Bonzini [1.0.0-19] - add known answer test for SHA2 algorithms [1.0.0-18] - fix missing initialization of a variable in the CHIL engine (#740188) [1.0.0-17] - initialize the X509_STORE_CTX properly for CRL lookups - CVE-2011-3207 (#736087) [1.0.0-16] - merge the optimizations for AES-NI, SHA1, and RC4 from the intelx engine to the internal implementations [1.0.0-15] - better documentation of the available digests in apps (#693858) - backported CHIL engine fixes (#693863) - allow testing build without downstream patches (#708511) - enable partial RELRO when linking (#723994) - add intelx engine with improved performance on new Intel CPUs - add OPENSSL_DISABLE_AES_NI environment variable which disables the AES-NI support (does not affect the intelx engine) [1.0.0-14] - use the AES-NI engine in the FIPS mode [1.0.0-11] - add API necessary for CAVS testing of the new DSA parameter generation [1.0.0-10] - fix OCSP stapling vulnerability - CVE-2011-0014 (#676063) - correct the README.FIPS document IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-1971 Oracle Linux 8 [1.1.1g-15] - version bump [1.1.1g-14] - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT [1.1.1g-13] - Fix CVE-2021-3449 NULL pointer deref in signature_algorithms processing IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3449 CVE-2021-3450 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.49.3.1] - SecureBoot Digicert 2021 certificates update (Brian Maly) [Orabug: 32532671] [4.1.12-124.49.3] - xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32485156] - audit: fix error handling in audit_data_to_entry() (Paul Moore) [Orabug: 32608451] {CVE-2020-0444} [4.1.12-124.49.2] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32640641] - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32640641] - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} [4.1.12-124.49.1] - hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug: 32576074] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-0444 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 6 [1.8.6p3-29.0.3.el6_10.3] - Fix a bug on CVE-2021-3156.patch backported from ol7 [Orabug: 32717065] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3156 Oracle Linux 7 [4.14.35-2047.502.4] - Revert 'rds: ib: Remove two ib_modify_qp() calls' (Sharath Srinivasan) [Orabug: 32715567] - uek-rpm: Update SecureBoot Digicert 2021 certificates (Somasundaram Krishnasamy) [Orabug: 32532514] [4.14.35-2047.502.3] - video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui) [Orabug: 32620797] - video: hyperv_fb: Fix the cache type when mapping the VRAM (Dexuan Cui) [Orabug: 32620797] - RDMA/core: Fix corrupted SL on passive side (Hakon Bugge) [Orabug: 32644356] [4.14.35-2047.502.2] - EDAC: skx_common: downgrade message importance on missing PCI device (Aristeu Rozanski) [Orabug: 32651294] - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651477] {CVE-2021-28038} - KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li) [Orabug: 32633928] - xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32640132] [4.14.35-2047.502.1] - mm/vmscan: fix infinite loop in drop_slab_node (Chunxin Zang) [Orabug: 32619973] - scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365} - uek-rpm: add opbmc to nano-kernel (Eric Snowberg) [Orabug: 32555678] - ovl: restore creds in all return paths of ovl_iterate (Somasundaram Krishnasamy) [Orabug: 32608965] [4.14.35-2047.502.0] - rds: rds_drop_egress events should be enabled as part of RDS_RTD_SND (Alan Maguire) [Orabug: 32586918] - rds: use dedicated rds_send_lock_contention tracepoint instead of drop (Alan Maguire) [Orabug: 32586918] - rds: ensure saddr/daddr for tracepoints is not NULL (Alan Maguire) [Orabug: 32580944] - hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug: 32576073] - vhost: do not try to access device IOTLB when not initialized (Jason Wang) [Orabug: 31906788] - uek-rpm: config-aarch-embedded2 update for Feb 2021 Elba patches (Dave Kleikamp) [Orabug: 32544715] - huge page support for device memory (Neel Patel) [Orabug: 32544715] - mmc: sdhci-cadence-elba.c: Remove SDHCI_QUIRK_BROKEN_TIMEOUT_VAL (David Clear) [Orabug: 32544715] - KVM: nVMX: use correct clean fields when copying from eVMCS (Vitaly Kuznetsov) [Orabug: 32544092] - net/mlx4_en: Handle TX error CQE (Moshe Shemesh) [Orabug: 32492971] - net/mlx4_en: Avoid scheduling restart task if it is already running (Moshe Shemesh) [Orabug: 32492971] - PCI: hotplug: Add module parameter to allow user control of LEDs (James Puthukattukaran) [Orabug: 32527186] - net/rds: Reject error code change (Ka-Cheong Poon) [Orabug: 32565543] - rds: ib: Remove two ib_modify_qp() calls (Hakon Bugge) [Orabug: 32519917] - arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32546040] - x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 32543800] - x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 32543800] - net/rds: Need to check shutdown progress in rds_conn_path_destroy() (Ka-Cheong Poon) [Orabug: 32536002] - A/A Bonding: In rdmaip synchronize access to ip_config[].rdmaip_dev (Sharath Srinivasan) [Orabug: 32050122] - net/rds: In rds_send_xmit() use sg_next() to get the next sg entry (Sharath Srinivasan) [Orabug: 32125836] - net/rds: increase 1MB MR pool size for RDS (Manjunath Patil) [Orabug: 32551377] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28038 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 [4.14.35-2047.502.4.el7] - Revert 'rds: ib: Remove two ib_modify_qp() calls' (Sharath Srinivasan) [Orabug: 32715567] - uek-rpm: Update SecureBoot Digicert 2021 certificates (Somasundaram Krishnasamy) [Orabug: 32532514] [4.14.35-2047.502.3.el7] - video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui) [Orabug: 32620797] - video: hyperv_fb: Fix the cache type when mapping the VRAM (Dexuan Cui) [Orabug: 32620797] - RDMA/core: Fix corrupted SL on passive side (Hakon Bugge) [Orabug: 32644356] [4.14.35-2047.502.2.el7] - EDAC: skx_common: downgrade message importance on missing PCI device (Aristeu Rozanski) [Orabug: 32651294] - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651477] {CVE-2021-28038} - KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li) [Orabug: 32633928] - xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32640132] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28038 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 Oracle Linux 7 IMPORTANT Copyright 2021 Oracle, Inc. Oracle Linux 7 [1.0.0-92.rc92] - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. [1.0.0-92.rc92] - Build for https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-5736 Oracle Linux 6 [2.6.32-754.35.1.0.3.OL6] - Fixes for RHSA-2021:1288 [Orabug: 32809880] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-29661 CVE-2021-27364 CVE-2021-27365 CVE-2021-20265 Oracle Linux 6 [32:9.8.2-0.68.rc1.0.2.8] - Backport possible assertion failure on DNAME processing (CVE-2021-25215) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25215 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.50.2] - btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana) [Orabug: 32669454] {CVE-2021-28964} - xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich) [Orabug: 32697855] {CVE-2021-28688} - netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson) [Orabug: 32709125] {CVE-2021-29650} - netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore (Florian Westphal) [Orabug: 32709125] {CVE-2021-29650} - do_epoll_ctl(): clean the failure exits up a bit (Al Viro) [Orabug: 32759496] {CVE-2020-0466} - epoll: Keep a reference on files added to the check list (Marc Zyngier) [Orabug: 32759496] {CVE-2020-0466} - HID: core: Sanitize event code and type when mapping input (Marc Zyngier) [Orabug: 32759553] {CVE-2020-0465} [4.1.12-124.50.1] - floppy: fix lock_fdc() signal handling (Jiri Kosina) [Orabug: 32624116] {CVE-2021-20261} - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651478] {CVE-2021-28038} - n_tty: Fix stall at n_tty_receive_char_special(). (Tetsuo Handa) [Orabug: 32656942] {CVE-2021-20219} - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent (Eddy Wu) [Orabug: 32695783] {CVE-2020-35508} - Return EBUSY from BLKRRPART for mounted whole-dev fs (Eric Sandeen) [Orabug: 32696741] - SecureBoot Digicert 2021 certificates update (Brian Maly) [Orabug: 32734505] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-0466 CVE-2021-28038 CVE-2020-0465 CVE-2020-35508 CVE-2021-20219 CVE-2021-20261 CVE-2021-28688 CVE-2021-28964 CVE-2021-29650 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.201.3uek] - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Ali Saidi) [Orabug: 32805544] [5.4.17-2102.201.2uek] - md/bitmap: wait for external bitmap writes to complete during tear down (Sudhakar Panneerselvam) [Orabug: 32764237] - ocfs2: fix deadlock between setattr and dio_end_io_write (Wengang Wang) [Orabug: 32763849] - tcp: do not mess with cloned skbs in tcp_add_backlog() (Eric Dumazet) [Orabug: 32760314] - Revert 'x86/vmlinux: Use INT3 instead of NOP for linker fill bytes' (John Donnelly) [Orabug: 32576398] {CVE-2021-3411} - iommu/vt-d: Fix agaw for a supported 48 bit guest address width (Saeed Mirzamohammadi) [Orabug: 32734148] - LTS tag: v5.4.85 (Jack Vogel) - x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (Xiaochen Shen) - x86/resctrl: Remove unused struct mbm_state::chunks_bw (James Morse) - membarrier: Explicitly sync remote cores when SYNC_CORE is requested (Andy Lutomirski) - Revert 'selftests/ftrace: check for do_sys_openat2 in user-memory test' (Kamal Mostafa) - KVM: mmu: Fix SPTE encoding of MMIO generation upper half (Maciej S. Szmigiero) - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (Alexander Sverdlin) - ALSA: pcm: oss: Fix potential out-of-bounds shift (Takashi Iwai) - USB: sisusbvga: Make console support depend on BROKEN (Thomas Gleixner) - USB: UAS: introduce a quirk to set no_write_same (Oliver Neukum) - xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (Hans de Goede) - xhci: Give USB2 ports time to enter U3 in bus suspend (Li Jun) - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (Takashi Iwai) - ALSA: usb-audio: Fix potential out-of-bounds shift (Takashi Iwai) - USB: add RESET_RESUME quirk for Snapscan 1212 (Oliver Neukum) - USB: dummy-hcd: Fix uninitialized array use in init() (Bui Quang Minh) - ktest.pl: If size of log is too big to email, email error message (Steven Rostedt (VMware)) - net: stmmac: delete the eee_ctrl_timer after napi disabled (Fugang Duan) - net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux (Martin Blumenstingl) - net: ll_temac: Fix potential NULL dereference in temac_probe() (Zhang Changzhong) - lan743x: fix for potential NULL pointer dereference with bare card (Sergej Bauer) - tcp: fix cwnd-limited bug for TSO deferral where we send nothing (Neal Cardwell) - tcp: select sane initial rcvq_space.space for big MSS (Eric Dumazet) - net: stmmac: free tx skb buffer in stmmac_resume() (Fugang Duan) - bridge: Fix a deadlock when enabling multicast snooping (Joseph Huang) - enetc: Fix reporting of h/w packet counters (Claudiu Manoil) - udp: fix the proto value passed to ip_protocol_deliver_rcu for the segments (Xin Long) - net: hns3: remove a misused pragma packed (Huazhong Tan) - vrf: packets with lladdr src needs dst at input with orig_iif when needs strict (Stephen Suryaputra) - net: bridge: vlan: fix error return code in __vlan_add() (Zhang Changzhong) - mac80211: mesh: fix mesh_pathtbl_init() error path (Eric Dumazet) - ipv4: fix error return code in rtm_to_fib_config() (Zhang Changzhong) - ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() (Peilin Ye) - LTS tag: v5.4.84 (Jack Vogel) - compiler.h: fix barrier_data() on clang (Arvind Sankar) - mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING (Minchan Kim) - x86/apic/vector: Fix ordering in vector assignment (Thomas Gleixner) - x86/membarrier: Get rid of a dubious optimization (Andy Lutomirski) - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (Arvind Sankar) - scsi: be2iscsi: Revert 'Fix a theoretical leak in beiscsi_create_eqs()' (Dan Carpenter) - proc: use untagged_addr() for pagemap_read addresses (Miles Chen) - kbuild: avoid static_assert for genksyms (Arnd Bergmann) - drm/i915/display/dp: Compute the correct slice count for VDSC on DP (Manasi Navare) - mmc: block: Fixup condition for CMD13 polling for RPMB requests (Bean Huo) - pinctrl: amd: remove debounce filter setting in IRQ type setting (Coiby Xu) - Input: i8042 - add Acer laptops to the i8042 reset list (Chris Chiu) - Input: cm109 - do not stomp on control URB (Dmitry Torokhov) - ktest.pl: Fix incorrect reboot for grub2bls (Libo Chen) - can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0 (Pankaj Sharma) - platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet (Hans de Goede) - platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC (Max Verevkin) - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (Timo Witte) - platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen (Hans de Goede) - platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e (Hans de Goede) - arm64: tegra: Disable the ACONNECT for Jetson TX2 (Jon Hunter) - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (Hao Si) - spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts (Ran Wang) - irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend (Xu Qiang) - ibmvnic: skip tx timeout reset while in resetting (Lijun Pan) - interconnect: qcom: qcs404: Remove GPU and display RPM IDs (Georgi Djakov) - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (Can Guo) - ARC: stack unwinding: don't assume non-current task is sleeping (Vineet Gupta) - arm64: dts: broadcom: clear the warnings caused by empty dma-ranges (Zhen Lei) - powerpc: Drop -me200 addition to build flags (Michael Ellerman) - iwlwifi: mvm: fix kernel panic in case of assert during CSA (Sara Sharon) - iwlwifi: pcie: set LTR to avoid completion timeout (Johannes Berg) - arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. (Markus Reichl) - iwlwifi: pcie: limit memory read spin time (Johannes Berg) - x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S (Fangrui Song) - Kbuild: do not emit debug info for assembly with LLVM_IAS=1 (Nick Desaulniers) [5.4.17-2102.201.1uek] - IB/mlx5: Reduce max order of memory allocated for xlt update (Praveen Kumar Kannoju) [Orabug: 32751624] - netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson) [Orabug: 32709120] {CVE-2021-29650} - perf/x86/intel: Fix a crash caused by zero PEBS status (Kan Liang) [Orabug: 32669468] {CVE-2021-28971} - btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana) [Orabug: 32669450] {CVE-2021-28964} [5.4.17-2102.201.0uek] - uek-rpm: Update SecureBoot Digicert 2021 certificates (Jack Vogel) [Orabug: 32532663] - RDMA/rxe: ipc_bench fails on SoftRoCE with shpd (Rao Shoaib) [Orabug: 32716155] - vhost-vdpa: set v->config_ctx to NULL if eventfd_ctx_fdget() fails (Stefano Garzarella) [Orabug: 32696005] {CVE-2021-29266} - vhost-vdpa: fix use-after-free of v->config_ctx (Stefano Garzarella) [Orabug: 32696005] {CVE-2021-29266} - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 32669269] {CVE-2021-28950} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 32669269] {CVE-2021-28950} - RDMA/core: Fix corrupted SL on passive side (Hakon Bugge) [Orabug: 32662965] - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651473] {CVE-2021-28038} - RDMA/rxe: Compute the maximum sges and inline size based on the WQE size (Rao Shoaib) [Orabug: 32648060] - KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li) [Orabug: 32641672] - xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32640116] - uek-rpm: ol7: aarch64: add CONFIG_ACPI_HOTPLUG_MEMORY (Mihai Carabas) [Orabug: 32638660] - KVM: SVM: Disable AVIC before setting V_IRQ (Suravee Suthikulpanit) [Orabug: 32603569] - KVM: Introduce kvm_make_all_cpus_request_except() (Suravee Suthikulpanit) [Orabug: 32603569] - KVM: X86: correct meaningless kvm_apicv_activated() check (Paolo Bonzini) [Orabug: 32603569] - KVM: Disable preemption in kvm_get_running_vcpu() (Marc Zyngier) [Orabug: 32603569] - KVM: Move running VCPU from ARM to common code (Paolo Bonzini) [Orabug: 32603569] - xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich) [Orabug: 32697850] {CVE-2021-28688} - video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui) [Orabug: 32651461] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28038 CVE-2021-28688 CVE-2021-28964 CVE-2021-29650 CVE-2021-28950 CVE-2021-3411 CVE-2021-28971 CVE-2021-29266 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.201.3.el8] - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Ali Saidi) [Orabug: 32805544] [5.4.17-2102.201.2.el8] - md/bitmap: wait for external bitmap writes to complete during tear down (Sudhakar Panneerselvam) [Orabug: 32764237] - ocfs2: fix deadlock between setattr and dio_end_io_write (Wengang Wang) [Orabug: 32763849] - tcp: do not mess with cloned skbs in tcp_add_backlog() (Eric Dumazet) [Orabug: 32760314] - Revert 'x86/vmlinux: Use INT3 instead of NOP for linker fill bytes' (John Donnelly) [Orabug: 32576398] {CVE-2021-3411} - iommu/vt-d: Fix agaw for a supported 48 bit guest address width (Saeed Mirzamohammadi) [Orabug: 32734148] - LTS tag: v5.4.85 (Jack Vogel) - x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (Xiaochen Shen) - x86/resctrl: Remove unused struct mbm_state::chunks_bw (James Morse) - membarrier: Explicitly sync remote cores when SYNC_CORE is requested (Andy Lutomirski) - Revert 'selftests/ftrace: check for do_sys_openat2 in user-memory test' (Kamal Mostafa) - KVM: mmu: Fix SPTE encoding of MMIO generation upper half (Maciej S. Szmigiero) - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (Alexander Sverdlin) - ALSA: pcm: oss: Fix potential out-of-bounds shift (Takashi Iwai) - USB: sisusbvga: Make console support depend on BROKEN (Thomas Gleixner) - USB: UAS: introduce a quirk to set no_write_same (Oliver Neukum) - xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (Hans de Goede) - xhci: Give USB2 ports time to enter U3 in bus suspend (Li Jun) - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (Takashi Iwai) - ALSA: usb-audio: Fix potential out-of-bounds shift (Takashi Iwai) - USB: add RESET_RESUME quirk for Snapscan 1212 (Oliver Neukum) - USB: dummy-hcd: Fix uninitialized array use in init() (Bui Quang Minh) - ktest.pl: If size of log is too big to email, email error message (Steven Rostedt (VMware)) - net: stmmac: delete the eee_ctrl_timer after napi disabled (Fugang Duan) - net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux (Martin Blumenstingl) - net: ll_temac: Fix potential NULL dereference in temac_probe() (Zhang Changzhong) - lan743x: fix for potential NULL pointer dereference with bare card (Sergej Bauer) - tcp: fix cwnd-limited bug for TSO deferral where we send nothing (Neal Cardwell) - tcp: select sane initial rcvq_space.space for big MSS (Eric Dumazet) - net: stmmac: free tx skb buffer in stmmac_resume() (Fugang Duan) - bridge: Fix a deadlock when enabling multicast snooping (Joseph Huang) - enetc: Fix reporting of h/w packet counters (Claudiu Manoil) - udp: fix the proto value passed to ip_protocol_deliver_rcu for the segments (Xin Long) - net: hns3: remove a misused pragma packed (Huazhong Tan) - vrf: packets with lladdr src needs dst at input with orig_iif when needs strict (Stephen Suryaputra) - net: bridge: vlan: fix error return code in __vlan_add() (Zhang Changzhong) - mac80211: mesh: fix mesh_pathtbl_init() error path (Eric Dumazet) - ipv4: fix error return code in rtm_to_fib_config() (Zhang Changzhong) - ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() (Peilin Ye) - LTS tag: v5.4.84 (Jack Vogel) - compiler.h: fix barrier_data() on clang (Arvind Sankar) - mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING (Minchan Kim) - x86/apic/vector: Fix ordering in vector assignment (Thomas Gleixner) - x86/membarrier: Get rid of a dubious optimization (Andy Lutomirski) - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (Arvind Sankar) - scsi: be2iscsi: Revert 'Fix a theoretical leak in beiscsi_create_eqs()' (Dan Carpenter) - proc: use untagged_addr() for pagemap_read addresses (Miles Chen) - kbuild: avoid static_assert for genksyms (Arnd Bergmann) - drm/i915/display/dp: Compute the correct slice count for VDSC on DP (Manasi Navare) - mmc: block: Fixup condition for CMD13 polling for RPMB requests (Bean Huo) - pinctrl: amd: remove debounce filter setting in IRQ type setting (Coiby Xu) - Input: i8042 - add Acer laptops to the i8042 reset list (Chris Chiu) - Input: cm109 - do not stomp on control URB (Dmitry Torokhov) - ktest.pl: Fix incorrect reboot for grub2bls (Libo Chen) - can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0 (Pankaj Sharma) - platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet (Hans de Goede) - platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC (Max Verevkin) - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (Timo Witte) - platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen (Hans de Goede) - platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e (Hans de Goede) - arm64: tegra: Disable the ACONNECT for Jetson TX2 (Jon Hunter) - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (Hao Si) - spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts (Ran Wang) - irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend (Xu Qiang) - ibmvnic: skip tx timeout reset while in resetting (Lijun Pan) - interconnect: qcom: qcs404: Remove GPU and display RPM IDs (Georgi Djakov) - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (Can Guo) - ARC: stack unwinding: don't assume non-current task is sleeping (Vineet Gupta) - arm64: dts: broadcom: clear the warnings caused by empty dma-ranges (Zhen Lei) - powerpc: Drop -me200 addition to build flags (Michael Ellerman) - iwlwifi: mvm: fix kernel panic in case of assert during CSA (Sara Sharon) - iwlwifi: pcie: set LTR to avoid completion timeout (Johannes Berg) - arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. (Markus Reichl) - iwlwifi: pcie: limit memory read spin time (Johannes Berg) - x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S (Fangrui Song) - Kbuild: do not emit debug info for assembly with LLVM_IAS=1 (Nick Desaulniers) [5.4.17-2102.201.1.el8] - IB/mlx5: Reduce max order of memory allocated for xlt update (Praveen Kumar Kannoju) [Orabug: 32751624] - netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson) [Orabug: 32709120] {CVE-2021-29650} - perf/x86/intel: Fix a crash caused by zero PEBS status (Kan Liang) [Orabug: 32669468] {CVE-2021-28971} - btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana) [Orabug: 32669450] {CVE-2021-28964} - uek-rpm: Update SecureBoot Digicert 2021 certificates (Jack Vogel) [Orabug: 32532663] - RDMA/rxe: ipc_bench fails on SoftRoCE with shpd (Rao Shoaib) [Orabug: 32716155] - vhost-vdpa: set v->config_ctx to NULL if eventfd_ctx_fdget() fails (Stefano Garzarella) [Orabug: 32696005] {CVE-2021-29266} - vhost-vdpa: fix use-after-free of v->config_ctx (Stefano Garzarella) [Orabug: 32696005] {CVE-2021-29266} - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 32669269] {CVE-2021-28950} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 32669269] {CVE-2021-28950} - RDMA/core: Fix corrupted SL on passive side (Hakon Bugge) [Orabug: 32662965] - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651473] {CVE-2021-28038} - RDMA/rxe: Compute the maximum sges and inline size based on the WQE size (Rao Shoaib) [Orabug: 32648060] - KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li) [Orabug: 32641672] - xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32640116] - uek-rpm: ol7: aarch64: add CONFIG_ACPI_HOTPLUG_MEMORY (Mihai Carabas) [Orabug: 32638660] - KVM: SVM: Disable AVIC before setting V_IRQ (Suravee Suthikulpanit) [Orabug: 32603569] - KVM: Introduce kvm_make_all_cpus_request_except() (Suravee Suthikulpanit) [Orabug: 32603569] - KVM: X86: correct meaningless kvm_apicv_activated() check (Paolo Bonzini) [Orabug: 32603569] - KVM: Disable preemption in kvm_get_running_vcpu() (Marc Zyngier) [Orabug: 32603569] - KVM: Move running VCPU from ARM to common code (Paolo Bonzini) [Orabug: 32603569] - xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich) [Orabug: 32697850] {CVE-2021-28688} - video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui) [Orabug: 32651461] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28038 CVE-2021-28688 CVE-2021-28964 CVE-2021-29650 CVE-2021-28950 CVE-2021-3411 CVE-2021-28971 CVE-2021-29266 Oracle Linux 7 [4.14.35-2047.503.1] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759961] {CVE-2021-29154} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32781585] - ext4: handle error of ext4_setup_system_zone() on remount (Jan Kara) [Orabug: 32656590] {CVE-2021-3428} [4.14.35-2047.503.0] - tcp: do not mess with cloned skbs in tcp_add_backlog() (Eric Dumazet) [Orabug: 32660047] - iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (Suravee Suthikulpanit) [Orabug: 32640437] - iommu/amd: Increase interrupt remapping table limit to 512 entries (Suravee Suthikulpanit) [Orabug: 32640437] - rds: ib: move statistics counting from caller to callee in rds_ib_recv_refill (Hakon Bugge) [Orabug: 32702021] - uek-rpm: Enable IRQ time accounting option for UEK5 (Saeed Mirzamohammadi) [Orabug: 32733985] - btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana) [Orabug: 32669453] {CVE-2021-28964} - perf/x86/intel: Fix a crash caused by zero PEBS status (Kan Liang) [Orabug: 32669472] {CVE-2021-28971} - xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich) [Orabug: 32697854] {CVE-2021-28688} - ocfs2: fix deadlock between setattr and dio_end_io_write (Wengang Wang) [Orabug: 32545320] - rds: Add code to debug rds_tcp loopback hang (Rao Shoaib) [Orabug: 32422982] - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson) [Orabug: 32709123] {CVE-2021-29650} - netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore (Florian Westphal) [Orabug: 32709123] {CVE-2021-29650} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-27170 CVE-2020-27171 CVE-2021-28688 CVE-2021-28964 CVE-2021-29650 CVE-2021-3428 CVE-2021-28971 CVE-2021-29154 Oracle Linux 7 [4.14.35-2047.503.1.el7] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759961] {CVE-2021-29154} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32781585] - ext4: handle error of ext4_setup_system_zone() on remount (Jan Kara) [Orabug: 32656590] {CVE-2021-3428} [4.14.35-2047.503.0.el7] - tcp: do not mess with cloned skbs in tcp_add_backlog() (Eric Dumazet) [Orabug: 32660047] - iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (Suravee Suthikulpanit) [Orabug: 32640437] - iommu/amd: Increase interrupt remapping table limit to 512 entries (Suravee Suthikulpanit) [Orabug: 32640437] - rds: ib: move statistics counting from caller to callee in rds_ib_recv_refill (Hakon Bugge) [Orabug: 32702021] - uek-rpm: Enable IRQ time accounting option for UEK5 (Saeed Mirzamohammadi) [Orabug: 32733985] - btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana) [Orabug: 32669453] {CVE-2021-28964} - perf/x86/intel: Fix a crash caused by zero PEBS status (Kan Liang) [Orabug: 32669472] {CVE-2021-28971} - xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich) [Orabug: 32697854] {CVE-2021-28688} - ocfs2: fix deadlock between setattr and dio_end_io_write (Wengang Wang) [Orabug: 32545320] - rds: Add code to debug rds_tcp loopback hang (Rao Shoaib) [Orabug: 32422982] - bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - bpf: Simplify alu_limit masking for pointer arithmetic (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) [Orabug: 32656764] {CVE-2020-27170} {CVE-2020-27171} - netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson) [Orabug: 32709123] {CVE-2021-29650} - netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore (Florian Westphal) [Orabug: 32709123] {CVE-2021-29650} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-27170 CVE-2020-27171 CVE-2021-28688 CVE-2021-28964 CVE-2021-29650 CVE-2021-3428 CVE-2021-28971 CVE-2021-29154 Oracle Linux 6 [4:5.10.1-144.0.1] - Backport patch for CVE-2020-10543 [Orabug: 32855589] - Backport patch for CVE-2020-10878 [Orabug: 32855589] - Backport patch for CVE-2020-12723 [Orabug: 32855589] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Oracle Linux 8 helm [3.3.4-2] - Address CVE-2021-27918 coredns [1.7.0-1] - Added Oracle specific build files cri-o [1.18.4-2] - Fix for CVE-2021-27918 [1.18.4-1] - Added Oracle Specifile Files for cri-o cri-tools [1.18.0-2] - Address CVE-2021-27918 etcd [3.4.3-1.0.5] - Address CVE-2021-27918 flannel [0.12.0-2] - Address CVE-2021-27918 [0.12.0-1] - Release of flannel-0.12.0-1 yq [3.4.0-2] - Address CVE-2021-27918 conmon [2.0.20-4] - Address CVE-2021-27918 conmon [3:2.0.21-4] - Address CVE-2021-27918 kata-proxy [1.11.5-2] - Address CVE-2021-27918 kata-shim [1.11.5-2] - Address CVE-2021-27918 kata-runtime [1.11.5-2] - Address CVE-2021-27918 kata-ksm-throttler [1.11.5-2] - Address CVE-2021-27918 kata-image [1.11.5-2] - Address CVE-2021-27918 kata-agent [1.11.5-2] - Fix for CVE-2021-27918 kata [1.11.5-4] - Address CVE-2021-27918 [1.11.5-3] - Support 1.19, 1.20 k8s kubernetes-cni-plugins [0.8.7-2] - Removed BuildArch to support ARM builds kubernetes-cni [0.8.0-3] - Address CVE-2021-27918 kubernetes-dashboard [2.0.3-2] - Address CVE-2021-27918 kubernetes [1.18.18-1] - Address CVE-2021-27918 istio [1.7.3-1.0.2] - Address CVE-2021-27918 [1.7.3-1.0.1] - Run gateway pods as root user to workaround ports lessthan 1024 binding failures [1.7.3-1.0.0] - Added Oracle Specific Build Files for istio/istio olcne [1.2.3-9] - Updated version for istio-module grafana: v6.7.4-3 and prometheus: v2.20.0-1 [1.2.3-8] - Revert istio version to 1.7.3-1 which has just golang CVE fixes [1.2.3-7] - Fix k8s update path - Update el8 conmon pre-install [1.2.3-6] - Updated updatepath in kubernetes.yaml and image version in templates [1.2.3-5] - Added missing info for 1.18.18 in kubernetes.yaml and helm.yaml - Updated image repository in templates [1.2.3-4] - Fix for the failure of kubernetes restore [Orabug: 32310718] [1.2.3-3] - Address Istio CVE-2021-28683, CVE-2021-28682 & CVE-2021-29258 [1.2.3-2] - fix bug where externalip cidr's can't fully be disabled [1.2.3-1] - Bug Fix: Update istio module definition to pass instance name for release resource IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27918 Oracle Linux 7 coredns [1.7.0-1] - Added Oracle specific build files cri-o [1.18.4-2] - Fix for CVE-2021-27918 [1.18.4-1] - Added Oracle Specifile Files for cri-o cri-tools [1.18.0-2] - Address CVE-2021-27918 etcd [3.4.3-1.0.5] - Address CVE-2021-27918 flannel [0.12.0-2] - Address CVE-2021-27918 yq [3.4.0-2] - Address CVE-2021-27918 conmon [2.0.20-4] - Address CVE-2021-27918 conmon [3:2.0.21-4] - Address CVE-2021-27918 helm [3.3.4-2] - Address CVE-2021-27918 kata-proxy [1.11.5-2] - Address CVE-2021-27918 kata-shim [1.11.5-2] - Address CVE-2021-27918 kata-runtime [1.11.5-2] - Address CVE-2021-27918 kata-ksm-throttler [1.11.5-2] - Address CVE-2021-27918 kata-image [1.11.5-2] - Address CVE-2021-27918 kata-agent [1.11.5-2] - Fix for CVE-2021-27918 kata [1.11.5-4] - Address CVE-2021-27918 [1.11.5-3] - Support 1.19, 1.20 k8s kubernetes-cni-plugins [0.8.7-2] - Removed BuildArch to support ARM builds kubernetes-cni [0.8.0-3] - Address CVE-2021-27918 kubernetes-dashboard [2.0.3-2] - Address CVE-2021-27918 kubernetes [1.18.18-1] - Address CVE-2021-27918 istio [1.7.3-1.0.2] - Address CVE-2021-27918 [1.7.3-1.0.1] - Run gateway pods as root user to workaround ports lessthan 1024 binding failures [1.7.3-1.0.0] - Added Oracle Specific Build Files for istio/istio olcne [1.2.3-9] - Updated version for istio-module grafana: v6.7.4-3 and prometheus: v2.20.0-1 [1.2.3-8] - Revert istio version to 1.7.3-1 which has just golang CVE fixes [1.2.3-7] - Fix k8s update path - Update el8 conmon pre-install [1.2.3-6] - Updated updatepath in kubernetes.yaml and image version in templates [1.2.3-5] - Added missing info for 1.18.18 in kubernetes.yaml and helm.yaml - Updated image repository in templates [1.2.3-4] - Fix for the failure of kubernetes restore [Orabug: 32310718] [1.2.3-3] - Address Istio CVE-2021-28683, CVE-2021-28682 & CVE-2021-29258 [1.2.3-2] - fix bug where externalip cidr's can't fully be disabled [1.2.3-1] - Bug Fix: Update istio module definition to pass instance name for release resource IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27918 Oracle Linux 8 [2.28-151.0.1.el8_4] - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutex_spin_count tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> - add Ampere emag to tunable cpu list (Patrick McGehearty) - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile - Both should test - if (stream->_flags & _IO_USER_LOCK) == 0) - _IO_lock_lock (*stream->_lock); - OraBug: 28481550. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> [2.28-153] - Support SEM_STAT_ANY via semctl. Return EINVAL for unknown commands to semctl, msgctl, and shmctl. (#1912670) [2.28-151] - CVE-2019-9169: Fix buffer overread in regexec.c (#1685400). [2.28-150] - Rebuild glibc to update security markup metadata (#1931305) [2.28-149] - Fix NSS files and compat service upgrade defect (#1927040). [2.28-148] - CVE-2021-3326: iconv assertion failure in ISO-2022-JP-3 decoding (#1924919) [2.28-147] - x86-64: Fix FMA4 math routine selection after bug 1817513 (#1918115) [2.28-146] - CVE-2019-25013:Fix buffer overrun in EUC-KR conversion module (#1912544) [2.28-145] - Update glibc-hwcaps fix from upstream (#1817513) [2.28-144] - Support running libc.so.6 as a main program in more cases (#1882466) [2.28-142] - Add glibc-hwcaps support (#1817513) - Implement DT_AUDIT support (#1871385) [2.28-141] - Update Intel CET support (#1855790) [2.28-140] - Fix calling lazily-bound SVE-using functions on AArch64 (#1893662) [2.28-139] - CVE-2016-10228, CVE-2020-27618: Fix infinite loops in iconv (#1704868, [2.28-138] - Avoid comments after %endif in the RPM spec file (#1894340) [2.28-137] - x86: Further memcpy optimizations for AMD Zen (#1880670) [2.28-136] - Allow __getauxval in testsuite check (#1856398) [2.28-135] - Use -moutline-atomics for aarch64 (#1856398) [2.28-134] - resolv: Handle DNS transaction ID collisions (#1868106) [2.28-133] - x86: Update auto-tuning of memcpy non-temporal threshold (#1880670) [2.28-132] - Fix fgetsgent_r data corruption bug (#1871397) [2.28-131] - Improve IBM zSeries (s390x) Performance (#1871395) [2.28-130] - Fix avx2 strncmp offset compare condition check (#1871394) - Add strncmp and strcmp testcases for page boundary [2.28-129] - Improve IBM POWER9 architecture performance (#1871387) [2.28-128] - Enable glibc for POWER10 (#1845098) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2016-10228 CVE-2019-9169 CVE-2020-27618 CVE-2021-3326 CVE-2019-25013 Oracle Linux 7 [15:4.2.1-9.el7] - Revert 'oslib-posix: refactor memory prealloc threads' (Mark Kanda) [Orabug: 32903662] - Revert 'oslib-posix: initialize backend memory objects in parallel' (Mark Kanda) [Orabug: 32903662] [15:4.2.1-8.el7] - i386/pc: let iterator handle regions below 4G (Joao Martins) [15:4.2.1-7.el7] - arm/virt: Add memory hot remove support (Mihai Carabas) [Orabug: 32643506] - i386/pc: consolidate usable iova iteration (Joao Martins) - i386/acpi: fix SRAT ranges in accordance to usable IOVA (Joao Martins) - migration: increase listening socket backlog (Elena Ufimtseva) [Orabug: 32792545] - multifd: Make multifd_save_setup() get an Error parameter (Juan Quintela) - multifd: Make multifd_load_setup() get an Error parameter (Juan Quintela) - migration: fix maybe-uninitialized warning (Marc-Andre Lureau) - migration: Fix the re-run check of the migrate-incoming command (Yury Kotov) - multifd: Initialize local variable (Juan Quintela) - multifd: Be consistent about using uint64_t (Juan Quintela) - Bug #1829242 correction. (Alexey Romko) - migration/multifd: fix destroyed mutex access in terminating multifd threads (Jiahui Cen) - migration/multifd: fix nullptr access in terminating multifd threads (Jiahui Cen) - migration/multifd: not use multifd during postcopy (Wei Yang) - migration/multifd: clean pages after filling packet (Wei Yang) - migration: Make sure that we don't call write() in case of error (Juan Quintela) - migration: fix multifd_send_pages() next channel (Laurent Vivier) - migration/multifd: bypass uuid check for initial packet (Elena Ufimtseva) [Orabug: 32610480] - migration/tls: add error handling in multifd_tls_handshake_thread (Hao Wang) - migration/tls: fix inverted semantics in multifd_channel_connect (Hao Wang) - migration/multifd: do not access uninitialized multifd_recv_state (Elena Ufimtseva) [Orabug: 32795384] - io/channel-tls.c: make qio_channel_tls_shutdown thread-safe (Lukas Straub) - qemu.spec: Enable qemu-guest-agent RPM for OL7 (Karl Heubaum) [Orabug: 32415543] - virtio-net: Set mac address to hardware if the peer is vdpa (Cindy Lu) - net: Add vhost-vdpa in show_netdevs() (Cindy Lu) - vhost-vdpa: Add qemu_close in vhost_vdpa_cleanup (Cindy Lu) - hw/virtio/vhost-vdpa: Fix Coverity CID 1432864 (Philippe Mathieu-Daude) - vhost-vdpa: negotiate VIRTIO_NET_F_STATUS with driver (Si-Wei Liu) - configure: Fix build dependencies with vhost-vdpa. (Laurent Vivier) - configure: simplify vhost condition with Kconfig (Marc-Andre Lureau) - vhost-vdpa: add trace-events (Laurent Vivier) - dma/pl330: Fix qemu_hexdump() usage in pl330.c (Mark Kanda) - util/hexdump: introduce qemu_hexdump_line() (Laurent Vivier) - util/hexdump: Reorder qemu_hexdump() arguments (Philippe Mathieu-Daude) - util/hexdump: Convert to take a void pointer argument (Philippe Mathieu-Daude) - net/colo-compare.c: Only hexdump packets if tracing is enabled (Lukas Straub) - vhost-vdpa: batch updating IOTLB mappings (Jason Wang) - vhost: switch to use IOTLB v2 format (Jason Wang) - vhost-vdpa: remove useless variable (Laurent Vivier) - virtio: vdpa: omit check return of g_malloc (Li Qiang) - vhost-vdpa: fix indentation in vdpa_ops (Stefano Garzarella) - virtio-net: check the existence of peer before accessing vDPA config (Jason Wang) - virtio-pci: fix wrong index in virtio_pci_queue_enabled (Yuri Benditovich) - virtio-pci: fix virtio_pci_queue_enabled() (Laurent Vivier) - vhost-vdpa :Fix Coverity CID 1430270 / CID 1420267 (Cindy Lu) - vhost-vdpa: fix the compile issue without kvm (Cindy Lu) - vhost-vdpa: introduce vhost-vdpa net client (Cindy Lu) - vhost-vdpa: introduce vhost-vdpa backend (Cindy Lu) - linux headers: sync to 5.9-rc4 (Jason Wang) - Linux headers: update (Cornelia Huck) - virtio-net: fix rsc_ext compat handling (Cornelia Huck) - linux-headers: update against Linux 5.7-rc3 (Cornelia Huck) - virtiofsd: Pull in kernel's fuse.h (Dr. David Alan Gilbert) - linux-headers: Update (Bharata B Rao) - vhost_net: introduce set_config & get_config (Cindy Lu) - vhost: implement vhost_force_iommu method (Cindy Lu) - vhost: introduce new VhostOps vhost_force_iommu (Cindy Lu) - vhost: implement vhost_vq_get_addr method (Cindy Lu) - vhost: introduce new VhostOps vhost_vq_get_addr (Cindy Lu) - vhost: implement vhost_dev_start method (Cindy Lu) - vhost: introduce new VhostOps vhost_dev_start (Cindy Lu) - vhost: check the existence of vhost_set_iotlb_callback (Jason Wang) - virtio-pci: implement queue_enabled method (Jason Wang) - virtio-bus: introduce queue_enabled method (Jason Wang) - vhost_net: use the function qemu_get_peer (Cindy Lu) - net: introduce qemu_get_peer (Cindy Lu) - vhost: correctly turn on VIRTIO_F_IOMMU_PLATFORM (Jason Wang) - imx7-ccm: add digprog mmio write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - tz-ppc: add dummy read/write methods (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - spapr_pci: add spapr msi read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - nvram: add nrf51_soc flash read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - prep: add ppc-parity write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - vfio: add quirk device write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - pci-host: designware: add pcie-msi read method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - hw/pci-host: add pci-intack write method (Prasad J Pandit) [Orabug: 31576552] {CVE-2020-15469} - oslib-posix: initialize backend memory objects in parallel (Mark Kanda) [Orabug: 32555402] - oslib-posix: refactor memory prealloc threads (Mark Kanda) [Orabug: 32555402] - oslib-posix: take lock before qemu_cond_broadcast (Bauerchen) [Orabug: 32555402] - oslib-posix: initialize mutex and condition variable (Paolo Bonzini) [Orabug: 32555402] - mem-prealloc: optimize large guest startup (bauerchen) [Orabug: 32555402] - i386: Add the support for AMD EPYC 3rd generation processors (Babu Moger) - acpi: cpuhp: document CPHP_GET_CPU_ID_CMD command (Igor Mammedov) - acpi: cpuhp: add CPHP_GET_CPU_ID_CMD command (Igor Mammedov) - acpi: cpuhp: spec: add typical usecases (Igor Mammedov) - acpi: cpuhp: spec: clarify store into 'Command data' when 'Command field' == 0 (Igor Mammedov) - acpi: cpuhp: spec: fix 'Command data' description (Igor Mammedov) - acpi: cpuhp: spec: clarify 'CPU selector' register usage and endianness (Igor Mammedov) - acpi: cpuhp: introduce 'Command data 2' field (Igor Mammedov) - x86: ich9: let firmware negotiate 'CPU hot-unplug with SMI' feature (Igor Mammedov) - x86: ich9: factor out 'guest_cpu_hotplug_features' (Igor Mammedov) - x86: acpi: let the firmware handle pending 'CPU remove' events in SMM (Igor Mammedov) - x86: acpi: introduce AcpiPmInfo::smi_on_cpu_unplug (Igor Mammedov) - acpi: cpuhp: introduce 'firmware performs eject' status/control bits (Igor Mammedov) - x68: acpi: trigger SMI before sending hotplug Notify event to OSPM (Igor Mammedov) - x86: acpi: introduce the PCI0.SMI0 ACPI device (Igor Mammedov) - x86: acpi: introduce AcpiPmInfo::smi_on_cpuhp (Igor Mammedov) - x86: ich9: expose 'smi_negotiated_features' as a QOM property (Igor Mammedov) - tests: acpi: mark to be changed tables in bios-tables-test-allowed-diff (Igor Mammedov) - acpi: add aml_land() and aml_break() primitives (Igor Mammedov) - x86: cpuhp: refuse cpu hot-unplug request earlier if not supported (Igor Mammedov) - x86: cpuhp: prevent guest crash on CPU hotplug when broadcast SMI is in use (Igor Mammedov) - x86: lpc9: let firmware negotiate 'CPU hotplug with SMI' features (Igor Mammedov) - q35: implement 128K SMRAM at default SMBASE address (Igor Mammedov) - hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register (Philippe Mathieu-Daude) [Orabug: 32470471] {CVE-2021-20221} - memory: clamp cached translation in case it points to an MMIO region (Paolo Bonzini) [Orabug: 32252673] {CVE-2020-27821} - hw/sd/sdhci: Fix DMA Transfer Block Size field (Philippe Mathieu-Daude) [Orabug: 32613470] {CVE-2021-3409} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-15469 CVE-2020-27821 CVE-2021-20221 CVE-2021-3409 Oracle Linux 7 [10.15-1] - Rebase to upstream release 10.15 Resolves: CVE-2020-25695 Resolves: CVE-2020-25694 Resolves: CVE-2020-25696 [10.14-1] - Rebase to upstream release 10.14 https://www.postgresql.org/docs/10/release-10-14.html [10.12-2] - Filter provides RHBZ#1719549 [10.12-1] - Rebase to upstream version 10.12 - Patch: backports --socketdir option for pg_upgrade IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-10130 CVE-2019-10208 CVE-2020-14349 CVE-2019-10164 CVE-2020-1720 CVE-2020-14350 CVE-2020-25694 CVE-2020-25696 CVE-2020-25695 CVE-2019-10129 Oracle Linux 7 [1.15.1-50.0.1] - Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-28196 Oracle Linux 7 [1.0.0-1.rc95] - Addresses CVE-2021-30465 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 7 [4.14.35-2047.504.2] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32887159] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32856879] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32856879] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32856879] - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860493] {CVE-2021-31916} - net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry) [Orabug: 32559464] - Linux 4.14.210 (Greg Kroah-Hartman) - USB: core: Fix regression in Hercules audio card (Alan Stern) - USB: core: add endpoint-blacklist quirk (Johan Hovold) - x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (Xiaochen Shen) - x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (Xiaochen Shen) - usb: gadget: Fix memleak in gadgetfs_fill_super (Zhang Qilong) - usb: gadget: f_midi: Fix memleak in f_midi_alloc (Zhang Qilong) - USB: core: Change %pK for __user pointers to %px (Alan Stern) - perf probe: Fix to die_entrypc() returns error correctly (Masami Hiramatsu) - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (Marc Kleine-Budde) - platform/x86: toshiba_acpi: Fix the wrong variable assignment (Kaixu Xia) - can: gs_usb: fix endianess problem with candleLight firmware (Marc Kleine-Budde) - efivarfs: revert 'fix memory leak in efivarfs_create()' (Ard Biesheuvel) - ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (Lijun Pan) - ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (Lijun Pan) - net: ena: set initial DMA width to avoid intel iommu issue (Shay Agroskin) - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (Krzysztof Kozlowski) - IB/mthca: fix return value of error branch in mthca_init_cq() (Xiongfeng Wang) - scsi: ufs: Fix race between shutdown and runtime resume flow (Stanley Chu) - batman-adv: set .owner to THIS_MODULE (Taehee Yoo) - phy: tegra: xusb: Fix dangling pointer on probe failure (Marc Zyngier) - perf/x86: fix sysfs type mismatches (Sami Tolvanen) - scsi: target: iscsi: Fix cmd abort fabric stop race (Mike Christie) - scsi: libiscsi: Fix NOP race condition (Lee Duncan) - dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size (Sugar Zhang) - nvme: free sq/cq dbbuf pointers when dbbuf set fails (Minwoo Im) - proc: don't allow async path resolution of /proc/self components (Jens Axboe) - HID: Add Logitech Dinovo Edge battery quirk (Hans de Goede) - x86/xen: don't unbind uninitialized lock_kicker_irq (Brian Masney) - dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant (Marc Ferland) - HID: hid-sensor-hub: Fix issue with devices with no report ID (Pablo Ceballos) - Input: i8042 - allow insmod to succeed on devices without an i8042 controller (Hans de Goede) - HID: cypress: Support Varmilo Keyboards' media hotkeys (Frank Yang) - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (Kai Vehmanen) - ALSA: hda/hdmi: Use single mutex unlock in error paths (Takashi Iwai) - arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Will Deacon) - arm64: pgtable: Fix pte_accessible() (Will Deacon) - btrfs: adjust return values of btrfs_inode_by_name (Su Yue) - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (Qu Wenruo) - PCI: Add device even if driver attach failed (Rajat Jain) - wireless: Use linux/stddef.h instead of stddef.h (Hauke Mehrtens) - btrfs: fix lockdep splat when reading qgroup config on mount (Filipe Manana) - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Gerald Schaefer) - perf event: Check ref_reloc_sym before using it (Igor Lubashev) - Linux 4.14.209 (Greg Kroah-Hartman) - x86/microcode/intel: Check patch signature before saving microcode for early loading (Chen Yu) - s390/dasd: fix null pointer dereference for ERP requests (Stefan Haberland) - s390/cpum_sf.c: fix file permission for cpum_sfb_size (Thomas Richter) - mac80211: free sta in sta_info_insert_finish() on errors (Johannes Berg) - mac80211: minstrel: fix tx status processing corner case (Felix Fietkau) - mac80211: minstrel: remove deferred sampling code (Felix Fietkau) - xtensa: disable preemption around cache alias management calls (Max Filippov) - regulator: workaround self-referent regulators (Michal Miroslaw) - regulator: avoid resolve_supply() infinite recursion (Michal Miroslaw) - regulator: fix memory leak with repeated set_machine_constraints() (Michal Miroslaw) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (Hans de Goede) - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (Hans de Goede) - ext4: fix bogus warning in ext4_update_dx_flag() (Jan Kara) - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (Brian O'Keefe) - efivarfs: fix memory leak in efivarfs_create() (Vamshi K Sthambamkadi) - tty: serial: imx: keep console clocks always on (Fugang Duan) - ALSA: mixart: Fix mutex deadlock (Takashi Iwai) - ALSA: ctl: fix error path at adding user-defined element set (Takashi Sakamoto) - speakup: Do not let the line discipline be used several times (Samuel Thibault) - powerpc/uaccess-flush: fix missing includes in kup-radix.h (Daniel Axtens) - libfs: fix error cast of negative value in simple_attr_write() (Yicong Yang) - xfs: revert 'xfs: fix rmap key and record comparison functions' (Darrick J. Wong) - regulator: ti-abb: Fix array out of bound read access on the first transition (Nishanth Menon) - MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu (Zhang Qilong) - ASoC: qcom: lpass-platform: Fix memory leak (Srinivasa Rao Mandadapu) - can: m_can: m_can_handle_state_change(): fix state change (Wu Bo) - can: peak_usb: fix potential integer overflow on shift of a int (Colin Ian King) - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (Marc Kleine-Budde) - can: ti_hecc: Fix memleak in ti_hecc_probe (Zhang Qilong) - can: dev: can_restart(): post buffer from the right context (Alejandro Concepcion Rodriguez) - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (Anant Thazhemadam) - can: af_can: prevent potential access of uninitialized member in can_rcv() (Anant Thazhemadam) - perf lock: Don't free 'lock_seq_stat' if read_count isn't zero (Leo Yan) - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (Fabio Estevam) - arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (Sergey Matyukevich) - MIPS: export has_transparent_hugepage() for modules (Randy Dunlap) - Input: adxl34x - clean up a data type in adxl34x_probe() (Dan Carpenter) - vfs: remove lockdep bogosity in __sb_start_write (Darrick J. Wong) - arm64: psci: Avoid printing in cpu_psci_cpu_die() (Will Deacon) - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq (Jianqun Xu) - net: ftgmac100: Fix crash when removing driver (Joel Stanley) - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate (Ryan Sharpelletti) - net: usb: qmi_wwan: Set DTR quirk for MR400 (Filip Moc) - net/mlx5: Disable QoS when min_rates on all VFs are zero (Vladyslav Tarasiuk) - sctp: change to hold/put transport for proto_unreach_timer (Xin Long) - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (Zhang Changzhong) - net: x25: Increase refcnt of 'struct x25_neigh' in x25_rx_call_request (Xie He) - net/mlx4_core: Fix init_hca fields offset (Aya Levin) - netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() (Paul Moore) - netlabel: fix our progress tracking in netlbl_unlabel_staticlist() (Paul Moore) - net: Have netpoll bring-up DSA management interface (Florian Fainelli) - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (Tobias Waldekranz) - net: bridge: add missing counters to ndo_get_stats64 callback (Heiner Kallweit) - net: b44: fix error return code in b44_init_one() (Zhang Changzhong) - mlxsw: core: Use variable timeout for EMAD retries (Ido Schimmel) - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (Wang Hai) - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() (Wang Hai) - atm: nicstar: Unmap DMA on send error (Sebastian Andrzej Siewior) - ah6: fix error return code in ah6_input() (Zhang Changzhong) [4.14.35-2047.504.1] - Linux 4.14.208 (Greg Kroah-Hartman) - ACPI: GED: fix -Wformat (Nick Desaulniers) - can: proc: can_remove_proc(): silence remove_proc_entry warning (Zhang Changzhong) - mac80211: always wind down STA state (Johannes Berg) - Input: sunkbd - avoid use-after-free in teardown paths (Dmitry Torokhov) - powerpc/8xx: Always fault when _PAGE_ACCESSED is not set (Christophe Leroy) - gpio: mockup: fix resource leak in error path (Bartosz Golaszewski) - i2c: imx: Fix external abort on interrupt in exit paths (Krzysztof Kozlowski) - i2c: imx: use clk notifier for rate changes (Lucas Stach) - powerpc/64s: flush L1D after user accesses (Nicholas Piggin) {CVE-2020-4788} - powerpc/uaccess: Evaluate macro arguments once, before user access is allowed (Nicholas Piggin) - powerpc: Fix __clear_user() with KUAP enabled (Andrew Donnellan) - powerpc: Implement user_access_begin and friends (Christophe Leroy) - powerpc: Add a framework for user access tracking (Christophe Leroy) - powerpc/64s: flush L1D on kernel entry (Nicholas Piggin) {CVE-2020-4788} - powerpc/64s: move some exception handlers out of line (Daniel Axtens) - powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL (Daniel Axtens) - Linux 4.14.207 (Greg Kroah-Hartman) - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (Nicholas Piggin) - Convert trailing spaces and periods in path components (Boris Protopopov) - reboot: fix overflow parsing reboot cpu number (Matteo Croce) - Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (Matteo Croce) - perf/core: Fix crash when using HW tracing kernel filters (Mathieu Poirier) - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (Anand K Mistry) - random32: make prandom_u32() output unpredictable (George Spelvin) - net: Update window_clamp if SOCK_RCVBUF is set (Mao Wenan) - r8169: fix potential skb double free in an error path (Heiner Kallweit) - vrf: Fix fast path output packet handling with async Netfilter rules (Martin Willi) - net/x25: Fix null-ptr-deref in x25_connect (Martin Schiller) - net/af_iucv: fix null pointer dereference on shutdown (Ursula Braun) - IPv6: Set SIT tunnel hard_header_len to zero (Oliver Herms) - swiotlb: fix 'x86: Don't panic if can not alloc buffer for swiotlb' (Stefano Stabellini) - pinctrl: amd: fix incorrect way to disable debounce filter (Coiby Xu) - pinctrl: amd: use higher precision for 512 RtcClk (Coiby Xu) - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (Thomas Zimmermann) - don't dump the threads that had been already exiting when zapped. (Al Viro) - selinux: Fix error return code in sel_ib_pkey_sid_slow() (Chen Zhou) - mei: protect mei_cl_mtu from null dereference (Alexander Usyskin) - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (Chris Brandt) - uio: Fix use-after-free in uio_unregister_device() (Shin'ichiro Kawasaki) - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (Jing Xiangfeng) - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (Joseph Qi) - ext4: correctly report 'not supported' for {usr,grp}jquota when !CONFIG_QUOTA (Kaixu Xia) - perf: Fix get_recursion_context() (Peter Zijlstra) - cosa: Add missing kfree in error path of cosa_write (Wang Hai) - of/address: Fix of_node memory leak in of_dma_is_coherent (Evan Nimmo) - xfs: fix a missing unlock on error in xfs_fs_map_blocks (Christoph Hellwig) - xfs: fix rmap key and record comparison functions (Darrick J. Wong) - xfs: fix flags argument to rmap lookup when converting shared file rmaps (Darrick J. Wong) - nbd: fix a block_device refcount leak in nbd_release (Christoph Hellwig) - pinctrl: aspeed: Fix GPI only function problem. (Billy Tsai) - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template (Andrew Jeffery) - pinctrl: intel: Set default bias in case no particular value given (Andy Shevchenko) - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (Hannes Reinecke) - cfg80211: regulatory: Fix inconsistent format argument (Ye Bin) - mac80211: fix use of skb payload instead of header (Johannes Berg) - drm/amdgpu: perform srbm soft reset always on SDMA resume (Evan Quan) - scsi: hpsa: Fix memory leak in hpsa_init_one() (Keita Suzuki) - gfs2: check for live vs. read-only file system in gfs2_fitrim (Bob Peterson) - gfs2: Add missing truncate_inode_pages_final for sd_aspace (Bob Peterson) - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (Bob Peterson) - usb: gadget: goku_udc: fix potential crashes in probe (Evgeny Novikov) - ath9k_htc: Use appropriate rs_datalen type (Masashi Honma) - Btrfs: fix missing error return if writeback for extent buffer never started (Filipe Manana) - xfs: flush new eof page on truncate to avoid post-eof corruption (Brian Foster) - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (Stephane Grosjean) - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (Stephane Grosjean) - can: peak_usb: add range checking in decode operations (Dan Carpenter) - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (Oleksij Rempel) - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (Oliver Hartkopp) - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (Vincent Mailhol) - can: rx-offload: don't call kfree_skb() from IRQ context (Marc Kleine-Budde) - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (Dan Carpenter) - perf tools: Add missing swap for ino_generation (Jiri Olsa) - net: xfrm: fix a race condition during allocing spi (zhuoliang zhang) - hv_balloon: disable warning when floor reached (Olaf Hering) - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (Marc Zyngier) - btrfs: reschedule when cloning lots of extents (Johannes Thumshirn) - btrfs: sysfs: init devices outside of the chunk_mutex (Josef Bacik) - nbd: don't update block size after device is started (Ming Lei) - time: Prevent undefined behaviour in timespec64_to_ns() (Zeng Tao) - mm: mempolicy: fix potential pte_unmap_unlock pte error (Shijie Luo) - ring-buffer: Fix recursion protection transitions between interrupt context (Steven Rostedt (VMware)) - regulator: defer probe when trying to get voltage from unresolved supply (Michal Miroslaw) - rds: Change return code from rds_send_xmit() when lock is taken (Hakon Bugge) [Orabug: 32852117] - rds: Fix unintended fall-through in rds_send_worker (Hakon Bugge) [Orabug: 32852117] - tcp: send in-queue bytes in cmsg upon read (Soheil Hassas Yeganeh) [Orabug: 32871463] [4.14.35-2047.504.0] - IB/ipoib: Improve latency in ipoib/cm connection formation (Manjunath Patil) [Orabug: 32853000] - x86/amd: Disable IBS on Rome processors due to erratum 1215 (Boris Ostrovsky) [Orabug: 32817187] - net/mlx5e: Rx, Fix checksum calculation for new hardware (Saeed Mahameed) [Orabug: 32553186] - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (Saeed Mahameed) [Orabug: 32553186] - net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames (Cong Wang) [Orabug: 32553186] - mlx5: fix get_ip_proto() (Cong Wang) [Orabug: 32553186] - net/mlx5e: Set ECN for received packets using CQE indication (Natali Shechtman) [Orabug: 32553186] - net/mlx5e: CHECKSUM_COMPLETE offload for VLAN/QinQ packets (Gal Pressman) [Orabug: 32553186] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-4788 CVE-2021-31916 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.202.5] - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907967] {CVE-2021-23133} {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols (Saeed Mirzamohammadi) [Orabug: 32883836] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32888143] - scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (James Smart) [Orabug: 32827840] [5.4.17-2102.202.4] - uek-rpm: Update missing configs as compared to OL8.4 RHCK (Saeed Mirzamohammadi) [Orabug: 32837542] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32867569] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32867569] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32867569] - uek-rpm: Remove hwcap directive and /etc/ld.so.conf.d/*.conf file (Victor Erminpour) [Orabug: 32816428] [5.4.17-2102.202.3] - LTS tag: v5.4.94 (Jack Vogel) - fs: fix lazytime expiration handling in __writeback_single_inode() (Eric Biggers) - writeback: Drop I_DIRTY_TIME_EXPIRE (Jan Kara) - dm integrity: conditionally disable 'recalculate' feature (Mikulas Patocka) - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions (Jean-Philippe Brucker) - SMB3.1.1: do not log warning message if server doesn't populate salt (Steve French) - arm64: mm: use single quantity to represent the PA to VA translation (Ard Biesheuvel) - tracing: Fix race in trace_open and buffer resize call (Gaurav Kohli) - io_uring: Fix current->fs handling in io_sq_wq_submit_work() (Nicolai Stange) - HID: wacom: Correct NULL dereference on AES pen proximity (Jason Gerecke) - Revert 'mm/slub: fix a memory leak in sysfs_slab_add()' (Wang Hai) - gpio: mvebu: fix pwm .get_state period calculation (Baruch Siach) - LTS tag: v5.4.93 (Jack Vogel) - tcp: fix TCP_USER_TIMEOUT with zero window (Enke Chen) - net: dsa: b53: fix an off by one in checking 'vlan->vid' (Dan Carpenter) - net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled (Tariq Toukan) - net: mscc: ocelot: allow offloading of bridge on top of LAG (Vladimir Oltean) - ipv6: set multicast flag on the multicast route (Matteo Croce) - net_sched: reject silly cell_log in qdisc_get_rtab() (Eric Dumazet) - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() (Eric Dumazet) - ipv6: create multicast route with RTPROT_KERNEL (Matteo Croce) - udp: mask TOS bits in udp_v4_early_demux() (Guillaume Nault) - kasan: fix incorrect arguments passing in kasan_add_zero_shadow (Lecopzer Chen) - kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow (Lecopzer Chen) - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too (Alexander Lobakin) - lightnvm: fix memory leak when submit fails (Pan Bian) - sh_eth: Fix power down vs. is_opened flag ordering (Geert Uytterhoeven) - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (Rasmus Villemoes) - sh: dma: fix kconfig dependency for G2_DMA (Necip Fazil Yildiran) - netfilter: rpfilter: mask ecn bits before fib lookup (Guillaume Nault) - x86/cpu/amd: Set __max_die_per_package on AMD (Yazen Ghannam) - pinctrl: ingenic: Fix JZ4760 support (Paul Cercueil) - driver core: Extend device_is_dependent() (Rafael J. Wysocki) - xhci: tegra: Delay for disabling LFPS detector (JC Kuo) - xhci: make sure TRB is fully written before giving it to the controller (Mathias Nyman) - usb: bdc: Make bdc pci driver depend on BROKEN (Patrik Jakobsson) - usb: udc: core: Use lock when write to soft_connect (Thinh Nguyen) - usb: gadget: aspeed: fix stop dma register setting. (Ryan Chen) - USB: ehci: fix an interrupt calltrace error (Longfang Liu) - ehci: fix EHCI host controller initialization sequence (Eugene Korenevsky) - serial: mvebu-uart: fix tx lost characters at power off (Pali Rohar) - stm class: Fix module init return on allocation failure (Wang Hui) - intel_th: pci: Add Alder Lake-P support (Alexander Shishkin) - x86/mmx: Use KFPU_387 for MMX string operations (Andy Lutomirski) - x86/topology: Make __max_die_per_package available unconditionally (Borislav Petkov) - x86/fpu: Add kernel_fpu_begin_mask() to selectively initialize state (Andy Lutomirski) - irqchip/mips-cpu: Set IPI domain parent chip (Mathias Kresin) - cifs: do not fail __smb_send_rqst if non-fatal signals are pending (Ronnie Sahlberg) - iio: ad5504: Fix setting power-down state (Lars-Peter Clausen) - can: peak_usb: fix use after free bugs (Vincent Mailhol) - can: vxcan: vxcan_xmit: fix use after free bug (Vincent Mailhol) - can: dev: can_restart: fix use after free bug (Vincent Mailhol) - selftests: net: fib_tests: remove duplicate log test (Hangbin Liu) - platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list (Hans de Goede) - i2c: octeon: check correct size of maximum RECV_LEN packet (Wolfram Sang) - powerpc: Fix alignment bug within the init sections (Ariel Marcovitch) - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression (Arnd Bergmann) - pinctrl: aspeed: g6: Fix PWMG0 pinctrl setting (Billy Tsai) - powerpc: Use the common INIT_DATA_SECTION macro in vmlinux.lds.S (Youling Tang) - drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 (Ben Skeggs) - drm/nouveau/mmu: fix vram heap sizing (Ben Skeggs) - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields (Ben Skeggs) - drm/nouveau/privring: ack interrupts the same way as RM (Ben Skeggs) - drm/nouveau/bios: fix issue shadowing expansion ROMs (Ben Skeggs) - drm/amd/display: Fix to be able to stop crc calculation (Wayne Lin) - drm/amdgpu/psp: fix psp gfx ctrl cmds (Victor Zhao) - riscv: defconfig: enable gpio support for HiFive Unleashed (Sagar Shrikant Kadam) - dts: phy: fix missing mdio device and probe failure of vsc8541-01 device (Sagar Shrikant Kadam) - x86/xen: Add xen_no_vector_callback option to test PCI INTX delivery (David Woodhouse) - xen: Fix event channel callback via INTX/GSI (David Woodhouse) - arm64: make atomic helpers __always_inline (Arnd Bergmann) - clk: tegra30: Add hda clock default rates to clock driver (Peter Geis) - HID: Ignore battery for Elan touchscreen on ASUS UX550 (Seth Miller) - HID: logitech-dj: add the G602 receiver (Filipe Lains) - riscv: Fix sifive serial driver (Damien Le Moal) - riscv: Fix kernel time_init() (Damien Le Moal) - scsi: sd: Suppress spurious errors when WRITE SAME is being disabled (Ewan D. Milne) - scsi: qedi: Correct max length of CHAP secret (Nilesh Javali) - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback (Can Guo) - dm integrity: select CRYPTO_SKCIPHER (Anthony Iliopoulos) - HID: multitouch: Enable multi-input for Synaptics pointstick/touchpad device (Kai-Heng Feng) - ASoC: Intel: haswell: Add missing pm_ops (Cezary Rojewski) - drm/i915/gt: Prevent use of engine->wa_ctx after error (Chris Wilson) - drm/syncobj: Fix use-after-free (Daniel Vetter) - drm/atomic: put state on error path (Pan Bian) - dm integrity: fix a crash if 'recalculate' used without 'internal_hash' (Mikulas Patocka) - dm: avoid filesystem lookup in dm_get_dev_t() (Hannes Reinecke) - mmc: sdhci-xenon: fix 1.8v regulator stabilization (Alex Leibovich) - mmc: core: don't initialize block size from ext_csd if not present (Peter Collingbourne) - btrfs: send: fix invalid clone operations when cloning from the same file and root (Filipe Manana) - btrfs: don't clear ret in btrfs_start_dirty_block_groups (Josef Bacik) - btrfs: fix lockdep splat in btrfs_recover_relocation (Josef Bacik) - btrfs: don't get an EINTR during drop_snapshot for reloc (Josef Bacik) - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error (Hans de Goede) - ALSA: hda/via: Add minimum mute flag (Takashi Iwai) - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info() (Takashi Iwai) - platform/x86: ideapad-laptop: Disable touchpad_switch for ELAN0634 (Jiaxun Yang) - platform/x86: i2c-multi-instantiate: Don't create platform device for INT3515 ACPI nodes (Heikki Krogerus) - i2c: bpmp-tegra: Ignore unknown I2C_M flags (Mikko Perttunen) - LTS tag: v5.4.92 (Jack Vogel) - spi: cadence: cache reference clock rate during probe (Michael Hennerich) - mac80211: check if atf has been disabled in __ieee80211_schedule_txq (Lorenzo Bianconi) - mac80211: do not drop tx nulldata packets on encrypted links (Felix Fietkau) - tipc: fix NULL deref in tipc_link_xmit() (Hoang Le) - net, sctp, filter: remap copy_from_user failure error (Daniel Borkmann) - rxrpc: Fix handling of an unsupported token type in rxrpc_read() (David Howells) - net: avoid 32 x truesize under-estimation for tiny skbs (Eric Dumazet) - net: sit: unregister_netdevice on newlink's error path (Jakub Kicinski) - net: stmmac: Fixed mtu channged by cache aligned (David Wu) - rxrpc: Call state should be read with READ_ONCE() under some circumstances (Baptiste Lepers) - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands (Petr Machata) - net: dcb: Validate netlink message in DCB handler (Petr Machata) - esp: avoid unneeded kmap_atomic call (Willem de Bruijn) - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request (Andrey Zhizhikin) - net: mvpp2: Remove Pause and Asym_Pause support (Stefan Chulski) - mlxsw: core: Increase critical threshold for ASIC thermal zone (Vadim Pasternak) - mlxsw: core: Add validation of transceiver temperature thresholds (Vadim Pasternak) - net: ipv6: Validate GSO SKB before finish IPv6 processing (Aya Levin) - netxen_nic: fix MSI/MSI-x interrupts (Manish Chopra) - udp: Prevent reuseport_select_sock from reading uninitialized socks (Baptiste Lepers) - bpf: Fix helper bpf_map_peek_elem_proto pointing to wrong callback (Mircea Cirjaliu) - bpf: Don't leak memory in bpf getsockopt when optlen == 0 (Stanislav Fomichev) - nfsd4: readdirplus shouldn't return parent of export (J. Bruce Fields) - spi: npcm-fiu: Disable clock in probe error path (Lukas Wunner) - spi: npcm-fiu: simplify the return expression of npcm_fiu_probe() (Qinglang Miao) - elfcore: fix building with clang (Arnd Bergmann) - xen/privcmd: allow fetching resource sizes (Roger Pau Monne) - compiler.h: Raise minimum version of GCC to 5.1 for arm64 (Will Deacon) - usb: ohci: Make distrust_firmware param default to false (Hamish Martin) - LTS tag: v5.4.91 (Jack Vogel) - netfilter: nft_compat: remove flush counter optimization (Florian Westphal) - netfilter: nf_nat: Fix memleak in nf_nat_init (Dinghao Liu) - netfilter: conntrack: fix reading nf_conntrack_buckets (Jesper Dangaard Brouer) - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() (Geert Uytterhoeven) - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (Geert Uytterhoeven) - dm: eliminate potential source of excessive kernel log noise (Mike Snitzer) - net: sunrpc: interpret the return value of kstrtou32 correctly (j.nixdorf@avm.de) - iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev() (Lu Baolu) - mm, slub: consider rest of partial list if acquire_slab() fails (Jann Horn) - drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence (Hans de Goede) - IB/mlx5: Fix error unwinding when set_has_smi_cap fails (Parav Pandit) - RDMA/mlx5: Fix wrong free of blue flame register on error (Mark Bloch) - bnxt_en: Improve stats context resource accounting with RDMA driver loaded. (Michael Chan) - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (Dinghao Liu) - RDMA/restrack: Don't treat as an error allocation ID wrapping (Leon Romanovsky) - ext4: fix superblock checksum failure when setting password salt (Jan Kara) - NFS: nfs_igrab_and_active must first reference the superblock (Trond Myklebust) - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter (Trond Myklebust) - pNFS: Stricter ordering of layoutget and layoutreturn (Trond Myklebust) - pNFS: Mark layout for return if return-on-close was not sent (Trond Myklebust) - pNFS: We want return-on-close to complete when evicting the inode (Trond Myklebust) - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock (Dave Wysochanski) - nvme-tcp: fix possible data corruption with bio merges (Sagi Grimberg) - ASoC: Intel: fix error code cnl_set_dsp_D0() (Dan Carpenter) - ASoC: meson: axg-tdmin: fix axg skew offset (Jerome Brunet) - ASoC: meson: axg-tdm-interface: fix loopback (Jerome Brunet) - dump_common_audit_data(): fix racy accesses to ->d_name (Al Viro) - perf intel-pt: Fix 'CPU too large' error (Adrian Hunter) - ARM: picoxcell: fix missing interrupt-parent properties (Arnd Bergmann) - drm/msm: Call msm_init_vram before binding the gpu (Craig Tatlor) - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI (Shawn Guo) - usb: typec: Fix copy paste error for NVIDIA alt-mode description (Peter Robinson) - drm/amdgpu: fix a GPU hang issue when remove device (Dennis Li) - nvmet-rdma: Fix list_del corruption on queue establishment failure (Israel Rukshin) - nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN (Gopal Tiwari) - selftests: fix the return value for UDP GRO test (Po-Hsu Lin) - net: ethernet: fs_enet: Add missing MODULE_LICENSE (Michael Ellerman) - misdn: dsp: select CONFIG_BITREVERSE (Arnd Bergmann) to fix build error on ARC (Randy Dunlap) - bfq: Fix computation of shallow depth (Jan Kara) - lib/raid6: Let rules work with macOS userland (John Millikin) - hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values (Uwe Kleine-Konig) - habanalabs: Fix memleak in hl_device_reset (Dinghao Liu) - habanalabs: register to pci shutdown callback (Oded Gabbay) - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (Rasmus Villemoes) - regulator: bd718x7: Add enable times (Guido Gunther) - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan (Filipe Manana) - netfilter: ipset: fixes possible oops in mtype_resize (Vasily Averin) - ARC: build: move symlink creation to arch/arc/Makefile to avoid race (Masahiro Yamada) - ARC: build: add boot_targets to PHONY (Masahiro Yamada) - ARC: build: add uImage.lzma to the top-level target (Masahiro Yamada) - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE (Masahiro Yamada) - dm integrity: fix flush with external metadata device (Mikulas Patocka) - cifs: fix interrupted close commands (Paulo Alcantara) - smb3: remove unused flag passed into close functions (Steve French) - ext4: don't leak old mountpoint samples (Theodore Ts'o) - ext4: fix bug for rename with RENAME_WHITEOUT (yangerkun) - drm/i915/backlight: fix CPU mode backlight takeover on LPT (Jani Nikula) - btrfs: tree-checker: check if chunk item end overflows (Su Yue) - r8152: Add Lenovo Powered USB-C Travel Hub (Leon Schuermann) - dm integrity: fix the maximum number of arguments (Mikulas Patocka) - dm snapshot: flush merged data before committing metadata (Akilesh Kailash) - dm raid: fix discard limits for raid1 (Mike Snitzer) - mm/hugetlb: fix potential missing huge page size info (Miaohe Lin) - ACPI: scan: Harden acpi_device_add() against device ID overflows (Dexuan Cui) - RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() (Tom Rix) - MIPS: relocatable: fix possible boot hangup with KASLR enabled (Alexander Lobakin) - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB (Paul Cercueil) - mips: lib: uncached: fix non-standard usage of variable 'sp' (Anders Roxell) - mips: fix Section mismatch in reference (Anders Roxell) - tracing/kprobes: Do the notrace functions check without kprobes on ftrace (Masami Hiramatsu) - x86/hyperv: check cpu mask after interrupt has been disabled (Wei Liu) - ASoC: dapm: remove widget from dirty list on free (Thomas Hebb) - btrfs: prevent NULL pointer dereference in extent_io_tree_panic (Su Yue) - kbuild: enforce -Werror=return-type (Olaf Hering) - IB/ipoib: Improve latency in ipoib/cm connection formation (Manjunath Patil) [Orabug: 32852998] [5.4.17-2102.202.2] - vfio/pci: restore remap elision logic in vfio_pci_mmap_fault() (Ankur Arora) [Orabug: 32478548] [5.4.17-2102.202.1] - LTS tag: v5.4.90 (Jack Vogel) - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() (Dan Carpenter) - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet (Vasily Averin) - block: fix use-after-free in disk_part_iter_next (Ming Lei) - KVM: arm64: Don't access PMCR_EL0 when no PMU is available (Marc Zyngier) - net: mvpp2: disable force link UP during port init procedure (Stefan Chulski) - regulator: qcom-rpmh-regulator: correct hfsmps515 definition (Dmitry Baryshkov) - wan: ds26522: select CONFIG_BITREVERSE (Arnd Bergmann) - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev (Xiaolei Wang) - net/mlx5e: Fix two double free cases (Dinghao Liu) - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (Dinghao Liu) - iommu/intel: Fix memleak in intel_irq_remapping_alloc (Dinghao Liu) - lightnvm: select CONFIG_CRC32 (Arnd Bergmann) - block: rsxx: select CONFIG_CRC32 (Arnd Bergmann) - wil6210: select CONFIG_CRC32 (Arnd Bergmann) - qed: select CONFIG_CRC32 (Arnd Bergmann) - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (Shravya Kumbham) - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe() (Shravya Kumbham) - dmaengine: xilinx_dma: check dma_async_device_register return value (Shravya Kumbham) - dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function (Christophe JAILLET) - i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated (Hans de Goede) - spi: stm32: FIFO threshold level - fix align packet size (Roman Guskov) - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() (Colin Ian King) - can: kvaser_pciefd: select CONFIG_CRC32 (Arnd Bergmann) - can: m_can: m_can_class_unregister(): remove erroneous m_can_clk_stop() (Marc Kleine-Budde) - can: tcan4x5x: fix bittiming const, use common bittiming from m_can driver (Marc Kleine-Budde) - dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() (Dan Carpenter) - i2c: sprd: use a specific timeout to avoid system hang up issue (Chunyan Zhang) - ARM: OMAP2+: omap_device: fix idling of devices during probe (Andreas Kemnade) - HID: wacom: Fix memory leakage caused by kfifo_alloc (Ping Cheng) - iio: imu: st_lsm6dsx: fix edge-trigger interrupts (Lorenzo Bianconi) - vmlinux.lds.h: Add PGO and AutoFDO input sections (Nick Desaulniers) - exfat: Month timestamp metadata accidentally incremented (Valdis Kletnieks) - x86/resctrl: Don't move a task to the same resource group (Fenghua Yu) - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (Fenghua Yu) - chtls: Fix chtls resources release sequence (Ayush Sawal) - chtls: Added a check to avoid NULL pointer dereference (Ayush Sawal) - chtls: Replace skb_dequeue with skb_peek (Ayush Sawal) - chtls: Fix panic when route to peer not configured (Ayush Sawal) - chtls: Remove invalid set_tcb call (Ayush Sawal) - chtls: Fix hardware tid leak (Ayush Sawal) - net/mlx5e: ethtool, Fix restriction of autoneg with 56G (Aya Levin) - net/mlx5: Use port_num 1 instead of 0 when delete a RoCE address (Mark Zhang) - net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (Aleksander Jan Bajkowski) - s390/qeth: fix L2 header access in qeth_l3_osa_features_check() (Julian Wiedmann) - nexthop: Unlink nexthop group entry in error path (Ido Schimmel) - nexthop: Fix off-by-one error in error path (Ido Schimmel) - octeontx2-af: fix memory leak of lmac and lmac->name (Colin Ian King) - net: ip: always refragment ip defragmented packets (Florian Westphal) - net: fix pmtu check in nopmtudisc mode (Florian Westphal) - tools: selftests: add test for changing routes with PTMU exceptions (Sean Tranchetti) - net: ipv6: fib: flush exceptions when purging route (Sean Tranchetti) - net/sonic: Fix some resource leaks in error handling paths (Christophe JAILLET) - net: vlan: avoid leaks on register_vlan_dev() failures (Jakub Kicinski) - net: stmmac: dwmac-sun8i: Balance internal PHY power (Samuel Holland) - net: stmmac: dwmac-sun8i: Balance internal PHY resource references (Samuel Holland) - net: hns3: fix a phy loopback fail issue (Yonglong Liu) - net: hns3: fix the number of queues actually used by ARQ (Yufeng Mo) - net: cdc_ncm: correct overhead in delayed_ndp_size (Jouni K. Seppanen) - vfio iommu: Add dma available capability (Matthew Rosato) - x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* (Jiri Slaby) - LTS tag: v5.4.89 (Jack Vogel) - scsi: target: Fix XCOPY NAA identifier lookup (David Disseldorp) {CVE-2020-28374} - KVM: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) - x86/mtrr: Correct the range check before performing MTRR type lookups (Ying-Tsun Huang) - netfilter: nft_dynset: report EOPNOTSUPP on missing set feature (Pablo Neira Ayuso) - netfilter: xt_RATEEST: reject non-null terminated string from userspace (Florian Westphal) - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (Vasily Averin) - netfilter: x_tables: Update remaining dereference to RCU (Subash Abhinov Kasiviswanathan) - drm/i915: clear the gpu reloc batch (Matthew Auld) - dmabuf: fix use-after-free of dmabuf's file->f_inode (Charan Teja Reddy) - Revert 'device property: Keep secondary firmware node secondary by type' (Bard Liao) - btrfs: send: fix wrong file path when there is an inode with a pending rmdir (Filipe Manana) - ALSA: hda/realtek: Add two 'Intel Reference board' SSID in the ALC256. (PeiSen Hou) - ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (Kai-Heng Feng) - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (Kailang Yang) - ALSA: hda/conexant: add a new hda codec CX11970 (bo liu) - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (Takashi Iwai) - kvm: check tlbs_dirty directly (Lai Jiangshan) - x86/mm: Fix leak of pmd ptlock (Dan Williams) - USB: serial: keyspan_pda: remove unused variable (Johan Hovold) - usb: gadget: configfs: Fix use-after-free issue with udc_name (Eddie Hung) - usb: gadget: configfs: Preserve function ordering after bind failure (Chandana Kishori Chiluveru) - usb: gadget: Fix spinlock lockup on usb_function_deactivate (Sriharsha Allenki) - USB: gadget: legacy: fix return error code in acm_ms_bind() (Yang Yingliang) - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (Manish Narani) - usb: gadget: function: printer: Fix a memory leak for interface descriptor (Zqiang) - usb: gadget: f_uac2: reset wMaxPacketSize (Jerome Brunet) - usb: gadget: select CONFIG_CRC32 (Arnd Bergmann) - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (Takashi Iwai) - USB: usblp: fix DMA to stack (Johan Hovold) - USB: yurex: fix control-URB timeout handling (Johan Hovold) - USB: serial: option: add Quectel EM160R-GL (Bjorn Mork) - USB: serial: option: add LongSung M5710 module support (Daniel Palmer) - USB: serial: iuu_phoenix: fix DMA from stack (Johan Hovold) - usb: uas: Add PNY USB Portable SSD to unusual_uas (Thinh Nguyen) - usb: usbip: vhci_hcd: protect shift size (Randy Dunlap) - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Michael Grzeschik) - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (Yu Kuai) - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (Serge Semin) - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). (Tetsuo Handa) - USB: cdc-acm: blacklist another IR Droid device (Sean Young) - usb: gadget: enable super speed plus (taehyun.cho) - staging: mt7621-dma: Fix a resource leak in an error handling path (Christophe JAILLET) - powerpc: Handle .text.{hot,unlikely}.* in linker script (Nathan Chancellor) - crypto: asym_tpm: correct zero out potential secrets (Greg Kroah-Hartman) - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (Ard Biesheuvel) - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close (Hans de Goede) - kbuild: don't hardcode depmod path (Dominique Martinet) - net/sched: sch_taprio: ensure to reset/destroy all child qdiscs (Davide Caratti) - ionic: account for vlan tag len in rx buffer len (Shannon Nelson) - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (Yunjian Wang) - net: usb: qmi_wwan: add Quectel EM160R-GL (Bjorn Mork) - CDC-NCM: remove 'connected' log message (Roland Dreier) - net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (Martin Blumenstingl) - net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs (Martin Blumenstingl) - r8169: work around power-saving bug on some chip versions (Heiner Kallweit) - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (Xie He) - erspan: fix version 1 check in gre_parse_header() (Cong Wang) - net: hns: fix return value check in __lb_other_process() (Yunjian Wang) - net: sched: prevent invalid Scell_log shift count (Randy Dunlap) - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (Guillaume Nault) - net: mvpp2: fix pkt coalescing int-threshold configuration (Stefan Chulski) - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (Yunjian Wang) - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (Grygorii Strashko) - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc (Antoine Tenart) - net-sysfs: take the rtnl lock when storing xps_rxqs (Antoine Tenart) - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) - net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) - net: ethernet: Fix memleak in ethoc_probe (Dinghao Liu) - net/ncsi: Use real net-device for response handler (John Wang) - virtio_net: Fix recursive call to cpus_read_lock() (Jeff Dike) - qede: fix offload for IPIP tunnel packets (Manish Chopra) - net: ethernet: mvneta: Fix error handling in mvneta_probe (Dinghao Liu) - ibmvnic: continue fatal error reset after passive init (Lijun Pan) - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (Stefan Chulski) - atm: idt77252: call pci_disable_device() on error path (Dan Carpenter) - ethernet: ucc_geth: set dev->max_mtu to 1518 (Rasmus Villemoes) - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (Rasmus Villemoes) - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (Florian Fainelli) - net: mvpp2: prs: fix PPPoE with ipv6 packet parse (Stefan Chulski) - net: mvpp2: Add TCAM entry to drop flow control pause frames (Stefan Chulski) - iavf: fix double-release of rtnl_lock (Jakub Kicinski) - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (Sylwester Dziedziuch) - proc: fix lookup in /proc/net subdirectories after setns(2) (Alexey Dobriyan) - proc: change ->nlink under proc_subdir_lock (Alexey Dobriyan) - depmod: handle the case of /sbin/depmod without /sbin in PATH (Linus Torvalds) - lib/genalloc: fix the overflow when size is too big (Huang Shijie) - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands (Bart Van Assche) - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (Bart Van Assche) - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (Adrian Hunter) - scsi: ufs: Fix wrong print message in dev_err() (Bean Huo) - workqueue: Kick a worker based on the actual activation of delayed works (Yunfeng Ye) - LTS tag: v5.4.88 (Jack Vogel) - exec: Transform exec_update_mutex into a rw_semaphore (Eric W. Biederman) - rwsem: Implement down_read_interruptible (Eric W. Biederman) - rwsem: Implement down_read_killable_nested (Eric W. Biederman) - perf: Break deadlock involving exec_update_mutex (peterz@infradead.org) - iio:imu:bmi160: Fix alignment and data leak issues (Jonathan Cameron) - kdev_t: always inline major/minor helper functions (Josh Poimboeuf) - dmaengine: at_hdmac: add missing kfree() call in at_dma_xlate() (Yu Kuai) - dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate() (Yu Kuai) - dmaengine: at_hdmac: Substitute kzalloc with kmalloc (Tudor Ambarus) - Revert 'mtd: spinand: Fix OOB read' (Felix Fietkau) - Revert 'drm/amd/display: Fix memory leaks in S3 resume' (Alex Deucher) - LTS tag: v5.4.87 (Jack Vogel) - dm verity: skip verity work if I/O error when system is shutting down (Hyeongseok Kim) - ALSA: pcm: Clear the full allocated memory at hw_params (Takashi Iwai) - tick/sched: Remove bogus boot 'safety' check (Thomas Gleixner) - um: ubd: Submit all data segments atomically (Gabriel Krisman Bertazi) - fs/namespace.c: WARN if mnt_count has become negative (Eric Biggers) - module: delay kobject uevent until after module init call (Jessica Yu) - f2fs: avoid race condition for shrinker count (Jaegeuk Kim) - NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode (Trond Myklebust) - i3c master: fix missing destroy_workqueue() on error in i3c_master_register (Qinglang Miao) - powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (Qinglang Miao) - rtc: pl031: fix resource leak in pl031_probe (Zheng Liang) - quota: Don't overflow quota file offsets (Jan Kara) - module: set MODULE_STATE_GOING state when a module fails to load (Miroslav Benes) - rtc: sun6i: Fix memleak in sun6i_rtc_clk_init (Dinghao Liu) - fcntl: Fix potential deadlock in send_sig{io, urg}() (Boqun Feng) - bfs: don't use WARNING: string when it's just info. (Randy Dunlap) - ALSA: rawmidi: Access runtime->avail always in spinlock (Takashi Iwai) - ALSA: seq: Use bool for snd_seq_queue internal flags (Takashi Iwai) - f2fs: fix shift-out-of-bounds in sanity_check_raw_super() (Chao Yu) - media: gp8psk: initialize stats at power control logic (Mauro Carvalho Chehab) - misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() (Anant Thazhemadam) - reiserfs: add check for an invalid ih_entry_count (Rustam Kovhaev) - Bluetooth: hci_h5: close serdev device and free hu in h5_close (Anant Thazhemadam) - scsi: cxgb4i: Fix TLS dependency (Randy Dunlap) - cgroup: Fix memory leak when parsing multiple source parameters (Qinglang Miao) - of: fix linker-section match-table corruption (Johan Hovold) - null_blk: Fix zone size initialization (Damien Le Moal) - tools headers UAPI: Sync linux/const.h with the kernel headers (Arnaldo Carvalho de Melo) (Petr Vorel) - scsi: block: Fix a race in the runtime power management code (Bart Van Assche) - jffs2: Fix NULL pointer dereference in rp_size fs option parsing (Jamie Iles) - jffs2: Allow setting rp_size to zero during remounting (lizhe) - powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (Christophe Leroy) - KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Paolo Bonzini) - KVM: x86: avoid incorrect writes to host MSR_IA32_SPEC_CTRL (Paolo Bonzini) - ext4: don't remount read-only with errors=continue on reboot (Jan Kara) - btrfs: fix race when defragmenting leads to unnecessary IO (Filipe Manana) - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() (Eric Auger) - fscrypt: remove kernel-internal constants from UAPI header (Eric Biggers) - fscrypt: add fscrypt_is_nokey_name() (Eric Biggers) - f2fs: prevent creating duplicate encrypted filenames (Eric Biggers) - ubifs: prevent creating duplicate encrypted filenames (Eric Biggers) - ext4: prevent creating duplicate encrypted filenames (Eric Biggers) - thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has changed (Zhuguangqing) - md/raid10: initialize r10_bio->read_slot before use. (Kevin Vigor) - net/sched: sch_taprio: reset child qdiscs before freeing them (Davide Caratti) - uek/ol/config-aarch64: Update uek6 kernel with RPI IOT configs (Vijay Kumar) [Orabug: 32833361] - dts/bcm2711: set gpio6 to level=0 and pull=down (Vijay Kumar) [Orabug: 32833361] - dts: bcm283x: Fix vc4's firmware bus DMA limitations (Nicolas Saenz Julienne) [Orabug: 32833361] - uek6/config-aarch64-rpi: Enable CONFIG_RTC_DRV_ABEOZ9 (Vijay Kumar) [Orabug: 32833361] - rtc/ab-eoz9: Add support for ABEOA9 SPI chip (Vijay Kumar) [Orabug: 32833361] - rtc: abracon: add abeoa9 device id (Tom Saeger) [Orabug: 32833361] - arm64/dts/bcm2711: Set SPI_CE0_N to output for GPIO8 (Vijay Kumar) [Orabug: 32833361] - uek-rpm/ol8: Build rpi kernel (Tom Saeger) [Orabug: 32833361] - uek-rpm: add rpi specific config (Tom Saeger) [Orabug: 32833361] - firmware/raspberrypi: Notify firmware of a reboot (Phil Elwell) [Orabug: 32833361] - firmware: raspberrypi: Report the fw variant during probe (Dave Stevenson) [Orabug: 32833361] - raspberrypi-firmware: Export the general transaction function. (Eric Anholt) [Orabug: 32833361] - firmware: bcm2835: Support ARCH_BCM270x (Noralf Tronnes) [Orabug: 32833361] - Add NO_WAIT_RESP flag (Phil Elwell) [Orabug: 32833361] - bcm2835-dma: Add proper 40-bit DMA support (Phil Elwell) [Orabug: 32833361] - dmaengine: Add support for BCM2708 (Florian Meier) [Orabug: 32833361] - dmaengine: bcm2835: Load driver early and support legacy API (Noralf Tronnes) [Orabug: 32833361] - RPi: char: broadcom: Add vcio module (Noralf Tronnes) [Orabug: 32833361] - RPi: Add /dev/gpiomem device for rootless user GPIO access (Luke Wren) [Orabug: 32833361] - RPi: vcsm: VideoCore shared memory service for BCM2835 (Tim Gover) [Orabug: 32833361] - RPi: vc_mem: Add vc_mem driver for querying firmware memory addresses (popcornmix) [Orabug: 32833361] - RPi4/dts: set alias for i2c device (Vijay Kumar) [Orabug: 32833361] - dts: Enable i2c4 for RPi4 (Vijay Kumar) [Orabug: 32833361] - RPi:dts/bcm2711: Enable pwm for RPi4 board (Vijay Kumar) [Orabug: 32833361] - RPi: transplant rpi_backlight to it's expected place (Andrew Thomas) [Orabug: 32833361] - RPi: pinctrl-bcm2835: Set base to 0 for BCM2711 (Andrew Thomas) [Orabug: 32833361] - RPi: pinctrl-bcm2835: Set base to 0 give expected gpio numbering (notro) [Orabug: 32833361] - RPi: spidev: add rpi4 spidev0 (Tom Saeger) [Orabug: 32833361] - RPi: dts: rpi4 add gpiomem (Tom Saeger) [Orabug: 32833361] - RPi: dts: enable rpi4 touchscreen, i2c, and spi (Tom Saeger) [Orabug: 32833361] - RPi: rpi_display: add backlight driver and overlay (P33M) [Orabug: 32833361] - HID: quirks: Add quirk for Lenovo optical mouse (Saeed Mirzamohammadi) [Orabug: 32820273] - x86/amd: Disable IBS on Rome processors due to erratum 1215 (Boris Ostrovsky) [Orabug: 32817184] - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (Kan Liang) [Orabug: 32806848] [5.4.17-2102.202.0] - LTS tag: v5.4.86 (Jack Vogel) - x86/CPU/AMD: Save AMD NodeId as cpu_die_id (Yazen Ghannam) - Revert: 'ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS' (Steven Rostedt (VMware)) - rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time (Nikita Shubin) - regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x (DingHua Ma) - PCI: Fix pci_slot_release() NULL pointer dereference (Jubin Zhong) - platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 (Carlos Garnacho) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels (Dan Williams) - xen/xenbus: Count pending messages for each watch (SeongJae Park) - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) - dma-buf/dma-resv: Respect num_fences when initializing the shared fence list. (Maarten Lankhorst) - device-dax/core: Fix memory leak when rmmod dax.ko (Wang Hai) - clk: tegra: Do not return 0 on failure (Nicolin Chen) - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (Terry Zhou) - clk: ingenic: Fix divider calculation with div tables (Paul Cercueil) - pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler (Yangtao Li) - md/cluster: fix deadlock when node is doing resync job (Zhao Heming) - md/cluster: block reshape with remote resync job (Zhao Heming) - iio:adc:ti-ads124s08: Fix alignment and data leak issues. (Jonathan Cameron) - iio:adc:ti-ads124s08: Fix buffer being too long. (Jonathan Cameron) - iio:imu:bmi160: Fix too large a buffer. (Jonathan Cameron) - iio:pressure:mpl3115: Force alignment of buffer (Jonathan Cameron) - iio:magnetometer:mag3110: Fix alignment and data leak issues. (Jonathan Cameron) - iio:light:st_uvis25: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio:light:rpr0521: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (Qinglang Miao) - iio: buffer: Fix demux update (Nuno Sa) - scsi: qla2xxx: Fix crash during driver load on big endian machines (Arun Easi) - mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments (Sergei Antonov) - mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read (Praveenkumar I) - mtd: parser: cmdline: Fix parsing of part-names with colons (Sven Eckelmann) - mtd: spinand: Fix OOB read (Miquel Raynal) - soc: qcom: smp2p: Safely acquire spinlock without IRQs (Evan Green) - spi: atmel-quadspi: Fix AHB memory accesses (Tudor Ambarus) - spi: atmel-quadspi: Disable clock in probe error path (Lukas Wunner) - spi: mt7621: Don't leak SPI master in probe error path (Lukas Wunner) - spi: mt7621: Disable clock in probe error path (Lukas Wunner) - spi: synquacer: Disable clock in probe error path (Lukas Wunner) - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (Lukas Wunner) - spi: sc18is602: Don't leak SPI master in probe error path (Lukas Wunner) - spi: rb4xx: Don't leak SPI master in probe error path (Lukas Wunner) - spi: pic32: Don't leak DMA channels in probe error path (Lukas Wunner) - spi: mxic: Don't leak SPI master in probe error path (Lukas Wunner) - spi: gpio: Don't leak SPI master in probe error path (Lukas Wunner) - spi: fsl: fix use of spisel_boot signal on MPC8309 (Rasmus Villemoes) - spi: davinci: Fix use-after-free on unbind (Lukas Wunner) - spi: atmel-quadspi: Fix use-after-free on unbind (Lukas Wunner) - spi: spi-sh: Fix use-after-free on unbind (Lukas Wunner) - spi: pxa2xx: Fix use-after-free on unbind (Lukas Wunner) - drm/i915: Fix mismatch between misplaced vma check and vma insert (Chris Wilson) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (Zwane Mwaikambo) - drm/amd/display: Fix memory leaks in S3 resume (Stylon Wang) - platform/x86: mlx-platform: remove an unused variable (Arnd Bergmann) - jfs: Fix array index bounds check in dbAdjTree (Dave Kleikamp) - jffs2: Fix ignoring mounting options problem during remounting (lizhe) - jffs2: Fix GC exit abnormally (Zhe Li) - ubifs: wbuf: Don't leak kernel memory to flash (Richard Weinberger) - SMB3: avoid confusing warning message on mount to Azure (Steve French) - ceph: fix race in concurrent __ceph_remove_cap invocations (Luis Henriques) - um: Remove use of asprinf in umid.c (Anton Ivanov) - ima: Don't modify file descriptor mode on the fly (Roberto Sassu) - powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently (David Hildenbrand) - powerpc/powernv/memtrace: Don't leak kernel memory to user space (David Hildenbrand) - powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU (Alexey Kardashevskiy) - powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (Christophe Leroy) - powerpc/8xx: Fix early debug when SMC1 is relocated (Christophe Leroy) - powerpc/xmon: Change printk() to pr_cont() (Christophe Leroy) - powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE (Christophe Leroy) - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter (Tyrel Datwyler) - powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (Mathieu Desnoyers) - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (Chuck Lever) - ARM: dts: at91: sama5d2: fix CAN message ram offset and size (Nicolas Ferre) - ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES (H. Nikolaus Schaller) - KVM: arm64: Introduce handling of AArch32 TTBCR2 traps (Marc Zyngier) - ext4: fix deadlock with fs freezing and EA inodes (Jan Kara) - ext4: fix a memory leak of ext4_free_data (Chunguang Xu) - btrfs: trim: fix underflow in trim length to prevent access beyond device boundary (Qu Wenruo) - btrfs: do not shorten unpin len for caching block groups (Josef Bacik) - USB: serial: keyspan_pda: fix write unthrottling (Johan Hovold) - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix write-wakeup use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix stalled writes (Johan Hovold) - USB: serial: keyspan_pda: fix write deadlock (Johan Hovold) - USB: serial: keyspan_pda: fix dropped unthrottle interrupts (Johan Hovold) - USB: serial: digi_acceleport: fix write-wakeup deadlocks (Johan Hovold) - USB: serial: mos7720: fix parallel-port state restore (Johan Hovold) - EDAC/amd64: Fix PCI component registration (Borislav Petkov) - EDAC/i10nm: Use readl() to access MMIO registers (Qiuxu Zhuo) - crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata (Ard Biesheuvel) - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (Ard Biesheuvel) - powerpc/perf: Exclude kernel samples while counting events in user space. (Athira Rajeev) - perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake (Kan Liang) - perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY (Kan Liang) - staging: comedi: mf6x4: Fix AI end-of-conversion detection (Ian Abbott) - ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (Takashi Iwai) - binder: add flag to clear buffer on txn complete (Todd Kjos) - s390/dasd: fix list corruption of lcu list (Stefan Haberland) - s390/dasd: fix list corruption of pavgroup group list (Stefan Haberland) - s390/dasd: prevent inconsistent LCU device data (Stefan Haberland) - s390/dasd: fix hanging device offline processing (Stefan Haberland) - s390/kexec_file: fix diag308 subcode when loading crash kernel (Philipp Rudo) - s390/smp: perform initial CPU reset also for SMT siblings (Sven Schnelle) - ALSA: core: memalloc: add page alignment for iram (Robin Gong) - ALSA: usb-audio: Disable sample read check if firmware doesn't give back (Takashi Iwai) - ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices (Amadej Kastelic) - ALSA: hda/realtek: Apply jack fixup for Quanta NL3 (Chris Chiu) - ALSA: hda/realtek: Add quirk for MSI-GP73 (Takashi Iwai) - ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G (Chris Chiu) - ALSA: pcm: oss: Fix a few more UBSAN fixes (Takashi Iwai) - ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button (Kailang Yang) - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (Chris Chiu) - ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 (Chris Chiu) - ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop (Hui Wang) - ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg. (Connor McAdams) - ALSA: hda: Fix regressions on clear and reconfig sysfs (Takashi Iwai) - ACPI: PNP: compare the string length in the matching_id() (Hui Wang) - Revert 'ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks' (Daniel Scally) - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() (Rafael J. Wysocki) - ALSA: hda/ca0132 - Change Input Source enum strings. (Connor McAdams) - Input: cyapa_gen6 - fix out-of-bounds stack access (Arnd Bergmann) - media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE (Sakari Ailus) - media: ipu3-cio2: Validate mbus format in setting subdev format (Sakari Ailus) - media: ipu3-cio2: Serialise access to pad format (Sakari Ailus) - media: ipu3-cio2: Return actual subdev format (Sakari Ailus) - media: ipu3-cio2: Remove traces of returned buffers (Sakari Ailus) - media: netup_unidvb: Don't leak SPI master in probe error path (Lukas Wunner) - media: sunxi-cir: ensure IR is handled when it is continuous (Sean Young) - media: gspca: Fix memory leak in probe (Alan Stern) - vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU (Alexey Kardashevskiy) - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (Simon Beginn) - initramfs: fix clang build failure (Arnd Bergmann) - Input: cros_ec_keyb - send 'scancodes' in addition to key events (Dmitry Torokhov) - drm/amdkfd: Fix leak in dmabuf import (Felix Kuehling) - drm/amd/display: Prevent bandwidth overflow (Chris Park) - lwt: Disable BH too in run_lwt_bpf() (Dongdong Wang) - fix namespaced fscaps when !CONFIG_SECURITY (Serge Hallyn) - cfg80211: initialize rekey_data (Sara Sharon) - ARM: sunxi: Add machine match for the Allwinner V3 SoC (Paul Kocialkowski) - perf probe: Fix memory leak when synthesizing SDT probes (Arnaldo Carvalho de Melo) - kconfig: fix return value of do_error_if() (Masahiro Yamada) - clk: sunxi-ng: Make sure divider tables have sentinel (Jernej Skrabec) - clk: s2mps11: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - clk: at91: sam9x60: remove atmel,osc-bypass support (Alexandre Belloni) - virtio_ring: Fix two use after free bugs (Dan Carpenter) - virtio_net: Fix error code in probe() (Dan Carpenter) - virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed() (Dan Carpenter) - qlcnic: Fix error code in probe (Dan Carpenter) - perf record: Fix memory leak when using '--user-regs=?' to list registers (Zheng Zengkai) - pwm: lp3943: Dynamically allocate PWM chip base (Lokesh Vutla) - pwm: zx: Add missing cleanup in error path (Uwe Kleine-Konig) - clk: ti: Fix memleak in ti_fapll_synth_setup (Zhang Qilong) - watchdog: coh901327: add COMMON_CLK dependency (Arnd Bergmann) - watchdog: qcom: Avoid context switch in restart handler (Manivannan Sadhasivam) - libnvdimm/label: Return -ENXIO for no slot in __blk_label_update (Zhang Qilong) - net: korina: fix return value (Vincent Stehle) - net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (Christophe JAILLET) - net: bcmgenet: Fix a resource leak in an error handling path in the probe functin (Christophe JAILLET) - lan743x: fix rx_napi_poll/interrupt ping-pong (Sven Van Asbroeck) - checkpatch: fix unescaped left brace (Dwaipayan Ray) - mm: don't wake kswapd prematurely when watermark boosting is disabled (Johannes Weiner) - sparc: fix handling of page table constructor failure (Matthew Wilcox (Oracle)) - powerpc/ps3: use dma_mapping_error() (Vincent Stehle) - nfc: s3fwrn5: Release the nfc firmware (Bongsu Jeon) - RDMA/cma: Don't overwrite sgid_attr after device is released (Leon Romanovsky) - sunrpc: fix xs_read_xdr_buf for partial pages receive (Dan Aloni) - um: chan_xterm: Fix fd leak (Anton Ivanov) - um: tty: Fix handling of close in tty lines (Anton Ivanov) - um: Monitor error events in IRQ controller (Anton Ivanov) - ubifs: Fix error return code in ubifs_init_authentication() (Wang ShaoBo) - watchdog: Fix potential dereferencing of null pointer (Wang Wensheng) - watchdog: sprd: check busy bit before new loading rather than after that (Lingling Xu) - watchdog: sprd: remove watchdog disable from resume fail path (Lingling Xu) - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (Guenter Roeck) - watchdog: armada_37xx: Add missing dependency on HAS_IOMEM (Guenter Roeck) - irqchip/alpine-msi: Fix freeing of interrupts on allocation error path (Marc Zyngier) - ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (Dan Carpenter) - mac80211: don't set set TDLS STA bandwidth wider than possible (Johannes Berg) - crypto: atmel-i2c - select CONFIG_BITREVERSE (Arnd Bergmann) - extcon: max77693: Fix modalias string (Marek Szyprowski) - mtd: rawnand: gpmi: Fix the random DMA timeout issue (Han Xu) - mtd: rawnand: meson: Fix a resource leak in init (Dan Carpenter) - mtd: rawnand: gpmi: fix reference count leak in gpmi ops (Zhang Qilong) - clk: tegra: Fix duplicated SE clock entry (Dmitry Osipenko) - remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() (Zhang Changzhong) - remoteproc: qcom: fix reference leak in adsp_start (Zhang Qilong) - remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable (Zhang Qilong) - RDMA/core: Do not indicate device ready when device enablement fails (Jack Morgenstein) - can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit (Sean Nyekjaer) - erofs: avoid using generic_block_bmap (Huang Jianan) - iwlwifi: mvm: hook up missing RX handlers (Johannes Berg) - s390/cio: fix use-after-free in ccw_device_destroy_console (Qinglang Miao) - bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (Zhang Changzhong) - platform/chrome: cros_ec_spi: Don't overwrite spi::mode (Stephen Boyd) - x86/kprobes: Restore BTF if the single-stepping is cancelled (Masami Hiramatsu) - nfs_common: need lock during iterate through the list (Cheng Lin) - nfsd: Fix message level for normal termination (kazuo ito) - speakup: fix uninitialized flush_lock (Yang Yingliang) - usb: oxu210hp-hcd: Fix memory leak in oxu_create (Zhang Qilong) - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (Zhang Qilong) - powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S (Christophe Leroy) - ASoC: amd: change clk_get() to devm_clk_get() and add missed checks (Chuhong Yuan) - drm/mediatek: avoid dereferencing a null hdmi_phy on an error message (Colin Ian King) - powerpc/pseries/hibernation: remove redundant cacheinfo update (Nathan Lynch) - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops (Nathan Lynch) - platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (Vadim Pasternak) - scsi: fnic: Fix error return code in fnic_probe() (Zhang Changzhong) - seq_buf: Avoid type mismatch for seq_buf_init (Arnd Bergmann) - scsi: pm80xx: Fix error return in pm8001_pci_probe() (Zhang Qilong) - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe (Qinglang Miao) - arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements (Stefan Agner) - ARM: dts: meson: fix PHY deassert timing requirements (Stefan Agner) - arm64: dts: meson: fix PHY deassert timing requirements (Stefan Agner) - Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware() (Jing Xiangfeng) - Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware() (Jing Xiangfeng) - cpufreq: scpi: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: loongson1: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: st: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: qcom: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: ap806: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (Keqian Zhu) - clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne (Keqian Zhu) - phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure (Wang Li) - dm ioctl: fix error return code in target_message (Qinglang Miao) - ASoC: jz4740-i2s: add missed checks for clk_get() (Chuhong Yuan) - net/mlx5: Properly convey driver version to firmware (Leon Romanovsky) - MIPS: Don't round up kernel sections size for memblock_add() (Alexander Sverdlin) - memstick: r592: Fix error return in r592_probe() (Jing Xiangfeng) - arm64: dts: rockchip: Fix UART pull-ups on rk3328 (Chen-Yu Tsai) - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (Yu Kuai) - bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address() (Andrii Nakryiko) - ARM: dts: at91: sama5d2: map securam as device (Claudiu Beznea) - iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context (Lars-Peter Clausen) - clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (Yu Kuai) - clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path (Yang Yingliang) - powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S (Jordan Niethe) - powerpc/perf: Fix crash with is_sier_available when pmu is not set (Athira Rajeev) - media: saa7146: fix array overflow in vidioc_s_audio() (Dan Carpenter) - hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable (Zhang Qilong) - vfio-pci: Use io_remap_pfn_range() for PCI IO memory (Jason Gunthorpe) - selftests/seccomp: Update kernel config (Mickael Salaun) - NFS: switch nfsiod to be an UNBOUND workqueue. (NeilBrown) - net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs' (Fedor Tokarev) - NFSv4: Fix the alignment of page data in the getdeviceinfo reply (Trond Myklebust) - SUNRPC: xprt_load_transport() needs to support the netid 'rdma6' (Trond Myklebust) - NFSv4.2: condition READDIR's mask for security label based on LSM state (Olga Kornievskaia) - SUNRPC: rpc_wake_up() should wake up tasks in the correct order (Trond Myklebust) - ath10k: Release some resources in an error handling path (Christophe JAILLET) - ath10k: Fix an error handling path (Christophe JAILLET) - ath10k: Fix the parsing error in service available event (Rakesh Pillai) - platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (Qinglang Miao) - ARM: dts: at91: at91sam9rl: fix ADC triggers (Alexandre Belloni) - soc: amlogic: canvas: add missing put_device() call in meson_canvas_get() (Yu Kuai) - arm64: dts: meson-sm1: fix typo in opp table (Dongjin Kim) - arm64: dts: meson: fix spi-max-frequency on Khadas VIM2 (Artem Lapkin) - PCI: iproc: Fix out-of-bound array accesses (Bharat Gooty) - PCI: Fix overflow in command-line resource alignment requests (Colin Ian King) - PCI: Bounds-check command-line resource alignment requests (Bjorn Helgaas) - arm64: dts: qcom: c630: Polish i2c-hid devices (Bjorn Andersson) - arm64: dts: ls1028a: fix ENETC PTP clock input (Michael Walle) - genirq/irqdomain: Don't try to free an interrupt that has no mapping (Marc Zyngier) - power: supply: bq24190_charger: fix reference leak (Zhang Qilong) - power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching (Hans de Goede) - arm64: dts: rockchip: Set dr_mode to 'host' for OTG on rk3328-roc-cc (Chen-Yu Tsai) - arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name (Marek Behun) - ARM: dts: Remove non-existent i2c1 from 98dx3236 (Chris Packham) - HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() (Jing Xiangfeng) - slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI (Bjorn Andersson) - media: max2175: fix max2175_set_csm_mode() error code (Dan Carpenter) - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover (Qinglang Miao) - media: imx214: Fix stop streaming (Daniel Gomez) - samples: bpf: Fix lwt_len_hist reusing previous BPF map (Daniel T. Lee) - platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (Vadim Pasternak) - platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (Vadim Pasternak) - media: siano: fix memory leak of debugfs members in smsdvb_hotplug (Keita Suzuki) - arm64: tegra: Fix DT binding for IO High Voltage entry (Vidya Sagar) - dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() (Zhihao Cheng) - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (Qinglang Miao) - rsi: fix error return code in rsi_reset_card() (Zhang Changzhong) - qtnfmac: fix error return code in qtnf_pcie_probe() (Wang Hai) - orinoco: Move context allocation after processing the skb (Sebastian Andrzej Siewior) - mmc: pxamci: Fix error return code in pxamci_probe (Zhihao Cheng) - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (Cristian Birsan) - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (Cristian Birsan) - memstick: fix a double-free bug in memstick_check (Qinglang Miao) - RDMA/cxgb4: Validate the number of CQEs (Kamal Heib) - clk: meson: Kconfig: fix dependency for G12A (Kevin Hilman) - Input: omap4-keypad - fix runtime PM error handling (Zhang Qilong) - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (Zhihao Cheng) - soc: ti: Fix reference imbalance in knav_dma_probe (Zhang Qilong) - soc: ti: knav_qmss: fix reference leak in knav_queue_probe (Zhang Qilong) - spi: fix resource leak for drivers without .remove callback (Uwe Kleine-Konig) - crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (Zhang Qilong) - crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd (Nathan Chancellor) - EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId (Yazen Ghannam) - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 (Christophe Leroy) - powerpc: Avoid broken GCC __attribute__((optimize)) (Ard Biesheuvel) - selftests/bpf: Fix broken riscv build (Bjorn Topel) - spi: mxs: fix reference leak in mxs_spi_probe (Zhang Qilong) - usb/max3421: fix return error code in max3421_probe() (Yang Yingliang) - Input: ads7846 - fix unaligned access on 7845 (Dmitry Torokhov) - Input: ads7846 - fix integer overflow on Rt calculation (Oleksij Rempel) - Input: ads7846 - fix race that causes missing releases (David Jander) - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (Yang Yingliang) - video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init() (Yang Yingliang) - media: solo6x10: fix missing snd_card_free in error handling case (Qinglang Miao) - scsi: core: Fix VPD LUN ID designator priorities (Martin Wilck) - ASoC: meson: fix COMPILE_TEST error (Jerome Brunet) - media: v4l2-fwnode: Return -EINVAL for invalid bus-type (Lad Prabhakar) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm() (Yu Kuai) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (Yu Kuai) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm() (Yu Kuai) - media: tm6000: Fix sizeof() mismatches (Colin Ian King) - staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c (Jing Xiangfeng) - staging: greybus: codecs: Fix reference counter leak in error handling (Zhang Qilong) - crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (Jack Xu) - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA (Necip Fazil Yildiran) - RDMa/mthca: Work around -Wenum-conversion warning (Arnd Bergmann) - ASoC: arizona: Fix a wrong free in wm8997_probe (Zhang Qilong) - spi: sprd: fix reference leak in sprd_spi_remove (Zhang Qilong) - ASoC: wm8998: Fix PM disable depth imbalance on error (Zhang Qilong) - selftest/bpf: Add missed ip6ip6 test back (Hangbin Liu) - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (Tsuchiya Yuto) - spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (Qinglang Miao) - spi: tegra114: fix reference leak in tegra spi ops (Zhang Qilong) - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (Zhang Qilong) - spi: tegra20-slink: fix reference leak in slink ops of tegra20 (Zhang Qilong) - spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe (Qinglang Miao) - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (Zhang Qilong) - Bluetooth: hci_h5: fix memory leak in h5_close (Anant Thazhemadam) - Bluetooth: Fix null pointer dereference in hci_event_packet() (Anmol Karn) - arm64: dts: exynos: Correct psci compatible used on Exynos7 (Pawel Chmiel) - arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7 (Pawel Chmiel) - brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free} (Seung-Woo Kim) - spi: stm32: fix reference leak in stm32_spi_resume (Zhang Qilong) - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling (Paul Moore) - ASoC: pcm: DRAIN support reactivation (Cezary Rojewski) - spi: spi-mem: fix reference leak in spi_mem_access_start (Zhang Qilong) - drm/msm/dsi_pll_10nm: restore VCO rate during restore_state (Dmitry Baryshkov) - f2fs: call f2fs_get_meta_page_retry for nat page (Jaegeuk Kim) - spi: img-spfi: fix reference leak in img_spfi_resume (Zhang Qilong) - powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (Jordan Niethe) - drm/amdgpu: fix build_coefficients() argument (Arnd Bergmann) - ARM: dts: aspeed: tiogapass: Remove vuart (Vijay Khemka) - ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode (Clement Peron) - crypto: inside-secure - Fix sizeof() mismatch (Colin Ian King) - crypto: talitos - Fix return type of current_desc_hdr() (Christophe Leroy) - crypto: talitos - Endianess in current_desc_hdr() (Christophe Leroy) - drm/amdgpu: fix incorrect enum type (Arnd Bergmann) - sched: Reenable interrupts in do_sched_yield() (Thomas Gleixner) - sched/deadline: Fix sched_dl_global_validate() (Peng Liu) - x86/apic: Fix x2apic enablement without interrupt remapping (David Woodhouse) - ARM: p2v: fix handling of LPAE translation in BE mode (Ard Biesheuvel) - x86/mm/ident_map: Check for errors from ident_pud_init() (Arvind Sankar) - RDMA/rxe: Compute PSN windows correctly (Bob Pearson) - ARM: dts: aspeed: s2600wf: Fix VGA memory region location (Joel Stanley) - selinux: fix error initialization in inode_doinit_with_dentry() (Tianyue Ren) - rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (Dan Carpenter) - RDMA/bnxt_re: Set queue pair state when being queried (Kamal Heib) - Revert 'i2c: i2c-qcom-geni: Fix DMA transfer race' (Douglas Anderson) - soc: qcom: geni: More properly switch to DMA mode (Douglas Anderson) - soc: mediatek: Check if power domains can be powered on at boot time (Nicolas Boichat) - soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (Dan Carpenter) - arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node (Biju Das) - arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node (Biju Das) - drm/tve200: Fix handling of platform_get_irq() error (Krzysztof Kozlowski) - drm/mcde: Fix handling of platform_get_irq() error (Krzysztof Kozlowski) - drm/aspeed: Fix Kconfig warning & subsequent build errors (Randy Dunlap) - drm/gma500: fix double free of gma_connector (Tom Rix) - md: fix a warning caused by a race between concurrent md_ioctl()s (Dae R. Jeong) - crypto: af_alg - avoid undefined behavior accessing salg_name (Eric Biggers) - media: msi2500: assign SPI bus number dynamically (Antti Palosaari) - quota: Sanity-check quota file headers on load (Jan Kara) - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (Peilin Ye) - serial_core: Check for port state when tty is in error state (Alexey Kardashevskiy) - HID: i2c-hid: add Vero K147 to descriptor override (Julian Sax) - scsi: megaraid_sas: Check user-provided offsets (Arnd Bergmann) - coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf() (Sai Prakash Ranjan) - coresight: tmc-etr: Fix barrier packet insertion for perf buffer (Suzuki K Poulose) - coresight: tmc-etr: Check if page is valid before dma_map_page() (Mao Jinlong) - coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf() (Sai Prakash Ranjan) - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU (Krzysztof Kozlowski) - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 (Krzysztof Kozlowski) - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (Krzysztof Kozlowski) - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (Fabio Estevam) - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (Will McVicker) - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (Jack Pham) - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (Will McVicker) - USB: gadget: f_acm: add support for SuperSpeed Plus (taehyun.cho) - USB: serial: option: add interface-number sanity check to flag handling (Johan Hovold) - usb: mtu3: fix memory corruption in mtu3_debugfs_regset() (Dan Carpenter) - soc/tegra: fuse: Fix index bug in get_process_id (Nicolin Chen) - kbuild: avoid split lines in .mod files (Masahiro Yamada) - perf/x86/intel: Check PEBS status correctly (Stephane Eranian) - drm/amd/display: Init clock value by current vbios CLKs (Brandon Syu) - iwlwifi: pcie: add one missing entry for AX210 (Luca Coelho) - dm table: Remove BUG_ON(in_interrupt()) (Thomas Gleixner) - scsi: mpt3sas: Increase IOCInit request timeout to 30s (Sreekanth Reddy) - vxlan: Copy needed_tailroom from lowerdev (Sven Eckelmann) - vxlan: Add needed_headroom for lower device (Sven Eckelmann) - arm64: syscall: exit userspace before unmasking exceptions (Mark Rutland) - habanalabs: put devices before driver removal (Ofir Bitton) - drm/tegra: sor: Disable clocks on error in tegra_sor_init() (Qinglang Miao) - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (Nicholas Piggin) - drm/tegra: replace idr_init() by idr_init_base() (Deepak R Varma) - net: mvpp2: add mvpp2_phylink_to_port() helper (Russell King) - selftests: fix poll error in udpgro.sh (Paolo Abeni) - ixgbe: avoid premature Rx buffer reuse (Bjorn Topel) - i40e: avoid premature Rx buffer reuse (Bjorn Topel) - i40e: optimise prefetch page refcount (Li RongQing) - i40e: Refactor rx_bi accesses (Bjorn Topel) - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (Leon Romanovsky) - selftests/bpf/test_offload.py: Reset ethtool features after failed setting (Toke Hoiland-Jorgensen) - netfilter: nft_ct: Remove confirmation check for NFT_CT_ID (Brett Mastbergen) - gpio: eic-sprd: break loop when getting NULL device resource (Chunyan Zhang) - Revert 'gpio: eic-sprd: Use devm_platform_ioremap_resource()' (Baolin Wang) - afs: Fix memory leak when mounting with multiple source parameters (David Howells) - netfilter: nft_dynset: fix timeouts later than 23 days (Pablo Neira Ayuso) - netfilter: nft_compat: make sure xtables destructors have run (Florian Westphal) - netfilter: x_tables: Switch synchronization to RCU (Subash Abhinov Kasiviswanathan) - pinctrl: aspeed: Fix GPIO requests on pass-through banks (Andrew Jeffery) - blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (Douglas Anderson) - block: factor out requeue handling from dispatch code (Johannes Thumshirn) - block: Simplify REQ_OP_ZONE_RESET_ALL handling (Damien Le Moal) - clk: renesas: r9a06g032: Drop __packed for portability (Geert Uytterhoeven) - can: softing: softing_netdev_open(): fix error handling (Zhang Qilong) - xsk: Replace datagram_poll by sock_poll_wait (Xuan Zhuo) - xsk: Fix xsk_poll()'s return type (Luc Van Oostenryck) - scsi: bnx2i: Requires MMU (Randy Dunlap) - gpio: mvebu: fix potential user-after-free on probe (Baruch Siach) - gpio: zynq: fix reference leak in zynq_gpio functions (Qinglang Miao) - PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter (Zhang Qilong) - ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (Bernd Bauer) - ARM: dts: imx6qdl-wandboard-revd1: Remove PAD_GPIO_6 from enetgrp (Fabio Estevam) - ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY (Adam Sampson) - ARM: dts: sun8i: v3s: fix GIC node memory range (Icenowy Zheng) - pinctrl: baytrail: Avoid clearing debounce value when turning it off (Andy Shevchenko) - pinctrl: merrifield: Set default bias in case no particular value given (Andy Shevchenko) - ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (Pablo Greco) - ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (Pablo Greco) - RAS/CEC: Correct ce_add_elem()'s returned values (William Roche) [Orabug: 32774757] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759959] {CVE-2021-29154} - KVM: SVM: avoid infinite loop on NPF from bad address (John Donnelly) [Orabug: 32759746] {CVE-2020-36310} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32795492] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29154 CVE-2020-28374 CVE-2021-31916 CVE-2021-23133 CVE-2020-36310 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.202.5] - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907967] {CVE-2021-23133} - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860491] {CVE-2021-31916} - uek-rpm: update kABI lists for the new symbols (Saeed Mirzamohammadi) [Orabug: 32883836] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32888143] - scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (James Smart) [Orabug: 32827840] [5.4.17-2102.202.4] - uek-rpm: Update missing configs as compared to OL8.4 RHCK (Saeed Mirzamohammadi) [Orabug: 32837542] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32867569] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32867569] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32867569] - uek-rpm: Remove hwcap directive and /etc/ld.so.conf.d/*.conf file (Victor Erminpour) [Orabug: 32816428] [5.4.17-2102.202.3] - LTS tag: v5.4.94 (Jack Vogel) - fs: fix lazytime expiration handling in __writeback_single_inode() (Eric Biggers) - writeback: Drop I_DIRTY_TIME_EXPIRE (Jan Kara) - dm integrity: conditionally disable 'recalculate' feature (Mikulas Patocka) - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions (Jean-Philippe Brucker) - SMB3.1.1: do not log warning message if server doesn't populate salt (Steve French) - arm64: mm: use single quantity to represent the PA to VA translation (Ard Biesheuvel) - tracing: Fix race in trace_open and buffer resize call (Gaurav Kohli) - io_uring: Fix current->fs handling in io_sq_wq_submit_work() (Nicolai Stange) - HID: wacom: Correct NULL dereference on AES pen proximity (Jason Gerecke) - Revert 'mm/slub: fix a memory leak in sysfs_slab_add()' (Wang Hai) - gpio: mvebu: fix pwm .get_state period calculation (Baruch Siach) - LTS tag: v5.4.93 (Jack Vogel) - tcp: fix TCP_USER_TIMEOUT with zero window (Enke Chen) - net: dsa: b53: fix an off by one in checking 'vlan->vid' (Dan Carpenter) - net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled (Tariq Toukan) - net: mscc: ocelot: allow offloading of bridge on top of LAG (Vladimir Oltean) - ipv6: set multicast flag on the multicast route (Matteo Croce) - net_sched: reject silly cell_log in qdisc_get_rtab() (Eric Dumazet) - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() (Eric Dumazet) - ipv6: create multicast route with RTPROT_KERNEL (Matteo Croce) - udp: mask TOS bits in udp_v4_early_demux() (Guillaume Nault) - kasan: fix incorrect arguments passing in kasan_add_zero_shadow (Lecopzer Chen) - kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow (Lecopzer Chen) - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too (Alexander Lobakin) - lightnvm: fix memory leak when submit fails (Pan Bian) - sh_eth: Fix power down vs. is_opened flag ordering (Geert Uytterhoeven) - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (Rasmus Villemoes) - sh: dma: fix kconfig dependency for G2_DMA (Necip Fazil Yildiran) - netfilter: rpfilter: mask ecn bits before fib lookup (Guillaume Nault) - x86/cpu/amd: Set __max_die_per_package on AMD (Yazen Ghannam) - pinctrl: ingenic: Fix JZ4760 support (Paul Cercueil) - driver core: Extend device_is_dependent() (Rafael J. Wysocki) - xhci: tegra: Delay for disabling LFPS detector (JC Kuo) - xhci: make sure TRB is fully written before giving it to the controller (Mathias Nyman) - usb: bdc: Make bdc pci driver depend on BROKEN (Patrik Jakobsson) - usb: udc: core: Use lock when write to soft_connect (Thinh Nguyen) - usb: gadget: aspeed: fix stop dma register setting. (Ryan Chen) - USB: ehci: fix an interrupt calltrace error (Longfang Liu) - ehci: fix EHCI host controller initialization sequence (Eugene Korenevsky) - serial: mvebu-uart: fix tx lost characters at power off (Pali Rohar) - stm class: Fix module init return on allocation failure (Wang Hui) - intel_th: pci: Add Alder Lake-P support (Alexander Shishkin) - x86/mmx: Use KFPU_387 for MMX string operations (Andy Lutomirski) - x86/topology: Make __max_die_per_package available unconditionally (Borislav Petkov) - x86/fpu: Add kernel_fpu_begin_mask() to selectively initialize state (Andy Lutomirski) - irqchip/mips-cpu: Set IPI domain parent chip (Mathias Kresin) - cifs: do not fail __smb_send_rqst if non-fatal signals are pending (Ronnie Sahlberg) - iio: ad5504: Fix setting power-down state (Lars-Peter Clausen) - can: peak_usb: fix use after free bugs (Vincent Mailhol) - can: vxcan: vxcan_xmit: fix use after free bug (Vincent Mailhol) - can: dev: can_restart: fix use after free bug (Vincent Mailhol) - selftests: net: fib_tests: remove duplicate log test (Hangbin Liu) - platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-list (Hans de Goede) - i2c: octeon: check correct size of maximum RECV_LEN packet (Wolfram Sang) - powerpc: Fix alignment bug within the init sections (Ariel Marcovitch) - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression (Arnd Bergmann) - pinctrl: aspeed: g6: Fix PWMG0 pinctrl setting (Billy Tsai) - powerpc: Use the common INIT_DATA_SECTION macro in vmlinux.lds.S (Youling Tang) - drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0 (Ben Skeggs) - drm/nouveau/mmu: fix vram heap sizing (Ben Skeggs) - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields (Ben Skeggs) - drm/nouveau/privring: ack interrupts the same way as RM (Ben Skeggs) - drm/nouveau/bios: fix issue shadowing expansion ROMs (Ben Skeggs) - drm/amd/display: Fix to be able to stop crc calculation (Wayne Lin) - drm/amdgpu/psp: fix psp gfx ctrl cmds (Victor Zhao) - riscv: defconfig: enable gpio support for HiFive Unleashed (Sagar Shrikant Kadam) - dts: phy: fix missing mdio device and probe failure of vsc8541-01 device (Sagar Shrikant Kadam) - x86/xen: Add xen_no_vector_callback option to test PCI INTX delivery (David Woodhouse) - xen: Fix event channel callback via INTX/GSI (David Woodhouse) - arm64: make atomic helpers __always_inline (Arnd Bergmann) - clk: tegra30: Add hda clock default rates to clock driver (Peter Geis) - HID: Ignore battery for Elan touchscreen on ASUS UX550 (Seth Miller) - HID: logitech-dj: add the G602 receiver (Filipe Lains) - riscv: Fix sifive serial driver (Damien Le Moal) - riscv: Fix kernel time_init() (Damien Le Moal) - scsi: sd: Suppress spurious errors when WRITE SAME is being disabled (Ewan D. Milne) - scsi: qedi: Correct max length of CHAP secret (Nilesh Javali) - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback (Can Guo) - dm integrity: select CRYPTO_SKCIPHER (Anthony Iliopoulos) - HID: multitouch: Enable multi-input for Synaptics pointstick/touchpad device (Kai-Heng Feng) - ASoC: Intel: haswell: Add missing pm_ops (Cezary Rojewski) - drm/i915/gt: Prevent use of engine->wa_ctx after error (Chris Wilson) - drm/syncobj: Fix use-after-free (Daniel Vetter) - drm/atomic: put state on error path (Pan Bian) - dm integrity: fix a crash if 'recalculate' used without 'internal_hash' (Mikulas Patocka) - dm: avoid filesystem lookup in dm_get_dev_t() (Hannes Reinecke) - mmc: sdhci-xenon: fix 1.8v regulator stabilization (Alex Leibovich) - mmc: core: don't initialize block size from ext_csd if not present (Peter Collingbourne) - btrfs: send: fix invalid clone operations when cloning from the same file and root (Filipe Manana) - btrfs: don't clear ret in btrfs_start_dirty_block_groups (Josef Bacik) - btrfs: fix lockdep splat in btrfs_recover_relocation (Josef Bacik) - btrfs: don't get an EINTR during drop_snapshot for reloc (Josef Bacik) - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error (Hans de Goede) - ALSA: hda/via: Add minimum mute flag (Takashi Iwai) - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info() (Takashi Iwai) - platform/x86: ideapad-laptop: Disable touchpad_switch for ELAN0634 (Jiaxun Yang) - platform/x86: i2c-multi-instantiate: Don't create platform device for INT3515 ACPI nodes (Heikki Krogerus) - i2c: bpmp-tegra: Ignore unknown I2C_M flags (Mikko Perttunen) - LTS tag: v5.4.92 (Jack Vogel) - spi: cadence: cache reference clock rate during probe (Michael Hennerich) - mac80211: check if atf has been disabled in __ieee80211_schedule_txq (Lorenzo Bianconi) - mac80211: do not drop tx nulldata packets on encrypted links (Felix Fietkau) - tipc: fix NULL deref in tipc_link_xmit() (Hoang Le) - net, sctp, filter: remap copy_from_user failure error (Daniel Borkmann) - rxrpc: Fix handling of an unsupported token type in rxrpc_read() (David Howells) - net: avoid 32 x truesize under-estimation for tiny skbs (Eric Dumazet) - net: sit: unregister_netdevice on newlink's error path (Jakub Kicinski) - net: stmmac: Fixed mtu channged by cache aligned (David Wu) - rxrpc: Call state should be read with READ_ONCE() under some circumstances (Baptiste Lepers) - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands (Petr Machata) - net: dcb: Validate netlink message in DCB handler (Petr Machata) - esp: avoid unneeded kmap_atomic call (Willem de Bruijn) - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request (Andrey Zhizhikin) - net: mvpp2: Remove Pause and Asym_Pause support (Stefan Chulski) - mlxsw: core: Increase critical threshold for ASIC thermal zone (Vadim Pasternak) - mlxsw: core: Add validation of transceiver temperature thresholds (Vadim Pasternak) - net: ipv6: Validate GSO SKB before finish IPv6 processing (Aya Levin) - netxen_nic: fix MSI/MSI-x interrupts (Manish Chopra) - udp: Prevent reuseport_select_sock from reading uninitialized socks (Baptiste Lepers) - bpf: Fix helper bpf_map_peek_elem_proto pointing to wrong callback (Mircea Cirjaliu) - bpf: Don't leak memory in bpf getsockopt when optlen == 0 (Stanislav Fomichev) - nfsd4: readdirplus shouldn't return parent of export (J. Bruce Fields) - spi: npcm-fiu: Disable clock in probe error path (Lukas Wunner) - spi: npcm-fiu: simplify the return expression of npcm_fiu_probe() (Qinglang Miao) - elfcore: fix building with clang (Arnd Bergmann) - xen/privcmd: allow fetching resource sizes (Roger Pau Monne) - compiler.h: Raise minimum version of GCC to 5.1 for arm64 (Will Deacon) - usb: ohci: Make distrust_firmware param default to false (Hamish Martin) - LTS tag: v5.4.91 (Jack Vogel) - netfilter: nft_compat: remove flush counter optimization (Florian Westphal) - netfilter: nf_nat: Fix memleak in nf_nat_init (Dinghao Liu) - netfilter: conntrack: fix reading nf_conntrack_buckets (Jesper Dangaard Brouer) - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() (Geert Uytterhoeven) - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (Geert Uytterhoeven) - dm: eliminate potential source of excessive kernel log noise (Mike Snitzer) - net: sunrpc: interpret the return value of kstrtou32 correctly (j.nixdorf@avm.de) - iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev() (Lu Baolu) - mm, slub: consider rest of partial list if acquire_slab() fails (Jann Horn) - drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence (Hans de Goede) - IB/mlx5: Fix error unwinding when set_has_smi_cap fails (Parav Pandit) - RDMA/mlx5: Fix wrong free of blue flame register on error (Mark Bloch) - bnxt_en: Improve stats context resource accounting with RDMA driver loaded. (Michael Chan) - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (Dinghao Liu) - RDMA/restrack: Don't treat as an error allocation ID wrapping (Leon Romanovsky) - ext4: fix superblock checksum failure when setting password salt (Jan Kara) - NFS: nfs_igrab_and_active must first reference the superblock (Trond Myklebust) - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter (Trond Myklebust) - pNFS: Stricter ordering of layoutget and layoutreturn (Trond Myklebust) - pNFS: Mark layout for return if return-on-close was not sent (Trond Myklebust) - pNFS: We want return-on-close to complete when evicting the inode (Trond Myklebust) - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock (Dave Wysochanski) - nvme-tcp: fix possible data corruption with bio merges (Sagi Grimberg) - ASoC: Intel: fix error code cnl_set_dsp_D0() (Dan Carpenter) - ASoC: meson: axg-tdmin: fix axg skew offset (Jerome Brunet) - ASoC: meson: axg-tdm-interface: fix loopback (Jerome Brunet) - dump_common_audit_data(): fix racy accesses to ->d_name (Al Viro) - perf intel-pt: Fix 'CPU too large' error (Adrian Hunter) - ARM: picoxcell: fix missing interrupt-parent properties (Arnd Bergmann) - drm/msm: Call msm_init_vram before binding the gpu (Craig Tatlor) - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI (Shawn Guo) - usb: typec: Fix copy paste error for NVIDIA alt-mode description (Peter Robinson) - drm/amdgpu: fix a GPU hang issue when remove device (Dennis Li) - nvmet-rdma: Fix list_del corruption on queue establishment failure (Israel Rukshin) - nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN (Gopal Tiwari) - selftests: fix the return value for UDP GRO test (Po-Hsu Lin) - net: ethernet: fs_enet: Add missing MODULE_LICENSE (Michael Ellerman) - misdn: dsp: select CONFIG_BITREVERSE (Arnd Bergmann) - arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC (Randy Dunlap) - bfq: Fix computation of shallow depth (Jan Kara) - lib/raid6: Let rules work with macOS userland (John Millikin) - hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values (Uwe Kleine-Konig) - habanalabs: Fix memleak in hl_device_reset (Dinghao Liu) - habanalabs: register to pci shutdown callback (Oded Gabbay) - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (Rasmus Villemoes) - regulator: bd718x7: Add enable times (Guido Gunther) - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan (Filipe Manana) - netfilter: ipset: fixes possible oops in mtype_resize (Vasily Averin) - ARC: build: move symlink creation to arch/arc/Makefile to avoid race (Masahiro Yamada) - ARC: build: add boot_targets to PHONY (Masahiro Yamada) - ARC: build: add uImage.lzma to the top-level target (Masahiro Yamada) - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE (Masahiro Yamada) - dm integrity: fix flush with external metadata device (Mikulas Patocka) - cifs: fix interrupted close commands (Paulo Alcantara) - smb3: remove unused flag passed into close functions (Steve French) - ext4: don't leak old mountpoint samples (Theodore Ts'o) - ext4: fix bug for rename with RENAME_WHITEOUT (yangerkun) - drm/i915/backlight: fix CPU mode backlight takeover on LPT (Jani Nikula) - btrfs: tree-checker: check if chunk item end overflows (Su Yue) - r8152: Add Lenovo Powered USB-C Travel Hub (Leon Schuermann) - dm integrity: fix the maximum number of arguments (Mikulas Patocka) - dm snapshot: flush merged data before committing metadata (Akilesh Kailash) - dm raid: fix discard limits for raid1 (Mike Snitzer) - mm/hugetlb: fix potential missing huge page size info (Miaohe Lin) - ACPI: scan: Harden acpi_device_add() against device ID overflows (Dexuan Cui) - RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() (Tom Rix) - MIPS: relocatable: fix possible boot hangup with KASLR enabled (Alexander Lobakin) - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB (Paul Cercueil) - mips: lib: uncached: fix non-standard usage of variable 'sp' (Anders Roxell) - mips: fix Section mismatch in reference (Anders Roxell) - tracing/kprobes: Do the notrace functions check without kprobes on ftrace (Masami Hiramatsu) - x86/hyperv: check cpu mask after interrupt has been disabled (Wei Liu) - ASoC: dapm: remove widget from dirty list on free (Thomas Hebb) - btrfs: prevent NULL pointer dereference in extent_io_tree_panic (Su Yue) - kbuild: enforce -Werror=return-type (Olaf Hering) - IB/ipoib: Improve latency in ipoib/cm connection formation (Manjunath Patil) [Orabug: 32852998] [5.4.17-2102.202.2] - vfio/pci: restore remap elision logic in vfio_pci_mmap_fault() (Ankur Arora) [Orabug: 32478548] [5.4.17-2102.202.1] - LTS tag: v5.4.90 (Jack Vogel) - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() (Dan Carpenter) - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet (Vasily Averin) - block: fix use-after-free in disk_part_iter_next (Ming Lei) - KVM: arm64: Don't access PMCR_EL0 when no PMU is available (Marc Zyngier) - net: mvpp2: disable force link UP during port init procedure (Stefan Chulski) - regulator: qcom-rpmh-regulator: correct hfsmps515 definition (Dmitry Baryshkov) - wan: ds26522: select CONFIG_BITREVERSE (Arnd Bergmann) - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev (Xiaolei Wang) - net/mlx5e: Fix two double free cases (Dinghao Liu) - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (Dinghao Liu) - iommu/intel: Fix memleak in intel_irq_remapping_alloc (Dinghao Liu) - lightnvm: select CONFIG_CRC32 (Arnd Bergmann) - block: rsxx: select CONFIG_CRC32 (Arnd Bergmann) - wil6210: select CONFIG_CRC32 (Arnd Bergmann) - qed: select CONFIG_CRC32 (Arnd Bergmann) - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (Shravya Kumbham) - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe() (Shravya Kumbham) - dmaengine: xilinx_dma: check dma_async_device_register return value (Shravya Kumbham) - dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function (Christophe JAILLET) - i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated (Hans de Goede) - spi: stm32: FIFO threshold level - fix align packet size (Roman Guskov) - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() (Colin Ian King) - can: kvaser_pciefd: select CONFIG_CRC32 (Arnd Bergmann) - can: m_can: m_can_class_unregister(): remove erroneous m_can_clk_stop() (Marc Kleine-Budde) - can: tcan4x5x: fix bittiming const, use common bittiming from m_can driver (Marc Kleine-Budde) - dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() (Dan Carpenter) - i2c: sprd: use a specific timeout to avoid system hang up issue (Chunyan Zhang) - ARM: OMAP2+: omap_device: fix idling of devices during probe (Andreas Kemnade) - HID: wacom: Fix memory leakage caused by kfifo_alloc (Ping Cheng) - iio: imu: st_lsm6dsx: fix edge-trigger interrupts (Lorenzo Bianconi) - vmlinux.lds.h: Add PGO and AutoFDO input sections (Nick Desaulniers) - exfat: Month timestamp metadata accidentally incremented (Valdis Kletnieks) - x86/resctrl: Don't move a task to the same resource group (Fenghua Yu) - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (Fenghua Yu) - chtls: Fix chtls resources release sequence (Ayush Sawal) - chtls: Added a check to avoid NULL pointer dereference (Ayush Sawal) - chtls: Replace skb_dequeue with skb_peek (Ayush Sawal) - chtls: Fix panic when route to peer not configured (Ayush Sawal) - chtls: Remove invalid set_tcb call (Ayush Sawal) - chtls: Fix hardware tid leak (Ayush Sawal) - net/mlx5e: ethtool, Fix restriction of autoneg with 56G (Aya Levin) - net/mlx5: Use port_num 1 instead of 0 when delete a RoCE address (Mark Zhang) - net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (Aleksander Jan Bajkowski) - s390/qeth: fix L2 header access in qeth_l3_osa_features_check() (Julian Wiedmann) - nexthop: Unlink nexthop group entry in error path (Ido Schimmel) - nexthop: Fix off-by-one error in error path (Ido Schimmel) - octeontx2-af: fix memory leak of lmac and lmac->name (Colin Ian King) - net: ip: always refragment ip defragmented packets (Florian Westphal) - net: fix pmtu check in nopmtudisc mode (Florian Westphal) - tools: selftests: add test for changing routes with PTMU exceptions (Sean Tranchetti) - net: ipv6: fib: flush exceptions when purging route (Sean Tranchetti) - net/sonic: Fix some resource leaks in error handling paths (Christophe JAILLET) - net: vlan: avoid leaks on register_vlan_dev() failures (Jakub Kicinski) - net: stmmac: dwmac-sun8i: Balance internal PHY power (Samuel Holland) - net: stmmac: dwmac-sun8i: Balance internal PHY resource references (Samuel Holland) - net: hns3: fix a phy loopback fail issue (Yonglong Liu) - net: hns3: fix the number of queues actually used by ARQ (Yufeng Mo) - net: cdc_ncm: correct overhead in delayed_ndp_size (Jouni K. Seppanen) - vfio iommu: Add dma available capability (Matthew Rosato) - x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* (Jiri Slaby) - LTS tag: v5.4.89 (Jack Vogel) - scsi: target: Fix XCOPY NAA identifier lookup (David Disseldorp) {CVE-2020-28374} - KVM: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) - x86/mtrr: Correct the range check before performing MTRR type lookups (Ying-Tsun Huang) - netfilter: nft_dynset: report EOPNOTSUPP on missing set feature (Pablo Neira Ayuso) - netfilter: xt_RATEEST: reject non-null terminated string from userspace (Florian Westphal) - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (Vasily Averin) - netfilter: x_tables: Update remaining dereference to RCU (Subash Abhinov Kasiviswanathan) - drm/i915: clear the gpu reloc batch (Matthew Auld) - dmabuf: fix use-after-free of dmabuf's file->f_inode (Charan Teja Reddy) - Revert 'device property: Keep secondary firmware node secondary by type' (Bard Liao) - btrfs: send: fix wrong file path when there is an inode with a pending rmdir (Filipe Manana) - ALSA: hda/realtek: Add two 'Intel Reference board' SSID in the ALC256. (PeiSen Hou) - ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7 (Kai-Heng Feng) - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (Kailang Yang) - ALSA: hda/conexant: add a new hda codec CX11970 (bo liu) - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (Takashi Iwai) - kvm: check tlbs_dirty directly (Lai Jiangshan) - x86/mm: Fix leak of pmd ptlock (Dan Williams) - USB: serial: keyspan_pda: remove unused variable (Johan Hovold) - usb: gadget: configfs: Fix use-after-free issue with udc_name (Eddie Hung) - usb: gadget: configfs: Preserve function ordering after bind failure (Chandana Kishori Chiluveru) - usb: gadget: Fix spinlock lockup on usb_function_deactivate (Sriharsha Allenki) - USB: gadget: legacy: fix return error code in acm_ms_bind() (Yang Yingliang) - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (Manish Narani) - usb: gadget: function: printer: Fix a memory leak for interface descriptor (Zqiang) - usb: gadget: f_uac2: reset wMaxPacketSize (Jerome Brunet) - usb: gadget: select CONFIG_CRC32 (Arnd Bergmann) - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (Takashi Iwai) - USB: usblp: fix DMA to stack (Johan Hovold) - USB: yurex: fix control-URB timeout handling (Johan Hovold) - USB: serial: option: add Quectel EM160R-GL (Bjorn Mork) - USB: serial: option: add LongSung M5710 module support (Daniel Palmer) - USB: serial: iuu_phoenix: fix DMA from stack (Johan Hovold) - usb: uas: Add PNY USB Portable SSD to unusual_uas (Thinh Nguyen) - usb: usbip: vhci_hcd: protect shift size (Randy Dunlap) - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Michael Grzeschik) - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (Yu Kuai) - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (Serge Semin) - USB: cdc-wdm: Fix use after free in service_outstanding_interrupt(). (Tetsuo Handa) - USB: cdc-acm: blacklist another IR Droid device (Sean Young) - usb: gadget: enable super speed plus (taehyun.cho) - staging: mt7621-dma: Fix a resource leak in an error handling path (Christophe JAILLET) - powerpc: Handle .text.{hot,unlikely}.* in linker script (Nathan Chancellor) - crypto: asym_tpm: correct zero out potential secrets (Greg Kroah-Hartman) - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (Ard Biesheuvel) - Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close (Hans de Goede) - kbuild: don't hardcode depmod path (Dominique Martinet) - net/sched: sch_taprio: ensure to reset/destroy all child qdiscs (Davide Caratti) - ionic: account for vlan tag len in rx buffer len (Shannon Nelson) - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (Yunjian Wang) - net: usb: qmi_wwan: add Quectel EM160R-GL (Bjorn Mork) - CDC-NCM: remove 'connected' log message (Roland Dreier) - net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (Martin Blumenstingl) - net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs (Martin Blumenstingl) - r8169: work around power-saving bug on some chip versions (Heiner Kallweit) - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (Xie He) - erspan: fix version 1 check in gre_parse_header() (Cong Wang) - net: hns: fix return value check in __lb_other_process() (Yunjian Wang) - net: sched: prevent invalid Scell_log shift count (Randy Dunlap) - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (Guillaume Nault) - net: mvpp2: fix pkt coalescing int-threshold configuration (Stefan Chulski) - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (Yunjian Wang) - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (Grygorii Strashko) - net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc (Antoine Tenart) - net-sysfs: take the rtnl lock when storing xps_rxqs (Antoine Tenart) - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) - net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) - net: ethernet: Fix memleak in ethoc_probe (Dinghao Liu) - net/ncsi: Use real net-device for response handler (John Wang) - virtio_net: Fix recursive call to cpus_read_lock() (Jeff Dike) - qede: fix offload for IPIP tunnel packets (Manish Chopra) - net: ethernet: mvneta: Fix error handling in mvneta_probe (Dinghao Liu) - ibmvnic: continue fatal error reset after passive init (Lijun Pan) - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (Stefan Chulski) - atm: idt77252: call pci_disable_device() on error path (Dan Carpenter) - ethernet: ucc_geth: set dev->max_mtu to 1518 (Rasmus Villemoes) - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (Rasmus Villemoes) - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (Florian Fainelli) - net: mvpp2: prs: fix PPPoE with ipv6 packet parse (Stefan Chulski) - net: mvpp2: Add TCAM entry to drop flow control pause frames (Stefan Chulski) - iavf: fix double-release of rtnl_lock (Jakub Kicinski) - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (Sylwester Dziedziuch) - proc: fix lookup in /proc/net subdirectories after setns(2) (Alexey Dobriyan) - proc: change ->nlink under proc_subdir_lock (Alexey Dobriyan) - depmod: handle the case of /sbin/depmod without /sbin in PATH (Linus Torvalds) - lib/genalloc: fix the overflow when size is too big (Huang Shijie) - scsi: scsi_transport_spi: Set RQF_PM for domain validation commands (Bart Van Assche) - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (Bart Van Assche) - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (Adrian Hunter) - scsi: ufs: Fix wrong print message in dev_err() (Bean Huo) - workqueue: Kick a worker based on the actual activation of delayed works (Yunfeng Ye) - LTS tag: v5.4.88 (Jack Vogel) - exec: Transform exec_update_mutex into a rw_semaphore (Eric W. Biederman) - rwsem: Implement down_read_interruptible (Eric W. Biederman) - rwsem: Implement down_read_killable_nested (Eric W. Biederman) - perf: Break deadlock involving exec_update_mutex (peterz@infradead.org) - iio:imu:bmi160: Fix alignment and data leak issues (Jonathan Cameron) - kdev_t: always inline major/minor helper functions (Josh Poimboeuf) - dmaengine: at_hdmac: add missing kfree() call in at_dma_xlate() (Yu Kuai) - dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate() (Yu Kuai) - dmaengine: at_hdmac: Substitute kzalloc with kmalloc (Tudor Ambarus) - Revert 'mtd: spinand: Fix OOB read' (Felix Fietkau) - Revert 'drm/amd/display: Fix memory leaks in S3 resume' (Alex Deucher) - LTS tag: v5.4.87 (Jack Vogel) - dm verity: skip verity work if I/O error when system is shutting down (Hyeongseok Kim) - ALSA: pcm: Clear the full allocated memory at hw_params (Takashi Iwai) - tick/sched: Remove bogus boot 'safety' check (Thomas Gleixner) - um: ubd: Submit all data segments atomically (Gabriel Krisman Bertazi) - fs/namespace.c: WARN if mnt_count has become negative (Eric Biggers) - module: delay kobject uevent until after module init call (Jessica Yu) - f2fs: avoid race condition for shrinker count (Jaegeuk Kim) - NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode (Trond Myklebust) - i3c master: fix missing destroy_workqueue() on error in i3c_master_register (Qinglang Miao) - powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (Qinglang Miao) - rtc: pl031: fix resource leak in pl031_probe (Zheng Liang) - quota: Don't overflow quota file offsets (Jan Kara) - module: set MODULE_STATE_GOING state when a module fails to load (Miroslav Benes) - rtc: sun6i: Fix memleak in sun6i_rtc_clk_init (Dinghao Liu) - fcntl: Fix potential deadlock in send_sig{io, urg}() (Boqun Feng) - bfs: don't use WARNING: string when it's just info. (Randy Dunlap) - ALSA: rawmidi: Access runtime->avail always in spinlock (Takashi Iwai) - ALSA: seq: Use bool for snd_seq_queue internal flags (Takashi Iwai) - f2fs: fix shift-out-of-bounds in sanity_check_raw_super() (Chao Yu) - media: gp8psk: initialize stats at power control logic (Mauro Carvalho Chehab) - misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() (Anant Thazhemadam) - reiserfs: add check for an invalid ih_entry_count (Rustam Kovhaev) - Bluetooth: hci_h5: close serdev device and free hu in h5_close (Anant Thazhemadam) - scsi: cxgb4i: Fix TLS dependency (Randy Dunlap) - cgroup: Fix memory leak when parsing multiple source parameters (Qinglang Miao) - of: fix linker-section match-table corruption (Johan Hovold) - null_blk: Fix zone size initialization (Damien Le Moal) - tools headers UAPI: Sync linux/const.h with the kernel headers (Arnaldo Carvalho de Melo) - uapi: move constants from <linux/kernel.h> to <linux/const.h> (Petr Vorel) - scsi: block: Fix a race in the runtime power management code (Bart Van Assche) - jffs2: Fix NULL pointer dereference in rp_size fs option parsing (Jamie Iles) - jffs2: Allow setting rp_size to zero during remounting (lizhe) - powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (Christophe Leroy) - KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Paolo Bonzini) - KVM: x86: avoid incorrect writes to host MSR_IA32_SPEC_CTRL (Paolo Bonzini) - ext4: don't remount read-only with errors=continue on reboot (Jan Kara) - btrfs: fix race when defragmenting leads to unnecessary IO (Filipe Manana) - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() (Eric Auger) - fscrypt: remove kernel-internal constants from UAPI header (Eric Biggers) - fscrypt: add fscrypt_is_nokey_name() (Eric Biggers) - f2fs: prevent creating duplicate encrypted filenames (Eric Biggers) - ubifs: prevent creating duplicate encrypted filenames (Eric Biggers) - ext4: prevent creating duplicate encrypted filenames (Eric Biggers) - thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has changed (Zhuguangqing) - md/raid10: initialize r10_bio->read_slot before use. (Kevin Vigor) - net/sched: sch_taprio: reset child qdiscs before freeing them (Davide Caratti) - uek/ol/config-aarch64: Update uek6 kernel with RPI IOT configs (Vijay Kumar) [Orabug: 32833361] - dts/bcm2711: set gpio6 to level=0 and pull=down (Vijay Kumar) [Orabug: 32833361] - dts: bcm283x: Fix vc4's firmware bus DMA limitations (Nicolas Saenz Julienne) [Orabug: 32833361] - uek6/config-aarch64-rpi: Enable CONFIG_RTC_DRV_ABEOZ9 (Vijay Kumar) [Orabug: 32833361] - rtc/ab-eoz9: Add support for ABEOA9 SPI chip (Vijay Kumar) [Orabug: 32833361] - rtc: abracon: add abeoa9 device id (Tom Saeger) [Orabug: 32833361] - arm64/dts/bcm2711: Set SPI_CE0_N to output for GPIO8 (Vijay Kumar) [Orabug: 32833361] - uek-rpm/ol8: Build rpi kernel (Tom Saeger) [Orabug: 32833361] - uek-rpm: add rpi specific config (Tom Saeger) [Orabug: 32833361] - firmware/raspberrypi: Notify firmware of a reboot (Phil Elwell) [Orabug: 32833361] - firmware: raspberrypi: Report the fw variant during probe (Dave Stevenson) [Orabug: 32833361] - raspberrypi-firmware: Export the general transaction function. (Eric Anholt) [Orabug: 32833361] - firmware: bcm2835: Support ARCH_BCM270x (Noralf Tronnes) [Orabug: 32833361] - Add NO_WAIT_RESP flag (Phil Elwell) [Orabug: 32833361] - bcm2835-dma: Add proper 40-bit DMA support (Phil Elwell) [Orabug: 32833361] - dmaengine: Add support for BCM2708 (Florian Meier) [Orabug: 32833361] - dmaengine: bcm2835: Load driver early and support legacy API (Noralf Tronnes) [Orabug: 32833361] - RPi: char: broadcom: Add vcio module (Noralf Tronnes) [Orabug: 32833361] - RPi: Add /dev/gpiomem device for rootless user GPIO access (Luke Wren) [Orabug: 32833361] - RPi: vcsm: VideoCore shared memory service for BCM2835 (Tim Gover) [Orabug: 32833361] - RPi: vc_mem: Add vc_mem driver for querying firmware memory addresses (popcornmix) [Orabug: 32833361] - RPi4/dts: set alias for i2c device (Vijay Kumar) [Orabug: 32833361] - dts: Enable i2c4 for RPi4 (Vijay Kumar) [Orabug: 32833361] - RPi:dts/bcm2711: Enable pwm for RPi4 board (Vijay Kumar) [Orabug: 32833361] - RPi: transplant rpi_backlight to it's expected place (Andrew Thomas) [Orabug: 32833361] - RPi: pinctrl-bcm2835: Set base to 0 for BCM2711 (Andrew Thomas) [Orabug: 32833361] - RPi: pinctrl-bcm2835: Set base to 0 give expected gpio numbering (notro) [Orabug: 32833361] - RPi: spidev: add rpi4 spidev0 (Tom Saeger) [Orabug: 32833361] - RPi: dts: rpi4 add gpiomem (Tom Saeger) [Orabug: 32833361] - RPi: dts: enable rpi4 touchscreen, i2c, and spi (Tom Saeger) [Orabug: 32833361] - RPi: rpi_display: add backlight driver and overlay (P33M) [Orabug: 32833361] - HID: quirks: Add quirk for Lenovo optical mouse (Saeed Mirzamohammadi) [Orabug: 32820273] - x86/amd: Disable IBS on Rome processors due to erratum 1215 (Boris Ostrovsky) [Orabug: 32817184] - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (Kan Liang) [Orabug: 32806848] [5.4.17-2102.202.0] - LTS tag: v5.4.86 (Jack Vogel) - x86/CPU/AMD: Save AMD NodeId as cpu_die_id (Yazen Ghannam) - Revert: 'ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS' (Steven Rostedt (VMware)) - rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time (Nikita Shubin) - regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x (DingHua Ma) - PCI: Fix pci_slot_release() NULL pointer dereference (Jubin Zhong) - platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 (Carlos Garnacho) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels (Dan Williams) - xen/xenbus: Count pending messages for each watch (SeongJae Park) - xen/xenbus: Allow watches discard events before queueing (SeongJae Park) - dma-buf/dma-resv: Respect num_fences when initializing the shared fence list. (Maarten Lankhorst) - device-dax/core: Fix memory leak when rmmod dax.ko (Wang Hai) - clk: tegra: Do not return 0 on failure (Nicolin Chen) - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (Terry Zhou) - clk: ingenic: Fix divider calculation with div tables (Paul Cercueil) - pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler (Yangtao Li) - md/cluster: fix deadlock when node is doing resync job (Zhao Heming) - md/cluster: block reshape with remote resync job (Zhao Heming) - iio:adc:ti-ads124s08: Fix alignment and data leak issues. (Jonathan Cameron) - iio:adc:ti-ads124s08: Fix buffer being too long. (Jonathan Cameron) - iio:imu:bmi160: Fix too large a buffer. (Jonathan Cameron) - iio:pressure:mpl3115: Force alignment of buffer (Jonathan Cameron) - iio:magnetometer:mag3110: Fix alignment and data leak issues. (Jonathan Cameron) - iio:light:st_uvis25: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio:light:rpr0521: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (Qinglang Miao) - iio: buffer: Fix demux update (Nuno Sa) - scsi: qla2xxx: Fix crash during driver load on big endian machines (Arun Easi) - mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments (Sergei Antonov) - mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read (Praveenkumar I) - mtd: parser: cmdline: Fix parsing of part-names with colons (Sven Eckelmann) - mtd: spinand: Fix OOB read (Miquel Raynal) - soc: qcom: smp2p: Safely acquire spinlock without IRQs (Evan Green) - spi: atmel-quadspi: Fix AHB memory accesses (Tudor Ambarus) - spi: atmel-quadspi: Disable clock in probe error path (Lukas Wunner) - spi: mt7621: Don't leak SPI master in probe error path (Lukas Wunner) - spi: mt7621: Disable clock in probe error path (Lukas Wunner) - spi: synquacer: Disable clock in probe error path (Lukas Wunner) - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (Lukas Wunner) - spi: sc18is602: Don't leak SPI master in probe error path (Lukas Wunner) - spi: rb4xx: Don't leak SPI master in probe error path (Lukas Wunner) - spi: pic32: Don't leak DMA channels in probe error path (Lukas Wunner) - spi: mxic: Don't leak SPI master in probe error path (Lukas Wunner) - spi: gpio: Don't leak SPI master in probe error path (Lukas Wunner) - spi: fsl: fix use of spisel_boot signal on MPC8309 (Rasmus Villemoes) - spi: davinci: Fix use-after-free on unbind (Lukas Wunner) - spi: atmel-quadspi: Fix use-after-free on unbind (Lukas Wunner) - spi: spi-sh: Fix use-after-free on unbind (Lukas Wunner) - spi: pxa2xx: Fix use-after-free on unbind (Lukas Wunner) - drm/i915: Fix mismatch between misplaced vma check and vma insert (Chris Wilson) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (Zwane Mwaikambo) - drm/amd/display: Fix memory leaks in S3 resume (Stylon Wang) - platform/x86: mlx-platform: remove an unused variable (Arnd Bergmann) - jfs: Fix array index bounds check in dbAdjTree (Dave Kleikamp) - jffs2: Fix ignoring mounting options problem during remounting (lizhe) - jffs2: Fix GC exit abnormally (Zhe Li) - ubifs: wbuf: Don't leak kernel memory to flash (Richard Weinberger) - SMB3: avoid confusing warning message on mount to Azure (Steve French) - ceph: fix race in concurrent __ceph_remove_cap invocations (Luis Henriques) - um: Remove use of asprinf in umid.c (Anton Ivanov) - ima: Don't modify file descriptor mode on the fly (Roberto Sassu) - powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently (David Hildenbrand) - powerpc/powernv/memtrace: Don't leak kernel memory to user space (David Hildenbrand) - powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU (Alexey Kardashevskiy) - powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (Christophe Leroy) - powerpc/8xx: Fix early debug when SMC1 is relocated (Christophe Leroy) - powerpc/xmon: Change printk() to pr_cont() (Christophe Leroy) - powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE (Christophe Leroy) - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter (Tyrel Datwyler) - powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (Mathieu Desnoyers) - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (Chuck Lever) - ARM: dts: at91: sama5d2: fix CAN message ram offset and size (Nicolas Ferre) - ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES (H. Nikolaus Schaller) - KVM: arm64: Introduce handling of AArch32 TTBCR2 traps (Marc Zyngier) - ext4: fix deadlock with fs freezing and EA inodes (Jan Kara) - ext4: fix a memory leak of ext4_free_data (Chunguang Xu) - btrfs: trim: fix underflow in trim length to prevent access beyond device boundary (Qu Wenruo) - btrfs: do not shorten unpin len for caching block groups (Josef Bacik) - USB: serial: keyspan_pda: fix write unthrottling (Johan Hovold) - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix write-wakeup use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix stalled writes (Johan Hovold) - USB: serial: keyspan_pda: fix write deadlock (Johan Hovold) - USB: serial: keyspan_pda: fix dropped unthrottle interrupts (Johan Hovold) - USB: serial: digi_acceleport: fix write-wakeup deadlocks (Johan Hovold) - USB: serial: mos7720: fix parallel-port state restore (Johan Hovold) - EDAC/amd64: Fix PCI component registration (Borislav Petkov) - EDAC/i10nm: Use readl() to access MMIO registers (Qiuxu Zhuo) - crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata (Ard Biesheuvel) - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (Ard Biesheuvel) - powerpc/perf: Exclude kernel samples while counting events in user space. (Athira Rajeev) - perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake (Kan Liang) - perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY (Kan Liang) - staging: comedi: mf6x4: Fix AI end-of-conversion detection (Ian Abbott) - ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (Takashi Iwai) - binder: add flag to clear buffer on txn complete (Todd Kjos) - s390/dasd: fix list corruption of lcu list (Stefan Haberland) - s390/dasd: fix list corruption of pavgroup group list (Stefan Haberland) - s390/dasd: prevent inconsistent LCU device data (Stefan Haberland) - s390/dasd: fix hanging device offline processing (Stefan Haberland) - s390/kexec_file: fix diag308 subcode when loading crash kernel (Philipp Rudo) - s390/smp: perform initial CPU reset also for SMT siblings (Sven Schnelle) - ALSA: core: memalloc: add page alignment for iram (Robin Gong) - ALSA: usb-audio: Disable sample read check if firmware doesn't give back (Takashi Iwai) - ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices (Amadej Kastelic) - ALSA: hda/realtek: Apply jack fixup for Quanta NL3 (Chris Chiu) - ALSA: hda/realtek: Add quirk for MSI-GP73 (Takashi Iwai) - ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G (Chris Chiu) - ALSA: pcm: oss: Fix a few more UBSAN fixes (Takashi Iwai) - ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button (Kailang Yang) - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (Chris Chiu) - ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 (Chris Chiu) - ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop (Hui Wang) - ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg. (Connor McAdams) - ALSA: hda: Fix regressions on clear and reconfig sysfs (Takashi Iwai) - ACPI: PNP: compare the string length in the matching_id() (Hui Wang) - Revert 'ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks' (Daniel Scally) - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() (Rafael J. Wysocki) - ALSA: hda/ca0132 - Change Input Source enum strings. (Connor McAdams) - Input: cyapa_gen6 - fix out-of-bounds stack access (Arnd Bergmann) - media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE (Sakari Ailus) - media: ipu3-cio2: Validate mbus format in setting subdev format (Sakari Ailus) - media: ipu3-cio2: Serialise access to pad format (Sakari Ailus) - media: ipu3-cio2: Return actual subdev format (Sakari Ailus) - media: ipu3-cio2: Remove traces of returned buffers (Sakari Ailus) - media: netup_unidvb: Don't leak SPI master in probe error path (Lukas Wunner) - media: sunxi-cir: ensure IR is handled when it is continuous (Sean Young) - media: gspca: Fix memory leak in probe (Alan Stern) - vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU (Alexey Kardashevskiy) - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (Simon Beginn) - initramfs: fix clang build failure (Arnd Bergmann) - Input: cros_ec_keyb - send 'scancodes' in addition to key events (Dmitry Torokhov) - drm/amdkfd: Fix leak in dmabuf import (Felix Kuehling) - drm/amd/display: Prevent bandwidth overflow (Chris Park) - lwt: Disable BH too in run_lwt_bpf() (Dongdong Wang) - fix namespaced fscaps when !CONFIG_SECURITY (Serge Hallyn) - cfg80211: initialize rekey_data (Sara Sharon) - ARM: sunxi: Add machine match for the Allwinner V3 SoC (Paul Kocialkowski) - perf probe: Fix memory leak when synthesizing SDT probes (Arnaldo Carvalho de Melo) - kconfig: fix return value of do_error_if() (Masahiro Yamada) - clk: sunxi-ng: Make sure divider tables have sentinel (Jernej Skrabec) - clk: s2mps11: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - clk: at91: sam9x60: remove atmel,osc-bypass support (Alexandre Belloni) - virtio_ring: Fix two use after free bugs (Dan Carpenter) - virtio_net: Fix error code in probe() (Dan Carpenter) - virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed() (Dan Carpenter) - qlcnic: Fix error code in probe (Dan Carpenter) - perf record: Fix memory leak when using '--user-regs=?' to list registers (Zheng Zengkai) - pwm: lp3943: Dynamically allocate PWM chip base (Lokesh Vutla) - pwm: zx: Add missing cleanup in error path (Uwe Kleine-Konig) - clk: ti: Fix memleak in ti_fapll_synth_setup (Zhang Qilong) - watchdog: coh901327: add COMMON_CLK dependency (Arnd Bergmann) - watchdog: qcom: Avoid context switch in restart handler (Manivannan Sadhasivam) - libnvdimm/label: Return -ENXIO for no slot in __blk_label_update (Zhang Qilong) - net: korina: fix return value (Vincent Stehle) - net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (Christophe JAILLET) - net: bcmgenet: Fix a resource leak in an error handling path in the probe functin (Christophe JAILLET) - lan743x: fix rx_napi_poll/interrupt ping-pong (Sven Van Asbroeck) - checkpatch: fix unescaped left brace (Dwaipayan Ray) - mm: don't wake kswapd prematurely when watermark boosting is disabled (Johannes Weiner) - sparc: fix handling of page table constructor failure (Matthew Wilcox (Oracle)) - powerpc/ps3: use dma_mapping_error() (Vincent Stehle) - nfc: s3fwrn5: Release the nfc firmware (Bongsu Jeon) - RDMA/cma: Don't overwrite sgid_attr after device is released (Leon Romanovsky) - sunrpc: fix xs_read_xdr_buf for partial pages receive (Dan Aloni) - um: chan_xterm: Fix fd leak (Anton Ivanov) - um: tty: Fix handling of close in tty lines (Anton Ivanov) - um: Monitor error events in IRQ controller (Anton Ivanov) - ubifs: Fix error return code in ubifs_init_authentication() (Wang ShaoBo) - watchdog: Fix potential dereferencing of null pointer (Wang Wensheng) - watchdog: sprd: check busy bit before new loading rather than after that (Lingling Xu) - watchdog: sprd: remove watchdog disable from resume fail path (Lingling Xu) - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (Guenter Roeck) - watchdog: armada_37xx: Add missing dependency on HAS_IOMEM (Guenter Roeck) - irqchip/alpine-msi: Fix freeing of interrupts on allocation error path (Marc Zyngier) - ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (Dan Carpenter) - mac80211: don't set set TDLS STA bandwidth wider than possible (Johannes Berg) - crypto: atmel-i2c - select CONFIG_BITREVERSE (Arnd Bergmann) - extcon: max77693: Fix modalias string (Marek Szyprowski) - mtd: rawnand: gpmi: Fix the random DMA timeout issue (Han Xu) - mtd: rawnand: meson: Fix a resource leak in init (Dan Carpenter) - mtd: rawnand: gpmi: fix reference count leak in gpmi ops (Zhang Qilong) - clk: tegra: Fix duplicated SE clock entry (Dmitry Osipenko) - remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() (Zhang Changzhong) - remoteproc: qcom: fix reference leak in adsp_start (Zhang Qilong) - remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable (Zhang Qilong) - RDMA/core: Do not indicate device ready when device enablement fails (Jack Morgenstein) - can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit (Sean Nyekjaer) - erofs: avoid using generic_block_bmap (Huang Jianan) - iwlwifi: mvm: hook up missing RX handlers (Johannes Berg) - s390/cio: fix use-after-free in ccw_device_destroy_console (Qinglang Miao) - bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (Zhang Changzhong) - platform/chrome: cros_ec_spi: Don't overwrite spi::mode (Stephen Boyd) - x86/kprobes: Restore BTF if the single-stepping is cancelled (Masami Hiramatsu) - nfs_common: need lock during iterate through the list (Cheng Lin) - nfsd: Fix message level for normal termination (kazuo ito) - speakup: fix uninitialized flush_lock (Yang Yingliang) - usb: oxu210hp-hcd: Fix memory leak in oxu_create (Zhang Qilong) - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (Zhang Qilong) - powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S (Christophe Leroy) - ASoC: amd: change clk_get() to devm_clk_get() and add missed checks (Chuhong Yuan) - drm/mediatek: avoid dereferencing a null hdmi_phy on an error message (Colin Ian King) - powerpc/pseries/hibernation: remove redundant cacheinfo update (Nathan Lynch) - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops (Nathan Lynch) - platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (Vadim Pasternak) - scsi: fnic: Fix error return code in fnic_probe() (Zhang Changzhong) - seq_buf: Avoid type mismatch for seq_buf_init (Arnd Bergmann) - scsi: pm80xx: Fix error return in pm8001_pci_probe() (Zhang Qilong) - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe (Qinglang Miao) - arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements (Stefan Agner) - ARM: dts: meson: fix PHY deassert timing requirements (Stefan Agner) - arm64: dts: meson: fix PHY deassert timing requirements (Stefan Agner) - Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware() (Jing Xiangfeng) - Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware() (Jing Xiangfeng) - cpufreq: scpi: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: loongson1: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: st: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: qcom: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: ap806: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (Keqian Zhu) - clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne (Keqian Zhu) - phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure (Wang Li) - dm ioctl: fix error return code in target_message (Qinglang Miao) - ASoC: jz4740-i2s: add missed checks for clk_get() (Chuhong Yuan) - net/mlx5: Properly convey driver version to firmware (Leon Romanovsky) - MIPS: Don't round up kernel sections size for memblock_add() (Alexander Sverdlin) - memstick: r592: Fix error return in r592_probe() (Jing Xiangfeng) - arm64: dts: rockchip: Fix UART pull-ups on rk3328 (Chen-Yu Tsai) - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (Yu Kuai) - bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address() (Andrii Nakryiko) - ARM: dts: at91: sama5d2: map securam as device (Claudiu Beznea) - iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context (Lars-Peter Clausen) - clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (Yu Kuai) - clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path (Yang Yingliang) - powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S (Jordan Niethe) - powerpc/perf: Fix crash with is_sier_available when pmu is not set (Athira Rajeev) - media: saa7146: fix array overflow in vidioc_s_audio() (Dan Carpenter) - hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable (Zhang Qilong) - vfio-pci: Use io_remap_pfn_range() for PCI IO memory (Jason Gunthorpe) - selftests/seccomp: Update kernel config (Mickael Salaun) - NFS: switch nfsiod to be an UNBOUND workqueue. (NeilBrown) - net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs' (Fedor Tokarev) - NFSv4: Fix the alignment of page data in the getdeviceinfo reply (Trond Myklebust) - SUNRPC: xprt_load_transport() needs to support the netid 'rdma6' (Trond Myklebust) - NFSv4.2: condition READDIR's mask for security label based on LSM state (Olga Kornievskaia) - SUNRPC: rpc_wake_up() should wake up tasks in the correct order (Trond Myklebust) - ath10k: Release some resources in an error handling path (Christophe JAILLET) - ath10k: Fix an error handling path (Christophe JAILLET) - ath10k: Fix the parsing error in service available event (Rakesh Pillai) - platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (Qinglang Miao) - ARM: dts: at91: at91sam9rl: fix ADC triggers (Alexandre Belloni) - soc: amlogic: canvas: add missing put_device() call in meson_canvas_get() (Yu Kuai) - arm64: dts: meson-sm1: fix typo in opp table (Dongjin Kim) - arm64: dts: meson: fix spi-max-frequency on Khadas VIM2 (Artem Lapkin) - PCI: iproc: Fix out-of-bound array accesses (Bharat Gooty) - PCI: Fix overflow in command-line resource alignment requests (Colin Ian King) - PCI: Bounds-check command-line resource alignment requests (Bjorn Helgaas) - arm64: dts: qcom: c630: Polish i2c-hid devices (Bjorn Andersson) - arm64: dts: ls1028a: fix ENETC PTP clock input (Michael Walle) - genirq/irqdomain: Don't try to free an interrupt that has no mapping (Marc Zyngier) - power: supply: bq24190_charger: fix reference leak (Zhang Qilong) - power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching (Hans de Goede) - arm64: dts: rockchip: Set dr_mode to 'host' for OTG on rk3328-roc-cc (Chen-Yu Tsai) - arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name (Marek Behun) - ARM: dts: Remove non-existent i2c1 from 98dx3236 (Chris Packham) - HSI: omap_ssi: Don't jump to free ID in ssi_add_controller() (Jing Xiangfeng) - slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI (Bjorn Andersson) - media: max2175: fix max2175_set_csm_mode() error code (Dan Carpenter) - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover (Qinglang Miao) - media: imx214: Fix stop streaming (Daniel Gomez) - samples: bpf: Fix lwt_len_hist reusing previous BPF map (Daniel T. Lee) - platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (Vadim Pasternak) - platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (Vadim Pasternak) - media: siano: fix memory leak of debugfs members in smsdvb_hotplug (Keita Suzuki) - arm64: tegra: Fix DT binding for IO High Voltage entry (Vidya Sagar) - dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() (Zhihao Cheng) - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (Qinglang Miao) - rsi: fix error return code in rsi_reset_card() (Zhang Changzhong) - qtnfmac: fix error return code in qtnf_pcie_probe() (Wang Hai) - orinoco: Move context allocation after processing the skb (Sebastian Andrzej Siewior) - mmc: pxamci: Fix error return code in pxamci_probe (Zhihao Cheng) - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (Cristian Birsan) - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (Cristian Birsan) - memstick: fix a double-free bug in memstick_check (Qinglang Miao) - RDMA/cxgb4: Validate the number of CQEs (Kamal Heib) - clk: meson: Kconfig: fix dependency for G12A (Kevin Hilman) - Input: omap4-keypad - fix runtime PM error handling (Zhang Qilong) - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (Zhihao Cheng) - soc: ti: Fix reference imbalance in knav_dma_probe (Zhang Qilong) - soc: ti: knav_qmss: fix reference leak in knav_queue_probe (Zhang Qilong) - spi: fix resource leak for drivers without .remove callback (Uwe Kleine-Konig) - crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (Zhang Qilong) - crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd (Nathan Chancellor) - EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId (Yazen Ghannam) - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 (Christophe Leroy) - powerpc: Avoid broken GCC __attribute__((optimize)) (Ard Biesheuvel) - selftests/bpf: Fix broken riscv build (Bjorn Topel) - spi: mxs: fix reference leak in mxs_spi_probe (Zhang Qilong) - usb/max3421: fix return error code in max3421_probe() (Yang Yingliang) - Input: ads7846 - fix unaligned access on 7845 (Dmitry Torokhov) - Input: ads7846 - fix integer overflow on Rt calculation (Oleksij Rempel) - Input: ads7846 - fix race that causes missing releases (David Jander) - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (Yang Yingliang) - video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init() (Yang Yingliang) - media: solo6x10: fix missing snd_card_free in error handling case (Qinglang Miao) - scsi: core: Fix VPD LUN ID designator priorities (Martin Wilck) - ASoC: meson: fix COMPILE_TEST error (Jerome Brunet) - media: v4l2-fwnode: Return -EINVAL for invalid bus-type (Lad Prabhakar) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm() (Yu Kuai) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (Yu Kuai) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm() (Yu Kuai) - media: tm6000: Fix sizeof() mismatches (Colin Ian King) - staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c (Jing Xiangfeng) - staging: greybus: codecs: Fix reference counter leak in error handling (Zhang Qilong) - crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (Jack Xu) - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA (Necip Fazil Yildiran) - RDMa/mthca: Work around -Wenum-conversion warning (Arnd Bergmann) - ASoC: arizona: Fix a wrong free in wm8997_probe (Zhang Qilong) - spi: sprd: fix reference leak in sprd_spi_remove (Zhang Qilong) - ASoC: wm8998: Fix PM disable depth imbalance on error (Zhang Qilong) - selftest/bpf: Add missed ip6ip6 test back (Hangbin Liu) - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (Tsuchiya Yuto) - spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (Qinglang Miao) - spi: tegra114: fix reference leak in tegra spi ops (Zhang Qilong) - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (Zhang Qilong) - spi: tegra20-slink: fix reference leak in slink ops of tegra20 (Zhang Qilong) - spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe (Qinglang Miao) - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (Zhang Qilong) - Bluetooth: hci_h5: fix memory leak in h5_close (Anant Thazhemadam) - Bluetooth: Fix null pointer dereference in hci_event_packet() (Anmol Karn) - arm64: dts: exynos: Correct psci compatible used on Exynos7 (Pawel Chmiel) - arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7 (Pawel Chmiel) - brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free} (Seung-Woo Kim) - spi: stm32: fix reference leak in stm32_spi_resume (Zhang Qilong) - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling (Paul Moore) - ASoC: pcm: DRAIN support reactivation (Cezary Rojewski) - spi: spi-mem: fix reference leak in spi_mem_access_start (Zhang Qilong) - drm/msm/dsi_pll_10nm: restore VCO rate during restore_state (Dmitry Baryshkov) - f2fs: call f2fs_get_meta_page_retry for nat page (Jaegeuk Kim) - spi: img-spfi: fix reference leak in img_spfi_resume (Zhang Qilong) - powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (Jordan Niethe) - drm/amdgpu: fix build_coefficients() argument (Arnd Bergmann) - ARM: dts: aspeed: tiogapass: Remove vuart (Vijay Khemka) - ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode (Clement Peron) - crypto: inside-secure - Fix sizeof() mismatch (Colin Ian King) - crypto: talitos - Fix return type of current_desc_hdr() (Christophe Leroy) - crypto: talitos - Endianess in current_desc_hdr() (Christophe Leroy) - drm/amdgpu: fix incorrect enum type (Arnd Bergmann) - sched: Reenable interrupts in do_sched_yield() (Thomas Gleixner) - sched/deadline: Fix sched_dl_global_validate() (Peng Liu) - x86/apic: Fix x2apic enablement without interrupt remapping (David Woodhouse) - ARM: p2v: fix handling of LPAE translation in BE mode (Ard Biesheuvel) - x86/mm/ident_map: Check for errors from ident_pud_init() (Arvind Sankar) - RDMA/rxe: Compute PSN windows correctly (Bob Pearson) - ARM: dts: aspeed: s2600wf: Fix VGA memory region location (Joel Stanley) - selinux: fix error initialization in inode_doinit_with_dentry() (Tianyue Ren) - rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (Dan Carpenter) - RDMA/bnxt_re: Set queue pair state when being queried (Kamal Heib) - Revert 'i2c: i2c-qcom-geni: Fix DMA transfer race' (Douglas Anderson) - soc: qcom: geni: More properly switch to DMA mode (Douglas Anderson) - soc: mediatek: Check if power domains can be powered on at boot time (Nicolas Boichat) - soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (Dan Carpenter) - arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node (Biju Das) - arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node (Biju Das) - drm/tve200: Fix handling of platform_get_irq() error (Krzysztof Kozlowski) - drm/mcde: Fix handling of platform_get_irq() error (Krzysztof Kozlowski) - drm/aspeed: Fix Kconfig warning & subsequent build errors (Randy Dunlap) - drm/gma500: fix double free of gma_connector (Tom Rix) - md: fix a warning caused by a race between concurrent md_ioctl()s (Dae R. Jeong) - crypto: af_alg - avoid undefined behavior accessing salg_name (Eric Biggers) - media: msi2500: assign SPI bus number dynamically (Antti Palosaari) - quota: Sanity-check quota file headers on load (Jan Kara) - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (Peilin Ye) - serial_core: Check for port state when tty is in error state (Alexey Kardashevskiy) - HID: i2c-hid: add Vero K147 to descriptor override (Julian Sax) - scsi: megaraid_sas: Check user-provided offsets (Arnd Bergmann) - coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf() (Sai Prakash Ranjan) - coresight: tmc-etr: Fix barrier packet insertion for perf buffer (Suzuki K Poulose) - coresight: tmc-etr: Check if page is valid before dma_map_page() (Mao Jinlong) - coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf() (Sai Prakash Ranjan) - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU (Krzysztof Kozlowski) - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 (Krzysztof Kozlowski) - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (Krzysztof Kozlowski) - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (Fabio Estevam) - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (Will McVicker) - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (Jack Pham) - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (Will McVicker) - USB: gadget: f_acm: add support for SuperSpeed Plus (taehyun.cho) - USB: serial: option: add interface-number sanity check to flag handling (Johan Hovold) - usb: mtu3: fix memory corruption in mtu3_debugfs_regset() (Dan Carpenter) - soc/tegra: fuse: Fix index bug in get_process_id (Nicolin Chen) - kbuild: avoid split lines in .mod files (Masahiro Yamada) - perf/x86/intel: Check PEBS status correctly (Stephane Eranian) - drm/amd/display: Init clock value by current vbios CLKs (Brandon Syu) - iwlwifi: pcie: add one missing entry for AX210 (Luca Coelho) - dm table: Remove BUG_ON(in_interrupt()) (Thomas Gleixner) - scsi: mpt3sas: Increase IOCInit request timeout to 30s (Sreekanth Reddy) - vxlan: Copy needed_tailroom from lowerdev (Sven Eckelmann) - vxlan: Add needed_headroom for lower device (Sven Eckelmann) - arm64: syscall: exit userspace before unmasking exceptions (Mark Rutland) - habanalabs: put devices before driver removal (Ofir Bitton) - drm/tegra: sor: Disable clocks on error in tegra_sor_init() (Qinglang Miao) - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (Nicholas Piggin) - drm/tegra: replace idr_init() by idr_init_base() (Deepak R Varma) - net: mvpp2: add mvpp2_phylink_to_port() helper (Russell King) - selftests: fix poll error in udpgro.sh (Paolo Abeni) - ixgbe: avoid premature Rx buffer reuse (Bjorn Topel) - i40e: avoid premature Rx buffer reuse (Bjorn Topel) - i40e: optimise prefetch page refcount (Li RongQing) - i40e: Refactor rx_bi accesses (Bjorn Topel) - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (Leon Romanovsky) - selftests/bpf/test_offload.py: Reset ethtool features after failed setting (Toke Hoiland-Jorgensen) - netfilter: nft_ct: Remove confirmation check for NFT_CT_ID (Brett Mastbergen) - gpio: eic-sprd: break loop when getting NULL device resource (Chunyan Zhang) - Revert 'gpio: eic-sprd: Use devm_platform_ioremap_resource()' (Baolin Wang) - afs: Fix memory leak when mounting with multiple source parameters (David Howells) - netfilter: nft_dynset: fix timeouts later than 23 days (Pablo Neira Ayuso) - netfilter: nft_compat: make sure xtables destructors have run (Florian Westphal) - netfilter: x_tables: Switch synchronization to RCU (Subash Abhinov Kasiviswanathan) - pinctrl: aspeed: Fix GPIO requests on pass-through banks (Andrew Jeffery) - blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (Douglas Anderson) - block: factor out requeue handling from dispatch code (Johannes Thumshirn) - block: Simplify REQ_OP_ZONE_RESET_ALL handling (Damien Le Moal) - clk: renesas: r9a06g032: Drop __packed for portability (Geert Uytterhoeven) - can: softing: softing_netdev_open(): fix error handling (Zhang Qilong) - xsk: Replace datagram_poll by sock_poll_wait (Xuan Zhuo) - xsk: Fix xsk_poll()'s return type (Luc Van Oostenryck) - scsi: bnx2i: Requires MMU (Randy Dunlap) - gpio: mvebu: fix potential user-after-free on probe (Baruch Siach) - gpio: zynq: fix reference leak in zynq_gpio functions (Qinglang Miao) - PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter (Zhang Qilong) - ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (Bernd Bauer) - ARM: dts: imx6qdl-wandboard-revd1: Remove PAD_GPIO_6 from enetgrp (Fabio Estevam) - ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY (Adam Sampson) - ARM: dts: sun8i: v3s: fix GIC node memory range (Icenowy Zheng) - pinctrl: baytrail: Avoid clearing debounce value when turning it off (Andy Shevchenko) - pinctrl: merrifield: Set default bias in case no particular value given (Andy Shevchenko) - ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (Pablo Greco) - ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (Pablo Greco) - RAS/CEC: Correct ce_add_elem()'s returned values (William Roche) [Orabug: 32774757] - bpf, x86: Validate computation of branch displacements for x86-64 (Piotr Krysiuk) [Orabug: 32759959] {CVE-2021-29154} - KVM: SVM: avoid infinite loop on NPF from bad address (John Donnelly) [Orabug: 32759746] {CVE-2020-36310} - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. (Somasundaram Krishnasamy) [Orabug: 32795492] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-29154 CVE-2020-28374 CVE-2021-31916 CVE-2021-23133 CVE-2020-36310 Oracle Linux 7 [4.14.35-2047.504.2.el7] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32887159] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32856879] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32856879] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32856879] - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860493] {CVE-2021-31916} - net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry) [Orabug: 32559464] - Linux 4.14.210 (Greg Kroah-Hartman) - USB: core: Fix regression in Hercules audio card (Alan Stern) - USB: core: add endpoint-blacklist quirk (Johan Hovold) - x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (Xiaochen Shen) - x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (Xiaochen Shen) - usb: gadget: Fix memleak in gadgetfs_fill_super (Zhang Qilong) - usb: gadget: f_midi: Fix memleak in f_midi_alloc (Zhang Qilong) - USB: core: Change %pK for __user pointers to %px (Alan Stern) - perf probe: Fix to die_entrypc() returns error correctly (Masami Hiramatsu) - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (Marc Kleine-Budde) - platform/x86: toshiba_acpi: Fix the wrong variable assignment (Kaixu Xia) - can: gs_usb: fix endianess problem with candleLight firmware (Marc Kleine-Budde) - efivarfs: revert 'fix memory leak in efivarfs_create()' (Ard Biesheuvel) - ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (Lijun Pan) - ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (Lijun Pan) - net: ena: set initial DMA width to avoid intel iommu issue (Shay Agroskin) - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (Krzysztof Kozlowski) - IB/mthca: fix return value of error branch in mthca_init_cq() (Xiongfeng Wang) - scsi: ufs: Fix race between shutdown and runtime resume flow (Stanley Chu) - batman-adv: set .owner to THIS_MODULE (Taehee Yoo) - phy: tegra: xusb: Fix dangling pointer on probe failure (Marc Zyngier) - perf/x86: fix sysfs type mismatches (Sami Tolvanen) - scsi: target: iscsi: Fix cmd abort fabric stop race (Mike Christie) - scsi: libiscsi: Fix NOP race condition (Lee Duncan) - dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size (Sugar Zhang) - nvme: free sq/cq dbbuf pointers when dbbuf set fails (Minwoo Im) - proc: don't allow async path resolution of /proc/self components (Jens Axboe) - HID: Add Logitech Dinovo Edge battery quirk (Hans de Goede) - x86/xen: don't unbind uninitialized lock_kicker_irq (Brian Masney) - dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant (Marc Ferland) - HID: hid-sensor-hub: Fix issue with devices with no report ID (Pablo Ceballos) - Input: i8042 - allow insmod to succeed on devices without an i8042 controller (Hans de Goede) - HID: cypress: Support Varmilo Keyboards' media hotkeys (Frank Yang) - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (Kai Vehmanen) - ALSA: hda/hdmi: Use single mutex unlock in error paths (Takashi Iwai) - arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Will Deacon) - arm64: pgtable: Fix pte_accessible() (Will Deacon) - btrfs: adjust return values of btrfs_inode_by_name (Su Yue) - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (Qu Wenruo) - PCI: Add device even if driver attach failed (Rajat Jain) - wireless: Use linux/stddef.h instead of stddef.h (Hauke Mehrtens) - btrfs: fix lockdep splat when reading qgroup config on mount (Filipe Manana) - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Gerald Schaefer) - perf event: Check ref_reloc_sym before using it (Igor Lubashev) - Linux 4.14.209 (Greg Kroah-Hartman) - x86/microcode/intel: Check patch signature before saving microcode for early loading (Chen Yu) - s390/dasd: fix null pointer dereference for ERP requests (Stefan Haberland) - s390/cpum_sf.c: fix file permission for cpum_sfb_size (Thomas Richter) - mac80211: free sta in sta_info_insert_finish() on errors (Johannes Berg) - mac80211: minstrel: fix tx status processing corner case (Felix Fietkau) - mac80211: minstrel: remove deferred sampling code (Felix Fietkau) - xtensa: disable preemption around cache alias management calls (Max Filippov) - regulator: workaround self-referent regulators (Michal Miroslaw) - regulator: avoid resolve_supply() infinite recursion (Michal Miroslaw) - regulator: fix memory leak with repeated set_machine_constraints() (Michal Miroslaw) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (Hans de Goede) - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (Hans de Goede) - ext4: fix bogus warning in ext4_update_dx_flag() (Jan Kara) - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (Brian O'Keefe) - efivarfs: fix memory leak in efivarfs_create() (Vamshi K Sthambamkadi) - tty: serial: imx: keep console clocks always on (Fugang Duan) - ALSA: mixart: Fix mutex deadlock (Takashi Iwai) - ALSA: ctl: fix error path at adding user-defined element set (Takashi Sakamoto) - speakup: Do not let the line discipline be used several times (Samuel Thibault) - powerpc/uaccess-flush: fix missing includes in kup-radix.h (Daniel Axtens) - libfs: fix error cast of negative value in simple_attr_write() (Yicong Yang) - xfs: revert 'xfs: fix rmap key and record comparison functions' (Darrick J. Wong) - regulator: ti-abb: Fix array out of bound read access on the first transition (Nishanth Menon) - MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu (Zhang Qilong) - ASoC: qcom: lpass-platform: Fix memory leak (Srinivasa Rao Mandadapu) - can: m_can: m_can_handle_state_change(): fix state change (Wu Bo) - can: peak_usb: fix potential integer overflow on shift of a int (Colin Ian King) - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (Marc Kleine-Budde) - can: ti_hecc: Fix memleak in ti_hecc_probe (Zhang Qilong) - can: dev: can_restart(): post buffer from the right context (Alejandro Concepcion Rodriguez) - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (Anant Thazhemadam) - can: af_can: prevent potential access of uninitialized member in can_rcv() (Anant Thazhemadam) - perf lock: Don't free 'lock_seq_stat' if read_count isn't zero (Leo Yan) - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (Fabio Estevam) - arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (Sergey Matyukevich) - MIPS: export has_transparent_hugepage() for modules (Randy Dunlap) - Input: adxl34x - clean up a data type in adxl34x_probe() (Dan Carpenter) - vfs: remove lockdep bogosity in __sb_start_write (Darrick J. Wong) - arm64: psci: Avoid printing in cpu_psci_cpu_die() (Will Deacon) - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq (Jianqun Xu) - net: ftgmac100: Fix crash when removing driver (Joel Stanley) - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate (Ryan Sharpelletti) - net: usb: qmi_wwan: Set DTR quirk for MR400 (Filip Moc) - net/mlx5: Disable QoS when min_rates on all VFs are zero (Vladyslav Tarasiuk) - sctp: change to hold/put transport for proto_unreach_timer (Xin Long) - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (Zhang Changzhong) - net: x25: Increase refcnt of 'struct x25_neigh' in x25_rx_call_request (Xie He) - net/mlx4_core: Fix init_hca fields offset (Aya Levin) - netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() (Paul Moore) - netlabel: fix our progress tracking in netlbl_unlabel_staticlist() (Paul Moore) - net: Have netpoll bring-up DSA management interface (Florian Fainelli) - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (Tobias Waldekranz) - net: bridge: add missing counters to ndo_get_stats64 callback (Heiner Kallweit) - net: b44: fix error return code in b44_init_one() (Zhang Changzhong) - mlxsw: core: Use variable timeout for EMAD retries (Ido Schimmel) - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (Wang Hai) - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() (Wang Hai) - atm: nicstar: Unmap DMA on send error (Sebastian Andrzej Siewior) - ah6: fix error return code in ah6_input() (Zhang Changzhong) [4.14.35-2047.504.1.el7] - Linux 4.14.208 (Greg Kroah-Hartman) - ACPI: GED: fix -Wformat (Nick Desaulniers) - can: proc: can_remove_proc(): silence remove_proc_entry warning (Zhang Changzhong) - mac80211: always wind down STA state (Johannes Berg) - Input: sunkbd - avoid use-after-free in teardown paths (Dmitry Torokhov) - powerpc/8xx: Always fault when _PAGE_ACCESSED is not set (Christophe Leroy) - gpio: mockup: fix resource leak in error path (Bartosz Golaszewski) - i2c: imx: Fix external abort on interrupt in exit paths (Krzysztof Kozlowski) - i2c: imx: use clk notifier for rate changes (Lucas Stach) - powerpc/64s: flush L1D after user accesses (Nicholas Piggin) {CVE-2020-4788} - powerpc/uaccess: Evaluate macro arguments once, before user access is allowed (Nicholas Piggin) - powerpc: Fix __clear_user() with KUAP enabled (Andrew Donnellan) - powerpc: Implement user_access_begin and friends (Christophe Leroy) - powerpc: Add a framework for user access tracking (Christophe Leroy) - powerpc/64s: flush L1D on kernel entry (Nicholas Piggin) {CVE-2020-4788} - powerpc/64s: move some exception handlers out of line (Daniel Axtens) - powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL (Daniel Axtens) - Linux 4.14.207 (Greg Kroah-Hartman) - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (Nicholas Piggin) - Convert trailing spaces and periods in path components (Boris Protopopov) - reboot: fix overflow parsing reboot cpu number (Matteo Croce) - Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (Matteo Croce) - perf/core: Fix crash when using HW tracing kernel filters (Mathieu Poirier) - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (Anand K Mistry) - random32: make prandom_u32() output unpredictable (George Spelvin) - net: Update window_clamp if SOCK_RCVBUF is set (Mao Wenan) - r8169: fix potential skb double free in an error path (Heiner Kallweit) - vrf: Fix fast path output packet handling with async Netfilter rules (Martin Willi) - net/x25: Fix null-ptr-deref in x25_connect (Martin Schiller) - net/af_iucv: fix null pointer dereference on shutdown (Ursula Braun) - IPv6: Set SIT tunnel hard_header_len to zero (Oliver Herms) - swiotlb: fix 'x86: Don't panic if can not alloc buffer for swiotlb' (Stefano Stabellini) - pinctrl: amd: fix incorrect way to disable debounce filter (Coiby Xu) - pinctrl: amd: use higher precision for 512 RtcClk (Coiby Xu) - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (Thomas Zimmermann) - don't dump the threads that had been already exiting when zapped. (Al Viro) - selinux: Fix error return code in sel_ib_pkey_sid_slow() (Chen Zhou) - mei: protect mei_cl_mtu from null dereference (Alexander Usyskin) - usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (Chris Brandt) - uio: Fix use-after-free in uio_unregister_device() (Shin'ichiro Kawasaki) - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (Jing Xiangfeng) - ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (Joseph Qi) - ext4: correctly report 'not supported' for {usr,grp}jquota when !CONFIG_QUOTA (Kaixu Xia) - perf: Fix get_recursion_context() (Peter Zijlstra) - cosa: Add missing kfree in error path of cosa_write (Wang Hai) - of/address: Fix of_node memory leak in of_dma_is_coherent (Evan Nimmo) - xfs: fix a missing unlock on error in xfs_fs_map_blocks (Christoph Hellwig) - xfs: fix rmap key and record comparison functions (Darrick J. Wong) - xfs: fix flags argument to rmap lookup when converting shared file rmaps (Darrick J. Wong) - nbd: fix a block_device refcount leak in nbd_release (Christoph Hellwig) - pinctrl: aspeed: Fix GPI only function problem. (Billy Tsai) - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template (Andrew Jeffery) - pinctrl: intel: Set default bias in case no particular value given (Andy Shevchenko) - scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (Hannes Reinecke) - cfg80211: regulatory: Fix inconsistent format argument (Ye Bin) - mac80211: fix use of skb payload instead of header (Johannes Berg) - drm/amdgpu: perform srbm soft reset always on SDMA resume (Evan Quan) - scsi: hpsa: Fix memory leak in hpsa_init_one() (Keita Suzuki) - gfs2: check for live vs. read-only file system in gfs2_fitrim (Bob Peterson) - gfs2: Add missing truncate_inode_pages_final for sd_aspace (Bob Peterson) - gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free (Bob Peterson) - usb: gadget: goku_udc: fix potential crashes in probe (Evgeny Novikov) - ath9k_htc: Use appropriate rs_datalen type (Masashi Honma) - Btrfs: fix missing error return if writeback for extent buffer never started (Filipe Manana) - xfs: flush new eof page on truncate to avoid post-eof corruption (Brian Foster) - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (Stephane Grosjean) - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (Stephane Grosjean) - can: peak_usb: add range checking in decode operations (Dan Carpenter) - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (Oleksij Rempel) - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (Oliver Hartkopp) - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (Vincent Mailhol) - can: rx-offload: don't call kfree_skb() from IRQ context (Marc Kleine-Budde) - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (Dan Carpenter) - perf tools: Add missing swap for ino_generation (Jiri Olsa) - net: xfrm: fix a race condition during allocing spi (zhuoliang zhang) - hv_balloon: disable warning when floor reached (Olaf Hering) - genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (Marc Zyngier) - btrfs: reschedule when cloning lots of extents (Johannes Thumshirn) - btrfs: sysfs: init devices outside of the chunk_mutex (Josef Bacik) - nbd: don't update block size after device is started (Ming Lei) - time: Prevent undefined behaviour in timespec64_to_ns() (Zeng Tao) - mm: mempolicy: fix potential pte_unmap_unlock pte error (Shijie Luo) - ring-buffer: Fix recursion protection transitions between interrupt context (Steven Rostedt (VMware)) - regulator: defer probe when trying to get voltage from unresolved supply (Michal Miroslaw) - rds: Change return code from rds_send_xmit() when lock is taken (Hakon Bugge) [Orabug: 32852117] - rds: Fix unintended fall-through in rds_send_worker (Hakon Bugge) [Orabug: 32852117] - tcp: send in-queue bytes in cmsg upon read (Soheil Hassas Yeganeh) [Orabug: 32871463] [4.14.35-2047.504.0.el7] - IB/ipoib: Improve latency in ipoib/cm connection formation (Manjunath Patil) [Orabug: 32853000] - x86/amd: Disable IBS on Rome processors due to erratum 1215 (Boris Ostrovsky) [Orabug: 32817187] - net/mlx5e: Rx, Fix checksum calculation for new hardware (Saeed Mahameed) [Orabug: 32553186] - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (Saeed Mahameed) [Orabug: 32553186] - net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames (Cong Wang) [Orabug: 32553186] - mlx5: fix get_ip_proto() (Cong Wang) [Orabug: 32553186] - net/mlx5e: Set ECN for received packets using CQE indication (Natali Shechtman) [Orabug: 32553186] - net/mlx5e: CHECKSUM_COMPLETE offload for VLAN/QinQ packets (Gal Pressman) [Orabug: 32553186] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-4788 CVE-2021-31916 Oracle Linux 6 [12:4.1.1-63.P1.0.2] - Added dhcp-4.1.1-P1-CVE-2021-25217.patch [Orabug: 33005948] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-25217 Oracle Linux 6 [2.28.8-10.0.1] - Backport fixes for CVE-2021-27219 [Orabug: 33017896] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-27219 Oracle Linux 7 docker-engine [19.03.11-11] - Addresses CVE-2021-30465 - updated runc minimum version to runc >= 3:1.0.0-1.rc95. [19.03.11-10] - Addresses runc CVE-2021-30465 - updated runc versions in cli/vendor.conf and docker-engine/vendor.conf to 1.0.0-rc95. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-30465 Oracle Linux 7 [15:4.2.1-10.el7] - e1000: fail early for evil descriptor (Jason Wang) [Orabug: 32560552] {CVE-2021-20257} - Document CVE-2020-27661 as fixed (Mark Kanda) [Orabug: 32960200] {CVE-2020-27661} - block: Avoid stale pointer dereference in blk_get_aio_context() (Greg Kurz) - block: Fix blk->in_flight during blk_wait_while_drained() (Kevin Wolf) - block: Increase BB.in_flight for coroutine and sync interfaces (Kevin Wolf) - block-backend: Reorder flush/pdiscard function definitions (Kevin Wolf) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-27661 CVE-2021-20257 Oracle Linux 8 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2016-10228 CVE-2019-9169 CVE-2020-27618 CVE-2021-3326 CVE-2019-25013 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.52.4] - IB/core: Only update PKEY and GID caches on respective events (Hakon Bugge) [Orabug: 32816368] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820278] - Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka) [Orabug: 32912103] {CVE-2021-33034} - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (Peilin Ye) [Orabug: 33013890] {CVE-2020-36386} - qla2xxx: update version to 9.00.00.00.42.0-k1-v5 (Quinn Tran) [Orabug: 33015884] - scsi: qla2xxx: v2: Fix login retry count (Quinn Tran) [Orabug: 29411891] [Orabug: 33015884] - scsi: qla2xxx: Properly extract ADISC error codes (Quinn Tran) [Orabug: 33015884] - scsi: qla2xxx: Replace GPDB with async ADISC command (Quinn Tran) [Orabug: 33015884] - qla2xxx: update version to 9.00.00.00.42.0-k1-v4 (Quinn Tran) [Orabug: 33015884] - qla2xxx: fix relogin stalled. (Quinn Tran) [Orabug: 27700529] [Orabug: 33015884] - net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry) [Orabug: 33017263] [4.1.12-124.52.3] - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built (Bartosz Golaszewski) [Orabug: 32974492] - iommu/vt-d: Gracefully handle DMAR units with no supported address widths (David Woodhouse) [Orabug: 32974492] - secureboot: make sure kernel-signing.cer is copied to kernel-keys dir (Brian Maly) [Orabug: 32978042] [4.1.12-124.52.2] - Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz) [Orabug: 32021289] {CVE-2020-12352} - RDS tcp loopback connection can hang (Rao Shoaib) [Orabug: 32926868] [4.1.12-124.52.1] - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860494] {CVE-2021-31916} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-12352 CVE-2021-31916 CVE-2021-33034 CVE-2020-36386 Oracle Linux 7 [4.14.35-2047.505.4] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863569] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863569] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982355] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820277] [4.14.35-2047.505.3] - uek-rpm: match Pensando config-aarch-embedded2 with the T93s config (Thomas Tai) [Orabug: 32972392] - quota: Fix memory leak when handling corrupted quota file (Jan Kara) [Orabug: 33020349] - xen/netback: fix spurious event detection for common event case (Juergen Gross) [Orabug: 33020349] - Input: i8042 - unbreak Pegatron C15B (Alexey Dobriyan) [Orabug: 33020349] - ksplice: use -fno-reorder-functions -fno-section-anchors (Vegard Nossum) [Orabug: 32983664] - ksplice: fixup for -ffunction-sections -fdata-sections (Vegard Nossum) [Orabug: 32983664] - rds: ib: Mitigate intermittent incorrect RNR NAK Retry Timer modification (Hakon Bugge) [Orabug: 32981187] - scsi: smartpqi: Remove unused functions (Bart Van Assche) [Orabug: 32967877] - scsi: smartpqi: Fix device pointer variable reference static checker issue (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Fix blocks_per_row static checker issue (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Update version to 2.1.8-045 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add new PCI IDs (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Correct system hangs when resuming from hibernation (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update enclosure identifier in sysfs (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Add additional logging for LUN resets (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update SAS initiator_port_protocols and target_port_protocols (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Add phy ID support for the physical drives (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Convert snprintf() to scnprintf() (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Fix driver synchronization issues (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update device scan operations (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update OFA management (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update RAID bypass handling (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update suspend/resume and shutdown (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Synchronize device resets with mutex (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update soft reset management for OFA (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update event handler (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for wwid (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Remove timeouts from internal cmds (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Disable WRITE SAME for HBA NVMe disks (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add host level stream detection enable (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add stream detection (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Align code with oob driver (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for long firmware version (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for BMIC sense feature cmd and feature bits (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for RAID1 writes (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add support for RAID5 and RAID6 writes (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Refactor scatterlist code (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Refactor aio submission code (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add support for new product ids (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Correct request leakage during reset operations (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Update version to 1.2.16-012 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Correct driver removal with HBA disks (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Update copyright (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Bump version to 1.2.16-010 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add RAID bypass counter (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Support device deletion via sysfs (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Avoid crashing kernel for controller issues (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update logical volume size after expansion (Mahesh Rajashekhara) [Orabug: 32967877] - scsi: smartpqi: Add id support for SmartRAID 3152-8i (Mahesh Rajashekhara) [Orabug: 32967877] - scsi: smartpqi: Identify physical devices without issuing INQUIRY (Kevin Barnett) [Orabug: 32967877] - remove ioremap_nocache and devm_ioremap_nocache (Christoph Hellwig) [Orabug: 32967877] - treewide: Use sizeof_field() macro (Pankaj Bharadiya) [Orabug: 32967877] - block-mq: fix kabi error (Junxiao Bi) [Orabug: 32957529] - blk-mq: fix blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957529] - blk-mq: split out a __blk_mq_get_driver_tag helper (Christoph Hellwig) [Orabug: 32957529] - blk-mq: drain I/O when all CPUs in a hctx are offline (Ming Lei) [Orabug: 32957529] - blk-mq: add blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957529] - Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka) [Orabug: 32912101] {CVE-2021-33034} - rds: ib: Remove two ib_modify_qp() calls (Hakon Bugge) [Orabug: 32762731] - IB/cma: Introduce rdma_set_min_rnr_timer() (Hakon Bugge) [Orabug: 32762731] - scsi: bnx2fc: Return failure if io_req is already in ABTS processing (Gulam Mohamed) [Orabug: 32134986] [4.14.35-2047.505.2] - KVM: x86: Consider LAPIC TSC-Deadline timer expired if deadline too short (Liran Alon) [Orabug: 32992668] - secureboot: make sure kernel-signing.cer is copied to kernel-keys dir (Brian Maly) [Orabug: 32982947] - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() (Rafael J. Wysocki) [Orabug: 32977843] - ACPI: tables: x86: Reserve memory occupied by ACPI tables (Rafael J. Wysocki) [Orabug: 32977843] - uek-rpm: update kABI lists for a new symbol (Saeed Mirzamohammadi) [Orabug: 32965746] - {net, IB}/mlx4: Initialize CQ buffers in the driver when possible (Daniel Jurgens) [Orabug: 32913303] - bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912035] {CVE-2021-32399} - IB/core: Only update PKEY and GID caches on respective events (Hakon Bugge) [Orabug: 32816367] - RDMA/mlx4: Enable querying AH for XRC QP types (Avihai Horon) [Orabug: 32568907] - RDMA/mlx5: Enable querying AH for XRC QP types (Avihai Horon) [Orabug: 32568907] - uek-rpm: add missing ARM_SPE_PMU for aarch64 (Russell King) [Orabug: 27825982] - Revert 'drivers/perf: arm_spe_pmu does not build as a module' (Tom Saeger) [Orabug: 27825982] - perf: arm_spe: Enable ACPI/Platform automatic module loading (Jeremy Linton) [Orabug: 27825982] - arm_pmu: acpi: spe: Add initial MADT/SPE probing (Jeremy Linton) [Orabug: 27825982] - ACPI/PPTT: Add function to return ACPI 6.3 Identical tokens (Jeremy Linton) [Orabug: 27825982] - ACPI/PPTT: Modify node flag detection to find last IDENTICAL (Jeremy Linton) [Orabug: 27825982] - drivers/perf: arm_spe: Dont error on high-order pages for aux buf (Will Deacon) [Orabug: 27825982] - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags (Erik Schmauss) [Orabug: 27825982] - ACPICA: ACPI 6.3: MADT: add support for statistical profiling in GICC (Erik Schmauss) [Orabug: 27825982] - perf: arm_spe: handle devm_kasprintf() failure (Nicholas Mc Guire) [Orabug: 27825982] - perf: arm_spe: Enable automatic DT loading (Jeremy Linton) [Orabug: 27825982] - drivers/perf: Initialise return value in armpmu_request_irqs() (Will Deacon) [Orabug: 27825982] - ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set (Sudeep Holla) [Orabug: 27825982] - ACPI / PPTT: fix build when CONFIG_ACPI_PPTT is not enabled (Sudeep Holla) [Orabug: 27825982] - arm_pmu: Use disable_irq_nosync when disabling SPI in CPU teardown hook (Will Deacon) [Orabug: 27825982] - ACPICA: Restructure ACPI table files (Erik Schmauss) [Orabug: 27825982] - arm_pmu: acpi: request IRQs up-front (Mark Rutland) [Orabug: 27825982] - arm_pmu: note IRQs and PMUs per-cpu (Mark Rutland) [Orabug: 27825982] - arm_pmu: explicitly enable/disable SPIs at hotplug (Mark Rutland) [Orabug: 27825982] - arm_pmu: acpi: check for mismatched PPIs (Mark Rutland) [Orabug: 27825982] - arm_pmu: add armpmu_alloc_atomic() (Mark Rutland) [Orabug: 27825982] - arm_pmu: fold platform helpers into platform code (Mark Rutland) [Orabug: 27825982] - arm_pmu: kill arm_pmu_platdata (Mark Rutland) [Orabug: 27825982] - arm/arm64: pmu: Distinguish percpu irq and percpu_devid irq (Julien Thierry) [Orabug: 27825982] - irqdesc: Add function to identify percpu_devid irqs (Julien Thierry) [Orabug: 27825982] - perf/core: Export AUX buffer helpers to modules (Will Deacon) [Orabug: 27825982] - genirq: export irq_get_percpu_devid_partition to modules (Will Deacon) [Orabug: 27825982] - Linux 4.14.219 (Greg Kroah-Hartman) - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN (Pengcheng Yang) - team: protect features update by RCU to avoid deadlock (Ivan Vecera) - NFC: fix possible resource leak (Pan Bian) - NFC: fix resource leak when target index is invalid (Pan Bian) - iommu/vt-d: Dont dereference iommu_device if IOMMU_API is not built (Bartosz Golaszewski) - iommu/vt-d: Gracefully handle DMAR units with no supported address widths (David Woodhouse) - x86/entry/64/compat: Fix 'x86/entry/64/compat: Preserve r8-r11 in int /u03/ksharma/errata_processing/work/el7arm/db_7arm.ELSA-2021-9349x80' (Andy Lutomirski) - x86/entry/64/compat: Preserve r8-r11 in int /u03/ksharma/errata_processing/work/el7arm/db_7arm.ELSA-2021-9349x80 (Andy Lutomirski) - can: dev: prevent potential information leak in can_fill_info() (Dan Carpenter) - mac80211: pause TX while changing interface type (Johannes Berg) - iwlwifi: pcie: reschedule in long-running memory reads (Johannes Berg) - iwlwifi: pcie: use jiffies for memory read spin time limit (Johannes Berg) - RDMA/cxgb4: Fix the reported max_recv_sge value (Kamal Heib) - xfrm: Fix oops in xfrm_replay_advance_bmp (Shmulik Ladkani) - netfilter: nft_dynset: add timeout extension to template (Pablo Neira Ayuso) - ARM: imx: build suspend-imx6.S with arm instruction set (Max Krummenacher) - xen-blkfront: allow discard-* nodes to be optional (Roger Pau Monne) - mt7601u: fix rx buffer refcounting (Lorenzo Bianconi) - mt7601u: fix kernel crash unplugging the device (Lorenzo Bianconi) - leds: trigger: fix potential deadlock with libata (Andrea Righi) - xen: Fix XenStore initialisation for XS_LOCAL (David Woodhouse) - KVM: x86: get smi pending status correctly (Jay Zhou) - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] (Like Xu) - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[] (Claudiu Beznea) - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs (Sudeep Holla) - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family (Giacinto Cifelli) - wext: fix NULL-ptr-dereference with cfg80211s lack of commit() (Johannes Berg) - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (Koen Vandeputte) - ACPI: sysfs: Prefer 'compatible' modalias (Kai-Heng Feng) - Linux 4.14.218 (Greg Kroah-Hartman) - fs: fix lazytime expiration handling in __writeback_single_inode() (Eric Biggers) - writeback: Drop I_DIRTY_TIME_EXPIRE (Jan Kara) - fs: move I_DIRTY_INODE to fs.h (Christoph Hellwig) - x86/boot/compressed: Disable relocation relaxation (Arvind Sankar) - tracing: Fix race in trace_open and buffer resize call (Gaurav Kohli) - Revert 'mm/slub: fix a memory leak in sysfs_slab_add()' (Wang Hai) - gpio: mvebu: fix pwm .get_state period calculation (Baruch Siach) - futex: futex_wake_op, fix sign_extend32 sign bits (Jiri Slaby) - net: dsa: b53: fix an off by one in checking 'vlan->vid' (Dan Carpenter) - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() (Eric Dumazet) - ipv6: create multicast route with RTPROT_KERNEL (Matteo Croce) - udp: mask TOS bits in udp_v4_early_demux() (Guillaume Nault) - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too (Alexander Lobakin) - sh_eth: Fix power down vs. is_opened flag ordering (Geert Uytterhoeven) - sh: dma: fix kconfig dependency for G2_DMA (Necip Fazil Yildiran) - netfilter: rpfilter: mask ecn bits before fib lookup (Guillaume Nault) - compiler.h: Raise minimum version of GCC to 5.1 for arm64 (Will Deacon) - xhci: tegra: Delay for disabling LFPS detector (JC Kuo) - xhci: make sure TRB is fully written before giving it to the controller (Mathias Nyman) - usb: bdc: Make bdc pci driver depend on BROKEN (Patrik Jakobsson) - usb: udc: core: Use lock when write to soft_connect (Thinh Nguyen) - USB: ehci: fix an interrupt calltrace error (Longfang Liu) - ehci: fix EHCI host controller initialization sequence (Eugene Korenevsky) - stm class: Fix module init return on allocation failure (Wang Hui) - intel_th: pci: Add Alder Lake-P support (Alexander Shishkin) - irqchip/mips-cpu: Set IPI domain parent chip (Mathias Kresin) - iio: ad5504: Fix setting power-down state (Lars-Peter Clausen) - can: vxcan: vxcan_xmit: fix use after free bug (Vincent Mailhol) - can: dev: can_restart: fix use after free bug (Vincent Mailhol) - i2c: octeon: check correct size of maximum RECV_LEN packet (Wolfram Sang) - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields (Ben Skeggs) - drm/nouveau/privring: ack interrupts the same way as RM (Ben Skeggs) - drm/nouveau/bios: fix issue shadowing expansion ROMs (Ben Skeggs) - xen: Fix event channel callback via INTX/GSI (David Woodhouse) - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback (Can Guo) - ASoC: Intel: haswell: Add missing pm_ops (Cezary Rojewski) - drm/atomic: put state on error path (Pan Bian) - dm: avoid filesystem lookup in dm_get_dev_t() (Hannes Reinecke) - mmc: sdhci-xenon: fix 1.8v regulator stabilization (Alex Leibovich) - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error (Hans de Goede) - ALSA: hda/via: Add minimum mute flag (Takashi Iwai) - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info() (Takashi Iwai) - i2c: bpmp-tegra: Ignore unknown I2C_M flags (Mikko Perttunen) - Linux 4.14.217 (Greg Kroah-Hartman) - spi: cadence: cache reference clock rate during probe (Michael Hennerich) - net: ipv6: Validate GSO SKB before finish IPv6 processing (Aya Levin) - net: skbuff: disambiguate argument and member for skb_list_walk_safe helper (Jason A. Donenfeld) - net: introduce skb_list_walk_safe for skb segment walking (Jason A. Donenfeld) - net: use skb_list_del_init() to remove from RX sublists (Edward Cree) - tipc: fix NULL deref in tipc_link_xmit() (Hoang Le) - rxrpc: Fix handling of an unsupported token type in rxrpc_read() (David Howells) - net: avoid 32 x truesize under-estimation for tiny skbs (Eric Dumazet) - net: sit: unregister_netdevice on newlinks error path (Jakub Kicinski) - net: stmmac: Fixed mtu channged by cache aligned (David Wu) - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands (Petr Machata) - net: dcb: Validate netlink message in DCB handler (Petr Machata) - esp: avoid unneeded kmap_atomic call (Willem de Bruijn) - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request (Andrey Zhizhikin) - netxen_nic: fix MSI/MSI-x interrupts (Manish Chopra) - nfsd4: readdirplus shouldnt return parent of export (J. Bruce Fields) - usb: ohci: Make distrust_firmware param default to false (Hamish Martin) - netfilter: conntrack: fix reading nf_conntrack_buckets (Jesper Dangaard Brouer) - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (Geert Uytterhoeven) - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() (Geert Uytterhoeven) - dm: eliminate potential source of excessive kernel log noise (Mike Snitzer) - net: sunrpc: interpret the return value of kstrtou32 correctly (j.nixdorf@avm.de) - mm, slub: consider rest of partial list if acquire_slab() fails (Jann Horn) - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (Dinghao Liu) - ext4: fix superblock checksum failure when setting password salt (Jan Kara) - NFS: nfs_igrab_and_active must first reference the superblock (Trond Myklebust) - pNFS: Mark layout for return if return-on-close was not sent (Trond Myklebust) - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock (Dave Wysochanski) - ASoC: Intel: fix error code cnl_set_dsp_D0() (Dan Carpenter) - dump_common_audit_data(): fix racy accesses to ->d_name (Al Viro) - ARM: picoxcell: fix missing interrupt-parent properties (Arnd Bergmann) - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI (Shawn Guo) - net: ethernet: fs_enet: Add missing MODULE_LICENSE (Michael Ellerman) - misdn: dsp: select CONFIG_BITREVERSE (Arnd Bergmann) to fix build error on ARC (Randy Dunlap) - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (Rasmus Villemoes) - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan (Filipe Manana) - ARC: build: add boot_targets to PHONY (Masahiro Yamada) - ARC: build: add uImage.lzma to the top-level target (Masahiro Yamada) - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE (Masahiro Yamada) - ext4: fix bug for rename with RENAME_WHITEOUT (yangerkun) - r8152: Add Lenovo Powered USB-C Travel Hub (Leon Schuermann) - dm snapshot: flush merged data before committing metadata (Akilesh Kailash) - mm/hugetlb: fix potential missing huge page size info (Miaohe Lin) - ACPI: scan: Harden acpi_device_add() against device ID overflows (Dexuan Cui) - MIPS: relocatable: fix possible boot hangup with KASLR enabled (Alexander Lobakin) - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB (Paul Cercueil) - ASoC: dapm: remove widget from dirty list on free (Thomas Hebb) [4.14.35-2047.505.1] - uek-rpm: config-aarch-embedded2 add missing networking options (Thomas Tai) [Orabug: 32961737] - uek-rpm: config-aarch-embedded2 update for networking options (Thomas Tai) [Orabug: 32961737] - RDS tcp loopback connection can hang (Rao Shoaib) [Orabug: 32926881] - net/rds: Passive connections always yield (Gerd Rausch) [Orabug: 32925131] - mm, vmstat: drop zone->lock in /proc/pagetypeinfo (Stephen Brennan) [Orabug: 32921246] - net/rds: Prevent the cm_id from being pulled right under our feet (Gerd Rausch) [Orabug: 32908885] - Linux 4.14.216 (Greg Kroah-Hartman) - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet (Vasily Averin) - block: fix use-after-free in disk_part_iter_next (Ming Lei) - KVM: arm64: Dont access PMCR_EL0 when no PMU is available (Marc Zyngier) - wan: ds26522: select CONFIG_BITREVERSE (Arnd Bergmann) - net/mlx5e: Fix two double free cases (Dinghao Liu) - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (Dinghao Liu) - iommu/intel: Fix memleak in intel_irq_remapping_alloc (Dinghao Liu) - block: rsxx: select CONFIG_CRC32 (Arnd Bergmann) - wil6210: select CONFIG_CRC32 (Arnd Bergmann) - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (Shravya Kumbham) - dmaengine: xilinx_dma: check dma_async_device_register return value (Shravya Kumbham) - spi: stm32: FIFO threshold level - fix align packet size (Roman Guskov) - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() (Colin Ian King) - i2c: sprd: use a specific timeout to avoid system hang up issue (Chunyan Zhang) - ARM: OMAP2+: omap_device: fix idling of devices during probe (Andreas Kemnade) - iio: imu: st_lsm6dsx: fix edge-trigger interrupts (Lorenzo Bianconi) - iio: imu: st_lsm6dsx: flip irq return logic (Sean Nyekjaer) - spi: pxa2xx: Fix use-after-free on unbind (Lukas Wunner) - ubifs: wbuf: Dont leak kernel memory to flash (Richard Weinberger) - drm/i915: Fix mismatch between misplaced vma check and vma insert (Chris Wilson) - vmlinux.lds.h: Add PGO and AutoFDO input sections (Nick Desaulniers) - x86/resctrl: Dont move a task to the same resource group (Fenghua Yu) - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (Fenghua Yu) - net: fix pmtu check in nopmtudisc mode (Florian Westphal) - net: ip: always refragment ip defragmented packets (Florian Westphal) - net: vlan: avoid leaks on register_vlan_dev() failures (Jakub Kicinski) - net: cdc_ncm: correct overhead in delayed_ndp_size (Jouni K. Seppanen) - powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (Mathieu Desnoyers) - Linux 4.14.215 (Greg Kroah-Hartman) - KVM: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) - x86/mtrr: Correct the range check before performing MTRR type lookups (Ying-Tsun Huang) - netfilter: xt_RATEEST: reject non-null terminated string from userspace (Florian Westphal) - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (Vasily Averin) - Revert 'device property: Keep secondary firmware node secondary by type' (Bard Liao) - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (Kailang Yang) - ALSA: hda/conexant: add a new hda codec CX11970 (bo liu) - x86/mm: Fix leak of pmd ptlock (Dan Williams) - USB: serial: keyspan_pda: remove unused variable (Johan Hovold) - usb: gadget: configfs: Fix use-after-free issue with udc_name (Eddie Hung) - usb: gadget: configfs: Preserve function ordering after bind failure (Chandana Kishori Chiluveru) - usb: gadget: Fix spinlock lockup on usb_function_deactivate (Sriharsha Allenki) - USB: gadget: legacy: fix return error code in acm_ms_bind() (Yang Yingliang) - usb: gadget: function: printer: Fix a memory leak for interface descriptor (Zqiang) - usb: gadget: f_uac2: reset wMaxPacketSize (Jerome Brunet) - usb: gadget: select CONFIG_CRC32 (Arnd Bergmann) - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (Takashi Iwai) - USB: usblp: fix DMA to stack (Johan Hovold) - USB: yurex: fix control-URB timeout handling (Johan Hovold) - USB: serial: option: add Quectel EM160R-GL (Bjorn Mork) - USB: serial: option: add LongSung M5710 module support (Daniel Palmer) - USB: serial: iuu_phoenix: fix DMA from stack (Johan Hovold) - usb: uas: Add PNY USB Portable SSD to unusual_uas (Thinh Nguyen) - usb: usbip: vhci_hcd: protect shift size (Randy Dunlap) - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Michael Grzeschik) - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (Yu Kuai) - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (Serge Semin) - USB: cdc-acm: blacklist another IR Droid device (Sean Young) - usb: gadget: enable super speed plus (taehyun.cho) - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (Ard Biesheuvel) - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (Florian Fainelli) - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (Stefan Chulski) - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) - net: sched: prevent invalid Scell_log shift count (Randy Dunlap) - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (Yunjian Wang) - net: usb: qmi_wwan: add Quectel EM160R-GL (Bjorn Mork) - CDC-NCM: remove 'connected' log message (Roland Dreier) - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (Xie He) - net: hns: fix return value check in __lb_other_process() (Yunjian Wang) - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (Guillaume Nault) - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (Grygorii Strashko) - net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) - net: ethernet: Fix memleak in ethoc_probe (Dinghao Liu) - net/ncsi: Use real net-device for response handler (John Wang) - virtio_net: Fix recursive call to cpus_read_lock() (Jeff Dike) - qede: fix offload for IPIP tunnel packets (Manish Chopra) - atm: idt77252: call pci_disable_device() on error path (Dan Carpenter) - ethernet: ucc_geth: set dev->max_mtu to 1518 (Rasmus Villemoes) - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (Rasmus Villemoes) - depmod: handle the case of /sbin/depmod without /sbin in PATH (Linus Torvalds) - lib/genalloc: fix the overflow when size is too big (Huang Shijie) - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (Bart Van Assche) - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (Adrian Hunter) - workqueue: Kick a worker based on the actual activation of delayed works (Yunfeng Ye) - kbuild: dont hardcode depmod path (Dominique Martinet) - Linux 4.14.214 (Greg Kroah-Hartman) - iio:magnetometer:mag3110: Fix alignment and data leak issues. (Jonathan Cameron) - iio:imu:bmi160: Fix alignment and data leak issues (Jonathan Cameron) - kdev_t: always inline major/minor helper functions (Josh Poimboeuf) - dm verity: skip verity work if I/O error when system is shutting down (Hyeongseok Kim) - ALSA: pcm: Clear the full allocated memory at hw_params (Takashi Iwai) - module: delay kobject uevent until after module init call (Jessica Yu) - powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (Qinglang Miao) - quota: Dont overflow quota file offsets (Jan Kara) - module: set MODULE_STATE_GOING state when a module fails to load (Miroslav Benes) - rtc: sun6i: Fix memleak in sun6i_rtc_clk_init (Dinghao Liu) - ALSA: seq: Use bool for snd_seq_queue internal flags (Takashi Iwai) - media: gp8psk: initialize stats at power control logic (Mauro Carvalho Chehab) - misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() (Anant Thazhemadam) - reiserfs: add check for an invalid ih_entry_count (Rustam Kovhaev) - of: fix linker-section match-table corruption (Johan Hovold) (Petr Vorel) - powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (Christophe Leroy) - USB: serial: digi_acceleport: fix write-wakeup deadlocks (Johan Hovold) - s390/dasd: fix hanging device offline processing (Stefan Haberland) - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() (Eric Auger) - mm: memcontrol: implement lruvec stat functions on top of each other (Johannes Weiner) - mm: memcontrol: eliminate raw access to stat and event counters (Johannes Weiner) - ALSA: usb-audio: fix sync-ep altsetting sanity check (Johan Hovold) - ALSA: usb-audio: simplify set_sync_ep_implicit_fb_quirk (Alberto Aguirre) - ALSA: hda/ca0132 - Fix work handling in delayed HP detection (Takashi Iwai) - md/raid10: initialize r10_bio->read_slot before use. (Kevin Vigor) - x86/entry/64: Add instruction suffix (Jan Beulich) [4.14.35-2047.505.0] - cipso,calipso: resolve a number of problems with the DOI refcounts (Paul Moore) [Orabug: 32912072] {CVE-2021-33033} - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907969] {CVE-2021-23133} {CVE-2021-23133} - scsi: core: add scsi_host_busy_iter() (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Use scsi_host_busy_iter() to traverse commands (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io() (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Validate io_req before others (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Set scsi_set_resid() only for underflow (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 (Dinghao Liu) [Orabug: 32621218] - scsi: fnic: Avoid looping in TRANS ETH on unload (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Change shost_printk() to FNIC_FCS_DBG() (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Simplify the return expression of vnic_wq_copy_alloc() (Liu Shixin) [Orabug: 32621218] - scsi: fnic: Fix inconsistent format argument type in fnic_debugfs.c (Ye Bin) [Orabug: 32621218] - scsi: fnic: Do not call 'scsi_done()' for unhandled commands (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Remove unneeded semicolon (Jason Yan) [Orabug: 32621218] - scsi: fnic: Remove set but not used variable in is_fnic_fip_flogi_reject() (Jason Yan) [Orabug: 32621218] - scsi: fnic: Remove set but not used 'old_vlan' (Jason Yan) [Orabug: 32621218] - scsi: fnic: Use eth_broadcast_addr() to assign broadcast address (Miaohe Lin) [Orabug: 32621218] - scsi: fnic: Use true, false for fnic->internal_reset_inprogress (Jason Yan) [Orabug: 32621218] - scsi: fnic: make vnic_wq_get_ctrl and vnic_wq_alloc_ring static (Jason Yan) [Orabug: 32621218] - scsi: fnic: make fnic_list and fnic_list_lock static (Jason Yan) [Orabug: 32621218] - scsi: fnic: make some symbols static (Jason Yan) [Orabug: 32621218] - scsi: fnic: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 32621218] - scsi: fnic: make array dev_cmd_err static const, makes object smaller (Colin Ian King) [Orabug: 32621218] - scsi: fnic: print port speed only at driver init or speed change (John Pittman) [Orabug: 32621218] - scsi: fnic: remove redundant assignment of variable rc (Colin Ian King) [Orabug: 32621218] - scsi: fnic: Remove set but not used variable 'vdev' (YueHaibing) [Orabug: 32621218] - scsi: fnic: no need to check return value of debugfs_create functions (Greg Kroah-Hartman) [Orabug: 32621218] - scsi: fnic: Update fnic driver version to 1.6.0.47 (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Enable fnic devcmd2 interface (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Adding devcmd2 init and posting interfaces (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Add devcmd2 initialization helpers (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic devcmd2 controller definitions (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic devcmd2 interface definitions (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Impose upper limit on max. # of CQs processed per intr (Satish Kharat) [Orabug: 32621218] - scsi: fnic: RQ enable and then post descriptors (Satish Kharat) [Orabug: 32621218] - scsi: fnic: delaying vnic dev enable till after req intr (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Warn when calling done for IO not issued to fw (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic stats for max CQs processed and ISR time (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Add port speed stat to fnic debug stats (Satish Kharat) [Orabug: 32621218] - scsi: fnic: use fnic_lock to guard fnic->state_flags (Satish Kharat) [Orabug: 32621218] - scsi: fnic: vnic_rq_clean change BUG_ON to WARN_ON (Satish Kharat) [Orabug: 32621218] - scsi: fnic: change fnic queue depth to 256 (Satish Kharat) [Orabug: 32621218] - scsi: fnic: support to display 20G port speed (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Use vzalloc (Sabyasachi Gupta) [Orabug: 32621218] - fnic: fix fnic_scsi_host_{start,end}_tag (Christoph Hellwig) [Orabug: 32621218] - scsi: fnic: replace gross legacy tag hack with blk-mq hack (Jens Axboe) [Orabug: 32621218] - scsi: fnic: switch to generic DMA API (Christoph Hellwig) [Orabug: 32621218] - scsi: fnic: fix spelling mistake in fnic stats 'Abord' -> 'Abort' (Colin Ian King) [Orabug: 32621218] - scsi: fnic: use 64-bit timestamps (Arnd Bergmann) [Orabug: 32621218] - scsi: fnic: use kzalloc in fnic_fcoe_process_vlan_resp (Rasmus Villemoes) [Orabug: 32621218] - scsi: fnic: add a space after %p in printf format (Nicolas Iooss) [Orabug: 32621218] - scsi: fnic: Fix coccinelle warnings (Vasyl Gomonovych) [Orabug: 32621218] - scsi: iscsi: Fix iSCSI cls conn state (Gulam Mohamed) [Orabug: 31669275] - iscsi: Fix race condition between login and sync thread (Gulam Mohamed) [Orabug: 31669275] - Linux 4.14.213 (Greg Kroah-Hartman) - PCI: Fix pci_slot_release() NULL pointer dereference (Jubin Zhong) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels (Dan Williams) - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (Terry Zhou) - md/cluster: fix deadlock when node is doing resync job (Zhao Heming) - iio:imu:bmi160: Fix too large a buffer. (Jonathan Cameron) - iio:pressure:mpl3115: Force alignment of buffer (Jonathan Cameron) - iio:light:rpr0521: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (Qinglang Miao) - iio: buffer: Fix demux update (Nuno Sa) - mtd: parser: cmdline: Fix parsing of part-names with colons (Sven Eckelmann) - soc: qcom: smp2p: Safely acquire spinlock without IRQs (Evan Green) - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (Lukas Wunner) - spi: sc18is602: Dont leak SPI master in probe error path (Lukas Wunner) - spi: rb4xx: Dont leak SPI master in probe error path (Lukas Wunner) - spi: pic32: Dont leak DMA channels in probe error path (Lukas Wunner) - spi: davinci: Fix use-after-free on unbind (Lukas Wunner) - spi: spi-sh: Fix use-after-free on unbind (Lukas Wunner) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (Zwane Mwaikambo) - jfs: Fix array index bounds check in dbAdjTree (Dave Kleikamp) - jffs2: Fix GC exit abnormally (Zhe Li) - ceph: fix race in concurrent __ceph_remove_cap invocations (Luis Henriques) - ima: Dont modify file descriptor mode on the fly (Roberto Sassu) - powerpc/powernv/memtrace: Dont leak kernel memory to user space (David Hildenbrand) - powerpc/xmon: Change printk() to pr_cont() (Christophe Leroy) - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter (Tyrel Datwyler) - ARM: dts: at91: sama5d2: fix CAN message ram offset and size (Nicolas Ferre) - KVM: arm64: Introduce handling of AArch32 TTBCR2 traps (Marc Zyngier) - ext4: fix deadlock with fs freezing and EA inodes (Jan Kara) - ext4: fix a memory leak of ext4_free_data (Chunguang Xu) - USB: serial: keyspan_pda: fix write unthrottling (Johan Hovold) - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix write-wakeup use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix stalled writes (Johan Hovold) - USB: serial: keyspan_pda: fix write deadlock (Johan Hovold) - USB: serial: keyspan_pda: fix dropped unthrottle interrupts (Johan Hovold) - USB: serial: mos7720: fix parallel-port state restore (Johan Hovold) - EDAC/amd64: Fix PCI component registration (Borislav Petkov) - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (Ard Biesheuvel) - powerpc/perf: Exclude kernel samples while counting events in user space. (Athira Rajeev) - staging: comedi: mf6x4: Fix AI end-of-conversion detection (Ian Abbott) - s390/dasd: fix list corruption of lcu list (Stefan Haberland) - s390/dasd: fix list corruption of pavgroup group list (Stefan Haberland) - s390/dasd: prevent inconsistent LCU device data (Stefan Haberland) - s390/smp: perform initial CPU reset also for SMT siblings (Sven Schnelle) - ALSA: usb-audio: Disable sample read check if firmware doesnt give back (Takashi Iwai) - ALSA: pcm: oss: Fix a few more UBSAN fixes (Takashi Iwai) - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (Chris Chiu) - ACPI: PNP: compare the string length in the matching_id() (Hui Wang) - Revert 'ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks' (Daniel Scally) - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() (Rafael J. Wysocki) - Input: cyapa_gen6 - fix out-of-bounds stack access (Arnd Bergmann) - media: netup_unidvb: Dont leak SPI master in probe error path (Lukas Wunner) - media: sunxi-cir: ensure IR is handled when it is continuous (Sean Young) - media: gspca: Fix memory leak in probe (Alan Stern) - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (Simon Beginn) - Input: cros_ec_keyb - send 'scancodes' in addition to key events (Dmitry Torokhov) - fix namespaced fscaps when !CONFIG_SECURITY (Serge Hallyn) - cfg80211: initialize rekey_data (Sara Sharon) - clk: sunxi-ng: Make sure divider tables have sentinel (Jernej Skrabec) - clk: s2mps11: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - qlcnic: Fix error code in probe (Dan Carpenter) - perf record: Fix memory leak when using '--user-regs=?' to list registers (Zheng Zengkai) - pwm: lp3943: Dynamically allocate PWM chip base (Lokesh Vutla) - pwm: zx: Add missing cleanup in error path (Uwe Kleine-Konig) - clk: ti: Fix memleak in ti_fapll_synth_setup (Zhang Qilong) - watchdog: coh901327: add COMMON_CLK dependency (Arnd Bergmann) - watchdog: qcom: Avoid context switch in restart handler (Manivannan Sadhasivam) - net: korina: fix return value (Vincent Stehle) - net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (Christophe JAILLET) - net: bcmgenet: Fix a resource leak in an error handling path in the probe functin (Christophe JAILLET) - checkpatch: fix unescaped left brace (Dwaipayan Ray) - powerpc/ps3: use dma_mapping_error() (Vincent Stehle) - nfc: s3fwrn5: Release the nfc firmware (Bongsu Jeon) - um: chan_xterm: Fix fd leak (Anton Ivanov) - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (Guenter Roeck) - irqchip/alpine-msi: Fix freeing of interrupts on allocation error path (Marc Zyngier) - ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (Dan Carpenter) - extcon: max77693: Fix modalias string (Marek Szyprowski) - clk: tegra: Fix duplicated SE clock entry (Dmitry Osipenko) - x86/kprobes: Restore BTF if the single-stepping is cancelled (Masami Hiramatsu) - nfs_common: need lock during iterate through the list (Cheng Lin) - nfsd: Fix message level for normal termination (kazuo ito) - speakup: fix uninitialized flush_lock (Yang Yingliang) - usb: oxu210hp-hcd: Fix memory leak in oxu_create (Zhang Qilong) - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (Zhang Qilong) - powerpc/pseries/hibernation: remove redundant cacheinfo update (Nathan Lynch) - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops (Nathan Lynch) - scsi: fnic: Fix error return code in fnic_probe() (Zhang Changzhong) - scsi: pm80xx: Fix error return in pm8001_pci_probe() (Zhang Qilong) - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe (Qinglang Miao) - cpufreq: scpi: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: loongson1: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: st: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (Keqian Zhu) - dm ioctl: fix error return code in target_message (Qinglang Miao) - ASoC: jz4740-i2s: add missed checks for clk_get() (Chuhong Yuan) - net/mlx5: Properly convey driver version to firmware (Leon Romanovsky) - memstick: r592: Fix error return in r592_probe() (Jing Xiangfeng) - arm64: dts: rockchip: Fix UART pull-ups on rk3328 (Chen-Yu Tsai) - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (Yu Kuai) - ARM: dts: at91: sama5d2: map securam as device (Claudiu Beznea) - clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (Yu Kuai) - media: saa7146: fix array overflow in vidioc_s_audio() (Dan Carpenter) - vfio-pci: Use io_remap_pfn_range() for PCI IO memory (Jason Gunthorpe) - NFS: switch nfsiod to be an UNBOUND workqueue. (NeilBrown) - SUNRPC: xprt_load_transport() needs to support the netid 'rdma6' (Trond Myklebust) - NFSv4.2: condition READDIRs mask for security label based on LSM state (Olga Kornievskaia) - ath10k: Release some resources in an error handling path (Christophe JAILLET) - ath10k: Fix an error handling path (Christophe JAILLET) - ARM: dts: at91: at91sam9rl: fix ADC triggers (Alexandre Belloni) - PCI: iproc: Fix out-of-bound array accesses (Bharat Gooty) - genirq/irqdomain: Dont try to free an interrupt that has no mapping (Marc Zyngier) - power: supply: bq24190_charger: fix reference leak (Zhang Qilong) - ARM: dts: Remove non-existent i2c1 from 98dx3236 (Chris Packham) - HSI: omap_ssi: Dont jump to free ID in ssi_add_controller() (Jing Xiangfeng) - media: max2175: fix max2175_set_csm_mode() error code (Dan Carpenter) - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover (Qinglang Miao) - samples: bpf: Fix lwt_len_hist reusing previous BPF map (Daniel T. Lee) - media: siano: fix memory leak of debugfs members in smsdvb_hotplug (Keita Suzuki) - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (Qinglang Miao) - orinoco: Move context allocation after processing the skb (Sebastian Andrzej Siewior) - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (Cristian Birsan) - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (Cristian Birsan) - memstick: fix a double-free bug in memstick_check (Qinglang Miao) - RDMA/cxgb4: Validate the number of CQEs (Kamal Heib) - Input: omap4-keypad - fix runtime PM error handling (Zhang Qilong) - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (Zhihao Cheng) - soc: ti: Fix reference imbalance in knav_dma_probe (Zhang Qilong) - soc: ti: knav_qmss: fix reference leak in knav_queue_probe (Zhang Qilong) - crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (Zhang Qilong) - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 (Christophe Leroy) - Input: ads7846 - fix unaligned access on 7845 (Dmitry Torokhov) - Input: ads7846 - fix integer overflow on Rt calculation (Oleksij Rempel) - Input: ads7846 - fix race that causes missing releases (David Jander) - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (Yang Yingliang) - media: solo6x10: fix missing snd_card_free in error handling case (Qinglang Miao) - scsi: core: Fix VPD LUN ID designator priorities (Martin Wilck) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (Yu Kuai) - staging: greybus: codecs: Fix reference counter leak in error handling (Zhang Qilong) - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA (Necip Fazil Yildiran) - RDMa/mthca: Work around -Wenum-conversion warning (Arnd Bergmann) - ASoC: arizona: Fix a wrong free in wm8997_probe (Zhang Qilong) - ASoC: wm8998: Fix PM disable depth imbalance on error (Zhang Qilong) - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (Tsuchiya Yuto) - spi: tegra114: fix reference leak in tegra spi ops (Zhang Qilong) - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (Zhang Qilong) - spi: tegra20-slink: fix reference leak in slink ops of tegra20 (Zhang Qilong) - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (Zhang Qilong) - Bluetooth: Fix null pointer dereference in hci_event_packet() (Anmol Karn) - arm64: dts: exynos: Correct psci compatible used on Exynos7 (Pawel Chmiel) - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling (Paul Moore) - ASoC: pcm: DRAIN support reactivation (Cezary Rojewski) - spi: img-spfi: fix reference leak in img_spfi_resume (Zhang Qilong) - crypto: talitos - Fix return type of current_desc_hdr() (Christophe Leroy) - sched: Reenable interrupts in do_sched_yield() (Thomas Gleixner) - sched/deadline: Fix sched_dl_global_validate() (Peng Liu) - ARM: p2v: fix handling of LPAE translation in BE mode (Ard Biesheuvel) - x86/mm/ident_map: Check for errors from ident_pud_init() (Arvind Sankar) - RDMA/rxe: Compute PSN windows correctly (Bob Pearson) - selinux: fix error initialization in inode_doinit_with_dentry() (Tianyue Ren) - RDMA/bnxt_re: Set queue pair state when being queried (Kamal Heib) - soc: mediatek: Check if power domains can be powered on at boot time (Nicolas Boichat) - soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (Dan Carpenter) - drm/gma500: fix double free of gma_connector (Tom Rix) - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (Peilin Ye) - md: fix a warning caused by a race between concurrent md_ioctl()s (Dae R. Jeong) - crypto: af_alg - avoid undefined behavior accessing salg_name (Eric Biggers) - media: msi2500: assign SPI bus number dynamically (Antti Palosaari) - quota: Sanity-check quota file headers on load (Jan Kara) - serial_core: Check for port state when tty is in error state (Alexey Kardashevskiy) - HID: i2c-hid: add Vero K147 to descriptor override (Julian Sax) - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU (Krzysztof Kozlowski) - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 (Krzysztof Kozlowski) - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (Krzysztof Kozlowski) - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (Fabio Estevam) - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (Will McVicker) - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (Jack Pham) - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (Will McVicker) - USB: gadget: f_acm: add support for SuperSpeed Plus (taehyun.cho) - USB: serial: option: add interface-number sanity check to flag handling (Johan Hovold) - soc/tegra: fuse: Fix index bug in get_process_id (Nicolin Chen) - dm table: Remove BUG_ON(in_interrupt()) (Thomas Gleixner) - scsi: mpt3sas: Increase IOCInit request timeout to 30s (Sreekanth Reddy) - vxlan: Copy needed_tailroom from lowerdev (Sven Eckelmann) - vxlan: Add needed_headroom for lower device (Sven Eckelmann) - drm/tegra: sor: Disable clocks on error in tegra_sor_init() (Qinglang Miao) - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (Nicholas Piggin) - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (Leon Romanovsky) - can: softing: softing_netdev_open(): fix error handling (Zhang Qilong) - scsi: bnx2i: Requires MMU (Randy Dunlap) - gpio: mvebu: fix potential user-after-free on probe (Baruch Siach) - ARM: dts: sun8i: v3s: fix GIC node memory range (Icenowy Zheng) - pinctrl: baytrail: Avoid clearing debounce value when turning it off (Andy Shevchenko) - pinctrl: merrifield: Set default bias in case no particular value given (Andy Shevchenko) - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi (Xin Xiong) - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (Alexander Sverdlin) - ALSA: pcm: oss: Fix potential out-of-bounds shift (Takashi Iwai) - USB: sisusbvga: Make console support depend on BROKEN (Thomas Gleixner) - USB: UAS: introduce a quirk to set no_write_same (Oliver Neukum) - xhci: Give USB2 ports time to enter U3 in bus suspend (Li Jun) - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (Takashi Iwai) - ALSA: usb-audio: Fix potential out-of-bounds shift (Takashi Iwai) - USB: add RESET_RESUME quirk for Snapscan 1212 (Oliver Neukum) - USB: dummy-hcd: Fix uninitialized array use in init() (Bui Quang Minh) - mac80211: mesh: fix mesh_pathtbl_init() error path (Eric Dumazet) - net: bridge: vlan: fix error return code in __vlan_add() (Zhang Changzhong) - net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux (Martin Blumenstingl) - net: stmmac: delete the eee_ctrl_timer after napi disabled (Fugang Duan) - tcp: fix cwnd-limited bug for TSO deferral where we send nothing (Neal Cardwell) - net: stmmac: free tx skb buffer in stmmac_resume() (Fugang Duan) - PCI: qcom: Add missing reset for ipq806x (Ansuel Smith) - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (Arvind Sankar) - scsi: be2iscsi: Revert 'Fix a theoretical leak in beiscsi_create_eqs()' (Dan Carpenter) - kbuild: avoid static_assert for genksyms (Arnd Bergmann) - pinctrl: amd: remove debounce filter setting in IRQ type setting (Coiby Xu) - Input: i8042 - add Acer laptops to the i8042 reset list (Chris Chiu) - Input: cm109 - do not stomp on control URB (Dmitry Torokhov) - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (Timo Witte) - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (Hao Si) - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (Can Guo) - ARC: stack unwinding: dont assume non-current task is sleeping (Vineet Gupta) - iwlwifi: mvm: fix kernel panic in case of assert during CSA (Sara Sharon) - arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. (Markus Reichl) - iwlwifi: pcie: limit memory read spin time (Johannes Berg) - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe (Nathan Chancellor) - spi: bcm2835aux: Fix use-after-free on unbind (Lukas Wunner) - Linux 4.14.212 (Greg Kroah-Hartman) - x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (Masami Hiramatsu) - Input: i8042 - fix error return code in i8042_setup_aux() (Luo Meng) - i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (Zhihao Cheng) - gfs2: check for empty rgrp tree in gfs2_ri_update (Bob Peterson) - tracing: Fix userstacktrace option for instances (Steven Rostedt (VMware)) - spi: bcm2835: Release the DMA channel if probe fails after dma_init (Peter Ujfalusi) - spi: bcm2835: Fix use-after-free on unbind (Lukas Wunner) - spi: bcm-qspi: Fix use-after-free on unbind (Lukas Wunner) - spi: Introduce device-managed SPI controller allocation (Lukas Wunner) - speakup: Reject setting the speakup line discipline outside of speakup (Samuel Thibault) - i2c: imx: Check for I2SR_IAL after every byte (Christian Eggers) - i2c: imx: Fix reset of I2SR_IAL flag (Christian Eggers) - mm/swapfile: do not sleep with a spin lock held (Qian Cai) - cifs: fix potential use-after-free in cifs_echo_request() (Paulo Alcantara) - ftrace: Fix updating FTRACE_FL_TRAMP (Naveen N. Rao) - ALSA: hda/generic: Add option to enforce preferred_dacs pairs (Takashi Iwai) - ALSA: hda/realtek - Add new codec supported for ALC897 (Kailang Yang) - USB: serial: option: fix Quectel BG96 matching (Bjorn Mork) - USB: serial: option: add support for Thales Cinterion EXS82 (Giacinto Cifelli) - USB: serial: option: add Fibocom NL668 variants (Vincent Palatin) - USB: serial: ch341: sort device-id entries (Johan Hovold) - USB: serial: ch341: add new Product ID for CH341A (Jan-Niklas Burfeind) - USB: serial: kl5kusb105: fix memleak on open (Johan Hovold) - usb: gadget: f_fs: Use local copy of descriptors for userspace copy (Vamsi Krishna Samavedam) - vlan: consolidate VLAN parsing code and limit max parsing depth (Toke Hoiland-Jorgensen) - pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) (Hans de Goede) - pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output (Hans de Goede) - Linux 4.14.211 (Greg Kroah-Hartman) - RDMA/i40iw: Address an mmap handler exploit in i40iw (Shiraz Saleem) - Input: i8042 - add ByteSpeed touchpad to noloop table (Po-Hsu Lin) - Input: xpad - support Ardwiino Controllers (Sanjay Govind) - ALSA: usb-audio: US16x08: fix value count for level meters (Hector Martin) - dt-bindings: net: correct interrupt flags in examples (Krzysztof Kozlowski) - net/mlx5: Fix wrong address reclaim when command interface is down (Eran Ben Elisha) - net: pasemi: fix error return code in pasemi_mac_open() (Zhang Changzhong) - cxgb3: fix error return code in t3_sge_alloc_qset() (Zhang Changzhong) - net/x25: prevent a couple of overflows (Dan Carpenter) - ibmvnic: Fix TX completion error handling (Thomas Falcon) - ibmvnic: Ensure that SCRQ entry reads are correctly ordered (Thomas Falcon) - ipv4: Fix tos mask in inet_rtm_getroute() (Guillaume Nault) - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal (Antoine Tenart) - bonding: wait for sysfs kobject destruction before freeing struct slave (Jamie Iles) - usbnet: ipheth: fix connectivity with iOS 14 (Yves-Alexis Perez) - tun: honor IOCB_NOWAIT flag (Jens Axboe) - tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (Alexander Duyck) - sock: set sk_err to ee_errno on dequeue from errq (Willem de Bruijn) - rose: Fix Null pointer dereference in rose_send_frame() (Anmol Karn) - net/af_iucv: set correct sk_protocol for child sockets (Julian Wiedmann) [4.14.35-2047.504.2] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32887159] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32856879] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32856879] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32856879] - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860493] {CVE-2021-31916} - net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry) [Orabug: 32559464] - Linux 4.14.210 (Greg Kroah-Hartman) - USB: core: Fix regression in Hercules audio card (Alan Stern) - USB: core: add endpoint-blacklist quirk (Johan Hovold) - x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (Xiaochen Shen) - x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (Xiaochen Shen) - usb: gadget: Fix memleak in gadgetfs_fill_super (Zhang Qilong) - usb: gadget: f_midi: Fix memleak in f_midi_alloc (Zhang Qilong) - USB: core: Change %pK for __user pointers to %px (Alan Stern) - perf probe: Fix to die_entrypc() returns error correctly (Masami Hiramatsu) - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (Marc Kleine-Budde) - platform/x86: toshiba_acpi: Fix the wrong variable assignment (Kaixu Xia) - can: gs_usb: fix endianess problem with candleLight firmware (Marc Kleine-Budde) - efivarfs: revert 'fix memory leak in efivarfs_create()' (Ard Biesheuvel) - ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (Lijun Pan) - ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (Lijun Pan) - net: ena: set initial DMA width to avoid intel iommu issue (Shay Agroskin) - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (Krzysztof Kozlowski) - IB/mthca: fix return value of error branch in mthca_init_cq() (Xiongfeng Wang) - scsi: ufs: Fix race between shutdown and runtime resume flow (Stanley Chu) - batman-adv: set .owner to THIS_MODULE (Taehee Yoo) - phy: tegra: xusb: Fix dangling pointer on probe failure (Marc Zyngier) - perf/x86: fix sysfs type mismatches (Sami Tolvanen) - scsi: target: iscsi: Fix cmd abort fabric stop race (Mike Christie) - scsi: libiscsi: Fix NOP race condition (Lee Duncan) - dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size (Sugar Zhang) - nvme: free sq/cq dbbuf pointers when dbbuf set fails (Minwoo Im) - proc: dont allow async path resolution of /proc/self components (Jens Axboe) - HID: Add Logitech Dinovo Edge battery quirk (Hans de Goede) - x86/xen: dont unbind uninitialized lock_kicker_irq (Brian Masney) - dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant (Marc Ferland) - HID: hid-sensor-hub: Fix issue with devices with no report ID (Pablo Ceballos) - Input: i8042 - allow insmod to succeed on devices without an i8042 controller (Hans de Goede) - HID: cypress: Support Varmilo Keyboards media hotkeys (Frank Yang) - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (Kai Vehmanen) - ALSA: hda/hdmi: Use single mutex unlock in error paths (Takashi Iwai) - arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Will Deacon) - arm64: pgtable: Fix pte_accessible() (Will Deacon) - btrfs: adjust return values of btrfs_inode_by_name (Su Yue) - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (Qu Wenruo) - PCI: Add device even if driver attach failed (Rajat Jain) - wireless: Use linux/stddef.h instead of stddef.h (Hauke Mehrtens) - btrfs: fix lockdep splat when reading qgroup config on mount (Filipe Manana) - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Gerald Schaefer) - perf event: Check ref_reloc_sym before using it (Igor Lubashev) - Linux 4.14.209 (Greg Kroah-Hartman) - x86/microcode/intel: Check patch signature before saving microcode for early loading (Chen Yu) - s390/dasd: fix null pointer dereference for ERP requests (Stefan Haberland) - s390/cpum_sf.c: fix file permission for cpum_sfb_size (Thomas Richter) - mac80211: free sta in sta_info_insert_finish() on errors (Johannes Berg) - mac80211: minstrel: fix tx status processing corner case (Felix Fietkau) - mac80211: minstrel: remove deferred sampling code (Felix Fietkau) - xtensa: disable preemption around cache alias management calls (Max Filippov) - regulator: workaround self-referent regulators (Micha; Miros;aw) - regulator: avoid resolve_supply() infinite recursion (Micha; Miros;aw) - regulator: fix memory leak with repeated set_machine_constraints() (Micha; Miros;aw) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (Hans de Goede) - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (Hans de Goede) - ext4: fix bogus warning in ext4_update_dx_flag() (Jan Kara) - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (Brian O Keefe) - efivarfs: fix memory leak in efivarfs_create() (Vamshi K Sthambamkadi) - tty: serial: imx: keep console clocks always on (Fugang Duan) - ALSA: mixart: Fix mutex deadlock (Takashi Iwai) - ALSA: ctl: fix error path at adding user-defined element set (Takashi Sakamoto) - speakup: Do not let the line discipline be used several times (Samuel Thibault) - powerpc/uaccess-flush: fix missing includes in kup-radix.h (Daniel Axtens) - libfs: fix error cast of negative value in simple_attr_write() (Yicong Yang) - xfs: revert 'xfs: fix rmap key and record comparison functions' (Darrick J. Wong) - regulator: ti-abb: Fix array out of bound read access on the first transition (Nishanth Menon) - MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu (Zhang Qilong) - ASoC: qcom: lpass-platform: Fix memory leak (Srinivasa Rao Mandadapu) - can: m_can: m_can_handle_state_change(): fix state change (Wu Bo) - can: peak_usb: fix potential integer overflow on shift of a int (Colin Ian King) - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (Marc Kleine-Budde) - can: ti_hecc: Fix memleak in ti_hecc_probe (Zhang Qilong) - can: dev: can_restart(): post buffer from the right context (Alejandro Concepcion Rodriguez) - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (Anant Thazhemadam) - can: af_can: prevent potential access of uninitialized member in can_rcv() (Anant Thazhemadam) - perf lock: Don t free 'lock_seq_stat' if read_count isn t zero (Leo Yan) - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (Fabio Estevam) - arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (Sergey Matyukevich) - MIPS: export has_transparent_hugepage() for modules (Randy Dunlap) - Input: adxl34x - clean up a data type in adxl34x_probe() (Dan Carpenter) - vfs: remove lockdep bogosity in __sb_start_write (Darrick J. Wong) - arm64: psci: Avoid printing in cpu_psci_cpu_die() (Will Deacon) - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq (Jianqun Xu) - net: ftgmac100: Fix crash when removing driver (Joel Stanley) - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate (Ryan Sharpelletti) - net: usb: qmi_wwan: Set DTR quirk for MR400 (Filip Moc) - net/mlx5: Disable QoS when min_rates on all VFs are zero (Vladyslav Tarasiuk) - sctp: change to hold/put transport for proto_unreach_timer (Xin Long) - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (Zhang Changzhong) - net: x25: Increase refcnt of 'struct x25_neigh' in x25_rx_call_request (Xie He) - net/mlx4_core: Fix init_hca fields offset (Aya Levin) - netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() (Paul Moore) - netlabel: fix our progress tracking in netlbl_unlabel_staticlist() (Paul Moore) - net: Have netpoll bring-up DSA management interface (Florian Fainelli) - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (Tobias Waldekranz) - net: bridge: add missing counters to ndo_get_stats64 callback (Heiner Kallweit) - net: b44: fix error return code in b44_init_one() (Zhang Changzhong) - mlxsw: core: Use variable timeout for EMAD retries (Ido Schimmel) - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (Wang Hai) - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() (Wang Hai) - atm: nicstar: Unmap DMA on send error (Sebastian Andrzej Siewior) - ah6: fix error return code in ah6_input() (Zhang Changzhong) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23133 CVE-2021-33034 CVE-2021-32399 CVE-2021-33033 Oracle Linux 7 [4.14.35-2047.505.4.el7] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863569] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863569] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982355] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820277] [4.14.35-2047.505.3] - uek-rpm: match Pensando config-aarch-embedded2 with the T93s config (Thomas Tai) [Orabug: 32972392] - quota: Fix memory leak when handling corrupted quota file (Jan Kara) [Orabug: 33020349] - xen/netback: fix spurious event detection for common event case (Juergen Gross) [Orabug: 33020349] - Input: i8042 - unbreak Pegatron C15B (Alexey Dobriyan) [Orabug: 33020349] - ksplice: use -fno-reorder-functions -fno-section-anchors (Vegard Nossum) [Orabug: 32983664] - ksplice: fixup for -ffunction-sections -fdata-sections (Vegard Nossum) [Orabug: 32983664] - rds: ib: Mitigate intermittent incorrect RNR NAK Retry Timer modification (Hakon Bugge) [Orabug: 32981187] - scsi: smartpqi: Remove unused functions (Bart Van Assche) [Orabug: 32967877] - scsi: smartpqi: Fix device pointer variable reference static checker issue (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Fix blocks_per_row static checker issue (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Update version to 2.1.8-045 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add new PCI IDs (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Correct system hangs when resuming from hibernation (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update enclosure identifier in sysfs (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Add additional logging for LUN resets (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update SAS initiator_port_protocols and target_port_protocols (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Add phy ID support for the physical drives (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Convert snprintf() to scnprintf() (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Fix driver synchronization issues (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update device scan operations (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update OFA management (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update RAID bypass handling (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update suspend/resume and shutdown (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Synchronize device resets with mutex (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update soft reset management for OFA (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update event handler (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for wwid (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Remove timeouts from internal cmds (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Disable WRITE SAME for HBA NVMe disks (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add host level stream detection enable (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add stream detection (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Align code with oob driver (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for long firmware version (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for BMIC sense feature cmd and feature bits (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Add support for RAID1 writes (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add support for RAID5 and RAID6 writes (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Refactor scatterlist code (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Refactor aio submission code (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add support for new product ids (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Correct request leakage during reset operations (Murthy Bhat) [Orabug: 32967877] - scsi: smartpqi: Update version to 1.2.16-012 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Correct driver removal with HBA disks (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Update copyright (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Bump version to 1.2.16-010 (Don Brace) [Orabug: 32967877] - scsi: smartpqi: Add RAID bypass counter (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Support device deletion via sysfs (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Avoid crashing kernel for controller issues (Kevin Barnett) [Orabug: 32967877] - scsi: smartpqi: Update logical volume size after expansion (Mahesh Rajashekhara) [Orabug: 32967877] - scsi: smartpqi: Add id support for SmartRAID 3152-8i (Mahesh Rajashekhara) [Orabug: 32967877] - scsi: smartpqi: Identify physical devices without issuing INQUIRY (Kevin Barnett) [Orabug: 32967877] - remove ioremap_nocache and devm_ioremap_nocache (Christoph Hellwig) [Orabug: 32967877] - treewide: Use sizeof_field() macro (Pankaj Bharadiya) [Orabug: 32967877] - block-mq: fix kabi error (Junxiao Bi) [Orabug: 32957529] - blk-mq: fix blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957529] - blk-mq: split out a __blk_mq_get_driver_tag helper (Christoph Hellwig) [Orabug: 32957529] - blk-mq: drain I/O when all CPUs in a hctx are offline (Ming Lei) [Orabug: 32957529] - blk-mq: add blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957529] - Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka) [Orabug: 32912101] {CVE-2021-33034} - rds: ib: Remove two ib_modify_qp() calls (Hakon Bugge) [Orabug: 32762731] - IB/cma: Introduce rdma_set_min_rnr_timer() (Hakon Bugge) [Orabug: 32762731] - scsi: bnx2fc: Return failure if io_req is already in ABTS processing (Gulam Mohamed) [Orabug: 32134986] [4.14.35-2047.505.2] - KVM: x86: Consider LAPIC TSC-Deadline timer expired if deadline too short (Liran Alon) [Orabug: 32992668] - secureboot: make sure kernel-signing.cer is copied to kernel-keys dir (Brian Maly) [Orabug: 32982947] - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() (Rafael J. Wysocki) [Orabug: 32977843] - ACPI: tables: x86: Reserve memory occupied by ACPI tables (Rafael J. Wysocki) [Orabug: 32977843] - uek-rpm: update kABI lists for a new symbol (Saeed Mirzamohammadi) [Orabug: 32965746] - {net, IB}/mlx4: Initialize CQ buffers in the driver when possible (Daniel Jurgens) [Orabug: 32913303] - bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912035] {CVE-2021-32399} - IB/core: Only update PKEY and GID caches on respective events (Hakon Bugge) [Orabug: 32816367] - RDMA/mlx4: Enable querying AH for XRC QP types (Avihai Horon) [Orabug: 32568907] - RDMA/mlx5: Enable querying AH for XRC QP types (Avihai Horon) [Orabug: 32568907] - uek-rpm: add missing ARM_SPE_PMU for aarch64 (Russell King) [Orabug: 27825982] - Revert 'drivers/perf: arm_spe_pmu does not build as a module' (Tom Saeger) [Orabug: 27825982] - perf: arm_spe: Enable ACPI/Platform automatic module loading (Jeremy Linton) [Orabug: 27825982] - arm_pmu: acpi: spe: Add initial MADT/SPE probing (Jeremy Linton) [Orabug: 27825982] - ACPI/PPTT: Add function to return ACPI 6.3 Identical tokens (Jeremy Linton) [Orabug: 27825982] - ACPI/PPTT: Modify node flag detection to find last IDENTICAL (Jeremy Linton) [Orabug: 27825982] - drivers/perf: arm_spe: Dont error on high-order pages for aux buf (Will Deacon) [Orabug: 27825982] - ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags (Erik Schmauss) [Orabug: 27825982] - ACPICA: ACPI 6.3: MADT: add support for statistical profiling in GICC (Erik Schmauss) [Orabug: 27825982] - perf: arm_spe: handle devm_kasprintf() failure (Nicholas Mc Guire) [Orabug: 27825982] - perf: arm_spe: Enable automatic DT loading (Jeremy Linton) [Orabug: 27825982] - drivers/perf: Initialise return value in armpmu_request_irqs() (Will Deacon) [Orabug: 27825982] - ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set (Sudeep Holla) [Orabug: 27825982] - ACPI / PPTT: fix build when CONFIG_ACPI_PPTT is not enabled (Sudeep Holla) [Orabug: 27825982] - arm_pmu: Use disable_irq_nosync when disabling SPI in CPU teardown hook (Will Deacon) [Orabug: 27825982] - ACPICA: Restructure ACPI table files (Erik Schmauss) [Orabug: 27825982] - arm_pmu: acpi: request IRQs up-front (Mark Rutland) [Orabug: 27825982] - arm_pmu: note IRQs and PMUs per-cpu (Mark Rutland) [Orabug: 27825982] - arm_pmu: explicitly enable/disable SPIs at hotplug (Mark Rutland) [Orabug: 27825982] - arm_pmu: acpi: check for mismatched PPIs (Mark Rutland) [Orabug: 27825982] - arm_pmu: add armpmu_alloc_atomic() (Mark Rutland) [Orabug: 27825982] - arm_pmu: fold platform helpers into platform code (Mark Rutland) [Orabug: 27825982] - arm_pmu: kill arm_pmu_platdata (Mark Rutland) [Orabug: 27825982] - arm/arm64: pmu: Distinguish percpu irq and percpu_devid irq (Julien Thierry) [Orabug: 27825982] - irqdesc: Add function to identify percpu_devid irqs (Julien Thierry) [Orabug: 27825982] - perf/core: Export AUX buffer helpers to modules (Will Deacon) [Orabug: 27825982] - genirq: export irq_get_percpu_devid_partition to modules (Will Deacon) [Orabug: 27825982] - Linux 4.14.219 (Greg Kroah-Hartman) - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN (Pengcheng Yang) - team: protect features update by RCU to avoid deadlock (Ivan Vecera) - NFC: fix possible resource leak (Pan Bian) - NFC: fix resource leak when target index is invalid (Pan Bian) - iommu/vt-d: Dont dereference iommu_device if IOMMU_API is not built (Bartosz Golaszewski) - iommu/vt-d: Gracefully handle DMAR units with no supported address widths (David Woodhouse) - x86/entry/64/compat: Fix 'x86/entry/64/compat: Preserve r8-r11 in int /u03/ksharma/errata_processing/work/el7cn11/db_7cn11.ELSA-2021-9351x80' (Andy Lutomirski) - x86/entry/64/compat: Preserve r8-r11 in int /u03/ksharma/errata_processing/work/el7cn11/db_7cn11.ELSA-2021-9351x80 (Andy Lutomirski) - can: dev: prevent potential information leak in can_fill_info() (Dan Carpenter) - mac80211: pause TX while changing interface type (Johannes Berg) - iwlwifi: pcie: reschedule in long-running memory reads (Johannes Berg) - iwlwifi: pcie: use jiffies for memory read spin time limit (Johannes Berg) - RDMA/cxgb4: Fix the reported max_recv_sge value (Kamal Heib) - xfrm: Fix oops in xfrm_replay_advance_bmp (Shmulik Ladkani) - netfilter: nft_dynset: add timeout extension to template (Pablo Neira Ayuso) - ARM: imx: build suspend-imx6.S with arm instruction set (Max Krummenacher) - xen-blkfront: allow discard-* nodes to be optional (Roger Pau Monne) - mt7601u: fix rx buffer refcounting (Lorenzo Bianconi) - mt7601u: fix kernel crash unplugging the device (Lorenzo Bianconi) - leds: trigger: fix potential deadlock with libata (Andrea Righi) - xen: Fix XenStore initialisation for XS_LOCAL (David Woodhouse) - KVM: x86: get smi pending status correctly (Jay Zhou) - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] (Like Xu) - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[] (Claudiu Beznea) - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs (Sudeep Holla) - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family (Giacinto Cifelli) - wext: fix NULL-ptr-dereference with cfg80211s lack of commit() (Johannes Berg) - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (Koen Vandeputte) - ACPI: sysfs: Prefer 'compatible' modalias (Kai-Heng Feng) - Linux 4.14.218 (Greg Kroah-Hartman) - fs: fix lazytime expiration handling in __writeback_single_inode() (Eric Biggers) - writeback: Drop I_DIRTY_TIME_EXPIRE (Jan Kara) - fs: move I_DIRTY_INODE to fs.h (Christoph Hellwig) - x86/boot/compressed: Disable relocation relaxation (Arvind Sankar) - tracing: Fix race in trace_open and buffer resize call (Gaurav Kohli) - Revert 'mm/slub: fix a memory leak in sysfs_slab_add()' (Wang Hai) - gpio: mvebu: fix pwm .get_state period calculation (Baruch Siach) - futex: futex_wake_op, fix sign_extend32 sign bits (Jiri Slaby) - net: dsa: b53: fix an off by one in checking 'vlan->vid' (Dan Carpenter) - net_sched: avoid shift-out-of-bounds in tcindex_set_parms() (Eric Dumazet) - ipv6: create multicast route with RTPROT_KERNEL (Matteo Croce) - udp: mask TOS bits in udp_v4_early_demux() (Guillaume Nault) - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too (Alexander Lobakin) - sh_eth: Fix power down vs. is_opened flag ordering (Geert Uytterhoeven) - sh: dma: fix kconfig dependency for G2_DMA (Necip Fazil Yildiran) - netfilter: rpfilter: mask ecn bits before fib lookup (Guillaume Nault) - compiler.h: Raise minimum version of GCC to 5.1 for arm64 (Will Deacon) - xhci: tegra: Delay for disabling LFPS detector (JC Kuo) - xhci: make sure TRB is fully written before giving it to the controller (Mathias Nyman) - usb: bdc: Make bdc pci driver depend on BROKEN (Patrik Jakobsson) - usb: udc: core: Use lock when write to soft_connect (Thinh Nguyen) - USB: ehci: fix an interrupt calltrace error (Longfang Liu) - ehci: fix EHCI host controller initialization sequence (Eugene Korenevsky) - stm class: Fix module init return on allocation failure (Wang Hui) - intel_th: pci: Add Alder Lake-P support (Alexander Shishkin) - irqchip/mips-cpu: Set IPI domain parent chip (Mathias Kresin) - iio: ad5504: Fix setting power-down state (Lars-Peter Clausen) - can: vxcan: vxcan_xmit: fix use after free bug (Vincent Mailhol) - can: dev: can_restart: fix use after free bug (Vincent Mailhol) - i2c: octeon: check correct size of maximum RECV_LEN packet (Wolfram Sang) - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields (Ben Skeggs) - drm/nouveau/privring: ack interrupts the same way as RM (Ben Skeggs) - drm/nouveau/bios: fix issue shadowing expansion ROMs (Ben Skeggs) - xen: Fix event channel callback via INTX/GSI (David Woodhouse) - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback (Can Guo) - ASoC: Intel: haswell: Add missing pm_ops (Cezary Rojewski) - drm/atomic: put state on error path (Pan Bian) - dm: avoid filesystem lookup in dm_get_dev_t() (Hannes Reinecke) - mmc: sdhci-xenon: fix 1.8v regulator stabilization (Alex Leibovich) - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error (Hans de Goede) - ALSA: hda/via: Add minimum mute flag (Takashi Iwai) - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info() (Takashi Iwai) - i2c: bpmp-tegra: Ignore unknown I2C_M flags (Mikko Perttunen) - Linux 4.14.217 (Greg Kroah-Hartman) - spi: cadence: cache reference clock rate during probe (Michael Hennerich) - net: ipv6: Validate GSO SKB before finish IPv6 processing (Aya Levin) - net: skbuff: disambiguate argument and member for skb_list_walk_safe helper (Jason A. Donenfeld) - net: introduce skb_list_walk_safe for skb segment walking (Jason A. Donenfeld) - net: use skb_list_del_init() to remove from RX sublists (Edward Cree) - tipc: fix NULL deref in tipc_link_xmit() (Hoang Le) - rxrpc: Fix handling of an unsupported token type in rxrpc_read() (David Howells) - net: avoid 32 x truesize under-estimation for tiny skbs (Eric Dumazet) - net: sit: unregister_netdevice on newlinks error path (Jakub Kicinski) - net: stmmac: Fixed mtu channged by cache aligned (David Wu) - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands (Petr Machata) - net: dcb: Validate netlink message in DCB handler (Petr Machata) - esp: avoid unneeded kmap_atomic call (Willem de Bruijn) - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request (Andrey Zhizhikin) - netxen_nic: fix MSI/MSI-x interrupts (Manish Chopra) - nfsd4: readdirplus shouldnt return parent of export (J. Bruce Fields) - usb: ohci: Make distrust_firmware param default to false (Hamish Martin) - netfilter: conntrack: fix reading nf_conntrack_buckets (Jesper Dangaard Brouer) - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (Geert Uytterhoeven) - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() (Geert Uytterhoeven) - dm: eliminate potential source of excessive kernel log noise (Mike Snitzer) - net: sunrpc: interpret the return value of kstrtou32 correctly (j.nixdorf@avm.de) - mm, slub: consider rest of partial list if acquire_slab() fails (Jann Horn) - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (Dinghao Liu) - ext4: fix superblock checksum failure when setting password salt (Jan Kara) - NFS: nfs_igrab_and_active must first reference the superblock (Trond Myklebust) - pNFS: Mark layout for return if return-on-close was not sent (Trond Myklebust) - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock (Dave Wysochanski) - ASoC: Intel: fix error code cnl_set_dsp_D0() (Dan Carpenter) - dump_common_audit_data(): fix racy accesses to ->d_name (Al Viro) - ARM: picoxcell: fix missing interrupt-parent properties (Arnd Bergmann) - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI (Shawn Guo) - net: ethernet: fs_enet: Add missing MODULE_LICENSE (Michael Ellerman) - misdn: dsp: select CONFIG_BITREVERSE (Arnd Bergmann) to fix build error on ARC (Randy Dunlap) - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (Rasmus Villemoes) - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan (Filipe Manana) - ARC: build: add boot_targets to PHONY (Masahiro Yamada) - ARC: build: add uImage.lzma to the top-level target (Masahiro Yamada) - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE (Masahiro Yamada) - ext4: fix bug for rename with RENAME_WHITEOUT (yangerkun) - r8152: Add Lenovo Powered USB-C Travel Hub (Leon Schuermann) - dm snapshot: flush merged data before committing metadata (Akilesh Kailash) - mm/hugetlb: fix potential missing huge page size info (Miaohe Lin) - ACPI: scan: Harden acpi_device_add() against device ID overflows (Dexuan Cui) - MIPS: relocatable: fix possible boot hangup with KASLR enabled (Alexander Lobakin) - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB (Paul Cercueil) - ASoC: dapm: remove widget from dirty list on free (Thomas Hebb) [4.14.35-2047.505.1] - uek-rpm: config-aarch-embedded2 add missing networking options (Thomas Tai) [Orabug: 32961737] - uek-rpm: config-aarch-embedded2 update for networking options (Thomas Tai) [Orabug: 32961737] - RDS tcp loopback connection can hang (Rao Shoaib) [Orabug: 32926881] - net/rds: Passive connections always yield (Gerd Rausch) [Orabug: 32925131] - mm, vmstat: drop zone->lock in /proc/pagetypeinfo (Stephen Brennan) [Orabug: 32921246] - net/rds: Prevent the cm_id from being pulled right under our feet (Gerd Rausch) [Orabug: 32908885] - Linux 4.14.216 (Greg Kroah-Hartman) - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet (Vasily Averin) - block: fix use-after-free in disk_part_iter_next (Ming Lei) - KVM: arm64: Dont access PMCR_EL0 when no PMU is available (Marc Zyngier) - wan: ds26522: select CONFIG_BITREVERSE (Arnd Bergmann) - net/mlx5e: Fix two double free cases (Dinghao Liu) - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (Dinghao Liu) - iommu/intel: Fix memleak in intel_irq_remapping_alloc (Dinghao Liu) - block: rsxx: select CONFIG_CRC32 (Arnd Bergmann) - wil6210: select CONFIG_CRC32 (Arnd Bergmann) - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (Shravya Kumbham) - dmaengine: xilinx_dma: check dma_async_device_register return value (Shravya Kumbham) - spi: stm32: FIFO threshold level - fix align packet size (Roman Guskov) - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() (Colin Ian King) - i2c: sprd: use a specific timeout to avoid system hang up issue (Chunyan Zhang) - ARM: OMAP2+: omap_device: fix idling of devices during probe (Andreas Kemnade) - iio: imu: st_lsm6dsx: fix edge-trigger interrupts (Lorenzo Bianconi) - iio: imu: st_lsm6dsx: flip irq return logic (Sean Nyekjaer) - spi: pxa2xx: Fix use-after-free on unbind (Lukas Wunner) - ubifs: wbuf: Dont leak kernel memory to flash (Richard Weinberger) - drm/i915: Fix mismatch between misplaced vma check and vma insert (Chris Wilson) - vmlinux.lds.h: Add PGO and AutoFDO input sections (Nick Desaulniers) - x86/resctrl: Dont move a task to the same resource group (Fenghua Yu) - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR (Fenghua Yu) - net: fix pmtu check in nopmtudisc mode (Florian Westphal) - net: ip: always refragment ip defragmented packets (Florian Westphal) - net: vlan: avoid leaks on register_vlan_dev() failures (Jakub Kicinski) - net: cdc_ncm: correct overhead in delayed_ndp_size (Jouni K. Seppanen) - powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (Mathieu Desnoyers) - Linux 4.14.215 (Greg Kroah-Hartman) - KVM: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) - x86/mtrr: Correct the range check before performing MTRR type lookups (Ying-Tsun Huang) - netfilter: xt_RATEEST: reject non-null terminated string from userspace (Florian Westphal) - netfilter: ipset: fix shift-out-of-bounds in htable_bits() (Vasily Averin) - Revert 'device property: Keep secondary firmware node secondary by type' (Bard Liao) - ALSA: hda/realtek - Fix speaker volume control on Lenovo C940 (Kailang Yang) - ALSA: hda/conexant: add a new hda codec CX11970 (bo liu) - x86/mm: Fix leak of pmd ptlock (Dan Williams) - USB: serial: keyspan_pda: remove unused variable (Johan Hovold) - usb: gadget: configfs: Fix use-after-free issue with udc_name (Eddie Hung) - usb: gadget: configfs: Preserve function ordering after bind failure (Chandana Kishori Chiluveru) - usb: gadget: Fix spinlock lockup on usb_function_deactivate (Sriharsha Allenki) - USB: gadget: legacy: fix return error code in acm_ms_bind() (Yang Yingliang) - usb: gadget: function: printer: Fix a memory leak for interface descriptor (Zqiang) - usb: gadget: f_uac2: reset wMaxPacketSize (Jerome Brunet) - usb: gadget: select CONFIG_CRC32 (Arnd Bergmann) - ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks (Takashi Iwai) - USB: usblp: fix DMA to stack (Johan Hovold) - USB: yurex: fix control-URB timeout handling (Johan Hovold) - USB: serial: option: add Quectel EM160R-GL (Bjorn Mork) - USB: serial: option: add LongSung M5710 module support (Daniel Palmer) - USB: serial: iuu_phoenix: fix DMA from stack (Johan Hovold) - usb: uas: Add PNY USB Portable SSD to unusual_uas (Thinh Nguyen) - usb: usbip: vhci_hcd: protect shift size (Randy Dunlap) - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Michael Grzeschik) - usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data() (Yu Kuai) - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion (Serge Semin) - USB: cdc-acm: blacklist another IR Droid device (Sean Young) - usb: gadget: enable super speed plus (taehyun.cho) - crypto: ecdh - avoid buffer overflow in ecdh_set_secret() (Ard Biesheuvel) - net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE (Florian Fainelli) - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations (Stefan Chulski) - net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) - net: sched: prevent invalid Scell_log shift count (Randy Dunlap) - vhost_net: fix ubuf refcount incorrectly when sendmsg fails (Yunjian Wang) - net: usb: qmi_wwan: add Quectel EM160R-GL (Bjorn Mork) - CDC-NCM: remove 'connected' log message (Roland Dreier) - net: hdlc_ppp: Fix issues when mod_timer is called while timer is running (Xie He) - net: hns: fix return value check in __lb_other_process() (Yunjian Wang) - ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst() (Guillaume Nault) - net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (Grygorii Strashko) - net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) - net: ethernet: Fix memleak in ethoc_probe (Dinghao Liu) - net/ncsi: Use real net-device for response handler (John Wang) - virtio_net: Fix recursive call to cpus_read_lock() (Jeff Dike) - qede: fix offload for IPIP tunnel packets (Manish Chopra) - atm: idt77252: call pci_disable_device() on error path (Dan Carpenter) - ethernet: ucc_geth: set dev->max_mtu to 1518 (Rasmus Villemoes) - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (Rasmus Villemoes) - depmod: handle the case of /sbin/depmod without /sbin in PATH (Linus Torvalds) - lib/genalloc: fix the overflow when size is too big (Huang Shijie) - scsi: ide: Do not set the RQF_PREEMPT flag for sense requests (Bart Van Assche) - scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (Adrian Hunter) - workqueue: Kick a worker based on the actual activation of delayed works (Yunfeng Ye) - kbuild: dont hardcode depmod path (Dominique Martinet) - Linux 4.14.214 (Greg Kroah-Hartman) - iio:magnetometer:mag3110: Fix alignment and data leak issues. (Jonathan Cameron) - iio:imu:bmi160: Fix alignment and data leak issues (Jonathan Cameron) - kdev_t: always inline major/minor helper functions (Josh Poimboeuf) - dm verity: skip verity work if I/O error when system is shutting down (Hyeongseok Kim) - ALSA: pcm: Clear the full allocated memory at hw_params (Takashi Iwai) - module: delay kobject uevent until after module init call (Jessica Yu) - powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (Qinglang Miao) - quota: Dont overflow quota file offsets (Jan Kara) - module: set MODULE_STATE_GOING state when a module fails to load (Miroslav Benes) - rtc: sun6i: Fix memleak in sun6i_rtc_clk_init (Dinghao Liu) - ALSA: seq: Use bool for snd_seq_queue internal flags (Takashi Iwai) - media: gp8psk: initialize stats at power control logic (Mauro Carvalho Chehab) - misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells() (Anant Thazhemadam) - reiserfs: add check for an invalid ih_entry_count (Rustam Kovhaev) - of: fix linker-section match-table corruption (Johan Hovold) (Petr Vorel) - powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (Christophe Leroy) - USB: serial: digi_acceleport: fix write-wakeup deadlocks (Johan Hovold) - s390/dasd: fix hanging device offline processing (Stefan Haberland) - vfio/pci: Move dummy_resources_list init in vfio_pci_probe() (Eric Auger) - mm: memcontrol: implement lruvec stat functions on top of each other (Johannes Weiner) - mm: memcontrol: eliminate raw access to stat and event counters (Johannes Weiner) - ALSA: usb-audio: fix sync-ep altsetting sanity check (Johan Hovold) - ALSA: usb-audio: simplify set_sync_ep_implicit_fb_quirk (Alberto Aguirre) - ALSA: hda/ca0132 - Fix work handling in delayed HP detection (Takashi Iwai) - md/raid10: initialize r10_bio->read_slot before use. (Kevin Vigor) - x86/entry/64: Add instruction suffix (Jan Beulich) [4.14.35-2047.505.0] - cipso,calipso: resolve a number of problems with the DOI refcounts (Paul Moore) [Orabug: 32912072] {CVE-2021-33033} - sctp: delay auto_asconf init until binding the first addr (Xin Long) [Orabug: 32907969] {CVE-2021-23133} {CVE-2021-23133} - scsi: core: add scsi_host_busy_iter() (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Use scsi_host_busy_iter() to traverse commands (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io() (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Validate io_req before others (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Set scsi_set_resid() only for underflow (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 (Dinghao Liu) [Orabug: 32621218] - scsi: fnic: Avoid looping in TRANS ETH on unload (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Change shost_printk() to FNIC_FCS_DBG() (Karan Tilak Kumar) [Orabug: 32621218] - scsi: fnic: Simplify the return expression of vnic_wq_copy_alloc() (Liu Shixin) [Orabug: 32621218] - scsi: fnic: Fix inconsistent format argument type in fnic_debugfs.c (Ye Bin) [Orabug: 32621218] - scsi: fnic: Do not call 'scsi_done()' for unhandled commands (Hannes Reinecke) [Orabug: 32621218] - scsi: fnic: Remove unneeded semicolon (Jason Yan) [Orabug: 32621218] - scsi: fnic: Remove set but not used variable in is_fnic_fip_flogi_reject() (Jason Yan) [Orabug: 32621218] - scsi: fnic: Remove set but not used 'old_vlan' (Jason Yan) [Orabug: 32621218] - scsi: fnic: Use eth_broadcast_addr() to assign broadcast address (Miaohe Lin) [Orabug: 32621218] - scsi: fnic: Use true, false for fnic->internal_reset_inprogress (Jason Yan) [Orabug: 32621218] - scsi: fnic: make vnic_wq_get_ctrl and vnic_wq_alloc_ring static (Jason Yan) [Orabug: 32621218] - scsi: fnic: make fnic_list and fnic_list_lock static (Jason Yan) [Orabug: 32621218] - scsi: fnic: make some symbols static (Jason Yan) [Orabug: 32621218] - scsi: fnic: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 32621218] - scsi: fnic: make array dev_cmd_err static const, makes object smaller (Colin Ian King) [Orabug: 32621218] - scsi: fnic: print port speed only at driver init or speed change (John Pittman) [Orabug: 32621218] - scsi: fnic: remove redundant assignment of variable rc (Colin Ian King) [Orabug: 32621218] - scsi: fnic: Remove set but not used variable 'vdev' (YueHaibing) [Orabug: 32621218] - scsi: fnic: no need to check return value of debugfs_create functions (Greg Kroah-Hartman) [Orabug: 32621218] - scsi: fnic: Update fnic driver version to 1.6.0.47 (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Enable fnic devcmd2 interface (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Adding devcmd2 init and posting interfaces (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Add devcmd2 initialization helpers (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic devcmd2 controller definitions (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic devcmd2 interface definitions (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Impose upper limit on max. # of CQs processed per intr (Satish Kharat) [Orabug: 32621218] - scsi: fnic: RQ enable and then post descriptors (Satish Kharat) [Orabug: 32621218] - scsi: fnic: delaying vnic dev enable till after req intr (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Warn when calling done for IO not issued to fw (Satish Kharat) [Orabug: 32621218] - scsi: fnic: fnic stats for max CQs processed and ISR time (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Add port speed stat to fnic debug stats (Satish Kharat) [Orabug: 32621218] - scsi: fnic: use fnic_lock to guard fnic->state_flags (Satish Kharat) [Orabug: 32621218] - scsi: fnic: vnic_rq_clean change BUG_ON to WARN_ON (Satish Kharat) [Orabug: 32621218] - scsi: fnic: change fnic queue depth to 256 (Satish Kharat) [Orabug: 32621218] - scsi: fnic: support to display 20G port speed (Satish Kharat) [Orabug: 32621218] - scsi: fnic: Use vzalloc (Sabyasachi Gupta) [Orabug: 32621218] - fnic: fix fnic_scsi_host_{start,end}_tag (Christoph Hellwig) [Orabug: 32621218] - scsi: fnic: replace gross legacy tag hack with blk-mq hack (Jens Axboe) [Orabug: 32621218] - scsi: fnic: switch to generic DMA API (Christoph Hellwig) [Orabug: 32621218] - scsi: fnic: fix spelling mistake in fnic stats 'Abord' -> 'Abort' (Colin Ian King) [Orabug: 32621218] - scsi: fnic: use 64-bit timestamps (Arnd Bergmann) [Orabug: 32621218] - scsi: fnic: use kzalloc in fnic_fcoe_process_vlan_resp (Rasmus Villemoes) [Orabug: 32621218] - scsi: fnic: add a space after %p in printf format (Nicolas Iooss) [Orabug: 32621218] - scsi: fnic: Fix coccinelle warnings (Vasyl Gomonovych) [Orabug: 32621218] - scsi: iscsi: Fix iSCSI cls conn state (Gulam Mohamed) [Orabug: 31669275] - iscsi: Fix race condition between login and sync thread (Gulam Mohamed) [Orabug: 31669275] - Linux 4.14.213 (Greg Kroah-Hartman) - PCI: Fix pci_slot_release() NULL pointer dereference (Jubin Zhong) - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels (Dan Williams) - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (Terry Zhou) - md/cluster: fix deadlock when node is doing resync job (Zhao Heming) - iio:imu:bmi160: Fix too large a buffer. (Jonathan Cameron) - iio:pressure:mpl3115: Force alignment of buffer (Jonathan Cameron) - iio:light:rpr0521: Fix timestamp alignment and prevent data leak. (Jonathan Cameron) - iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (Qinglang Miao) - iio: buffer: Fix demux update (Nuno Sa) - mtd: parser: cmdline: Fix parsing of part-names with colons (Sven Eckelmann) - soc: qcom: smp2p: Safely acquire spinlock without IRQs (Evan Green) - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (Lukas Wunner) - spi: sc18is602: Dont leak SPI master in probe error path (Lukas Wunner) - spi: rb4xx: Dont leak SPI master in probe error path (Lukas Wunner) - spi: pic32: Dont leak DMA channels in probe error path (Lukas Wunner) - spi: davinci: Fix use-after-free on unbind (Lukas Wunner) - spi: spi-sh: Fix use-after-free on unbind (Lukas Wunner) - drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (Zwane Mwaikambo) - jfs: Fix array index bounds check in dbAdjTree (Dave Kleikamp) - jffs2: Fix GC exit abnormally (Zhe Li) - ceph: fix race in concurrent __ceph_remove_cap invocations (Luis Henriques) - ima: Dont modify file descriptor mode on the fly (Roberto Sassu) - powerpc/powernv/memtrace: Dont leak kernel memory to user space (David Hildenbrand) - powerpc/xmon: Change printk() to pr_cont() (Christophe Leroy) - powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter (Tyrel Datwyler) - ARM: dts: at91: sama5d2: fix CAN message ram offset and size (Nicolas Ferre) - KVM: arm64: Introduce handling of AArch32 TTBCR2 traps (Marc Zyngier) - ext4: fix deadlock with fs freezing and EA inodes (Jan Kara) - ext4: fix a memory leak of ext4_free_data (Chunguang Xu) - USB: serial: keyspan_pda: fix write unthrottling (Johan Hovold) - USB: serial: keyspan_pda: fix tx-unthrottle use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix write-wakeup use-after-free (Johan Hovold) - USB: serial: keyspan_pda: fix stalled writes (Johan Hovold) - USB: serial: keyspan_pda: fix write deadlock (Johan Hovold) - USB: serial: keyspan_pda: fix dropped unthrottle interrupts (Johan Hovold) - USB: serial: mos7720: fix parallel-port state restore (Johan Hovold) - EDAC/amd64: Fix PCI component registration (Borislav Petkov) - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (Ard Biesheuvel) - powerpc/perf: Exclude kernel samples while counting events in user space. (Athira Rajeev) - staging: comedi: mf6x4: Fix AI end-of-conversion detection (Ian Abbott) - s390/dasd: fix list corruption of lcu list (Stefan Haberland) - s390/dasd: fix list corruption of pavgroup group list (Stefan Haberland) - s390/dasd: prevent inconsistent LCU device data (Stefan Haberland) - s390/smp: perform initial CPU reset also for SMT siblings (Sven Schnelle) - ALSA: usb-audio: Disable sample read check if firmware doesnt give back (Takashi Iwai) - ALSA: pcm: oss: Fix a few more UBSAN fixes (Takashi Iwai) - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (Chris Chiu) - ACPI: PNP: compare the string length in the matching_id() (Hui Wang) - Revert 'ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks' (Daniel Scally) - PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup() (Rafael J. Wysocki) - Input: cyapa_gen6 - fix out-of-bounds stack access (Arnd Bergmann) - media: netup_unidvb: Dont leak SPI master in probe error path (Lukas Wunner) - media: sunxi-cir: ensure IR is handled when it is continuous (Sean Young) - media: gspca: Fix memory leak in probe (Alan Stern) - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (Simon Beginn) - Input: cros_ec_keyb - send 'scancodes' in addition to key events (Dmitry Torokhov) - fix namespaced fscaps when !CONFIG_SECURITY (Serge Hallyn) - cfg80211: initialize rekey_data (Sara Sharon) - clk: sunxi-ng: Make sure divider tables have sentinel (Jernej Skrabec) - clk: s2mps11: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - qlcnic: Fix error code in probe (Dan Carpenter) - perf record: Fix memory leak when using '--user-regs=?' to list registers (Zheng Zengkai) - pwm: lp3943: Dynamically allocate PWM chip base (Lokesh Vutla) - pwm: zx: Add missing cleanup in error path (Uwe Kleine-Konig) - clk: ti: Fix memleak in ti_fapll_synth_setup (Zhang Qilong) - watchdog: coh901327: add COMMON_CLK dependency (Arnd Bergmann) - watchdog: qcom: Avoid context switch in restart handler (Manivannan Sadhasivam) - net: korina: fix return value (Vincent Stehle) - net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (Christophe JAILLET) - net: bcmgenet: Fix a resource leak in an error handling path in the probe functin (Christophe JAILLET) - checkpatch: fix unescaped left brace (Dwaipayan Ray) - powerpc/ps3: use dma_mapping_error() (Vincent Stehle) - nfc: s3fwrn5: Release the nfc firmware (Bongsu Jeon) - um: chan_xterm: Fix fd leak (Anton Ivanov) - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (Guenter Roeck) - irqchip/alpine-msi: Fix freeing of interrupts on allocation error path (Marc Zyngier) - ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (Dan Carpenter) - extcon: max77693: Fix modalias string (Marek Szyprowski) - clk: tegra: Fix duplicated SE clock entry (Dmitry Osipenko) - x86/kprobes: Restore BTF if the single-stepping is cancelled (Masami Hiramatsu) - nfs_common: need lock during iterate through the list (Cheng Lin) - nfsd: Fix message level for normal termination (kazuo ito) - speakup: fix uninitialized flush_lock (Yang Yingliang) - usb: oxu210hp-hcd: Fix memory leak in oxu_create (Zhang Qilong) - usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (Zhang Qilong) - powerpc/pseries/hibernation: remove redundant cacheinfo update (Nathan Lynch) - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops (Nathan Lynch) - scsi: fnic: Fix error return code in fnic_probe() (Zhang Changzhong) - scsi: pm80xx: Fix error return in pm8001_pci_probe() (Zhang Qilong) - scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe (Qinglang Miao) - cpufreq: scpi: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: loongson1: Add missing MODULE_ALIAS (Pali Rohar) - cpufreq: st: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (Pali Rohar) - clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (Keqian Zhu) - dm ioctl: fix error return code in target_message (Qinglang Miao) - ASoC: jz4740-i2s: add missed checks for clk_get() (Chuhong Yuan) - net/mlx5: Properly convey driver version to firmware (Leon Romanovsky) - memstick: r592: Fix error return in r592_probe() (Jing Xiangfeng) - arm64: dts: rockchip: Fix UART pull-ups on rk3328 (Chen-Yu Tsai) - pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (Yu Kuai) - ARM: dts: at91: sama5d2: map securam as device (Claudiu Beznea) - clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (Yu Kuai) - media: saa7146: fix array overflow in vidioc_s_audio() (Dan Carpenter) - vfio-pci: Use io_remap_pfn_range() for PCI IO memory (Jason Gunthorpe) - NFS: switch nfsiod to be an UNBOUND workqueue. (NeilBrown) - SUNRPC: xprt_load_transport() needs to support the netid 'rdma6' (Trond Myklebust) - NFSv4.2: condition READDIRs mask for security label based on LSM state (Olga Kornievskaia) - ath10k: Release some resources in an error handling path (Christophe JAILLET) - ath10k: Fix an error handling path (Christophe JAILLET) - ARM: dts: at91: at91sam9rl: fix ADC triggers (Alexandre Belloni) - PCI: iproc: Fix out-of-bound array accesses (Bharat Gooty) - genirq/irqdomain: Dont try to free an interrupt that has no mapping (Marc Zyngier) - power: supply: bq24190_charger: fix reference leak (Zhang Qilong) - ARM: dts: Remove non-existent i2c1 from 98dx3236 (Chris Packham) - HSI: omap_ssi: Dont jump to free ID in ssi_add_controller() (Jing Xiangfeng) - media: max2175: fix max2175_set_csm_mode() error code (Dan Carpenter) - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover (Qinglang Miao) - samples: bpf: Fix lwt_len_hist reusing previous BPF map (Daniel T. Lee) - media: siano: fix memory leak of debugfs members in smsdvb_hotplug (Keita Suzuki) - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (Qinglang Miao) - orinoco: Move context allocation after processing the skb (Sebastian Andrzej Siewior) - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (Cristian Birsan) - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (Cristian Birsan) - memstick: fix a double-free bug in memstick_check (Qinglang Miao) - RDMA/cxgb4: Validate the number of CQEs (Kamal Heib) - Input: omap4-keypad - fix runtime PM error handling (Zhang Qilong) - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (Zhihao Cheng) - soc: ti: Fix reference imbalance in knav_dma_probe (Zhang Qilong) - soc: ti: knav_qmss: fix reference leak in knav_queue_probe (Zhang Qilong) - crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (Zhang Qilong) - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 (Christophe Leroy) - Input: ads7846 - fix unaligned access on 7845 (Dmitry Torokhov) - Input: ads7846 - fix integer overflow on Rt calculation (Oleksij Rempel) - Input: ads7846 - fix race that causes missing releases (David Jander) - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (Yang Yingliang) - media: solo6x10: fix missing snd_card_free in error handling case (Qinglang Miao) - scsi: core: Fix VPD LUN ID designator priorities (Martin Wilck) - media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (Yu Kuai) - staging: greybus: codecs: Fix reference counter leak in error handling (Zhang Qilong) - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA (Necip Fazil Yildiran) - RDMa/mthca: Work around -Wenum-conversion warning (Arnd Bergmann) - ASoC: arizona: Fix a wrong free in wm8997_probe (Zhang Qilong) - ASoC: wm8998: Fix PM disable depth imbalance on error (Zhang Qilong) - mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (Tsuchiya Yuto) - spi: tegra114: fix reference leak in tegra spi ops (Zhang Qilong) - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (Zhang Qilong) - spi: tegra20-slink: fix reference leak in slink ops of tegra20 (Zhang Qilong) - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (Zhang Qilong) - Bluetooth: Fix null pointer dereference in hci_event_packet() (Anmol Karn) - arm64: dts: exynos: Correct psci compatible used on Exynos7 (Pawel Chmiel) - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling (Paul Moore) - ASoC: pcm: DRAIN support reactivation (Cezary Rojewski) - spi: img-spfi: fix reference leak in img_spfi_resume (Zhang Qilong) - crypto: talitos - Fix return type of current_desc_hdr() (Christophe Leroy) - sched: Reenable interrupts in do_sched_yield() (Thomas Gleixner) - sched/deadline: Fix sched_dl_global_validate() (Peng Liu) - ARM: p2v: fix handling of LPAE translation in BE mode (Ard Biesheuvel) - x86/mm/ident_map: Check for errors from ident_pud_init() (Arvind Sankar) - RDMA/rxe: Compute PSN windows correctly (Bob Pearson) - selinux: fix error initialization in inode_doinit_with_dentry() (Tianyue Ren) - RDMA/bnxt_re: Set queue pair state when being queried (Kamal Heib) - soc: mediatek: Check if power domains can be powered on at boot time (Nicolas Boichat) - soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (Dan Carpenter) - drm/gma500: fix double free of gma_connector (Tom Rix) - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (Peilin Ye) - md: fix a warning caused by a race between concurrent md_ioctl()s (Dae R. Jeong) - crypto: af_alg - avoid undefined behavior accessing salg_name (Eric Biggers) - media: msi2500: assign SPI bus number dynamically (Antti Palosaari) - quota: Sanity-check quota file headers on load (Jan Kara) - serial_core: Check for port state when tty is in error state (Alexey Kardashevskiy) - HID: i2c-hid: add Vero K147 to descriptor override (Julian Sax) - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU (Krzysztof Kozlowski) - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410 (Krzysztof Kozlowski) - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (Krzysztof Kozlowski) - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (Fabio Estevam) - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (Will McVicker) - usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (Jack Pham) - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (Will McVicker) - USB: gadget: f_acm: add support for SuperSpeed Plus (taehyun.cho) - USB: serial: option: add interface-number sanity check to flag handling (Johan Hovold) - soc/tegra: fuse: Fix index bug in get_process_id (Nicolin Chen) - dm table: Remove BUG_ON(in_interrupt()) (Thomas Gleixner) - scsi: mpt3sas: Increase IOCInit request timeout to 30s (Sreekanth Reddy) - vxlan: Copy needed_tailroom from lowerdev (Sven Eckelmann) - vxlan: Add needed_headroom for lower device (Sven Eckelmann) - drm/tegra: sor: Disable clocks on error in tegra_sor_init() (Qinglang Miao) - kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (Nicholas Piggin) - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (Leon Romanovsky) - can: softing: softing_netdev_open(): fix error handling (Zhang Qilong) - scsi: bnx2i: Requires MMU (Randy Dunlap) - gpio: mvebu: fix potential user-after-free on probe (Baruch Siach) - ARM: dts: sun8i: v3s: fix GIC node memory range (Icenowy Zheng) - pinctrl: baytrail: Avoid clearing debounce value when turning it off (Andy Shevchenko) - pinctrl: merrifield: Set default bias in case no particular value given (Andy Shevchenko) - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi (Xin Xiong) - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (Alexander Sverdlin) - ALSA: pcm: oss: Fix potential out-of-bounds shift (Takashi Iwai) - USB: sisusbvga: Make console support depend on BROKEN (Thomas Gleixner) - USB: UAS: introduce a quirk to set no_write_same (Oliver Neukum) - xhci: Give USB2 ports time to enter U3 in bus suspend (Li Jun) - ALSA: usb-audio: Fix control 'access overflow' errors from chmap (Takashi Iwai) - ALSA: usb-audio: Fix potential out-of-bounds shift (Takashi Iwai) - USB: add RESET_RESUME quirk for Snapscan 1212 (Oliver Neukum) - USB: dummy-hcd: Fix uninitialized array use in init() (Bui Quang Minh) - mac80211: mesh: fix mesh_pathtbl_init() error path (Eric Dumazet) - net: bridge: vlan: fix error return code in __vlan_add() (Zhang Changzhong) - net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux (Martin Blumenstingl) - net: stmmac: delete the eee_ctrl_timer after napi disabled (Fugang Duan) - tcp: fix cwnd-limited bug for TSO deferral where we send nothing (Neal Cardwell) - net: stmmac: free tx skb buffer in stmmac_resume() (Fugang Duan) - PCI: qcom: Add missing reset for ipq806x (Ansuel Smith) - x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (Arvind Sankar) - scsi: be2iscsi: Revert 'Fix a theoretical leak in beiscsi_create_eqs()' (Dan Carpenter) - kbuild: avoid static_assert for genksyms (Arnd Bergmann) - pinctrl: amd: remove debounce filter setting in IRQ type setting (Coiby Xu) - Input: i8042 - add Acer laptops to the i8042 reset list (Chris Chiu) - Input: cm109 - do not stomp on control URB (Dmitry Torokhov) - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (Timo Witte) - soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (Hao Si) - scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (Can Guo) - ARC: stack unwinding: dont assume non-current task is sleeping (Vineet Gupta) - iwlwifi: mvm: fix kernel panic in case of assert during CSA (Sara Sharon) - arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. (Markus Reichl) - iwlwifi: pcie: limit memory read spin time (Johannes Berg) - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe (Nathan Chancellor) - spi: bcm2835aux: Fix use-after-free on unbind (Lukas Wunner) - Linux 4.14.212 (Greg Kroah-Hartman) - x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (Masami Hiramatsu) - Input: i8042 - fix error return code in i8042_setup_aux() (Luo Meng) - i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (Zhihao Cheng) - gfs2: check for empty rgrp tree in gfs2_ri_update (Bob Peterson) - tracing: Fix userstacktrace option for instances (Steven Rostedt (VMware)) - spi: bcm2835: Release the DMA channel if probe fails after dma_init (Peter Ujfalusi) - spi: bcm2835: Fix use-after-free on unbind (Lukas Wunner) - spi: bcm-qspi: Fix use-after-free on unbind (Lukas Wunner) - spi: Introduce device-managed SPI controller allocation (Lukas Wunner) - speakup: Reject setting the speakup line discipline outside of speakup (Samuel Thibault) - i2c: imx: Check for I2SR_IAL after every byte (Christian Eggers) - i2c: imx: Fix reset of I2SR_IAL flag (Christian Eggers) - mm/swapfile: do not sleep with a spin lock held (Qian Cai) - cifs: fix potential use-after-free in cifs_echo_request() (Paulo Alcantara) - ftrace: Fix updating FTRACE_FL_TRAMP (Naveen N. Rao) - ALSA: hda/generic: Add option to enforce preferred_dacs pairs (Takashi Iwai) - ALSA: hda/realtek - Add new codec supported for ALC897 (Kailang Yang) - USB: serial: option: fix Quectel BG96 matching (Bjorn Mork) - USB: serial: option: add support for Thales Cinterion EXS82 (Giacinto Cifelli) - USB: serial: option: add Fibocom NL668 variants (Vincent Palatin) - USB: serial: ch341: sort device-id entries (Johan Hovold) - USB: serial: ch341: add new Product ID for CH341A (Jan-Niklas Burfeind) - USB: serial: kl5kusb105: fix memleak on open (Johan Hovold) - usb: gadget: f_fs: Use local copy of descriptors for userspace copy (Vamsi Krishna Samavedam) - vlan: consolidate VLAN parsing code and limit max parsing depth (Toke Hoiland-Jorgensen) - pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH) (Hans de Goede) - pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output (Hans de Goede) - Linux 4.14.211 (Greg Kroah-Hartman) - RDMA/i40iw: Address an mmap handler exploit in i40iw (Shiraz Saleem) - Input: i8042 - add ByteSpeed touchpad to noloop table (Po-Hsu Lin) - Input: xpad - support Ardwiino Controllers (Sanjay Govind) - ALSA: usb-audio: US16x08: fix value count for level meters (Hector Martin) - dt-bindings: net: correct interrupt flags in examples (Krzysztof Kozlowski) - net/mlx5: Fix wrong address reclaim when command interface is down (Eran Ben Elisha) - net: pasemi: fix error return code in pasemi_mac_open() (Zhang Changzhong) - cxgb3: fix error return code in t3_sge_alloc_qset() (Zhang Changzhong) - net/x25: prevent a couple of overflows (Dan Carpenter) - ibmvnic: Fix TX completion error handling (Thomas Falcon) - ibmvnic: Ensure that SCRQ entry reads are correctly ordered (Thomas Falcon) - ipv4: Fix tos mask in inet_rtm_getroute() (Guillaume Nault) - netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal (Antoine Tenart) - bonding: wait for sysfs kobject destruction before freeing struct slave (Jamie Iles) - usbnet: ipheth: fix connectivity with iOS 14 (Yves-Alexis Perez) - tun: honor IOCB_NOWAIT flag (Jens Axboe) - tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (Alexander Duyck) - sock: set sk_err to ee_errno on dequeue from errq (Willem de Bruijn) - rose: Fix Null pointer dereference in rose_send_frame() (Anmol Karn) - net/af_iucv: set correct sk_protocol for child sockets (Julian Wiedmann) [4.14.35-2047.504.2] - md/raid1: properly indicate failure when ending a failed write request (Paul Clements) [Orabug: 32887159] - video: hyperv_fb: Add ratelimit on error message (Michael Kelley) [Orabug: 32856879] - Drivers: hv: vmbus: Initialize unload_event statically (Andrea Parri (Microsoft)) [Orabug: 32856879] - Drivers: hv: vmbus: Increase wait time for VMbus unload (Michael Kelley) [Orabug: 32856879] - dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka) [Orabug: 32860493] {CVE-2021-31916} - net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry) [Orabug: 32559464] - Linux 4.14.210 (Greg Kroah-Hartman) - USB: core: Fix regression in Hercules audio card (Alan Stern) - USB: core: add endpoint-blacklist quirk (Johan Hovold) - x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (Xiaochen Shen) - x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (Xiaochen Shen) - usb: gadget: Fix memleak in gadgetfs_fill_super (Zhang Qilong) - usb: gadget: f_midi: Fix memleak in f_midi_alloc (Zhang Qilong) - USB: core: Change %pK for __user pointers to %px (Alan Stern) - perf probe: Fix to die_entrypc() returns error correctly (Masami Hiramatsu) - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (Marc Kleine-Budde) - platform/x86: toshiba_acpi: Fix the wrong variable assignment (Kaixu Xia) - can: gs_usb: fix endianess problem with candleLight firmware (Marc Kleine-Budde) - efivarfs: revert 'fix memory leak in efivarfs_create()' (Ard Biesheuvel) - ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (Lijun Pan) - ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (Lijun Pan) - net: ena: set initial DMA width to avoid intel iommu issue (Shay Agroskin) - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (Krzysztof Kozlowski) - IB/mthca: fix return value of error branch in mthca_init_cq() (Xiongfeng Wang) - scsi: ufs: Fix race between shutdown and runtime resume flow (Stanley Chu) - batman-adv: set .owner to THIS_MODULE (Taehee Yoo) - phy: tegra: xusb: Fix dangling pointer on probe failure (Marc Zyngier) - perf/x86: fix sysfs type mismatches (Sami Tolvanen) - scsi: target: iscsi: Fix cmd abort fabric stop race (Mike Christie) - scsi: libiscsi: Fix NOP race condition (Lee Duncan) - dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size (Sugar Zhang) - nvme: free sq/cq dbbuf pointers when dbbuf set fails (Minwoo Im) - proc: dont allow async path resolution of /proc/self components (Jens Axboe) - HID: Add Logitech Dinovo Edge battery quirk (Hans de Goede) - x86/xen: dont unbind uninitialized lock_kicker_irq (Brian Masney) - dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant (Marc Ferland) - HID: hid-sensor-hub: Fix issue with devices with no report ID (Pablo Ceballos) - Input: i8042 - allow insmod to succeed on devices without an i8042 controller (Hans de Goede) - HID: cypress: Support Varmilo Keyboards media hotkeys (Frank Yang) - ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close (Kai Vehmanen) - ALSA: hda/hdmi: Use single mutex unlock in error paths (Takashi Iwai) - arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect() (Will Deacon) - arm64: pgtable: Fix pte_accessible() (Will Deacon) - btrfs: adjust return values of btrfs_inode_by_name (Su Yue) - btrfs: tree-checker: Enhance chunk checker to validate chunk profile (Qu Wenruo) - PCI: Add device even if driver attach failed (Rajat Jain) - wireless: Use linux/stddef.h instead of stddef.h (Hauke Mehrtens) - btrfs: fix lockdep splat when reading qgroup config on mount (Filipe Manana) - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Gerald Schaefer) - perf event: Check ref_reloc_sym before using it (Igor Lubashev) - Linux 4.14.209 (Greg Kroah-Hartman) - x86/microcode/intel: Check patch signature before saving microcode for early loading (Chen Yu) - s390/dasd: fix null pointer dereference for ERP requests (Stefan Haberland) - s390/cpum_sf.c: fix file permission for cpum_sfb_size (Thomas Richter) - mac80211: free sta in sta_info_insert_finish() on errors (Johannes Berg) - mac80211: minstrel: fix tx status processing corner case (Felix Fietkau) - mac80211: minstrel: remove deferred sampling code (Felix Fietkau) - xtensa: disable preemption around cache alias management calls (Max Filippov) - regulator: workaround self-referent regulators (Micha; Miros;aw) - regulator: avoid resolve_supply() infinite recursion (Micha; Miros;aw) - regulator: fix memory leak with repeated set_machine_constraints() (Micha; Miros;aw) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (Hans de Goede) - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (Hans de Goede) - ext4: fix bogus warning in ext4_update_dx_flag() (Jan Kara) - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (Brian O Keefe) - efivarfs: fix memory leak in efivarfs_create() (Vamshi K Sthambamkadi) - tty: serial: imx: keep console clocks always on (Fugang Duan) - ALSA: mixart: Fix mutex deadlock (Takashi Iwai) - ALSA: ctl: fix error path at adding user-defined element set (Takashi Sakamoto) - speakup: Do not let the line discipline be used several times (Samuel Thibault) - powerpc/uaccess-flush: fix missing includes in kup-radix.h (Daniel Axtens) - libfs: fix error cast of negative value in simple_attr_write() (Yicong Yang) - xfs: revert 'xfs: fix rmap key and record comparison functions' (Darrick J. Wong) - regulator: ti-abb: Fix array out of bound read access on the first transition (Nishanth Menon) - MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu (Zhang Qilong) - ASoC: qcom: lpass-platform: Fix memory leak (Srinivasa Rao Mandadapu) - can: m_can: m_can_handle_state_change(): fix state change (Wu Bo) - can: peak_usb: fix potential integer overflow on shift of a int (Colin Ian King) - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (Marc Kleine-Budde) - can: ti_hecc: Fix memleak in ti_hecc_probe (Zhang Qilong) - can: dev: can_restart(): post buffer from the right context (Alejandro Concepcion Rodriguez) - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (Anant Thazhemadam) - can: af_can: prevent potential access of uninitialized member in can_rcv() (Anant Thazhemadam) - perf lock: Don t free 'lock_seq_stat' if read_count isn t zero (Leo Yan) - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (Fabio Estevam) - arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (Sergey Matyukevich) - MIPS: export has_transparent_hugepage() for modules (Randy Dunlap) - Input: adxl34x - clean up a data type in adxl34x_probe() (Dan Carpenter) - vfs: remove lockdep bogosity in __sb_start_write (Darrick J. Wong) - arm64: psci: Avoid printing in cpu_psci_cpu_die() (Will Deacon) - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq (Jianqun Xu) - net: ftgmac100: Fix crash when removing driver (Joel Stanley) - tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate (Ryan Sharpelletti) - net: usb: qmi_wwan: Set DTR quirk for MR400 (Filip Moc) - net/mlx5: Disable QoS when min_rates on all VFs are zero (Vladyslav Tarasiuk) - sctp: change to hold/put transport for proto_unreach_timer (Xin Long) - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (Zhang Changzhong) - net: x25: Increase refcnt of 'struct x25_neigh' in x25_rx_call_request (Xie He) - net/mlx4_core: Fix init_hca fields offset (Aya Levin) - netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() (Paul Moore) - netlabel: fix our progress tracking in netlbl_unlabel_staticlist() (Paul Moore) - net: Have netpoll bring-up DSA management interface (Florian Fainelli) - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (Tobias Waldekranz) - net: bridge: add missing counters to ndo_get_stats64 callback (Heiner Kallweit) - net: b44: fix error return code in b44_init_one() (Zhang Changzhong) - mlxsw: core: Use variable timeout for EMAD retries (Ido Schimmel) - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (Wang Hai) - devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill() (Wang Hai) - atm: nicstar: Unmap DMA on send error (Sebastian Andrzej Siewior) - ah6: fix error return code in ah6_input() (Zhang Changzhong) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23133 CVE-2021-33034 CVE-2021-32399 CVE-2021-33033 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE (William Roche) [Orabug: 32820275] - bpf: Fix masking negation logic upon negative dst register (Daniel Borkmann) [Orabug: 32911990] {CVE-2021-31829} - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863585] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863585] [5.4.17-2102.203.3] - ksplice: use -fno-reorder-functions -fno-section-anchors (Vegard Nossum) [Orabug: 32908850] - ksplice: fixup for -ffunction-sections -fdata-sections (Vegard Nossum) [Orabug: 32908850] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982353] - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted (Quinn Tran) [Orabug: 32989005] - blk-mq: fix blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957629] - blk-mq: split out a __blk_mq_get_driver_tag helper (Christoph Hellwig) [Orabug: 32957629] - blk-mq: drain I/O when all CPUs in a hctx are offline (Ming Lei) [Orabug: 32957629] - blk-mq: add blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957629] - Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka) [Orabug: 32912099] {CVE-2021-33034} - perf/x86/intel/uncore: Fix a kernel WARNING triggered by maxcpus=1 (Kan Liang) [Orabug: 32925098] - net: sched: fix tx action reschedule issue with stopped queue (Yunsheng Lin) [Orabug: 32911885] - net: sched: fix tx action rescheduling issue during deactivation (Yunsheng Lin) [Orabug: 32911885] - net: sched: fix packet stuck problem for lockless qdisc (Yunsheng Lin) [Orabug: 32911885] - scsi: bnx2fc: Return failure if io_req is already in ABTS processing (Gulam Mohamed) [Orabug: 32999623] [5.4.17-2102.203.2] - LTS tag: v5.4.114 (Jack Vogel) - net: phy: marvell: fix detection of PHY on Topaz switches (Pali Rohar) - ARM: 9071/1: uprobes: Dont hook on thumb instructions (Fredrik Strupe) - r8169: dont advertise pause in jumbo mode (Heiner Kallweit) - r8169: tweak max read request size for newer chips also in jumbo mtu mode (Heiner Kallweit) - r8169: improve rtl_jumbo_config (Heiner Kallweit) - r8169: fix performance regression related to PCIe max read request size (Heiner Kallweit) - r8169: simplify setting PCI_EXP_DEVCTL_NOSNOOP_EN (Heiner Kallweit) - r8169: remove fiddling with the PCIe max read request size (Heiner Kallweit) - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems (Andre Przywara) - ARM: footbridge: fix PCI interrupt mapping (Russell King) - gro: ensure frag0 meets IP header alignment (Eric Dumazet) - ibmvnic: remove duplicate napi_schedule call in open function (Lijun Pan) - ibmvnic: remove duplicate napi_schedule call in do_reset function (Lijun Pan) - ibmvnic: avoid calling napi_disable() twice (Lijun Pan) - i40e: fix the panic when running bpf in xdpdrv mode (Jason Xing) - net: ip6_tunnel: Unregister catch-all devices (Hristo Venev) - net: sit: Unregister catch-all devices (Hristo Venev) - net: davicom: Fix regulator not turned off on failed probe (Christophe JAILLET) - netfilter: nft_limit: avoid possible divide error in nft_limit_init (Eric Dumazet) - net: macb: fix the restore of cmp registers (Claudiu Beznea) - netfilter: arp_tables: add pre_exit hook for table unregister (Florian Westphal) - netfilter: bridge: add pre_exit hooks for ebtable unregistration (Florian Westphal) - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC (Vaibhav Jain) - netfilter: conntrack: do not print icmpv6 as unknown via /proc (Pablo Neira Ayuso) - scsi: libsas: Reset num_scatter if libata marks qc as NODATA (Jolly Shah) - riscv: Fix spelling mistake SPARSEMEM to SPARSMEM (Kefeng Wang) - vfio/pci: Add missing range check in vfio_pci_mmap (Christian A. Ehrhardt) - arm64: alternatives: Move length validation in alternative_{insn, endif} (Nathan Chancellor) - arm64: fix inline asm in load_unaligned_zeropad() (Peter Collingbourne) - readdir: make sure to verify directory entry for legacy interfaces too (Linus Torvalds) - dm verity fec: fix misaligned RS roots IO (Jaegeuk Kim) - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (Ping Cheng) - Input: i8042 - fix Pegatron C15B ID entry (Arnd Bergmann) - Input: s6sy761 - fix coordinate read bit shift (Caleb Connolly) - virt_wifi: Return micros for BSS TSF values (A. Cody Schuffelen) - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN (Seevalamuthu Mariappan) - pcnet32: Use pci_resource_len to validate PCI resource (Guenter Roeck) - net: ieee802154: forbid monitor for add llsec seclevel (Alexander Aring) - net: ieee802154: stop dump llsec seclevels for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec devkey (Alexander Aring) - net: ieee802154: forbid monitor for add llsec devkey (Alexander Aring) - net: ieee802154: stop dump llsec devkeys for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec dev (Alexander Aring) - net: ieee802154: forbid monitor for add llsec dev (Alexander Aring) - net: ieee802154: stop dump llsec devs for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec key (Alexander Aring) - net: ieee802154: forbid monitor for add llsec key (Alexander Aring) - net: ieee802154: stop dump llsec keys for monitors (Alexander Aring) - scsi: scsi_transport_srp: Dont block target in SRP_PORT_LOST state (Martin Wilck) - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (Alexander Shiyan) - drm/msm: Fix a5xx/a6xx timestamps (Rob Clark) - ARM: omap1: fix building with clang IAS (Arnd Bergmann) - ARM: keystone: fix integer overflow warning (Arnd Bergmann) - neighbour: Disregard DEAD dst in neigh_update (Tong Zhu) - ASoC: max98373: Added 30ms turn on/off time delay (Ryan Lee) - arc: kernel: Return -EFAULT if copy_to_user() fails (Wang Qing) - lockdep: Add a missing initialization hint to the INFO: Trying to register non-static key message (Tetsuo Handa) - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 (Tony Lindgren) - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race (Tony Lindgren) - dmaengine: dw: Make it dependent to HAS_IOMEM (Andy Shevchenko) - gpio: sysfs: Obey valid_mask (Matti Vaittinen) - Input: nspire-keypad - enable interrupts only when opened (Fabian Vogt) - net/sctp: fix race condition in sctp_destroy_sock (Or Cohen) {CVE-2021-23133} - scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Quinn Tran) - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (Shyam Sundar) - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Quinn Tran) - scsi: qla2xxx: Dual FCP-NVMe target port support (Michael Hernandez) - Revert scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Sasha Levin) - Revert scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Sasha Levin) - LTS tag: v5.4.113 (Jack Vogel) - xen/events: fix setting irq affinity (Juergen Gross) - perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches (Arnaldo Carvalho de Melo) - perf tools: Use %zd for size_t printf formats on 32-bit (Chris Wilson) - perf tools: Use - driver core: Fix locking bug in deferred_probe_timeout_work_func() (Saravana Kannan) - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) - block: dont ignore REQ_NOWAIT for direct IO (Pavel Begunkov) - riscv,entry: fix misaligned base for excp_vect_table (Zihao Yu) - idr test suite: Create anchor before launching throbber (Matthew Wilcox (Oracle)) - idr test suite: Take RCU read lock in idr_find_test_1 (Matthew Wilcox (Oracle)) - radix tree test suite: Register the main thread with the RCU library (Matthew Wilcox (Oracle)) - block: only update parent bi_status when bio fail (Yufen Yu) - drm/tegra: dc: Dont set PLL clock to 0Hz (Dmitry Osipenko) - gfs2: report already frozen/thawed errors (Bob Peterson) - drm/imx: imx-ldb: fix out of bounds array access warning (Arnd Bergmann) - KVM: arm64: Disable guest access to trace filter controls (Suzuki K Poulose) - KVM: arm64: Hide system instruction access to Trace registers (Suzuki K Poulose) - interconnect: core: fix error return code of icc_link_destroy() (Jia-Ju Bai) - LTS tag: v5.4.112 (Jack Vogel) - Revert cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. (Greg Kroah-Hartman) - net: ieee802154: stop dump llsec params for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec seclevel (Alexander Aring) - net: ieee802154: forbid monitor for set llsec params (Alexander Aring) - net: ieee802154: fix nl802154 del llsec devkey (Alexander Aring) - net: ieee802154: fix nl802154 add llsec key (Alexander Aring) - net: ieee802154: fix nl802154 del llsec dev (Alexander Aring) - net: ieee802154: fix nl802154 del llsec key (Alexander Aring) - net: ieee802154: nl-mac: fix check on panid (Alexander Aring) - net: mac802154: Fix general protection fault (Pavel Skripkin) - drivers: net: fix memory leak in peak_usb_create_dev (Pavel Skripkin) - drivers: net: fix memory leak in atusb_probe (Pavel Skripkin) - net: tun: set tun->dev->addr_len during TUNSETLINK processing (Phillip Potter) - cfg80211: remove WARN_ON() in cfg80211_sme_connect (Du Cheng) - net: sched: bump refcount for new action in ACT replace mode (Kumar Kartikeya Dwivedi) - dt-bindings: net: ethernet-controller: fix typo in NVMEM (Rafal Milecki) - clk: socfpga: fix iomem pointer cast on 64-bit (Krzysztof Kozlowski) - RDMA/addr: Be strict with gid size (Leon Romanovsky) - RDMA/cxgb4: check for ipv6 address properly while destroying listener (Potnuri Bharat Teja) - net/mlx5: Fix PBMC register mapping (Aya Levin) - net/mlx5: Fix placement of log_max_flow_counter (Raed Salem) - net: hns3: clear VF down state bit before request link status (Guangbin Huang) - openvswitch: fix send of uninitialized stack memory in ct limit reply (Ilya Maximets) - net: openvswitch: conntrack: simplify the return expression of ovs_ct_limit_get_default_limit() (Zheng Yongjun) - perf inject: Fix repipe usage (Adrian Hunter) - s390/cpcmd: fix inline assembly register clobbering (Alexander Gordeev) - workqueue: Move the position of debug_work_activate() in __queue_work() (Zqiang) - clk: fix invalid usage of list cursor in unregister (Lukasz Bartosik) - clk: fix invalid usage of list cursor in register (Lukasz Bartosik) - net: macb: restore cmp registers on resume path (Claudiu Beznea) - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs (Can Guo) - scsi: ufs: core: Fix task management request completion timeout (Can Guo) - scsi: ufs: Use blk_{get,put}_request() to allocate and free TMFs (Bart Van Assche) - scsi: ufs: Avoid busy-waiting by eliminating tag conflicts (Bart Van Assche) - scsi: ufs: Fix irq return code (Venkat Gopalakrishnan) - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...); (Norman Maurer) - drm/msm: Set drvdata to NULL when msm_drm_init() fails (Stephen Boyd) - i40e: Fix display statistics for veb_tc (Eryk Rybak) - soc/fsl: qbman: fix conflicting alignment attributes (Arnd Bergmann) - net/mlx5: Dont request more than supported EQs (Daniel Jurgens) - net/mlx5e: Fix ethtool indication of connector type (Aya Levin) - ASoC: sunxi: sun4i-codec: fill ASoC card owner (Bastian Germann) - net: phy: broadcom: Only advertise EEE for supported modes (Florian Fainelli) - nfp: flower: ignore duplicate merge hints from FW (Yinjun Zhang) - net/ncsi: Avoid channel_monitor hrtimer deadlock (Milton Miller) - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (Stefan Riedmueller) - net:tipc: Fix a double free in tipc_sk_mcast_rcv (Lv Yunlong) - cxgb4: avoid collecting SGE_QBASE regs during traffic (Rahul Lakkireddy) - gianfar: Handle error code at MAC address change (Claudiu Manoil) - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE (Oliver Hartkopp) - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0 (Oliver Stabler) - sch_red: fix off-by-one checks in red_check_params() (Eric Dumazet) - amd-xgbe: Update DMA coherency values (Shyam Sundar S K) - hostfs: fix memory handling in follow_link() (Al Viro) - hostfs: Use kasprintf() instead of fixed buffer formatting (Andy Shevchenko) - i40e: Fix kernel oops when i40e driver removes VFs (Eryk Rybak) - i40e: Added Asym_Pause to supported link modes (Mateusz Palczewski) - xfrm: Fix NULL pointer dereference on policy lookup (Steffen Klassert) - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (Shengjiu Wang) - ASoC: SOF: Intel: HDA: fix core status verification (Guennadi Liakhovetski) - ASoC: SOF: Intel: hda: remove unnecessary parentheses (Payal Kshirsagar) - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload (Xin Long) - net: xfrm: Localize sequence counter per network namespace (Ahmed S. Darwish) - regulator: bd9571mwv: Fix AVS and DVFS voltage range (Geert Uytterhoeven) - xfrm: interface: fix ipv4 pmtu check to honor ip header df (Eyal Birger) - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits (Martin Blumenstingl) - net: dsa: lantiq_gswip: Dont use PHY auto polling (Martin Blumenstingl) - virtio_net: Add XDP meta data support (Yuya Kusakabe) - i2c: turn recovery error on init to debug (Wolfram Sang) - usbip: synchronize event handler with sysfs code paths (Shuah Khan) - usbip: vudc synchronize sysfs code paths (Shuah Khan) - usbip: stub-dev synchronize sysfs code paths (Shuah Khan) - usbip: add sysfs_lock to synchronize sysfs code paths (Shuah Khan) - net: let skb_orphan_partial wake-up waiters. (Paolo Abeni) - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() (Maciej zenczykowski) - net: hsr: Reset MAC header for Tx path (Kurt Kanzenbach) - mac80211: fix TXQ AC confusion (Johannes Berg) - net: sched: sch_teql: fix null-pointer dereference (Pavel Tikhomirov) - i40e: Fix sparse error: vsi->netdev could be null (Arkadiusz Kubalewski) - i40e: Fix sparse warning: missing error code err (Arkadiusz Kubalewski) - net: ensure mac header is set in virtio_net_hdr_to_skb() (Eric Dumazet) - bpf, sockmap: Fix sk->prot unhash op reset (John Fastabend) - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx (Lv Yunlong) - net: hso: fix null-ptr-deref during tty device unregistration (Anirudh Rayabharam) - ice: Cleanup fltr list in case of allocation issues (Robert Malz) - ice: Fix for dereference of NULL pointer (Jacek Bulatek) - ice: Increase control queue timeout (Fabio Pricoco) - batman-adv: initialize struct batadv_tvlv_tt_vlan_data->reserved field (Tetsuo Handa) - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (Marek Behun) - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers (Gao Xiang) - parisc: parisc-agp requires SBA IOMMU driver (Helge Deller) - fs: direct-io: fix missing sdio->boundary (Jack Qiu) - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff (Mike Rapoport) - ia64: fix user_stack_pointer() for ptrace() (Sergei Trofimovich) - gcov: re-fix clang-11+ support (Nick Desaulniers) - drm/i915: Fix invalid access to ACPI _DSM objects (Takashi Iwai) - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock (Martin Blumenstingl) - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh (Muhammad Usama Anjum) - xen/evtchn: Change irq_info lock to raw_spinlock_t (Luca Fancellu) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() (Xiaoming Ni) - nfc: fix memory leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25672} - nfc: fix refcount leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25671} - nfc: fix refcount leak in llcp_sock_bind() (Xiaoming Ni) {CVE-2020-25670} - ASoC: intel: atom: Stop advertising non working S24LE support (Hans de Goede) - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (Takashi Iwai) - ALSA: aloop: Fix initialization of controls (Jonas Holmberg) - counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register (Fabrice Gasnier) - LTS tag: v5.4.111 (Jack Vogel) - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM (Masahiro Yamada) - init/Kconfig: make COMPILE_TEST depend on !S390 (Heiko Carstens) - nvme-mpath: replace direct_make_request with generic_make_request (Sagi Grimberg) - bpf, x86: Validate computation of branch displacements for x86-32 (Piotr Krysiuk) - cifs: Silently ignore unknown oplock break handle (Vincent Whitchurch) - cifs: revalidate mapping when we open files for SMB1 POSIX (Ronnie Sahlberg) - ia64: fix format strings for err_inject (Sergei Trofimovich) - ia64: mca: allocate early mca with GFP_ATOMIC (Sergei Trofimovich) - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() (Martin Wilck) - x86/build: Turn off -fcf-protection for realmode targets (Arnd Bergmann) - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (Esteve Varela Colominas) - netfilter: conntrack: Fix gre tunneling over ipv6 (Ludovic Senecaux) - drm/msm: Ratelimit invalid-fence message (Rob Clark) - drm/msm/adreno: a5xx_power: Dont apply A540 lm_setup to other GPUs (Konrad Dybcio) - mac80211: choose first enabled channel for monitor (Karthikeyan Kathirvel) - mISDN: fix crash in fritzpci (Tong Zhang) - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove (Pavel Andrianov) - net/mlx5e: Enforce minimum value check for ICOSQ size (Tariq Toukan) - bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp (Yonghong Song) - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (Alban Bedel) - bus: ti-sysc: Fix warning on unbind if reset is not deasserted (Tony Lindgren) - ARM: dts: am33xx: add aliases for mmc interfaces (Mans Rullgard) - LTS tag: v5.4.110 (Jack Vogel) - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (Du Cheng) - staging: rtl8192e: Change state information from u16 to u8 (Atul Gopinathan) - staging: rtl8192e: Fix incorrect source in memcpy() (Atul Gopinathan) - usb: dwc2: Prevent core suspend when port connection flag is 0 (Artur Petrosyan) - usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. (Artur Petrosyan) - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (Tong Zhang) - USB: cdc-acm: fix use-after-free after probe failure (Johan Hovold) - USB: cdc-acm: fix double free on probe failure (Johan Hovold) - USB: cdc-acm: downgrade message to debug (Oliver Neukum) - USB: cdc-acm: untangle a circular dependency between callback and softint (Oliver Neukum) - cdc-acm: fix BREAK rx code path adding necessary calls (Oliver Neukum) - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (Chunfeng Yun) - usb: musb: Fix suspend with devices connected for a64 (Tony Lindgren) - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (Shuah Khan) - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (Zheyu Ma) - extcon: Fix error handling in extcon_dev_register (Dinghao Liu) - extcon: Add stubs for extcon_register_notifier_all() functions (Krzysztof Kozlowski) - pinctrl: rockchip: fix restore error in resume (Wang Panzhenzhuan) - vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends (Jason Gunthorpe) - reiserfs: update reiserfs_xattrs_initialized() condition (Tetsuo Handa) - drm/amdgpu: check alignment on CPU page for bo map (Xi Ruoyao) - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (Nirmoy Das) - mm: fix race by making init_zero_pfn() early_initcall (Ilya Lipnitskiy) - tracing: Fix stack trace event size (Steven Rostedt (VMware)) - PM: runtime: Fix ordering in pm_runtime_get_suppliers() (Adrian Hunter) - PM: runtime: Fix race getting/putting suppliers at probe (Adrian Hunter) - xtensa: move coprocessor_flush to the .text section (Max Filippov) - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook (Hui Wang) - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO (Hui Wang) - ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks (Takashi Iwai) - ALSA: hda: Re-add dropped snd_poewr_change_state() calls (Takashi Iwai) - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (Ikjoon Jang) - bpf: Remove MTU check in __bpf_skb_max_len (Jesper Dangaard Brouer) - net: wan/lmc: unregister device when no matching device is found (Tong Zhang) - appletalk: Fix skb allocation size in loopback case (Doug Brown) - net: ethernet: aquantia: Handle error cleanup of start on open (Nathan Rossi) - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (Shuah Khan) - brcmfmac: clear EAP/association status bits on linkdown events (Luca Pesce) - can: tcan4x5x: fix max register value (Sasha Levin) - net: introduce CAN specific pointer in the struct net_device (Oleksij Rempel) - can: dev: move driver related infrastructure into separate subdir (Marc Kleine-Budde) - flow_dissector: fix TTL and TOS dissection on IPv4 fragments (Davide Caratti) - net: mvpp2: fix interrupt mask/unmask skip condition (Sasha Levin) - ext4: do not iput inode under running transaction in ext4_rename() (zhangyi (F)) - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling (Waiman Long) - thermal/core: Add NULL pointer check before using cooling device stats (Manaf Meethalavalappu Pallikunhi) - ASoC: rt5659: Update MCLK rate in set_sysclk() (Sameer Pujar) - staging: comedi: cb_pcidas64: fix request_irq() warn (Tong Zhang) - staging: comedi: cb_pcidas: fix request_irq() warn (Tong Zhang) - scsi: qla2xxx: Fix broken #endif placement (Alexey Dobriyan) - scsi: st: Fix a use after free in st_open() (Lv Yunlong) - vhost: Fix vhost_vq_reset() (Laurent Vivier) - powerpc: Force inlining of cpu_has_feature() to avoid build failure (Christophe Leroy) - NFSD: fix error handling in NFSv4.0 callbacks (Olga Kornievskaia) - ASoC: cs42l42: Always wait at least 3ms after reset (Lucas Tanure) - ASoC: cs42l42: Fix mixer volume control (Lucas Tanure) - ASoC: cs42l42: Fix channel width support (Lucas Tanure) - ASoC: cs42l42: Fix Bitclock polarity inversion (Lucas Tanure) - ASoC: es8316: Simplify adc_pga_gain_tlv table (Hans de Goede) - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe (Benjamin Rood) - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - iomap: Fix negative assignment to unsigned sis->pages in iomap_swapfile_activate (Ritesh Harjani) - rpc: fix NULL dereference on kmalloc failure (J. Bruce Fields) - fs: nfsd: fix kconfig dependency warning for NFSD_V4 (Julian Braha) - ext4: fix bh ref count on error paths (Zhaolong Zhang) - ext4: shrink race window in ext4_should_retry_alloc() (Eric Whitney) - module: harden ELF info handling (Frank van der Linden) - module: avoid *goto*s in module_sig_check() (Sergey Shtylyov) - module: merge repetitive strings in module_sig_check() (Sergey Shtylyov) - modsign: print module name along with error message (Jessica Yu) - ipv6: weaken the v4mapped source check (Jakub Kicinski) - selinux: vsock: Set SID for socket returned by accept() (David Brazdil) - LTS tag: v5.4.109 (Jack Vogel) - xen-blkback: dont leak persistent grants from xen_blkbk_map() (Jan Beulich) - can: peak_usb: Revert can: peak_usb: add forgotten supported devices (Marc Kleine-Budde) - ext4: add reclaim checks to xattr code (Jan Kara) - mac80211: fix double free in ibss_leave (Markus Theil) - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (Eric Dumazet) - net: dsa: b53: VLAN filtering is global to all users (Florian Fainelli) - can: dev: Move device back to init netns on owning netns delete (Martin Willi) - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (Isaku Yamahata) - locking/mutex: Fix non debug version of mutex_lock_io_nested() (Thomas Gleixner) - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() (Jia-Ju Bai) - scsi: qedi: Fix error return code of qedi_alloc_global_queues() (Jia-Ju Bai) - scsi: Revert qla2xxx: Make sure that aborted commands are freed (Bart Van Assche) - block: recalculate segment count for multi-segment discards correctly (David Jeffery) - perf auxtrace: Fix auxtrace queue conflict (Adrian Hunter) - ACPI: scan: Use unique number for instance_no (Andy Shevchenko) - ACPI: scan: Rearrange memory allocation in acpi_device_add() (Rafael J. Wysocki) - Revert netfilter: x_tables: Update remaining dereference to RCU (Mark Tomlinson) - Revert netfilter: x_tables: Switch synchronization to RCU (Mark Tomlinson) - bpf: Dont do bpf_cgroup_storage_set() for kuprobe/tp programs (Sasha Levin) - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (Potnuri Bharat Teja) - PM: EM: postpone creating the debugfs dir till fs_initcall (Lukasz Luba) - net/mlx5e: Fix error path for ethtool set-priv-flag (Aya Levin) - PM: runtime: Defer suspending suppliers (Rafael J. Wysocki) - arm64: kdump: update ppos when reading elfcorehdr (Pavel Tatashin) - drm/msm: fix shutdown hook in case GPU components failed to bind (Dmitry Baryshkov) - libbpf: Fix BTF dump of pointer-to-array-of-struct (Jean-Philippe Brucker) - selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value (Hangbin Liu) - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (Corentin Labbe) - r8152: limit the RX buffer size of RTL8153A for USB 2.0 (Hayes Wang) - net: cdc-phonet: fix data-interface release on probe failure (Johan Hovold) - octeontx2-af: fix infinite loop in unmapping NPC counter (Hariprasad Kelam) - octeontx2-af: Fix irq free in rvu teardown (Geetha sowjanya) - libbpf: Use SOCK_CLOEXEC when opening the netlink socket (Kumar Kartikeya Dwivedi) - nfp: flower: fix pre_tun mask id allocation (Louis Peens) - mac80211: fix rate mask reset (Johannes Berg) - can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors (Torin Cooper-Bennun) - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning (Torin Cooper-Bennun) - can: c_can: move runtime PM enable/disable to c_can_platform (Tong Zhang) - can: c_can_pci: c_can_pci_remove(): fix use-after-free (Tong Zhang) - can: kvaser_pciefd: Always disable bus load reporting (Jimmy Assarsson) - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate (Angelo Dureghello) - can: peak_usb: add forgotten supported devices (Stephane Grosjean) - tcp: relookup sock for RST+ACK packets handled by obsolete req sock (Alexander Ovechkin) - netfilter: ctnetlink: fix dump of the expect mask attribute (Florian Westphal) - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed (Hangbin Liu) - ftgmac100: Restart MAC HW once (Dylan Hung) - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (Lv Yunlong) - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (Dinghao Liu) - e1000e: add rtnl_lock() to e1000_reset_task (Vitaly Lifshits) - igc: Fix Supported Pause Frame Link Setting (Muhammad Husaini Zulkifli) - igc: Fix Pause Frame Advertising (Muhammad Husaini Zulkifli) - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (Florian Fainelli) - net: sched: validate stab values (Eric Dumazet) - macvlan: macvlan_count_rx() needs to be aware of preemption (Eric Dumazet) - ipv6: fix suspecious RCU usage warning (Wei Wang) - net/mlx5e: Dont match on Geneve options in case option masks are all zero (Maor Dickman) - libbpf: Fix INSTALL flag order (Georgi Valkov) - veth: Store queue_mapping independently of XDP prog presence (Maciej Fijalkowski) - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (Grygorii Strashko) - dm verity: fix DM_VERITY_OPTS_MAX value (JeongHyeon Lee) - integrity: double check iint_cache was initialized (Mimi Zohar) - ARM: dts: at91-sama5d27_som1: fix phy address to 7 (Claudiu Beznea) - arm64: dts: ls1043a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1012a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1046a: mark crypto engine dma coherent (Horia Geanta) - ACPI: video: Add missing callback back for Sony VPCEH3U1E (Chris Chiu) - gcov: fix clang-11+ support (Nick Desaulniers) - kasan: fix per-page tags for non-page_alloc pages (Andrey Konovalov) - squashfs: fix xattr id and id lookup sanity checks (Phillip Lougher) - squashfs: fix inode lookup sanity checks (Sean Nyekjaer) - platform/x86: intel-vbtn: Stop reporting SW_DOCK events (Hans de Goede) - netsec: restore phy power state after controller reset (Mian Yousaf Kaukab) - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign (Sergei Trofimovich) - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls (Sergei Trofimovich) - block: Suppress uevent for hidden device when removed (Daniel Wagner) - nfs: we dont support removing system.nfs4_acl (J. Bruce Fields) - nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a (Dmitry Monakhov) - nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted (Hannes Reinecke) - nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (Hannes Reinecke) - drm/radeon: fix AGP dependency (Christian Konig) - drm/amdgpu: fb BO should be ttm_bo_type_device (Nirmoy Das) - drm/amd/display: Revert dram_clock_change_latency for DCN2.1 (Sung Lee) - regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck (satya priya) - u64_stats,lockdep: Fix u64_stats_init() vs lockdep (Peter Zijlstra) - habanalabs: Call put_pid() when releasing control device (Tomer Tayar) - sparc64: Fix opcode filtering in handling of no fault loads (Rob Gardner) - irqchip/ingenic: Add support for the JZ4760 (Paul Cercueil) - cifs: change noisy error message to FYI (Paulo Alcantara) - atm: idt77252: fix null-ptr-dereference (Tong Zhang) - atm: uPD98402: fix incorrect allocation (Tong Zhang) - net: davicom: Use platform_get_irq_optional() (Paul Cercueil) - net: wan: fix error return code of uhdlc_init() (Jia-Ju Bai) - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() (Jia-Ju Bai) - NFS: Correct size calculation for create reply length (Frank Sorenson) - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default (Timo Rothenpieler) - gpiolib: acpi: Add missing IRQF_ONESHOT (Yang Li) - cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev (Sudeep Holla) - cifs: ask for more credit on async read/write code paths (Aurelien Aptel) - gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun) - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count (Denis Efremov) - net: intel: iavf: fix error return code of iavf_init_get_resources() (Jia-Ju Bai) - net: tehuti: fix error return code in bdx_probe() (Jia-Ju Bai) - ixgbe: Fix memleak in ixgbe_configure_clsu32 (Dinghao Liu) - ALSA: hda: ignore invalid NHLT table (Mark Pearson) - Revert r8152: adjust the settings about MAC clock speed down for RTL8153 (Hayes Wang) - atm: lanai: dont run lanai_dev_close if not open (Tong Zhang) - atm: eni: dont release is never initialized (Tong Zhang) - powerpc/4xx: Fix build errors from mfdcr() (Michael Ellerman) - net: fec: ptp: avoid register access when ipg clock is disabled (Heiko Thiery) - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (Mike Kravetz) - LTS tag: v5.4.108 (Jack Vogel) - cifs: Fix preauth hash corruption (Vincent Whitchurch) - x86/apic/of: Fix CPU devicetree-node lookups (Johan Hovold) - genirq: Disable interrupts for force threaded handlers (Thomas Gleixner) - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent (Lv Yunlong) - efi: use 32-bit alignment for efi_guid_t literals (Ard Biesheuvel) - ext4: fix potential error in ext4_do_update_inode (Shijie Luo) - ext4: do not try to set xattr into ea_inode if value is empty (zhangyi (F)) - ext4: find old entry again if failed to rename whiteout (zhangyi (F)) - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (Oleg Nesterov) - x86: Move TS_COMPAT back to asm/thread_info.h (Oleg Nesterov) - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (Oleg Nesterov) - x86/ioapic: Ignore IRQ2 again (Thomas Gleixner) - PCI: rpadlpar: Fix potential drc_name corruption in store functions (Tyrel Datwyler) - counter: stm32-timer-cnt: fix ceiling write max value (Fabrice Gasnier) - iio: hid-sensor-temperature: Fix issues of timestamp channel (Ye Xiang) - iio: hid-sensor-prox: Fix scale not correct issue (Ye Xiang) - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel (Ye Xiang) - iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask (Wilfried Wessner) - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler (Dinghao Liu) - iio: adis16400: Fix an error code in adis16400_initial_setup() (Dan Carpenter) - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel (Jonathan Albrieux) - iio:adc:stm32-adc: Add HAS_IOMEM dependency (Jonathan Cameron) - usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy- (Badhri Jagan Sridharan) - usb: gadget: configfs: Fix KASAN use-after-free (Jim Lin) - USB: replace hardcode maximum usb string length by definition (Macpaul Lin) - usbip: Fix incorrect double assignment to udc->ud.tcp_rx (Colin Ian King) - usb-storage: Add quirk to defeat Kindles automatic unload (Alan Stern) - nvme-rdma: fix possible hang when failing to set io queues (Sagi Grimberg) - counter: stm32-timer-cnt: Report count function when SLAVE_MODE_DISABLED (William Breathitt Gray) - scsi: myrs: Fix a double free in myrs_cleanup() (Lv Yunlong) - scsi: lpfc: Fix some error codes in debugfs (Dan Carpenter) - riscv: Correct SPARSEMEM configuration (Kefeng Wang) for empty SUBLEVEL or PATCHLEVEL again (Masahiro Yamada) - net/qrtr: fix __netdev_alloc_skb call (Pavel Skripkin) - sunrpc: fix refcount leak for rpc auth modules (Daniel Kobras) - vfio: IOMMU_API should be selected (Jason Gunthorpe) - svcrdma: disable timeouts on rdma backchannel (Timo Rothenpieler) - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. (Joe Korty) - nfsd: Dont keep looking up unhashed files in the nfsd file cache (Trond Myklebust) - nvmet: dont check iosqes,iocqes for discovery controllers (Sagi Grimberg) - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (Sagi Grimberg) - nvme-tcp: fix possible hang when failing to set io queues (Sagi Grimberg) - nvme: fix Write Zeroes limitations (Christoph Hellwig) - afs: Stop listxattr() from listing afs.* attributes (David Howells) - ASoC: simple-card-utils: Do not handle device clock (Sameer Pujar) - ASoC: SOF: intel: fix wrong poll bits in dsp power down (Pan Xiuli) - ASoC: SOF: Intel: unregister DMIC device on probe error (Pierre-Louis Bossart) - ASoC: fsl_ssi: Fix TDM slot setup for I2S mode (Alexander Shiyan) - btrfs: fix slab cache flags for free space tree bitmap (David Sterba) - ARM: 9044/1: vfp: use undef hook for VFP support detection (Ard Biesheuvel) - ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel mode (Ard Biesheuvel) - s390/vtime: fix increased steal time accounting (Gerald Schaefer) - Revert PM: runtime: Update device status before letting suppliers suspend (Rafael J. Wysocki) - ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air (Xiaoliang Yu) - ALSA: hda: generic: Fix the micmute led init state (Hui Wang) - ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro (Xiaoliang Yu) - ALSA: dice: fix null pointer dereference when node is disconnected (Takashi Sakamoto) - ASoC: ak5558: Add MODULE_DEVICE_TABLE (Shengjiu Wang) - ASoC: ak4458: Add MODULE_DEVICE_TABLE (Shengjiu Wang) - LTS tag: v5.4.107 (Jack Vogel) - net: dsa: b53: Support setting learning on port (Florian Fainelli) - net: dsa: tag_mtk: fix 802.1ad VLAN egress (DENG Qingfang) - crypto: x86/aes-ni-xts - use direct calls to and 4-way stride (Ard Biesheuvel) - crypto: aesni - Use TEST %reg,%reg instead of CMP /u03/ksharma/errata_processing/work/el8/db_8.ELSA-2021-9362,%reg (Uros Bizjak) - crypto: x86 - Regularize glue function prototypes (Kees Cook) - drm/i915/gvt: Fix vfio_edid issue for BXT/APL (Colin Xu) - drm/i915/gvt: Fix port number for BDW on EDID region setup (Colin Xu) - drm/i915/gvt: Fix virtual display setup for BXT/APL (Colin Xu) - drm/i915/gvt: Fix mmio handler break on BXT/APL. (Colin Xu) - drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang (Colin Xu) - btrfs: scrub: Dont check free space before marking a block group RO (Qu Wenruo) - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) - KVM: arm64: nvhe: Save the SPE context early (Suzuki K Poulose) - LTS tag: v5.4.106 (Jack Vogel) - xen/events: avoid handling the same event on two cpus at the same time (Juergen Gross) - xen/events: dont unmask an event channel when an eoi is pending (Juergen Gross) - xen/events: reset affinity of 2-level event when tearing it down (Juergen Gross) - KVM: arm64: Reject VM creation when the default IPA size is unsupported (Marc Zyngier) - KVM: arm64: Ensure I-cache isolation between vcpus of a same VM (Marc Zyngier) - KVM: arm64: Fix exclusive limit for IPA size (Marc Zyngier) - x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 (Josh Poimboeuf) - binfmt_misc: fix possible deadlock in bm_register_write (Lior Ribak) - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (Naveen N. Rao) - sched/membarrier: fix missing local execution of ipi_sync_rq_state() (Mathieu Desnoyers) - zram: fix return value on writeback_store (Minchan Kim) - include/linux/sched/mm.h: use rcu_dereference in in_vfork() (Matthew Wilcox (Oracle)) - stop_machine: mark helpers __always_inline (Arnd Bergmann) - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() (Anna-Maria Behnsen) - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds (Ard Biesheuvel) - configfs: fix a use-after-free in __configfs_open_file (Daiyue Zhang) - block: rsxx: fix error return code of rsxx_pci_probe() (Jia-Ju Bai) - NFSv4.2: fix return value of _nfs4_get_security_label() (Ondrej Mosnacek) - NFS: Dont gratuitously clear the inode cache when lookup failed (Trond Myklebust) - NFS: Dont revalidate the directory permissions on a lookup failure (Trond Myklebust) - SUNRPC: Set memalloc_nofs_save() for sync tasks (Benjamin Coddington) - arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory (Anshuman Khandual) - sh_eth: fix TRSCER mask for R7S72100 (Sergey Shtylyov) - staging: comedi: pcl818: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: pcl711: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: me4000: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: dmm32at: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das800: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das6402: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: adv_pci1710: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: addi_apci_1500: Fix endian problem for command sample (Ian Abbott) - staging: comedi: addi_apci_1032: Fix endian problem for COS sample (Ian Abbott) - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan (Lee Gibson) - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd (Lee Gibson) - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() (Dan Carpenter) - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() (Dan Carpenter) - staging: rtl8712: unterminated string leads to read overflow (Dan Carpenter) - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (Dan Carpenter) - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() (Dan Carpenter) - misc: fastrpc: restrict user apps from sending kernel RPC messages (Dmitry Baryshkov) {CVE-2019-2308} - misc/pvpanic: Export module FDT device table (Shile Zhang) - usbip: fix vudc usbip_sockfd_store races leading to gpf (Shuah Khan) - usbip: fix vhci_hcd attach_store() races leading to gpf (Shuah Khan) - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf (Shuah Khan) - usbip: fix vudc to check for stream socket (Shuah Khan) - usbip: fix vhci_hcd to check for stream socket (Shuah Khan) - usbip: fix stub_dev to check for stream socket (Shuah Khan) - USB: serial: cp210x: add some more GE USB IDs (Sebastian Reichel) - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (Karan Singhal) - USB: serial: ch341: add new Product ID (Niv Sardi) - USB: serial: io_edgeport: fix memory leak in edge_startup (Pavel Skripkin) - xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state (Mathias Nyman) - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (Forest Crossman) - xhci: Improve detection of device initiated wake signal. (Mathias Nyman) - usb: xhci: do not perform Soft Retry for some xHCI hosts (Stanislaw Gruszka) - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM (Yoshihiro Shimoda) - USB: usblp: fix a hang in poll() if disconnected (Pete Zaitcev) - usb: dwc3: qcom: Honor wakeup enabled/disabled state (Matthias Kaehlcke) - usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement (Serge Semin) - usb: gadget: f_uac1: stop playback on function disable (Ruslan Bilovol) - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot (Ruslan Bilovol) - USB: gadget: u_ether: Fix a configfs return code (Dan Carpenter) - Goodix Fingerprint device is not a modem (Yorick de Wid) - mmc: cqhci: Fix random crash when remove mmc module/card (Frank Li) - mmc: core: Fix partition switch time for eMMC (Adrian Hunter) - software node: Fix node registration (Heikki Krogerus) - s390/dasd: fix hanging IO request during DASD driver unbind (Stefan Haberland) - s390/dasd: fix hanging DASD driver unbind (Stefan Haberland) - arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL (Andrey Konovalov) - Revert 95ebabde382c (capabilities: Dont allow writing ambiguous v3 file capabilities) (Eric W. Biederman) - ALSA: usb-audio: Apply the control quirk to Plantronics headsets (Takashi Iwai) - ALSA: usb-audio: Fix cannot get freq eq errors on Dell AE515 sound bar (Takashi Iwai) - ALSA: hda: Avoid spurious unsol event handling during S3/S4 (Takashi Iwai) - ALSA: hda: Flush pending unsolicited events before suspend (Takashi Iwai) - ALSA: hda: Drop the BATCH workaround for AMD controllers (Takashi Iwai) - ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support (Simeon Simeonoff) - ALSA: hda/hdmi: Cancel pending works before suspend (Takashi Iwai) - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk (John Ernberg) - scsi: target: core: Prevent underflow for service actions (Aleksandr Miloserdov) - scsi: target: core: Add cmd length set before cmd complete (Aleksandr Miloserdov) - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (Mike Christie) - sysctl.c: fix underflow value setting risk in vm_table (Lin Feng) - s390/smp: __smp_rescan_cpus() - move cpumask away from stack (Heiko Carstens) - i40e: Fix memory leak in i40e_probe (Keita Suzuki) - PCI: Fix pci_register_io_range() memory leak (Geert Uytterhoeven) - kbuild: clamp SUBLEVEL to 255 (Sasha Levin) - PCI: mediatek: Add missing of_node_put() to fix reference leak (Krzysztof Wilczynski) - PCI: xgene-msi: Fix race in installing chained irq handler (Martin Kaiser) - Input: applespi - dont wait for responses to commands indefinitely. (Ronald Tschalar) - sparc64: Use arch_validate_flags() to validate ADI flag (Khalid Aziz) - sparc32: Limit memblock allocation to low memory (Andreas Larsson) - iommu/amd: Fix performance counter initialization (Suravee Suthikulpanit) - powerpc/64: Fix stack trace not displaying final frame (Michael Ellerman) - HID: logitech-dj: add support for the new lightspeed connection iteration (Filipe Lains) - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset (Athira Rajeev) - powerpc: improve handling of unrecoverable system reset (Nicholas Piggin) - spi: stm32: make spurious and overrun interrupts visible (Alain Volmat) - powerpc/pci: Add ppc_md.discover_phbs() (Oliver OHalloran) - Platform: OLPC: Fix probe error handling (Lubomir Rintel) - mmc: mediatek: fix race condition between msdc_request_timeout and irq (Chaotian Jing) - mmc: mxs-mmc: Fix a resource leak in an error handling path in mxs_mmc_probe() (Christophe JAILLET) - udf: fix silent AED tagLocation corruption (Steven J. Magnani) - i2c: rcar: optimize cacheline to minimize HW race condition (Wolfram Sang) - i2c: rcar: faster irq code to minimize HW race condition (Wolfram Sang) - net: phy: fix save wrong speed and duplex problem if autoneg is on (Guangbin Huang) - net: enetc: initialize RFS/RSS memories for unused ports too (Vladimir Oltean) - net: hns3: fix error mask definition of flow director (Jian Shen) - media: rc: compile rc-cec.c into rc-core (Hans Verkuil) - media: v4l: vsp1: Fix bru null pointer access (Biju Das) - media: v4l: vsp1: Fix uif null pointer access (Biju Das) - media: usbtv: Fix deadlock on suspend (Maxim Mikityanskiy) - sh_eth: fix TRSCER mask for R7S9210 (Sergey Shtylyov) - qxl: Fix uninitialised struct field head.surface_id (Colin Ian King) - s390/crypto: return -EFAULT if copy_to_user() fails (Wang Qing) - s390/cio: return -EFAULT if copy_to_user() fails (Eric Farman) - drm: meson_drv add shutdown function (Artem Lapkin) - drm/shmem-helper: Dont remove the offset in vm_area_struct pgoff (Neil Roberts) - drm/shmem-helper: Check for purged buffers in fault handler (Neil Roberts) - drm/compat: Clear bounce structures (Daniel Vetter) - bnxt_en: reliably allocate IRQ table on reset to avoid crash (Edwin Peer) - s390/cio: return -EFAULT if copy_to_user() fails again (Wang Qing) - net: hns3: fix bug when calculating the TCAM table info (Jian Shen) - net: hns3: fix query vlan mask value error for flow director (Jian Shen) - perf traceevent: Ensure read cmdlines are null terminated. (Ian Rogers) - selftests: forwarding: Fix race condition in mirror installation (Danielle Ratson) - net: stmmac: fix watchdog timeout during suspend/resume stress test (Joakim Zhang) - net: stmmac: stop each tx channel independently (Joakim Zhang) - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (Antony Antony) - net: qrtr: fix error return code of qrtr_sendmsg() (Jia-Ju Bai) - net: davicom: Fix regulator not turned off on driver removal (Paul Cercueil) - net: davicom: Fix regulator not turned off on failed probe (Paul Cercueil) - net: lapbether: Remove netif_start_queue / netif_stop_queue (Xie He) - netdevsim: init u64 stats for 32bit hardware (Hillf Danton) - net: usb: qmi_wwan: allow qmimux add/del with master up (Daniele Palmas) - net: sched: avoid duplicates in classes dump (Maximilian Heyne) - nexthop: Do not flush blackhole nexthops when loopback goes down (Ido Schimmel) - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (Ong Boon Leong) - net/mlx4_en: update moderation when config reset (Kevin(Yudong) Yang) - net: enetc: dont overwrite the RSS indirection table when initializing (Vladimir Oltean) - Revert mm, slub: consider rest of partial list if acquire_slab() fails (Linus Torvalds) - cifs: return proper error code in statfs(2) (Paulo Alcantara) - mount: fix mounting of detached mounts onto targets that reside on shared mounts (Christian Brauner) - powerpc/603: Fix protection of user pages mapped with PROT_NONE (Christophe Leroy) - mt76: dma: do not report truncated frames to mac80211 (Lorenzo Bianconi) - ibmvnic: always store valid MAC address (Jiri Wiesner) - samples, bpf: Add missing munmap in xdpsock (Maciej Fijalkowski) - selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier (Yauheni Kaliuta) - selftests/bpf: No need to drop the packet when there is no geneve opt (Hangbin Liu) - netfilter: x_tables: gpf inside xt_find_revision() (Vasily Averin) - netfilter: nf_nat: undo erroneous tcp edemux lookup (Florian Westphal) - tcp: add sanity tests to TCP_QUEUE_SEQ (Eric Dumazet) - can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before entering Normal Mode (Torin Cooper-Bennun) - can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode (Joakim Zhang) - can: flexcan: enable RX FIFO after FRZ/HALT valid (Joakim Zhang) - can: flexcan: assert FRZ bit in flexcan_chip_freeze() (Joakim Zhang) - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership (Oleksij Rempel) - sh_eth: fix TRSCER mask for SH771x (Sergey Shtylyov) - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 (Balazs Nemeth) - net: check if protocol extracted by virtio_net_hdr_set_proto is correct (Balazs Nemeth) - net: Fix gro aggregation for udp encaps with zero csum (Daniel Borkmann) - ath9k: fix transmitting to stations in dynamic SMPS mode (Felix Fietkau) - ethernet: alx: fix order of calls on resume (Jakub Kicinski) - powerpc/pseries: Dont enforce MSI affinity with kdump (Greg Kurz) - uapi: nfnetlink_cthelper.h: fix userspace compilation error (Dmitry V. Levin) - LTS tag: v5.4.105 (Jack Vogel) - nvme-pci: add quirks for Lexar 256GB SSD (Pascal Terjan) - nvme-pci: mark Seagate Nytro XM1440 as QUIRK_NO_NS_DESC_LIST. (Julian Einwag) - HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on Voyo Winpad A15 (Hans de Goede) - mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (Jisheng Zhang) - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register (AngeloGioacchino Del Regno) - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom (Aswath Govindraju) - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller (Bjorn Helgaas) - ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 (Chris Chiu) - ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 (Jasper St. Pierre) - media: cx23885: add more quirks for reset DMA on some AMD IOMMU (Daniel Lee Kruse) - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter (Ethan Warth) - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 (Hans de Goede) - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices (Hans de Goede) - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag (Hans de Goede) - platform/x86: acer-wmi: Add new force_caps module parameter (Hans de Goede) - platform/x86: acer-wmi: Cleanup accelerometer device handling (Hans de Goede) - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (Hans de Goede) - mwifiex: pcie: skip cancel_work_sync() on reset failure path (Tsuchiya Yuto) - iommu/amd: Fix sleeping in atomic in increase_address_space() (Andrey Ryabinin) - ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter handling (Hans de Goede) - dm table: fix zoned iterate_devices based device capability checks (Jeffle Xu) - dm table: fix DAX iterate_devices based device capability checks (Jeffle Xu) - dm table: fix iterate_devices based device capability checks (Jeffle Xu) - net: dsa: add GRO support via gro_cells (Alexander Lobakin) - LTS tag: v5.4.104 (Jack Vogel) - r8169: fix resuming from suspend on RTL8105e if machine runs on battery (Heiner Kallweit) - rsxx: Return -EFAULT if copy_to_user() fails (Dan Carpenter) - ftrace: Have recordmcount use w8 to read relp->r_info in arm64_is_fake_mcount (Chen Jun) - ALSA: hda: intel-nhlt: verify config type (Pierre-Louis Bossart) - IB/mlx5: Add missing error code (YueHaibing) - RDMA/rxe: Fix missing kconfig dependency on CRYPTO (Julian Braha) - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (Colin Ian King) - usbip: tools: fix build error for multiple definition (Antonio Borneo) - crypto - shash: reduce minimum alignment of shash_desc structure (Ard Biesheuvel) - arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL) (Timothy E Baldwin) - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie (Kevin Wang) - dm verity: fix FEC for RS roots unaligned to block size (Milan Broz) - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (Mikulas Patocka) - PM: runtime: Update device status before letting suppliers suspend (Rafael J. Wysocki) - btrfs: fix warning when creating a directory with smack enabled (Filipe Manana) - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors (Nikolay Borisov) - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata (Nikolay Borisov) - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (Dan Carpenter) - btrfs: fix raid6 qstripe kmap (Ira Weiny) - btrfs: raid56: simplify tracking of Q stripe presence (David Sterba) - tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (Jarkko Sakkinen) - tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (Lukasz Majczak) - LTS tag: v5.4.103 (Jack Vogel) - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board (Takashi Iwai) - ALSA: hda/realtek: Add quirk for Intel NUC 10 (Werner Sembach) - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ (Eckhart Mohr) - media: v4l: ioctl: Fix memory leak in video_usercopy (Sakari Ailus) - swap: fix swapfile read/write offset (Jens Axboe) - zsmalloc: account the number of compacted pages correctly (Rokudo Yan) - xen-netback: respect gnttab_map_refs()s return value (Jan Beulich) - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet (Hans de Goede) - sched/features: Fix hrtick reprogramming (Juri Lelli) - parisc: Bump 64-bit IRQ stack size to 64 KB (John David Anglin) - perf/x86/kvm: Add Cascade Lake Xeon steppings to isolation_ucodes[] (Jim Mattson) - btrfs: fix error handling in commit_fs_roots (Josef Bacik) - ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() (Hans de Goede) - nvme-tcp: add clean action for failed reconnection (Chao Leng) - nvme-rdma: add clean action for failed reconnection (Chao Leng) - nvme-core: add cancel tagset helpers (Chao Leng) - f2fs: fix to set/clear I_LINKABLE under i_lock (Chao Yu) - f2fs: handle unallocated section and zone on pinned/atgc (Jaegeuk Kim) - media: uvcvideo: Allow entities with no pads (Ricardo Ribalda) - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails (Nicholas Kazlauskas) - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse (Nirmoy Das) - drm/amdgpu: Add check to prevent IH overflow (Defang Bo) - crypto: tcrypt - avoid signed overflow in byte count (Ard Biesheuvel) - drm/hisilicon: Fix use-after-free (Tian Tao) - brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet (Hans de Goede) - brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet (Hans de Goede) - staging: bcm2835-audio: Replace unsafe strcpy() with strscpy() (Juerg Haefliger) - staging: most: sound: add sanity check for function argument (Christian Gromm) - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data (Gopal Tiwari) - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (Fangrui Song) - ath10k: fix wmi mgmt tx queue full due to race condition (Miaoqing Pan) - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() (Di Zhu) - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl (Claire Chang) - wlcore: Fix command execute failure 19 for wl12xx (Tony Lindgren) - vt/consolemap: do font sum unsigned (Jiri Slaby) - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk (Heiner Kallweit) - staging: fwserial: Fix error handling in fwserial_create (Dinghao Liu) - rsi: Move card interrupt handling to RX thread (Marek Vasut) - rsi: Fix TX EAPOL packet handling against iwlwifi AP (Marek Vasut) - drm/virtio: use kvmalloc for large allocations (Sergey Senozhatsky) - MIPS: Drop 32-bit asm string functions (Paul Burton) - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ (Geert Uytterhoeven) - dt-bindings: ethernet-controller: fix fixed-link specification (Russell King) - net: fix dev_ifsioc_locked() race condition (Cong Wang) - net: ag71xx: remove unnecessary MTU reservation (DENG Qingfang) - net: bridge: use switchdev for port flags set through sysfs too (Vladimir Oltean) - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing (Li Xinhai) - nbd: handle device refs for DESTROY_ON_DISCONNECT properly (Josef Bacik) - net: fix up truesize of cloned skb in skb_prepare_for_shift() (Marco Elver) - smackfs: restrict bytes count in smackfs write functions (Sabyrzhan Tasbolatov) - net/af_iucv: remove WARN_ONCE on malformed RX packets (Alexander Egorenkov) - xfs: Fix assert failure in xfs_setattr_size() (Yumei Huang) - media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate (Hans Verkuil) - erofs: fix shift-out-of-bounds of blkszbits (Gao Xiang) - media: mceusb: sanity check for prescaler value (Sean Young) - udlfb: Fix memory leak in dlfb_usb_probe (Zqiang) - JFS: more checks for invalid superblock (Randy Dunlap) - MIPS: VDSO: Use CLANG_FLAGS instead of filtering out --target= (Nathan Chancellor) - arm64 module: set plt* section addresses to 0x0 (Shaoying Xu) - nvme-pci: fix error unwind in nvme_map_data (Christoph Hellwig) - nvme-pci: refactor nvme_unmap_data (Christoph Hellwig) - Input: elantech - fix protocol errors for some trackpoints in SMBus mode (jingle.wu) - net: usb: qmi_wwan: support ZTE P685M modem (Lech Perczak) - LTS tag: v5.4.102 (Jack Vogel) - ARM: dts: aspeed: Add LCLK to lpc-snoop (John Wang) - net: qrtr: Fix memory leak in qrtr_tun_open (Takeshi Misawa) - dm era: Update in-core bitset after committing the metadata (Nikos Tsironis) - net: sched: fix police ext initialization (Vlad Buslov) - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending (Jason A. Donenfeld) - ipv6: silence compilation warning for non-IPV6 builds (Leon Romanovsky) - ipv6: icmp6: avoid indirect call for icmpv6_send() (Eric Dumazet) - xfrm: interface: use icmp_ndo_send helper (Jason A. Donenfeld) - sunvnet: use icmp_ndo_send helper (Jason A. Donenfeld) - gtp: use icmp_ndo_send helper (Jason A. Donenfeld) - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n (Jason A. Donenfeld) - icmp: introduce helper for natd source address in network device context (Jason A. Donenfeld) - drm/i915: Reject 446-480MHz HDMI clock on GLK (Ville Syrjala) - dm era: only resize metadata in preresume (Nikos Tsironis) - dm era: Reinitialize bitset cache before digesting a new writeset (Nikos Tsironis) - dm era: Use correct value size in equality function of writeset tree (Nikos Tsironis) - dm era: Fix bitset memory leaks (Nikos Tsironis) - dm era: Verify the data block size hasnt changed (Nikos Tsironis) - dm era: Recover committed writeset after crash (Nikos Tsironis) - dm writecache: fix writing beyond end of underlying device when shrinking (Mikulas Patocka) - dm: fix deadlock when swapping to encrypted device (Mikulas Patocka) - gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end (Andreas Gruenbacher) - gfs2: Dont skip dlm unlock if glock has an lvb (Bob Peterson) - spi: spi-synquacer: fix set_cs handling (Masahisa Kojima) - sparc32: fix a user-triggerable oops in clear_user() (Al Viro) - f2fs: fix out-of-repair __setattr_copy() (Chao Yu) - um: mm: check more comprehensively for stub changes (Johannes Berg) - virtio/s390: implement virtio-ccw revision 2 correctly (Cornelia Huck) - s390/vtime: fix inline assembly clobber list (Heiko Carstens) - cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available (Chen Yu) - printk: fix deadlock when kernel panic (Muchun Song) - gpio: pcf857x: Fix missing first interrupt (Maxim Kiselev) - spmi: spmi-pmic-arb: Fix hw_irq overflow (Subbaraman Narayanamurthy) - powerpc/32s: Add missing call to kuep_lock on syscall entry (Christophe Leroy) - mmc: sdhci-esdhc-imx: fix kernel panic when remove module (Frank Li) - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (Fangrui Song) - media: smipcie: fix interrupt handling and IR timeout (Sean Young) - arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 (Suzuki K Poulose) - hugetlb: fix copy_huge_page_from_user contig page struct assumption (Mike Kravetz) - hugetlb: fix update_and_free_page contig page struct assumption (Mike Kravetz) - x86: fix seq_file iteration for pat/memtype.c (NeilBrown) - seq_file: document how per-entry resources are managed. (NeilBrown) - fs/affs: release old buffer head on error path (Pan Bian) - mtd: spi-nor: hisi-sfc: Put child node np on error path (Pan Bian) - mtd: spi-nor: core: Add erase size check for erase command initialization (Takahiro Kuwano) - mtd: spi-nor: core: Fix erase type discovery for overlaid region (Takahiro Kuwano) - mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region (Takahiro Kuwano) - mtd: spi-nor: sfdp: Fix last erase region marking (Takahiro Kuwano) - watchdog: mei_wdt: request stop on unregister (Alexander Usyskin) - watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ (Sai Prakash Ranjan) - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (He Zhe) - arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() fails (qiuguorui1) - floppy: reintroduce O_NDELAY fix (Jiri Kosina) - rcu/nocb: Perform deferred wake up before last idles need_resched() check (Frederic Weisbecker) - rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers (Frederic Weisbecker) - powerpc/prom: Fix ibm,arch-vec-5-platform-support scan (Cedric Le Goater) - x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson) - x86/virt: Eat faults on VMXOFF in reboot flows (Sean Christopherson) - media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt() (Pavel Machek) - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table (Martin Kaiser) - staging: gdm724x: Fix DMA from stack (Amey Narkhede) - staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c (Ilya Lipnitskiy) - dts64: mt7622: fix slow sd card access (Frank Wunderlich) - pstore: Fix typo in compression option name (Jiri Bohac) - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue (Sabyrzhan Tasbolatov) - misc: rtsx: init of rts522a add OCP power off when no card is present (Ricky Wu) - seccomp: Add missing return in non-void function (Paul Cercueil) - crypto: sun4i-ss - initialize need_fallback (Corentin Labbe) - crypto: sun4i-ss - handle BigEndian for cipher (Corentin Labbe) - crypto: sun4i-ss - checking sg length is not sufficient (Corentin Labbe) - crypto: aesni - prevent misaligned buffers on the stack (Ard Biesheuvel) - crypto: arm64/sha - add missing module aliases (Ard Biesheuvel) - btrfs: fix extent buffer leak on failure to copy root (Filipe Manana) - btrfs: splice remaining dirty_bgs onto the transaction dirty bg list (Josef Bacik) - btrfs: fix reloc root leak with 0 ref reloc roots on recovery (Josef Bacik) - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root (Josef Bacik) - KEYS: trusted: Fix migratable=1 failing (Jarkko Sakkinen) - tpm_tis: Clean up locality release (James Bottomley) - tpm_tis: Fix check_locality for correct locality acquisition (James Bottomley) - erofs: initialized fields can only be observed after bit is set (Gao Xiang) - drm/sched: Cancel and flush all outstanding jobs before finish. (Andrey Grodzovsky) - drm/nouveau/kms: handle mDP connectors (Karol Herbst) - drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2) (Alex Deucher) - drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1 (Rodrigo Siqueira) - bcache: Move journal work to new flush wq (Kai Krakow) - bcache: Give btree_io_wq correct semantics again (Kai Krakow) - Revert bcache: Kill btree_io_wq (Kai Krakow) - ALSA: hda/realtek: modify EAPD in the ALC886 (PeiSen Hou) - ALSA: hda: Add another CometLake-H PCI ID (Kai Vehmanen) - USB: serial: mos7720: fix error code in mos7720_write() (Dan Carpenter) - USB: serial: mos7840: fix error code in mos7840_write() (Dan Carpenter) - USB: serial: ftdi_sio: fix FTX sub-integer prescaler (Johan Hovold) - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt (Thinh Nguyen) - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 (Thinh Nguyen) - usb: musb: Fix runtime PM race in musb_queue_resume_work (Paul Cercueil) - USB: serial: option: update interface mapping for ZTE P685M (Lech Perczak) - media: mceusb: Fix potential out-of-bounds shift (James Reynolds) - Input: i8042 - add ASUS Zenbook Flip to noselftest list (Marcos Paulo de Souza) - Input: joydev - prevent potential read overflow in ioctl (Dan Carpenter) - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S (Olivier Crete) - Input: raydium_ts_i2c - do not send zero length (jeffrey.lin) - HID: wacom: Ignore attempts to overwrite the touch_max value from HID (Jason Gerecke) - HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming (Filipe Lains) - ACPI: configfs: add missing check after configfs_register_default_group() (Qinglang Miao) - ACPI: property: Fix fwnode string properties matching (Rafael J. Wysocki) - blk-settings: align max_sectors on logical_block_size boundary (Mikulas Patocka) - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors (Randy Dunlap) - mm/rmap: fix potential pte_unmap on an not mapped pte (Miaohe Lin) - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (Maxime Ripard) - arm64: Add missing ISB after invalidating TLB in __primary_switch (Marc Zyngier) - r8169: fix jumbo packet handling on RTL8168e (Heiner Kallweit) - mm/compaction: fix misbehaviors of fast_find_migrateblock() (Wonhyuk Yang) - mm/hugetlb: fix potential double free in hugetlb_register_node() error path (Miaohe Lin) - mm/memory.c: fix potential pte_unmap_unlock pte error (Miaohe Lin) - ocfs2: fix a use after free on error (Dan Carpenter) - vxlan: move debug check after netdev unregister (Taehee Yoo) - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (Chuhong Yuan) - vfio/type1: Use follow_pte() (Alex Williamson) - i40e: Fix add TC filter for IPv6 (Mateusz Palczewski) - i40e: Fix VFs not created (Sylwester Dziedziuch) - i40e: Fix addition of RX filters after enabling FW LLDP agent (Mateusz Palczewski) - i40e: Fix overwriting flow control settings during driver loading (Mateusz Palczewski) - i40e: Add zero-initialization of AQ command structures (Mateusz Palczewski) - i40e: Fix flow for IPv6 next header (extension header) (Slawomir Laba) - regmap: sdw: use _no_pm functions in regmap_read/write (Bard Liao) - nvmem: core: skip child nodes not matching binding (Ahmad Fatoum) - nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of() (Dan Carpenter) - ext4: fix potential htree index checksum corruption (Theodore Tso) - vfio/iommu_type1: Fix some sanity checks in detach group (Keqian Zhu) - drm/msm/mdp5: Fix wait-for-commit for cmd panels (Iskren Chernev) - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (Konrad Dybcio) - mei: hbm: call mei_set_devstate() on hbm stop response (Alexander Usyskin) - PCI: Align checking of syscall user config accessors (Heiner Kallweit) - VMCI: Use set_page_dirty_lock() when unregistering guest memory (Jorgen Hansen) - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() (Simon South) - soundwire: cadence: fix ACK/NAK handling (Pierre-Louis Bossart) - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (Aswath Govindraju) - phy: rockchip-emmc: emmc_phy_init() always return 0 (Chris Ruehl) - misc: eeprom_93xx46: Fix module alias to enable module autoprobe (Aswath Govindraju) - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set (Randy Dunlap) - Input: elo - fix an error code in elo_connect() (Dan Carpenter) - perf test: Fix unaligned access in sample parsing test (Namhyung Kim) - perf intel-pt: Fix premature IPC (Adrian Hunter) - perf intel-pt: Fix missing CYC processing in PSB (Adrian Hunter) - Input: sur40 - fix an error code in sur40_probe() (Dan Carpenter) - RDMA/hns: Fixes missing error code of CMDQ (Lang Cheng) - nfsd: register pernet ops last, unregister first (J. Bruce Fields) - clk: aspeed: Fix APLL calculate formula from ast2600-A2 (Ryan Chen) - regulator: qcom-rpmh: fix pm8009 ldo7 (Jonathan Marek) - spi: pxa2xx: Fix the controller numbering for Wildcat Point (Andy Shevchenko) - RDMA/hns: Fix type of sq_signal_bits (Weihang Li) - RDMA/siw: Fix calculation of tx_valid_cpus size (Kamal Heib) - RDMA/hns: Fixed wrong judgments in the goto branch (Wenpeng Liang) - clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs (AngeloGioacchino Del Regno) - powerpc/8xx: Fix software emulation interrupt (Christophe Leroy) - powerpc/pseries/dlpar: handle ibm, configure-connector delay status (Nathan Lynch) - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() (Dan Carpenter) - spi: stm32: properly handle 0 byte transfer (Alain Volmat) - RDMA/rxe: Correct skb on loopback path (Bob Pearson) - RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt (Bob Pearson) - RDMA/rxe: Fix coding error in rxe_recv.c (Bob Pearson) - perf vendor events arm64: Fix Ampere eMag event typo (John Garry) - perf tools: Fix DSO filtering when not finding a map for a sampled address (Arnaldo Carvalho de Melo) - tracepoint: Do not fail unregistering a probe due to memory failure (Steven Rostedt (VMware)) - IB/cm: Avoid a loop when device has 255 ports (Parav Pandit) - IB/mlx5: Return appropriate error code instead of ENOMEM (Parav Pandit) - amba: Fix resource leak for drivers without .remove (Uwe Kleine-Konig) - i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct (Roja Rani Yarubandi) - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (Vladimir Murzin) - mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes (Takeshi Saito) - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (Christophe JAILLET) - mmc: sdhci-sprd: Fix some resource leaks in the remove function (Christophe JAILLET) - powerpc/47x: Disable 256k page size (Christophe Leroy) - KVM: PPC: Make the VMX instruction emulation routines static (Cedric Le Goater) - IB/umad: Return EPOLLERR in case of when device disassociated (Shay Drory) - IB/umad: Return EIO in case of when device disassociated (Shay Drory) - objtool: Fix .cold section suffix check for newer versions of GCC (Josh Poimboeuf) - objtool: Fix error handling for STD/CLD warnings (Josh Poimboeuf) - auxdisplay: ht16k33: Fix refresh rate handling (Geert Uytterhoeven) - isofs: release buffer head before return (Pan Bian) - regulator: core: Avoid debugfs: Directory ... already present! error (Hans de Goede) - regulator: s5m8767: Drop regulators OF node reference (Krzysztof Kozlowski) - spi: atmel: Put allocated master before return (Pan Bian) - regulator: s5m8767: Fix reference count leak (Pan Bian) - certs: Fix blacklist flag type confusion (David Howells) - regulator: axp20x: Fix reference cout leak (Pan Bian) - clk: sunxi-ng: h6: Fix clock divider range on some clocks (Andre Przywara) - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation (Yishai Hadas) - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined (Tom Rix) - clocksource/drivers/ixp4xx: Select TIMER_OF when needed (Arnd Bergmann) - rtc: s5m: select REGMAP_I2C (Bartosz Golaszewski) - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (Claudiu Beznea) - of/fdt: Make sure no-map does not remove already reserved regions (Nicolas Boichat) - fdt: Properly handle no-map field in the memory region (KarimAllah Ahmed) - mfd: bd9571mwv: Use devm_mfd_add_devices() (Yoshihiro Shimoda) - dmaengine: hsu: disable spurious interrupt (Ferry Toth) - dmaengine: owl-dma: Fix a resource leak in the remove function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in the remove function (Christophe JAILLET) - RDMA/siw: Fix handling of zero-sized Read and Receive Queues. (Bernard Metzler) - HID: core: detect and skip invalid inputs to snto32() (Randy Dunlap) - clk: sunxi-ng: h6: Fix CEC clock (Andre Przywara) - spi: cadence-quadspi: Abort read if dummy cycles required are too many (Pratyush Yadav) - i2c: iproc: handle master read request (Rayagonda Kokatanur) - i2c: iproc: update slave isr mask (ISR_MASK_SLAVE) (Rayagonda Kokatanur) - i2c: iproc: handle only slave interrupts which are enabled (Rayagonda Kokatanur) - quota: Fix memory leak when handling corrupted quota file (Jan Kara) - selftests/powerpc: Make the test check in eeh-basic.sh posix compliant (Po-Hsu Lin) - clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate() (Martin Blumenstingl) - clk: meson: clk-pll: make ret a signed integer (Martin Blumenstingl) - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL (Martin Blumenstingl) - HSI: Fix PM usage counter unbalance in ssi_hw_init (Zhang Qilong) - capabilities: Dont allow writing ambiguous v3 file capabilities (Eric W. Biederman) - ubifs: Fix error return code in alloc_wbufs() (Wang ShaoBo) - ubifs: Fix memleak in ubifs_init_authentication (Dinghao Liu) - jffs2: fix use after free in jffs2_sum_write_data() (Tom Rix) - fs/jfs: fix potential integer overflow on shift of a int (Colin Ian King) - ASoC: simple-card-utils: Fix device module clock (Sameer Pujar) - ima: Free IMA measurement buffer after kexec syscall (Lakshmi Ramasubramanian) - ima: Free IMA measurement buffer on error (Lakshmi Ramasubramanian) - crypto: ecdh_helper - Ensure len >= secret.len in decode_key() (Daniele Alessandrelli) - hwrng: timeriomem - Fix cooldown period calculation (Jan Henrik Weinstock) - btrfs: clarify error returns values in __load_free_space_cache (Zhihao Cheng) - ASoC: SOF: debug: Fix a potential issue on string buffer termination (Hui Wang) - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() (Andrea Parri (Microsoft)) - f2fs: fix a wrong condition in __submit_bio (Dehe Gu) - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() (Dan Carpenter) - f2fs: fix to avoid inconsistent quota data (Yi Chen) - mtd: parsers: afs: Fix freeing the part name memory in failure (Manivannan Sadhasivam) - ASoC: cpcap: fix microphone timeslot mask (Sebastian Reichel) - ata: ahci_brcm: Add back regulators management (Florian Fainelli) - crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) (Christophe Leroy) - mtd: parser: imagetag: fix error codes in bcm963xx_parse_imagetag_partitions() (Dan Carpenter) - sched/eas: Dont update misfit status if the task is pinned (Qais Yousef) - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (Laurent Pinchart) - media: pxa_camera: declare variable when DEBUG is defined (Tom Rix) - media: cx25821: Fix a bug when reallocating some dma memory (Christophe JAILLET) - media: qm1d1c0042: fix error return code in qm1d1c0042_init() (Luo Meng) - media: lmedm04: Fix misuse of comma (Joe Perches) - media: software_node: Fix refcounts in software_node_get_next_child() (Daniel Scally) - drm/amd/display: Fix HDMI deep color output for DCE 6-11. (Mario Kleiner) - drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. (Mario Kleiner) - bsg: free the request before return error code (Pan Bian) - MIPS: properly stop .eh_frame generation (Alexander Lobakin) - drm/sun4i: tcon: fix inverted DCLK polarity (Giulio Benetti) - crypto: bcm - Rename struct device_private to bcm_device_private (Jiri Olsa) - evm: Fix memleak in init_desc (Dinghao Liu) - ASoC: cs42l56: fix up error handling in probe (Dan Carpenter) - media: aspeed: fix error return code in aspeed_video_setup_video() (Zhang Changzhong) - media: tm6000: Fix memleak in tm6000_start_stream (Dinghao Liu) - media: media/pci: Fix memleak in empress_init (Dinghao Liu) - media: em28xx: Fix use-after-free in em28xx_alloc_urbs (Dinghao Liu) - media: vsp1: Fix an error handling path in the probe function (Christophe JAILLET) - media: camss: missing error code in msm_video_register() (Dan Carpenter) - media: imx: Fix csc/scaler unregister (Ezequiel Garcia) - media: imx: Unregister csc/scaler only if registered (Ezequiel Garcia) - media: i2c: ov5670: Fix PIXEL_RATE minimum value (Jacopo Mondi) - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 (Nathan Chancellor) - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init (Nathan Chancellor) - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition (Chenyang Li) - crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled (Ard Biesheuvel) - crypto: sun4i-ss - fix kmap usage (Corentin Labbe) - crypto: sun4i-ss - linearize buffers content must be kept (Corentin Labbe) - drm/fb-helper: Add missed unlocks in setcmap_legacy() (Chuhong Yuan) - gma500: clean up error handling in init (Dan Carpenter) - drm/gma500: Fix error return code in psb_driver_load() (Jialin Zhang) - fbdev: aty: SPARC64 requires FB_ATY_CT (Randy Dunlap) - net: mvneta: Remove per-cpu queue mapping for Armada 3700 (Maxime Chevallier) - net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP (Shyam Sundar S K) - net: amd-xgbe: Reset link when the link never comes back (Shyam Sundar S K) - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning (Shyam Sundar S K) - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (Shyam Sundar S K) - ibmvnic: skip send_request_unmap for timeout reset (Lijun Pan) - ibmvnic: add memory barrier to protect long term buffer (Lijun Pan) - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case (Colin Ian King) - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds (Ayush Sawal) - net: axienet: Handle deferred probe on clock properly (Robert Hancock) - tcp: fix SO_RCVLOWAT related hangs under mem pressure (Eric Dumazet) - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx (Jesper Dangaard Brouer) - mac80211: fix potential overflow when multiplying to u32 integers (Colin Ian King) - xen/netback: fix spurious event detection for common event case (Juergen Gross) - bnxt_en: reverse order of TX disable and carrier off (Edwin Peer) - ibmvnic: Set to CLOSED state even on error (Sukadev Bhattiprolu) - ath9k: fix data bus crash when setting nf_override via debugfs (Linus Lussing) - bpf_lru_list: Read double-checked variable once without lock (Marco Elver) - soc: aspeed: snoop: Add clock control logic (Jae Hyun Yoo) - ARM: s3c: fix fiq for clang IAS (Arnd Bergmann) - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address (Vincent Knecht) - Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv (Jupeng Zhong) - arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to a53-firmware (Marek Behun) - ARM: dts: armada388-helios4: assign pinctrl to each fan (Rosen Penev) - ARM: dts: armada388-helios4: assign pinctrl to LEDs (Rosen Penev) - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (Chen-Yu Tsai) - usb: dwc2: Make trimming xfer length a debug message (Guenter Roeck) - usb: dwc2: Abort transaction after errors with unknown reason (Guenter Roeck) - usb: dwc2: Do not update data length if it is 0 on inbound transfers (Guenter Roeck) - ARM: dts: Configure missing thermal interrupt for 4430 (Tony Lindgren) - memory: ti-aemif: Drop child node when jumping out loop (Pan Bian) - Bluetooth: Put HCI device if inquiry procedure interrupts (Pan Bian) - Bluetooth: drop HCI device reference before return (Pan Bian) - usb: gadget: u_audio: Free requests only after callback (Jack Pham) - ACPICA: Fix exception code class checks (Maximilian Luz) - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() (Christophe JAILLET) - cpufreq: brcmstb-avs-cpufreq: Free resources in error path (Christophe JAILLET) - arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz (Andre Przywara) - arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency (Andre Przywara) - arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card (Andre Przywara) - arm64: dts: allwinner: H6: properly connect USB PHY to port 0 (Andre Przywara) - arm64: dts: allwinner: A64: properly connect USB PHY to port 0 (Andre Przywara) - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args (Andrii Nakryiko) - bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (Andrii Nakryiko) - memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops (Zhang Qilong) - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso (Krzysztof Kozlowski) - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 (Krzysztof Kozlowski) - Bluetooth: Fix initializing response id after clearing struct (Christopher William Snowhill) - Bluetooth: hci_uart: Fix a race for write_work scheduling (Claire Chang) - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - ath10k: Fix error handling in case of CE pipe init failure (Rakesh Pillai) - random: fix the RNDRESEEDCRNG ioctl (Eric Biggers) - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section (Alexander Lobakin) - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode (Takashi Iwai) - bfq: Avoid false bfq queue merging (Jan Kara) - virt: vbox: Do not use wait_event_interruptible when called from kernel context (Hans de Goede) - PCI: Decline to resize resources if boot config must be preserved (Ard Biesheuvel) - PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 (Ansuel Smith) - kdb: Make memory allocations more robust (Sumit Garg) - debugfs: do not attempt to create a new file before the filesystem is initalized (Greg Kroah-Hartman) - debugfs: be more robust at handling improper input in debugfs_lookup() (Greg Kroah-Hartman) - vmlinux.lds.h: add DWARF v5 sections (Nick Desaulniers) - x86/mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN (Tony Luck) [Orabug: 32978709] - x86/mce: Add Xeon Icelake to list of CPUs that support PPIN (Tony Luck) [Orabug: 32978709] - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() (Rafael J. Wysocki) [Orabug: 32977864] - ACPI: tables: x86: Reserve memory occupied by ACPI tables (Rafael J. Wysocki) [Orabug: 32977864] - uek-rpm: update kABI lists for a new symbol (Saeed Mirzamohammadi) [Orabug: 32977531] - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Thomas Gleixner) [Orabug: 32969739] - bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912033] {CVE-2021-32399} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23133 CVE-2021-33034 CVE-2021-32399 CVE-2021-33033 CVE-2019-2308 CVE-2020-25671 CVE-2020-25670 CVE-2020-25672 CVE-2021-29155 CVE-2021-31829 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820275] - bpf: Fix masking negation logic upon negative dst register (Daniel Borkmann) [Orabug: 32911990] {CVE-2021-31829} - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863585] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863585] [5.4.17-2102.203.3] - ksplice: use -fno-reorder-functions -fno-section-anchors (Vegard Nossum) [Orabug: 32908850] - ksplice: fixup for -ffunction-sections -fdata-sections (Vegard Nossum) [Orabug: 32908850] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982353] - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted (Quinn Tran) [Orabug: 32989005] - blk-mq: fix blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957629] - blk-mq: split out a __blk_mq_get_driver_tag helper (Christoph Hellwig) [Orabug: 32957629] - blk-mq: drain I/O when all CPUs in a hctx are offline (Ming Lei) [Orabug: 32957629] - blk-mq: add blk_mq_all_tag_iter (Ming Lei) [Orabug: 32957629] - Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka) [Orabug: 32912099] {CVE-2021-33034} - perf/x86/intel/uncore: Fix a kernel WARNING triggered by maxcpus=1 (Kan Liang) [Orabug: 32925098] - net: sched: fix tx action reschedule issue with stopped queue (Yunsheng Lin) [Orabug: 32911885] - net: sched: fix tx action rescheduling issue during deactivation (Yunsheng Lin) [Orabug: 32911885] - net: sched: fix packet stuck problem for lockless qdisc (Yunsheng Lin) [Orabug: 32911885] - scsi: bnx2fc: Return failure if io_req is already in ABTS processing (Gulam Mohamed) [Orabug: 32999623] [5.4.17-2102.203.2] - LTS tag: v5.4.114 (Jack Vogel) - net: phy: marvell: fix detection of PHY on Topaz switches (Pali Rohar) - ARM: 9071/1: uprobes: Dont hook on thumb instructions (Fredrik Strupe) - r8169: dont advertise pause in jumbo mode (Heiner Kallweit) - r8169: tweak max read request size for newer chips also in jumbo mtu mode (Heiner Kallweit) - r8169: improve rtl_jumbo_config (Heiner Kallweit) - r8169: fix performance regression related to PCIe max read request size (Heiner Kallweit) - r8169: simplify setting PCI_EXP_DEVCTL_NOSNOOP_EN (Heiner Kallweit) - r8169: remove fiddling with the PCIe max read request size (Heiner Kallweit) - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems (Andre Przywara) - ARM: footbridge: fix PCI interrupt mapping (Russell King) - gro: ensure frag0 meets IP header alignment (Eric Dumazet) - ibmvnic: remove duplicate napi_schedule call in open function (Lijun Pan) - ibmvnic: remove duplicate napi_schedule call in do_reset function (Lijun Pan) - ibmvnic: avoid calling napi_disable() twice (Lijun Pan) - i40e: fix the panic when running bpf in xdpdrv mode (Jason Xing) - net: ip6_tunnel: Unregister catch-all devices (Hristo Venev) - net: sit: Unregister catch-all devices (Hristo Venev) - net: davicom: Fix regulator not turned off on failed probe (Christophe JAILLET) - netfilter: nft_limit: avoid possible divide error in nft_limit_init (Eric Dumazet) - net: macb: fix the restore of cmp registers (Claudiu Beznea) - netfilter: arp_tables: add pre_exit hook for table unregister (Florian Westphal) - netfilter: bridge: add pre_exit hooks for ebtable unregistration (Florian Westphal) - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC (Vaibhav Jain) - netfilter: conntrack: do not print icmpv6 as unknown via /proc (Pablo Neira Ayuso) - scsi: libsas: Reset num_scatter if libata marks qc as NODATA (Jolly Shah) - riscv: Fix spelling mistake SPARSEMEM to SPARSMEM (Kefeng Wang) - vfio/pci: Add missing range check in vfio_pci_mmap (Christian A. Ehrhardt) - arm64: alternatives: Move length validation in alternative_{insn, endif} (Nathan Chancellor) - arm64: fix inline asm in load_unaligned_zeropad() (Peter Collingbourne) - readdir: make sure to verify directory entry for legacy interfaces too (Linus Torvalds) - dm verity fec: fix misaligned RS roots IO (Jaegeuk Kim) - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (Ping Cheng) - Input: i8042 - fix Pegatron C15B ID entry (Arnd Bergmann) - Input: s6sy761 - fix coordinate read bit shift (Caleb Connolly) - virt_wifi: Return micros for BSS TSF values (A. Cody Schuffelen) - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN (Seevalamuthu Mariappan) - pcnet32: Use pci_resource_len to validate PCI resource (Guenter Roeck) - net: ieee802154: forbid monitor for add llsec seclevel (Alexander Aring) - net: ieee802154: stop dump llsec seclevels for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec devkey (Alexander Aring) - net: ieee802154: forbid monitor for add llsec devkey (Alexander Aring) - net: ieee802154: stop dump llsec devkeys for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec dev (Alexander Aring) - net: ieee802154: forbid monitor for add llsec dev (Alexander Aring) - net: ieee802154: stop dump llsec devs for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec key (Alexander Aring) - net: ieee802154: forbid monitor for add llsec key (Alexander Aring) - net: ieee802154: stop dump llsec keys for monitors (Alexander Aring) - scsi: scsi_transport_srp: Dont block target in SRP_PORT_LOST state (Martin Wilck) - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (Alexander Shiyan) - drm/msm: Fix a5xx/a6xx timestamps (Rob Clark) - ARM: omap1: fix building with clang IAS (Arnd Bergmann) - ARM: keystone: fix integer overflow warning (Arnd Bergmann) - neighbour: Disregard DEAD dst in neigh_update (Tong Zhu) - ASoC: max98373: Added 30ms turn on/off time delay (Ryan Lee) - arc: kernel: Return -EFAULT if copy_to_user() fails (Wang Qing) - lockdep: Add a missing initialization hint to the INFO: Trying to register non-static key message (Tetsuo Handa) - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 (Tony Lindgren) - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race (Tony Lindgren) - dmaengine: dw: Make it dependent to HAS_IOMEM (Andy Shevchenko) - gpio: sysfs: Obey valid_mask (Matti Vaittinen) - Input: nspire-keypad - enable interrupts only when opened (Fabian Vogt) - net/sctp: fix race condition in sctp_destroy_sock (Or Cohen) {CVE-2021-23133} - scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Quinn Tran) - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (Shyam Sundar) - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Quinn Tran) - scsi: qla2xxx: Dual FCP-NVMe target port support (Michael Hernandez) - Revert scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Sasha Levin) - Revert scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Sasha Levin) - LTS tag: v5.4.113 (Jack Vogel) - xen/events: fix setting irq affinity (Juergen Gross) - perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches (Arnaldo Carvalho de Melo) - perf tools: Use %zd for size_t printf formats on 32-bit (Chris Wilson) - perf tools: Use - driver core: Fix locking bug in deferred_probe_timeout_work_func() (Saravana Kannan) - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) - block: dont ignore REQ_NOWAIT for direct IO (Pavel Begunkov) - riscv,entry: fix misaligned base for excp_vect_table (Zihao Yu) - idr test suite: Create anchor before launching throbber (Matthew Wilcox (Oracle)) - idr test suite: Take RCU read lock in idr_find_test_1 (Matthew Wilcox (Oracle)) - radix tree test suite: Register the main thread with the RCU library (Matthew Wilcox (Oracle)) - block: only update parent bi_status when bio fail (Yufen Yu) - drm/tegra: dc: Dont set PLL clock to 0Hz (Dmitry Osipenko) - gfs2: report already frozen/thawed errors (Bob Peterson) - drm/imx: imx-ldb: fix out of bounds array access warning (Arnd Bergmann) - KVM: arm64: Disable guest access to trace filter controls (Suzuki K Poulose) - KVM: arm64: Hide system instruction access to Trace registers (Suzuki K Poulose) - interconnect: core: fix error return code of icc_link_destroy() (Jia-Ju Bai) - LTS tag: v5.4.112 (Jack Vogel) - Revert cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. (Greg Kroah-Hartman) - net: ieee802154: stop dump llsec params for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec seclevel (Alexander Aring) - net: ieee802154: forbid monitor for set llsec params (Alexander Aring) - net: ieee802154: fix nl802154 del llsec devkey (Alexander Aring) - net: ieee802154: fix nl802154 add llsec key (Alexander Aring) - net: ieee802154: fix nl802154 del llsec dev (Alexander Aring) - net: ieee802154: fix nl802154 del llsec key (Alexander Aring) - net: ieee802154: nl-mac: fix check on panid (Alexander Aring) - net: mac802154: Fix general protection fault (Pavel Skripkin) - drivers: net: fix memory leak in peak_usb_create_dev (Pavel Skripkin) - drivers: net: fix memory leak in atusb_probe (Pavel Skripkin) - net: tun: set tun->dev->addr_len during TUNSETLINK processing (Phillip Potter) - cfg80211: remove WARN_ON() in cfg80211_sme_connect (Du Cheng) - net: sched: bump refcount for new action in ACT replace mode (Kumar Kartikeya Dwivedi) - dt-bindings: net: ethernet-controller: fix typo in NVMEM (Rafal Milecki) - clk: socfpga: fix iomem pointer cast on 64-bit (Krzysztof Kozlowski) - RDMA/addr: Be strict with gid size (Leon Romanovsky) - RDMA/cxgb4: check for ipv6 address properly while destroying listener (Potnuri Bharat Teja) - net/mlx5: Fix PBMC register mapping (Aya Levin) - net/mlx5: Fix placement of log_max_flow_counter (Raed Salem) - net: hns3: clear VF down state bit before request link status (Guangbin Huang) - openvswitch: fix send of uninitialized stack memory in ct limit reply (Ilya Maximets) - net: openvswitch: conntrack: simplify the return expression of ovs_ct_limit_get_default_limit() (Zheng Yongjun) - perf inject: Fix repipe usage (Adrian Hunter) - s390/cpcmd: fix inline assembly register clobbering (Alexander Gordeev) - workqueue: Move the position of debug_work_activate() in __queue_work() (Zqiang) - clk: fix invalid usage of list cursor in unregister (Lukasz Bartosik) - clk: fix invalid usage of list cursor in register (Lukasz Bartosik) - net: macb: restore cmp registers on resume path (Claudiu Beznea) - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs (Can Guo) - scsi: ufs: core: Fix task management request completion timeout (Can Guo) - scsi: ufs: Use blk_{get,put}_request() to allocate and free TMFs (Bart Van Assche) - scsi: ufs: Avoid busy-waiting by eliminating tag conflicts (Bart Van Assche) - scsi: ufs: Fix irq return code (Venkat Gopalakrishnan) - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...); (Norman Maurer) - drm/msm: Set drvdata to NULL when msm_drm_init() fails (Stephen Boyd) - i40e: Fix display statistics for veb_tc (Eryk Rybak) - soc/fsl: qbman: fix conflicting alignment attributes (Arnd Bergmann) - net/mlx5: Dont request more than supported EQs (Daniel Jurgens) - net/mlx5e: Fix ethtool indication of connector type (Aya Levin) - ASoC: sunxi: sun4i-codec: fill ASoC card owner (Bastian Germann) - net: phy: broadcom: Only advertise EEE for supported modes (Florian Fainelli) - nfp: flower: ignore duplicate merge hints from FW (Yinjun Zhang) - net/ncsi: Avoid channel_monitor hrtimer deadlock (Milton Miller) - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (Stefan Riedmueller) - net:tipc: Fix a double free in tipc_sk_mcast_rcv (Lv Yunlong) - cxgb4: avoid collecting SGE_QBASE regs during traffic (Rahul Lakkireddy) - gianfar: Handle error code at MAC address change (Claudiu Manoil) - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE (Oliver Hartkopp) - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0 (Oliver Stabler) - sch_red: fix off-by-one checks in red_check_params() (Eric Dumazet) - amd-xgbe: Update DMA coherency values (Shyam Sundar S K) - hostfs: fix memory handling in follow_link() (Al Viro) - hostfs: Use kasprintf() instead of fixed buffer formatting (Andy Shevchenko) - i40e: Fix kernel oops when i40e driver removes VFs (Eryk Rybak) - i40e: Added Asym_Pause to supported link modes (Mateusz Palczewski) - xfrm: Fix NULL pointer dereference on policy lookup (Steffen Klassert) - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (Shengjiu Wang) - ASoC: SOF: Intel: HDA: fix core status verification (Guennadi Liakhovetski) - ASoC: SOF: Intel: hda: remove unnecessary parentheses (Payal Kshirsagar) - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload (Xin Long) - net: xfrm: Localize sequence counter per network namespace (Ahmed S. Darwish) - regulator: bd9571mwv: Fix AVS and DVFS voltage range (Geert Uytterhoeven) - xfrm: interface: fix ipv4 pmtu check to honor ip header df (Eyal Birger) - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits (Martin Blumenstingl) - net: dsa: lantiq_gswip: Dont use PHY auto polling (Martin Blumenstingl) - virtio_net: Add XDP meta data support (Yuya Kusakabe) - i2c: turn recovery error on init to debug (Wolfram Sang) - usbip: synchronize event handler with sysfs code paths (Shuah Khan) - usbip: vudc synchronize sysfs code paths (Shuah Khan) - usbip: stub-dev synchronize sysfs code paths (Shuah Khan) - usbip: add sysfs_lock to synchronize sysfs code paths (Shuah Khan) - net: let skb_orphan_partial wake-up waiters. (Paolo Abeni) - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() (Maciej zenczykowski) - net: hsr: Reset MAC header for Tx path (Kurt Kanzenbach) - mac80211: fix TXQ AC confusion (Johannes Berg) - net: sched: sch_teql: fix null-pointer dereference (Pavel Tikhomirov) - i40e: Fix sparse error: vsi->netdev could be null (Arkadiusz Kubalewski) - i40e: Fix sparse warning: missing error code err (Arkadiusz Kubalewski) - net: ensure mac header is set in virtio_net_hdr_to_skb() (Eric Dumazet) - bpf, sockmap: Fix sk->prot unhash op reset (John Fastabend) - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx (Lv Yunlong) - net: hso: fix null-ptr-deref during tty device unregistration (Anirudh Rayabharam) - ice: Cleanup fltr list in case of allocation issues (Robert Malz) - ice: Fix for dereference of NULL pointer (Jacek Bulatek) - ice: Increase control queue timeout (Fabio Pricoco) - batman-adv: initialize struct batadv_tvlv_tt_vlan_data->reserved field (Tetsuo Handa) - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (Marek Behun) - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers (Gao Xiang) - parisc: parisc-agp requires SBA IOMMU driver (Helge Deller) - fs: direct-io: fix missing sdio->boundary (Jack Qiu) - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff (Mike Rapoport) - ia64: fix user_stack_pointer() for ptrace() (Sergei Trofimovich) - gcov: re-fix clang-11+ support (Nick Desaulniers) - drm/i915: Fix invalid access to ACPI _DSM objects (Takashi Iwai) - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock (Martin Blumenstingl) - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh (Muhammad Usama Anjum) - xen/evtchn: Change irq_info lock to raw_spinlock_t (Luca Fancellu) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() (Xiaoming Ni) - nfc: fix memory leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25672} - nfc: fix refcount leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25671} - nfc: fix refcount leak in llcp_sock_bind() (Xiaoming Ni) {CVE-2020-25670} - ASoC: intel: atom: Stop advertising non working S24LE support (Hans de Goede) - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (Takashi Iwai) - ALSA: aloop: Fix initialization of controls (Jonas Holmberg) - counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register (Fabrice Gasnier) - LTS tag: v5.4.111 (Jack Vogel) - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM (Masahiro Yamada) - init/Kconfig: make COMPILE_TEST depend on !S390 (Heiko Carstens) - nvme-mpath: replace direct_make_request with generic_make_request (Sagi Grimberg) - bpf, x86: Validate computation of branch displacements for x86-32 (Piotr Krysiuk) - cifs: Silently ignore unknown oplock break handle (Vincent Whitchurch) - cifs: revalidate mapping when we open files for SMB1 POSIX (Ronnie Sahlberg) - ia64: fix format strings for err_inject (Sergei Trofimovich) - ia64: mca: allocate early mca with GFP_ATOMIC (Sergei Trofimovich) - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() (Martin Wilck) - x86/build: Turn off -fcf-protection for realmode targets (Arnd Bergmann) - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (Esteve Varela Colominas) - netfilter: conntrack: Fix gre tunneling over ipv6 (Ludovic Senecaux) - drm/msm: Ratelimit invalid-fence message (Rob Clark) - drm/msm/adreno: a5xx_power: Dont apply A540 lm_setup to other GPUs (Konrad Dybcio) - mac80211: choose first enabled channel for monitor (Karthikeyan Kathirvel) - mISDN: fix crash in fritzpci (Tong Zhang) - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove (Pavel Andrianov) - net/mlx5e: Enforce minimum value check for ICOSQ size (Tariq Toukan) - bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp (Yonghong Song) - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (Alban Bedel) - bus: ti-sysc: Fix warning on unbind if reset is not deasserted (Tony Lindgren) - ARM: dts: am33xx: add aliases for mmc interfaces (Mans Rullgard) - LTS tag: v5.4.110 (Jack Vogel) - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (Du Cheng) - staging: rtl8192e: Change state information from u16 to u8 (Atul Gopinathan) - staging: rtl8192e: Fix incorrect source in memcpy() (Atul Gopinathan) - usb: dwc2: Prevent core suspend when port connection flag is 0 (Artur Petrosyan) - usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board. (Artur Petrosyan) - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (Tong Zhang) - USB: cdc-acm: fix use-after-free after probe failure (Johan Hovold) - USB: cdc-acm: fix double free on probe failure (Johan Hovold) - USB: cdc-acm: downgrade message to debug (Oliver Neukum) - USB: cdc-acm: untangle a circular dependency between callback and softint (Oliver Neukum) - cdc-acm: fix BREAK rx code path adding necessary calls (Oliver Neukum) - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (Chunfeng Yun) - usb: musb: Fix suspend with devices connected for a64 (Tony Lindgren) - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (Shuah Khan) - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (Zheyu Ma) - extcon: Fix error handling in extcon_dev_register (Dinghao Liu) - extcon: Add stubs for extcon_register_notifier_all() functions (Krzysztof Kozlowski) - pinctrl: rockchip: fix restore error in resume (Wang Panzhenzhuan) - vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends (Jason Gunthorpe) - reiserfs: update reiserfs_xattrs_initialized() condition (Tetsuo Handa) - drm/amdgpu: check alignment on CPU page for bo map (Xi Ruoyao) - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (Nirmoy Das) - mm: fix race by making init_zero_pfn() early_initcall (Ilya Lipnitskiy) - tracing: Fix stack trace event size (Steven Rostedt (VMware)) - PM: runtime: Fix ordering in pm_runtime_get_suppliers() (Adrian Hunter) - PM: runtime: Fix race getting/putting suppliers at probe (Adrian Hunter) - xtensa: move coprocessor_flush to the .text section (Max Filippov) - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook (Hui Wang) - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO (Hui Wang) - ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks (Takashi Iwai) - ALSA: hda: Re-add dropped snd_poewr_change_state() calls (Takashi Iwai) - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (Ikjoon Jang) - bpf: Remove MTU check in __bpf_skb_max_len (Jesper Dangaard Brouer) - net: wan/lmc: unregister device when no matching device is found (Tong Zhang) - appletalk: Fix skb allocation size in loopback case (Doug Brown) - net: ethernet: aquantia: Handle error cleanup of start on open (Nathan Rossi) - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (Shuah Khan) - brcmfmac: clear EAP/association status bits on linkdown events (Luca Pesce) - can: tcan4x5x: fix max register value (Sasha Levin) - net: introduce CAN specific pointer in the struct net_device (Oleksij Rempel) - can: dev: move driver related infrastructure into separate subdir (Marc Kleine-Budde) - flow_dissector: fix TTL and TOS dissection on IPv4 fragments (Davide Caratti) - net: mvpp2: fix interrupt mask/unmask skip condition (Sasha Levin) - ext4: do not iput inode under running transaction in ext4_rename() (zhangyi (F)) - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling (Waiman Long) - thermal/core: Add NULL pointer check before using cooling device stats (Manaf Meethalavalappu Pallikunhi) - ASoC: rt5659: Update MCLK rate in set_sysclk() (Sameer Pujar) - staging: comedi: cb_pcidas64: fix request_irq() warn (Tong Zhang) - staging: comedi: cb_pcidas: fix request_irq() warn (Tong Zhang) - scsi: qla2xxx: Fix broken #endif placement (Alexey Dobriyan) - scsi: st: Fix a use after free in st_open() (Lv Yunlong) - vhost: Fix vhost_vq_reset() (Laurent Vivier) - powerpc: Force inlining of cpu_has_feature() to avoid build failure (Christophe Leroy) - NFSD: fix error handling in NFSv4.0 callbacks (Olga Kornievskaia) - ASoC: cs42l42: Always wait at least 3ms after reset (Lucas Tanure) - ASoC: cs42l42: Fix mixer volume control (Lucas Tanure) - ASoC: cs42l42: Fix channel width support (Lucas Tanure) - ASoC: cs42l42: Fix Bitclock polarity inversion (Lucas Tanure) - ASoC: es8316: Simplify adc_pga_gain_tlv table (Hans de Goede) - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe (Benjamin Rood) - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - iomap: Fix negative assignment to unsigned sis->pages in iomap_swapfile_activate (Ritesh Harjani) - rpc: fix NULL dereference on kmalloc failure (J. Bruce Fields) - fs: nfsd: fix kconfig dependency warning for NFSD_V4 (Julian Braha) - ext4: fix bh ref count on error paths (Zhaolong Zhang) - ext4: shrink race window in ext4_should_retry_alloc() (Eric Whitney) - module: harden ELF info handling (Frank van der Linden) - module: avoid *goto*s in module_sig_check() (Sergey Shtylyov) - module: merge repetitive strings in module_sig_check() (Sergey Shtylyov) - modsign: print module name along with error message (Jessica Yu) - ipv6: weaken the v4mapped source check (Jakub Kicinski) - selinux: vsock: Set SID for socket returned by accept() (David Brazdil) - LTS tag: v5.4.109 (Jack Vogel) - xen-blkback: dont leak persistent grants from xen_blkbk_map() (Jan Beulich) - can: peak_usb: Revert can: peak_usb: add forgotten supported devices (Marc Kleine-Budde) - ext4: add reclaim checks to xattr code (Jan Kara) - mac80211: fix double free in ibss_leave (Markus Theil) - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (Eric Dumazet) - net: dsa: b53: VLAN filtering is global to all users (Florian Fainelli) - can: dev: Move device back to init netns on owning netns delete (Martin Willi) - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (Isaku Yamahata) - locking/mutex: Fix non debug version of mutex_lock_io_nested() (Thomas Gleixner) - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() (Jia-Ju Bai) - scsi: qedi: Fix error return code of qedi_alloc_global_queues() (Jia-Ju Bai) - scsi: Revert qla2xxx: Make sure that aborted commands are freed (Bart Van Assche) - block: recalculate segment count for multi-segment discards correctly (David Jeffery) - perf auxtrace: Fix auxtrace queue conflict (Adrian Hunter) - ACPI: scan: Use unique number for instance_no (Andy Shevchenko) - ACPI: scan: Rearrange memory allocation in acpi_device_add() (Rafael J. Wysocki) - Revert netfilter: x_tables: Update remaining dereference to RCU (Mark Tomlinson) - Revert netfilter: x_tables: Switch synchronization to RCU (Mark Tomlinson) - bpf: Dont do bpf_cgroup_storage_set() for kuprobe/tp programs (Sasha Levin) - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (Potnuri Bharat Teja) - PM: EM: postpone creating the debugfs dir till fs_initcall (Lukasz Luba) - net/mlx5e: Fix error path for ethtool set-priv-flag (Aya Levin) - PM: runtime: Defer suspending suppliers (Rafael J. Wysocki) - arm64: kdump: update ppos when reading elfcorehdr (Pavel Tatashin) - drm/msm: fix shutdown hook in case GPU components failed to bind (Dmitry Baryshkov) - libbpf: Fix BTF dump of pointer-to-array-of-struct (Jean-Philippe Brucker) - selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value (Hangbin Liu) - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (Corentin Labbe) - r8152: limit the RX buffer size of RTL8153A for USB 2.0 (Hayes Wang) - net: cdc-phonet: fix data-interface release on probe failure (Johan Hovold) - octeontx2-af: fix infinite loop in unmapping NPC counter (Hariprasad Kelam) - octeontx2-af: Fix irq free in rvu teardown (Geetha sowjanya) - libbpf: Use SOCK_CLOEXEC when opening the netlink socket (Kumar Kartikeya Dwivedi) - nfp: flower: fix pre_tun mask id allocation (Louis Peens) - mac80211: fix rate mask reset (Johannes Berg) - can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors (Torin Cooper-Bennun) - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning (Torin Cooper-Bennun) - can: c_can: move runtime PM enable/disable to c_can_platform (Tong Zhang) - can: c_can_pci: c_can_pci_remove(): fix use-after-free (Tong Zhang) - can: kvaser_pciefd: Always disable bus load reporting (Jimmy Assarsson) - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate (Angelo Dureghello) - can: peak_usb: add forgotten supported devices (Stephane Grosjean) - tcp: relookup sock for RST+ACK packets handled by obsolete req sock (Alexander Ovechkin) - netfilter: ctnetlink: fix dump of the expect mask attribute (Florian Westphal) - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed (Hangbin Liu) - ftgmac100: Restart MAC HW once (Dylan Hung) - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (Lv Yunlong) - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (Dinghao Liu) - e1000e: add rtnl_lock() to e1000_reset_task (Vitaly Lifshits) - igc: Fix Supported Pause Frame Link Setting (Muhammad Husaini Zulkifli) - igc: Fix Pause Frame Advertising (Muhammad Husaini Zulkifli) - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (Florian Fainelli) - net: sched: validate stab values (Eric Dumazet) - macvlan: macvlan_count_rx() needs to be aware of preemption (Eric Dumazet) - ipv6: fix suspecious RCU usage warning (Wei Wang) - net/mlx5e: Dont match on Geneve options in case option masks are all zero (Maor Dickman) - libbpf: Fix INSTALL flag order (Georgi Valkov) - veth: Store queue_mapping independently of XDP prog presence (Maciej Fijalkowski) - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (Grygorii Strashko) - dm verity: fix DM_VERITY_OPTS_MAX value (JeongHyeon Lee) - integrity: double check iint_cache was initialized (Mimi Zohar) - ARM: dts: at91-sama5d27_som1: fix phy address to 7 (Claudiu Beznea) - arm64: dts: ls1043a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1012a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1046a: mark crypto engine dma coherent (Horia Geanta) - ACPI: video: Add missing callback back for Sony VPCEH3U1E (Chris Chiu) - gcov: fix clang-11+ support (Nick Desaulniers) - kasan: fix per-page tags for non-page_alloc pages (Andrey Konovalov) - squashfs: fix xattr id and id lookup sanity checks (Phillip Lougher) - squashfs: fix inode lookup sanity checks (Sean Nyekjaer) - platform/x86: intel-vbtn: Stop reporting SW_DOCK events (Hans de Goede) - netsec: restore phy power state after controller reset (Mian Yousaf Kaukab) - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign (Sergei Trofimovich) - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls (Sergei Trofimovich) - block: Suppress uevent for hidden device when removed (Daniel Wagner) - nfs: we dont support removing system.nfs4_acl (J. Bruce Fields) - nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a (Dmitry Monakhov) - nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted (Hannes Reinecke) - nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (Hannes Reinecke) - drm/radeon: fix AGP dependency (Christian Konig) - drm/amdgpu: fb BO should be ttm_bo_type_device (Nirmoy Das) - drm/amd/display: Revert dram_clock_change_latency for DCN2.1 (Sung Lee) - regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck (satya priya) - u64_stats,lockdep: Fix u64_stats_init() vs lockdep (Peter Zijlstra) - habanalabs: Call put_pid() when releasing control device (Tomer Tayar) - sparc64: Fix opcode filtering in handling of no fault loads (Rob Gardner) - irqchip/ingenic: Add support for the JZ4760 (Paul Cercueil) - cifs: change noisy error message to FYI (Paulo Alcantara) - atm: idt77252: fix null-ptr-dereference (Tong Zhang) - atm: uPD98402: fix incorrect allocation (Tong Zhang) - net: davicom: Use platform_get_irq_optional() (Paul Cercueil) - net: wan: fix error return code of uhdlc_init() (Jia-Ju Bai) - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() (Jia-Ju Bai) - NFS: Correct size calculation for create reply length (Frank Sorenson) - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default (Timo Rothenpieler) - gpiolib: acpi: Add missing IRQF_ONESHOT (Yang Li) - cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev (Sudeep Holla) - cifs: ask for more credit on async read/write code paths (Aurelien Aptel) - gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun) - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count (Denis Efremov) - net: intel: iavf: fix error return code of iavf_init_get_resources() (Jia-Ju Bai) - net: tehuti: fix error return code in bdx_probe() (Jia-Ju Bai) - ixgbe: Fix memleak in ixgbe_configure_clsu32 (Dinghao Liu) - ALSA: hda: ignore invalid NHLT table (Mark Pearson) - Revert r8152: adjust the settings about MAC clock speed down for RTL8153 (Hayes Wang) - atm: lanai: dont run lanai_dev_close if not open (Tong Zhang) - atm: eni: dont release is never initialized (Tong Zhang) - powerpc/4xx: Fix build errors from mfdcr() (Michael Ellerman) - net: fec: ptp: avoid register access when ipg clock is disabled (Heiko Thiery) - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (Mike Kravetz) - LTS tag: v5.4.108 (Jack Vogel) - cifs: Fix preauth hash corruption (Vincent Whitchurch) - x86/apic/of: Fix CPU devicetree-node lookups (Johan Hovold) - genirq: Disable interrupts for force threaded handlers (Thomas Gleixner) - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent (Lv Yunlong) - efi: use 32-bit alignment for efi_guid_t literals (Ard Biesheuvel) - ext4: fix potential error in ext4_do_update_inode (Shijie Luo) - ext4: do not try to set xattr into ea_inode if value is empty (zhangyi (F)) - ext4: find old entry again if failed to rename whiteout (zhangyi (F)) - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (Oleg Nesterov) - x86: Move TS_COMPAT back to asm/thread_info.h (Oleg Nesterov) - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (Oleg Nesterov) - x86/ioapic: Ignore IRQ2 again (Thomas Gleixner) - PCI: rpadlpar: Fix potential drc_name corruption in store functions (Tyrel Datwyler) - counter: stm32-timer-cnt: fix ceiling write max value (Fabrice Gasnier) - iio: hid-sensor-temperature: Fix issues of timestamp channel (Ye Xiang) - iio: hid-sensor-prox: Fix scale not correct issue (Ye Xiang) - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel (Ye Xiang) - iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask (Wilfried Wessner) - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler (Dinghao Liu) - iio: adis16400: Fix an error code in adis16400_initial_setup() (Dan Carpenter) - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel (Jonathan Albrieux) - iio:adc:stm32-adc: Add HAS_IOMEM dependency (Jonathan Cameron) - usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy- (Badhri Jagan Sridharan) - usb: gadget: configfs: Fix KASAN use-after-free (Jim Lin) - USB: replace hardcode maximum usb string length by definition (Macpaul Lin) - usbip: Fix incorrect double assignment to udc->ud.tcp_rx (Colin Ian King) - usb-storage: Add quirk to defeat Kindles automatic unload (Alan Stern) - nvme-rdma: fix possible hang when failing to set io queues (Sagi Grimberg) - counter: stm32-timer-cnt: Report count function when SLAVE_MODE_DISABLED (William Breathitt Gray) - scsi: myrs: Fix a double free in myrs_cleanup() (Lv Yunlong) - scsi: lpfc: Fix some error codes in debugfs (Dan Carpenter) - riscv: Correct SPARSEMEM configuration (Kefeng Wang) for empty SUBLEVEL or PATCHLEVEL again (Masahiro Yamada) - net/qrtr: fix __netdev_alloc_skb call (Pavel Skripkin) - sunrpc: fix refcount leak for rpc auth modules (Daniel Kobras) - vfio: IOMMU_API should be selected (Jason Gunthorpe) - svcrdma: disable timeouts on rdma backchannel (Timo Rothenpieler) - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. (Joe Korty) - nfsd: Dont keep looking up unhashed files in the nfsd file cache (Trond Myklebust) - nvmet: dont check iosqes,iocqes for discovery controllers (Sagi Grimberg) - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (Sagi Grimberg) - nvme-tcp: fix possible hang when failing to set io queues (Sagi Grimberg) - nvme: fix Write Zeroes limitations (Christoph Hellwig) - afs: Stop listxattr() from listing afs.* attributes (David Howells) - ASoC: simple-card-utils: Do not handle device clock (Sameer Pujar) - ASoC: SOF: intel: fix wrong poll bits in dsp power down (Pan Xiuli) - ASoC: SOF: Intel: unregister DMIC device on probe error (Pierre-Louis Bossart) - ASoC: fsl_ssi: Fix TDM slot setup for I2S mode (Alexander Shiyan) - btrfs: fix slab cache flags for free space tree bitmap (David Sterba) - ARM: 9044/1: vfp: use undef hook for VFP support detection (Ard Biesheuvel) - ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel mode (Ard Biesheuvel) - s390/vtime: fix increased steal time accounting (Gerald Schaefer) - Revert PM: runtime: Update device status before letting suppliers suspend (Rafael J. Wysocki) - ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air (Xiaoliang Yu) - ALSA: hda: generic: Fix the micmute led init state (Hui Wang) - ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro (Xiaoliang Yu) - ALSA: dice: fix null pointer dereference when node is disconnected (Takashi Sakamoto) - ASoC: ak5558: Add MODULE_DEVICE_TABLE (Shengjiu Wang) - ASoC: ak4458: Add MODULE_DEVICE_TABLE (Shengjiu Wang) - LTS tag: v5.4.107 (Jack Vogel) - net: dsa: b53: Support setting learning on port (Florian Fainelli) - net: dsa: tag_mtk: fix 802.1ad VLAN egress (DENG Qingfang) - crypto: x86/aes-ni-xts - use direct calls to and 4-way stride (Ard Biesheuvel) - crypto: aesni - Use TEST %reg,%reg instead of CMP /u03/ksharma/errata_processing/work/el7uek6/db_7uek6.ELSA-2021-9363,%reg (Uros Bizjak) - crypto: x86 - Regularize glue function prototypes (Kees Cook) - drm/i915/gvt: Fix vfio_edid issue for BXT/APL (Colin Xu) - drm/i915/gvt: Fix port number for BDW on EDID region setup (Colin Xu) - drm/i915/gvt: Fix virtual display setup for BXT/APL (Colin Xu) - drm/i915/gvt: Fix mmio handler break on BXT/APL. (Colin Xu) - drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang (Colin Xu) - btrfs: scrub: Dont check free space before marking a block group RO (Qu Wenruo) - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) - bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) - KVM: arm64: nvhe: Save the SPE context early (Suzuki K Poulose) - LTS tag: v5.4.106 (Jack Vogel) - xen/events: avoid handling the same event on two cpus at the same time (Juergen Gross) - xen/events: dont unmask an event channel when an eoi is pending (Juergen Gross) - xen/events: reset affinity of 2-level event when tearing it down (Juergen Gross) - KVM: arm64: Reject VM creation when the default IPA size is unsupported (Marc Zyngier) - KVM: arm64: Ensure I-cache isolation between vcpus of a same VM (Marc Zyngier) - KVM: arm64: Fix exclusive limit for IPA size (Marc Zyngier) - x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2 (Josh Poimboeuf) - binfmt_misc: fix possible deadlock in bm_register_write (Lior Ribak) - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (Naveen N. Rao) - sched/membarrier: fix missing local execution of ipi_sync_rq_state() (Mathieu Desnoyers) - zram: fix return value on writeback_store (Minchan Kim) - include/linux/sched/mm.h: use rcu_dereference in in_vfork() (Matthew Wilcox (Oracle)) - stop_machine: mark helpers __always_inline (Arnd Bergmann) - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() (Anna-Maria Behnsen) - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds (Ard Biesheuvel) - configfs: fix a use-after-free in __configfs_open_file (Daiyue Zhang) - block: rsxx: fix error return code of rsxx_pci_probe() (Jia-Ju Bai) - NFSv4.2: fix return value of _nfs4_get_security_label() (Ondrej Mosnacek) - NFS: Dont gratuitously clear the inode cache when lookup failed (Trond Myklebust) - NFS: Dont revalidate the directory permissions on a lookup failure (Trond Myklebust) - SUNRPC: Set memalloc_nofs_save() for sync tasks (Benjamin Coddington) - arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory (Anshuman Khandual) - sh_eth: fix TRSCER mask for R7S72100 (Sergey Shtylyov) - staging: comedi: pcl818: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: pcl711: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: me4000: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: dmm32at: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das800: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das6402: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: adv_pci1710: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: addi_apci_1500: Fix endian problem for command sample (Ian Abbott) - staging: comedi: addi_apci_1032: Fix endian problem for COS sample (Ian Abbott) - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan (Lee Gibson) - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd (Lee Gibson) - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() (Dan Carpenter) - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() (Dan Carpenter) - staging: rtl8712: unterminated string leads to read overflow (Dan Carpenter) - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (Dan Carpenter) - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() (Dan Carpenter) - misc: fastrpc: restrict user apps from sending kernel RPC messages (Dmitry Baryshkov) {CVE-2019-2308} - misc/pvpanic: Export module FDT device table (Shile Zhang) - usbip: fix vudc usbip_sockfd_store races leading to gpf (Shuah Khan) - usbip: fix vhci_hcd attach_store() races leading to gpf (Shuah Khan) - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf (Shuah Khan) - usbip: fix vudc to check for stream socket (Shuah Khan) - usbip: fix vhci_hcd to check for stream socket (Shuah Khan) - usbip: fix stub_dev to check for stream socket (Shuah Khan) - USB: serial: cp210x: add some more GE USB IDs (Sebastian Reichel) - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (Karan Singhal) - USB: serial: ch341: add new Product ID (Niv Sardi) - USB: serial: io_edgeport: fix memory leak in edge_startup (Pavel Skripkin) - xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state (Mathias Nyman) - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (Forest Crossman) - xhci: Improve detection of device initiated wake signal. (Mathias Nyman) - usb: xhci: do not perform Soft Retry for some xHCI hosts (Stanislaw Gruszka) - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM (Yoshihiro Shimoda) - USB: usblp: fix a hang in poll() if disconnected (Pete Zaitcev) - usb: dwc3: qcom: Honor wakeup enabled/disabled state (Matthias Kaehlcke) - usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement (Serge Semin) - usb: gadget: f_uac1: stop playback on function disable (Ruslan Bilovol) - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot (Ruslan Bilovol) - USB: gadget: u_ether: Fix a configfs return code (Dan Carpenter) - Goodix Fingerprint device is not a modem (Yorick de Wid) - mmc: cqhci: Fix random crash when remove mmc module/card (Frank Li) - mmc: core: Fix partition switch time for eMMC (Adrian Hunter) - software node: Fix node registration (Heikki Krogerus) - s390/dasd: fix hanging IO request during DASD driver unbind (Stefan Haberland) - s390/dasd: fix hanging DASD driver unbind (Stefan Haberland) - arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL (Andrey Konovalov) - Revert 95ebabde382c (capabilities: Dont allow writing ambiguous v3 file capabilities) (Eric W. Biederman) - ALSA: usb-audio: Apply the control quirk to Plantronics headsets (Takashi Iwai) - ALSA: usb-audio: Fix cannot get freq eq errors on Dell AE515 sound bar (Takashi Iwai) - ALSA: hda: Avoid spurious unsol event handling during S3/S4 (Takashi Iwai) - ALSA: hda: Flush pending unsolicited events before suspend (Takashi Iwai) - ALSA: hda: Drop the BATCH workaround for AMD controllers (Takashi Iwai) - ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support (Simeon Simeonoff) - ALSA: hda/hdmi: Cancel pending works before suspend (Takashi Iwai) - ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk (John Ernberg) - scsi: target: core: Prevent underflow for service actions (Aleksandr Miloserdov) - scsi: target: core: Add cmd length set before cmd complete (Aleksandr Miloserdov) - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (Mike Christie) - sysctl.c: fix underflow value setting risk in vm_table (Lin Feng) - s390/smp: __smp_rescan_cpus() - move cpumask away from stack (Heiko Carstens) - i40e: Fix memory leak in i40e_probe (Keita Suzuki) - PCI: Fix pci_register_io_range() memory leak (Geert Uytterhoeven) - kbuild: clamp SUBLEVEL to 255 (Sasha Levin) - PCI: mediatek: Add missing of_node_put() to fix reference leak (Krzysztof Wilczynski) - PCI: xgene-msi: Fix race in installing chained irq handler (Martin Kaiser) - Input: applespi - dont wait for responses to commands indefinitely. (Ronald Tschalar) - sparc64: Use arch_validate_flags() to validate ADI flag (Khalid Aziz) - sparc32: Limit memblock allocation to low memory (Andreas Larsson) - iommu/amd: Fix performance counter initialization (Suravee Suthikulpanit) - powerpc/64: Fix stack trace not displaying final frame (Michael Ellerman) - HID: logitech-dj: add support for the new lightspeed connection iteration (Filipe Lains) - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset (Athira Rajeev) - powerpc: improve handling of unrecoverable system reset (Nicholas Piggin) - spi: stm32: make spurious and overrun interrupts visible (Alain Volmat) - powerpc/pci: Add ppc_md.discover_phbs() (Oliver OHalloran) - Platform: OLPC: Fix probe error handling (Lubomir Rintel) - mmc: mediatek: fix race condition between msdc_request_timeout and irq (Chaotian Jing) - mmc: mxs-mmc: Fix a resource leak in an error handling path in mxs_mmc_probe() (Christophe JAILLET) - udf: fix silent AED tagLocation corruption (Steven J. Magnani) - i2c: rcar: optimize cacheline to minimize HW race condition (Wolfram Sang) - i2c: rcar: faster irq code to minimize HW race condition (Wolfram Sang) - net: phy: fix save wrong speed and duplex problem if autoneg is on (Guangbin Huang) - net: enetc: initialize RFS/RSS memories for unused ports too (Vladimir Oltean) - net: hns3: fix error mask definition of flow director (Jian Shen) - media: rc: compile rc-cec.c into rc-core (Hans Verkuil) - media: v4l: vsp1: Fix bru null pointer access (Biju Das) - media: v4l: vsp1: Fix uif null pointer access (Biju Das) - media: usbtv: Fix deadlock on suspend (Maxim Mikityanskiy) - sh_eth: fix TRSCER mask for R7S9210 (Sergey Shtylyov) - qxl: Fix uninitialised struct field head.surface_id (Colin Ian King) - s390/crypto: return -EFAULT if copy_to_user() fails (Wang Qing) - s390/cio: return -EFAULT if copy_to_user() fails (Eric Farman) - drm: meson_drv add shutdown function (Artem Lapkin) - drm/shmem-helper: Dont remove the offset in vm_area_struct pgoff (Neil Roberts) - drm/shmem-helper: Check for purged buffers in fault handler (Neil Roberts) - drm/compat: Clear bounce structures (Daniel Vetter) - bnxt_en: reliably allocate IRQ table on reset to avoid crash (Edwin Peer) - s390/cio: return -EFAULT if copy_to_user() fails again (Wang Qing) - net: hns3: fix bug when calculating the TCAM table info (Jian Shen) - net: hns3: fix query vlan mask value error for flow director (Jian Shen) - perf traceevent: Ensure read cmdlines are null terminated. (Ian Rogers) - selftests: forwarding: Fix race condition in mirror installation (Danielle Ratson) - net: stmmac: fix watchdog timeout during suspend/resume stress test (Joakim Zhang) - net: stmmac: stop each tx channel independently (Joakim Zhang) - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (Antony Antony) - net: qrtr: fix error return code of qrtr_sendmsg() (Jia-Ju Bai) - net: davicom: Fix regulator not turned off on driver removal (Paul Cercueil) - net: davicom: Fix regulator not turned off on failed probe (Paul Cercueil) - net: lapbether: Remove netif_start_queue / netif_stop_queue (Xie He) - netdevsim: init u64 stats for 32bit hardware (Hillf Danton) - net: usb: qmi_wwan: allow qmimux add/del with master up (Daniele Palmas) - net: sched: avoid duplicates in classes dump (Maximilian Heyne) - nexthop: Do not flush blackhole nexthops when loopback goes down (Ido Schimmel) - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (Ong Boon Leong) - net/mlx4_en: update moderation when config reset (Kevin(Yudong) Yang) - net: enetc: dont overwrite the RSS indirection table when initializing (Vladimir Oltean) - Revert mm, slub: consider rest of partial list if acquire_slab() fails (Linus Torvalds) - cifs: return proper error code in statfs(2) (Paulo Alcantara) - mount: fix mounting of detached mounts onto targets that reside on shared mounts (Christian Brauner) - powerpc/603: Fix protection of user pages mapped with PROT_NONE (Christophe Leroy) - mt76: dma: do not report truncated frames to mac80211 (Lorenzo Bianconi) - ibmvnic: always store valid MAC address (Jiri Wiesner) - samples, bpf: Add missing munmap in xdpsock (Maciej Fijalkowski) - selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier (Yauheni Kaliuta) - selftests/bpf: No need to drop the packet when there is no geneve opt (Hangbin Liu) - netfilter: x_tables: gpf inside xt_find_revision() (Vasily Averin) - netfilter: nf_nat: undo erroneous tcp edemux lookup (Florian Westphal) - tcp: add sanity tests to TCP_QUEUE_SEQ (Eric Dumazet) - can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before entering Normal Mode (Torin Cooper-Bennun) - can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode (Joakim Zhang) - can: flexcan: enable RX FIFO after FRZ/HALT valid (Joakim Zhang) - can: flexcan: assert FRZ bit in flexcan_chip_freeze() (Joakim Zhang) - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership (Oleksij Rempel) - sh_eth: fix TRSCER mask for SH771x (Sergey Shtylyov) - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 (Balazs Nemeth) - net: check if protocol extracted by virtio_net_hdr_set_proto is correct (Balazs Nemeth) - net: Fix gro aggregation for udp encaps with zero csum (Daniel Borkmann) - ath9k: fix transmitting to stations in dynamic SMPS mode (Felix Fietkau) - ethernet: alx: fix order of calls on resume (Jakub Kicinski) - powerpc/pseries: Dont enforce MSI affinity with kdump (Greg Kurz) - uapi: nfnetlink_cthelper.h: fix userspace compilation error (Dmitry V. Levin) - LTS tag: v5.4.105 (Jack Vogel) - nvme-pci: add quirks for Lexar 256GB SSD (Pascal Terjan) - nvme-pci: mark Seagate Nytro XM1440 as QUIRK_NO_NS_DESC_LIST. (Julian Einwag) - HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on Voyo Winpad A15 (Hans de Goede) - mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (Jisheng Zhang) - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register (AngeloGioacchino Del Regno) - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom (Aswath Govindraju) - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller (Bjorn Helgaas) - ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 (Chris Chiu) - ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 (Jasper St. Pierre) - media: cx23885: add more quirks for reset DMA on some AMD IOMMU (Daniel Lee Kruse) - HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube Adapter (Ethan Warth) - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 (Hans de Goede) - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices (Hans de Goede) - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag (Hans de Goede) - platform/x86: acer-wmi: Add new force_caps module parameter (Hans de Goede) - platform/x86: acer-wmi: Cleanup accelerometer device handling (Hans de Goede) - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (Hans de Goede) - mwifiex: pcie: skip cancel_work_sync() on reset failure path (Tsuchiya Yuto) - iommu/amd: Fix sleeping in atomic in increase_address_space() (Andrey Ryabinin) - ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter handling (Hans de Goede) - dm table: fix zoned iterate_devices based device capability checks (Jeffle Xu) - dm table: fix DAX iterate_devices based device capability checks (Jeffle Xu) - dm table: fix iterate_devices based device capability checks (Jeffle Xu) - net: dsa: add GRO support via gro_cells (Alexander Lobakin) - LTS tag: v5.4.104 (Jack Vogel) - r8169: fix resuming from suspend on RTL8105e if machine runs on battery (Heiner Kallweit) - rsxx: Return -EFAULT if copy_to_user() fails (Dan Carpenter) - ftrace: Have recordmcount use w8 to read relp->r_info in arm64_is_fake_mcount (Chen Jun) - ALSA: hda: intel-nhlt: verify config type (Pierre-Louis Bossart) - IB/mlx5: Add missing error code (YueHaibing) - RDMA/rxe: Fix missing kconfig dependency on CRYPTO (Julian Braha) - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (Colin Ian King) - usbip: tools: fix build error for multiple definition (Antonio Borneo) - crypto - shash: reduce minimum alignment of shash_desc structure (Ard Biesheuvel) - arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL) (Timothy E Baldwin) - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie (Kevin Wang) - dm verity: fix FEC for RS roots unaligned to block size (Milan Broz) - dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (Mikulas Patocka) - PM: runtime: Update device status before letting suppliers suspend (Rafael J. Wysocki) - btrfs: fix warning when creating a directory with smack enabled (Filipe Manana) - btrfs: unlock extents in btrfs_zero_range in case of quota reservation errors (Nikolay Borisov) - btrfs: free correct amount of space in btrfs_delayed_inode_reserve_metadata (Nikolay Borisov) - btrfs: validate qgroup inherit for SNAP_CREATE_V2 ioctl (Dan Carpenter) - btrfs: fix raid6 qstripe kmap (Ira Weiny) - btrfs: raid56: simplify tracking of Q stripe presence (David Sterba) - tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (Jarkko Sakkinen) - tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (Lukasz Majczak) - LTS tag: v5.4.103 (Jack Vogel) - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board (Takashi Iwai) - ALSA: hda/realtek: Add quirk for Intel NUC 10 (Werner Sembach) - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ (Eckhart Mohr) - media: v4l: ioctl: Fix memory leak in video_usercopy (Sakari Ailus) - swap: fix swapfile read/write offset (Jens Axboe) - zsmalloc: account the number of compacted pages correctly (Rokudo Yan) - xen-netback: respect gnttab_map_refs()s return value (Jan Beulich) - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet (Hans de Goede) - sched/features: Fix hrtick reprogramming (Juri Lelli) - parisc: Bump 64-bit IRQ stack size to 64 KB (John David Anglin) - perf/x86/kvm: Add Cascade Lake Xeon steppings to isolation_ucodes[] (Jim Mattson) - btrfs: fix error handling in commit_fs_roots (Josef Bacik) - ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() (Hans de Goede) - nvme-tcp: add clean action for failed reconnection (Chao Leng) - nvme-rdma: add clean action for failed reconnection (Chao Leng) - nvme-core: add cancel tagset helpers (Chao Leng) - f2fs: fix to set/clear I_LINKABLE under i_lock (Chao Yu) - f2fs: handle unallocated section and zone on pinned/atgc (Jaegeuk Kim) - media: uvcvideo: Allow entities with no pads (Ricardo Ribalda) - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails (Nicholas Kazlauskas) - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse (Nirmoy Das) - drm/amdgpu: Add check to prevent IH overflow (Defang Bo) - crypto: tcrypt - avoid signed overflow in byte count (Ard Biesheuvel) - drm/hisilicon: Fix use-after-free (Tian Tao) - brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet (Hans de Goede) - brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet (Hans de Goede) - staging: bcm2835-audio: Replace unsafe strcpy() with strscpy() (Juerg Haefliger) - staging: most: sound: add sanity check for function argument (Christian Gromm) - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data (Gopal Tiwari) - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (Fangrui Song) - ath10k: fix wmi mgmt tx queue full due to race condition (Miaoqing Pan) - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() (Di Zhu) - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl (Claire Chang) - wlcore: Fix command execute failure 19 for wl12xx (Tony Lindgren) - vt/consolemap: do font sum unsigned (Jiri Slaby) - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk (Heiner Kallweit) - staging: fwserial: Fix error handling in fwserial_create (Dinghao Liu) - rsi: Move card interrupt handling to RX thread (Marek Vasut) - rsi: Fix TX EAPOL packet handling against iwlwifi AP (Marek Vasut) - drm/virtio: use kvmalloc for large allocations (Sergey Senozhatsky) - MIPS: Drop 32-bit asm string functions (Paul Burton) - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ (Geert Uytterhoeven) - dt-bindings: ethernet-controller: fix fixed-link specification (Russell King) - net: fix dev_ifsioc_locked() race condition (Cong Wang) - net: ag71xx: remove unnecessary MTU reservation (DENG Qingfang) - net: bridge: use switchdev for port flags set through sysfs too (Vladimir Oltean) - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing (Li Xinhai) - nbd: handle device refs for DESTROY_ON_DISCONNECT properly (Josef Bacik) - net: fix up truesize of cloned skb in skb_prepare_for_shift() (Marco Elver) - smackfs: restrict bytes count in smackfs write functions (Sabyrzhan Tasbolatov) - net/af_iucv: remove WARN_ONCE on malformed RX packets (Alexander Egorenkov) - xfs: Fix assert failure in xfs_setattr_size() (Yumei Huang) - media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate (Hans Verkuil) - erofs: fix shift-out-of-bounds of blkszbits (Gao Xiang) - media: mceusb: sanity check for prescaler value (Sean Young) - udlfb: Fix memory leak in dlfb_usb_probe (Zqiang) - JFS: more checks for invalid superblock (Randy Dunlap) - MIPS: VDSO: Use CLANG_FLAGS instead of filtering out --target= (Nathan Chancellor) - arm64 module: set plt* section addresses to 0x0 (Shaoying Xu) - nvme-pci: fix error unwind in nvme_map_data (Christoph Hellwig) - nvme-pci: refactor nvme_unmap_data (Christoph Hellwig) - Input: elantech - fix protocol errors for some trackpoints in SMBus mode (jingle.wu) - net: usb: qmi_wwan: support ZTE P685M modem (Lech Perczak) - LTS tag: v5.4.102 (Jack Vogel) - ARM: dts: aspeed: Add LCLK to lpc-snoop (John Wang) - net: qrtr: Fix memory leak in qrtr_tun_open (Takeshi Misawa) - dm era: Update in-core bitset after committing the metadata (Nikos Tsironis) - net: sched: fix police ext initialization (Vlad Buslov) - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending (Jason A. Donenfeld) - ipv6: silence compilation warning for non-IPV6 builds (Leon Romanovsky) - ipv6: icmp6: avoid indirect call for icmpv6_send() (Eric Dumazet) - xfrm: interface: use icmp_ndo_send helper (Jason A. Donenfeld) - sunvnet: use icmp_ndo_send helper (Jason A. Donenfeld) - gtp: use icmp_ndo_send helper (Jason A. Donenfeld) - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n (Jason A. Donenfeld) - icmp: introduce helper for natd source address in network device context (Jason A. Donenfeld) - drm/i915: Reject 446-480MHz HDMI clock on GLK (Ville Syrjala) - dm era: only resize metadata in preresume (Nikos Tsironis) - dm era: Reinitialize bitset cache before digesting a new writeset (Nikos Tsironis) - dm era: Use correct value size in equality function of writeset tree (Nikos Tsironis) - dm era: Fix bitset memory leaks (Nikos Tsironis) - dm era: Verify the data block size hasnt changed (Nikos Tsironis) - dm era: Recover committed writeset after crash (Nikos Tsironis) - dm writecache: fix writing beyond end of underlying device when shrinking (Mikulas Patocka) - dm: fix deadlock when swapping to encrypted device (Mikulas Patocka) - gfs2: Recursive gfs2_quota_hold in gfs2_iomap_end (Andreas Gruenbacher) - gfs2: Dont skip dlm unlock if glock has an lvb (Bob Peterson) - spi: spi-synquacer: fix set_cs handling (Masahisa Kojima) - sparc32: fix a user-triggerable oops in clear_user() (Al Viro) - f2fs: fix out-of-repair __setattr_copy() (Chao Yu) - um: mm: check more comprehensively for stub changes (Johannes Berg) - virtio/s390: implement virtio-ccw revision 2 correctly (Cornelia Huck) - s390/vtime: fix inline assembly clobber list (Heiko Carstens) - cpufreq: intel_pstate: Get per-CPU max freq via MSR_HWP_CAPABILITIES if available (Chen Yu) - printk: fix deadlock when kernel panic (Muchun Song) - gpio: pcf857x: Fix missing first interrupt (Maxim Kiselev) - spmi: spmi-pmic-arb: Fix hw_irq overflow (Subbaraman Narayanamurthy) - powerpc/32s: Add missing call to kuep_lock on syscall entry (Christophe Leroy) - mmc: sdhci-esdhc-imx: fix kernel panic when remove module (Frank Li) - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (Fangrui Song) - media: smipcie: fix interrupt handling and IR timeout (Sean Young) - arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55 (Suzuki K Poulose) - hugetlb: fix copy_huge_page_from_user contig page struct assumption (Mike Kravetz) - hugetlb: fix update_and_free_page contig page struct assumption (Mike Kravetz) - x86: fix seq_file iteration for pat/memtype.c (NeilBrown) - seq_file: document how per-entry resources are managed. (NeilBrown) - fs/affs: release old buffer head on error path (Pan Bian) - mtd: spi-nor: hisi-sfc: Put child node np on error path (Pan Bian) - mtd: spi-nor: core: Add erase size check for erase command initialization (Takahiro Kuwano) - mtd: spi-nor: core: Fix erase type discovery for overlaid region (Takahiro Kuwano) - mtd: spi-nor: sfdp: Fix wrong erase type bitmask for overlaid region (Takahiro Kuwano) - mtd: spi-nor: sfdp: Fix last erase region marking (Takahiro Kuwano) - watchdog: mei_wdt: request stop on unregister (Alexander Usyskin) - watchdog: qcom: Remove incorrect usage of QCOM_WDT_ENABLE_IRQ (Sai Prakash Ranjan) - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (He Zhe) - arm64: kexec_file: fix memory leakage in create_dtb() when fdt_open_into() fails (qiuguorui1) - floppy: reintroduce O_NDELAY fix (Jiri Kosina) - rcu/nocb: Perform deferred wake up before last idles need_resched() check (Frederic Weisbecker) - rcu: Pull deferred rcuog wake up to rcu_eqs_enter() callers (Frederic Weisbecker) - powerpc/prom: Fix ibm,arch-vec-5-platform-support scan (Cedric Le Goater) - x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson) - x86/virt: Eat faults on VMXOFF in reboot flows (Sean Christopherson) - media: ipu3-cio2: Fix mbus_code processing in cio2_subdev_set_fmt() (Pavel Machek) - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table (Martin Kaiser) - staging: gdm724x: Fix DMA from stack (Amey Narkhede) - staging/mt7621-dma: mtk-hsdma.c->hsdma-mt7621.c (Ilya Lipnitskiy) - dts64: mt7622: fix slow sd card access (Frank Wunderlich) - pstore: Fix typo in compression option name (Jiri Bohac) - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue (Sabyrzhan Tasbolatov) - misc: rtsx: init of rts522a add OCP power off when no card is present (Ricky Wu) - seccomp: Add missing return in non-void function (Paul Cercueil) - crypto: sun4i-ss - initialize need_fallback (Corentin Labbe) - crypto: sun4i-ss - handle BigEndian for cipher (Corentin Labbe) - crypto: sun4i-ss - checking sg length is not sufficient (Corentin Labbe) - crypto: aesni - prevent misaligned buffers on the stack (Ard Biesheuvel) - crypto: arm64/sha - add missing module aliases (Ard Biesheuvel) - btrfs: fix extent buffer leak on failure to copy root (Filipe Manana) - btrfs: splice remaining dirty_bgs onto the transaction dirty bg list (Josef Bacik) - btrfs: fix reloc root leak with 0 ref reloc roots on recovery (Josef Bacik) - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root (Josef Bacik) - KEYS: trusted: Fix migratable=1 failing (Jarkko Sakkinen) - tpm_tis: Clean up locality release (James Bottomley) - tpm_tis: Fix check_locality for correct locality acquisition (James Bottomley) - erofs: initialized fields can only be observed after bit is set (Gao Xiang) - drm/sched: Cancel and flush all outstanding jobs before finish. (Andrey Grodzovsky) - drm/nouveau/kms: handle mDP connectors (Karol Herbst) - drm/amdgpu: Set reference clock to 100Mhz on Renoir (v2) (Alex Deucher) - drm/amd/display: Add vupdate_no_lock interrupts for DCN2.1 (Rodrigo Siqueira) - bcache: Move journal work to new flush wq (Kai Krakow) - bcache: Give btree_io_wq correct semantics again (Kai Krakow) - Revert bcache: Kill btree_io_wq (Kai Krakow) - ALSA: hda/realtek: modify EAPD in the ALC886 (PeiSen Hou) - ALSA: hda: Add another CometLake-H PCI ID (Kai Vehmanen) - USB: serial: mos7720: fix error code in mos7720_write() (Dan Carpenter) - USB: serial: mos7840: fix error code in mos7840_write() (Dan Carpenter) - USB: serial: ftdi_sio: fix FTX sub-integer prescaler (Johan Hovold) - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt (Thinh Nguyen) - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 (Thinh Nguyen) - usb: musb: Fix runtime PM race in musb_queue_resume_work (Paul Cercueil) - USB: serial: option: update interface mapping for ZTE P685M (Lech Perczak) - media: mceusb: Fix potential out-of-bounds shift (James Reynolds) - Input: i8042 - add ASUS Zenbook Flip to noselftest list (Marcos Paulo de Souza) - Input: joydev - prevent potential read overflow in ioctl (Dan Carpenter) - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S (Olivier Crete) - Input: raydium_ts_i2c - do not send zero length (jeffrey.lin) - HID: wacom: Ignore attempts to overwrite the touch_max value from HID (Jason Gerecke) - HID: logitech-dj: add support for keyboard events in eQUAD step 4 Gaming (Filipe Lains) - ACPI: configfs: add missing check after configfs_register_default_group() (Qinglang Miao) - ACPI: property: Fix fwnode string properties matching (Rafael J. Wysocki) - blk-settings: align max_sectors on logical_block_size boundary (Mikulas Patocka) - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors (Randy Dunlap) - mm/rmap: fix potential pte_unmap on an not mapped pte (Miaohe Lin) - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (Maxime Ripard) - arm64: Add missing ISB after invalidating TLB in __primary_switch (Marc Zyngier) - r8169: fix jumbo packet handling on RTL8168e (Heiner Kallweit) - mm/compaction: fix misbehaviors of fast_find_migrateblock() (Wonhyuk Yang) - mm/hugetlb: fix potential double free in hugetlb_register_node() error path (Miaohe Lin) - mm/memory.c: fix potential pte_unmap_unlock pte error (Miaohe Lin) - ocfs2: fix a use after free on error (Dan Carpenter) - vxlan: move debug check after netdev unregister (Taehee Yoo) - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (Chuhong Yuan) - vfio/type1: Use follow_pte() (Alex Williamson) - i40e: Fix add TC filter for IPv6 (Mateusz Palczewski) - i40e: Fix VFs not created (Sylwester Dziedziuch) - i40e: Fix addition of RX filters after enabling FW LLDP agent (Mateusz Palczewski) - i40e: Fix overwriting flow control settings during driver loading (Mateusz Palczewski) - i40e: Add zero-initialization of AQ command structures (Mateusz Palczewski) - i40e: Fix flow for IPv6 next header (extension header) (Slawomir Laba) - regmap: sdw: use _no_pm functions in regmap_read/write (Bard Liao) - nvmem: core: skip child nodes not matching binding (Ahmad Fatoum) - nvmem: core: Fix a resource leak on error in nvmem_add_cells_from_of() (Dan Carpenter) - ext4: fix potential htree index checksum corruption (Theodore Tso) - vfio/iommu_type1: Fix some sanity checks in detach group (Keqian Zhu) - drm/msm/mdp5: Fix wait-for-commit for cmd panels (Iskren Chernev) - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (Konrad Dybcio) - mei: hbm: call mei_set_devstate() on hbm stop response (Alexander Usyskin) - PCI: Align checking of syscall user config accessors (Heiner Kallweit) - VMCI: Use set_page_dirty_lock() when unregistering guest memory (Jorgen Hansen) - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() (Simon South) - soundwire: cadence: fix ACK/NAK handling (Pierre-Louis Bossart) - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (Aswath Govindraju) - phy: rockchip-emmc: emmc_phy_init() always return 0 (Chris Ruehl) - misc: eeprom_93xx46: Fix module alias to enable module autoprobe (Aswath Govindraju) - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set (Randy Dunlap) - Input: elo - fix an error code in elo_connect() (Dan Carpenter) - perf test: Fix unaligned access in sample parsing test (Namhyung Kim) - perf intel-pt: Fix premature IPC (Adrian Hunter) - perf intel-pt: Fix missing CYC processing in PSB (Adrian Hunter) - Input: sur40 - fix an error code in sur40_probe() (Dan Carpenter) - RDMA/hns: Fixes missing error code of CMDQ (Lang Cheng) - nfsd: register pernet ops last, unregister first (J. Bruce Fields) - clk: aspeed: Fix APLL calculate formula from ast2600-A2 (Ryan Chen) - regulator: qcom-rpmh: fix pm8009 ldo7 (Jonathan Marek) - spi: pxa2xx: Fix the controller numbering for Wildcat Point (Andy Shevchenko) - RDMA/hns: Fix type of sq_signal_bits (Weihang Li) - RDMA/siw: Fix calculation of tx_valid_cpus size (Kamal Heib) - RDMA/hns: Fixed wrong judgments in the goto branch (Wenpeng Liang) - clk: qcom: gcc-msm8998: Fix Alpha PLL type for all GPLLs (AngeloGioacchino Del Regno) - powerpc/8xx: Fix software emulation interrupt (Christophe Leroy) - powerpc/pseries/dlpar: handle ibm, configure-connector delay status (Nathan Lynch) - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() (Dan Carpenter) - spi: stm32: properly handle 0 byte transfer (Alain Volmat) - RDMA/rxe: Correct skb on loopback path (Bob Pearson) - RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt (Bob Pearson) - RDMA/rxe: Fix coding error in rxe_recv.c (Bob Pearson) - perf vendor events arm64: Fix Ampere eMag event typo (John Garry) - perf tools: Fix DSO filtering when not finding a map for a sampled address (Arnaldo Carvalho de Melo) - tracepoint: Do not fail unregistering a probe due to memory failure (Steven Rostedt (VMware)) - IB/cm: Avoid a loop when device has 255 ports (Parav Pandit) - IB/mlx5: Return appropriate error code instead of ENOMEM (Parav Pandit) - amba: Fix resource leak for drivers without .remove (Uwe Kleine-Konig) - i2c: qcom-geni: Store DMA mapping data in geni_i2c_dev struct (Roja Rani Yarubandi) - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (Vladimir Murzin) - mmc: renesas_sdhi_internal_dmac: Fix DMA buffer alignment from 8 to 128-bytes (Takeshi Saito) - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (Christophe JAILLET) - mmc: sdhci-sprd: Fix some resource leaks in the remove function (Christophe JAILLET) - powerpc/47x: Disable 256k page size (Christophe Leroy) - KVM: PPC: Make the VMX instruction emulation routines static (Cedric Le Goater) - IB/umad: Return EPOLLERR in case of when device disassociated (Shay Drory) - IB/umad: Return EIO in case of when device disassociated (Shay Drory) - objtool: Fix .cold section suffix check for newer versions of GCC (Josh Poimboeuf) - objtool: Fix error handling for STD/CLD warnings (Josh Poimboeuf) - auxdisplay: ht16k33: Fix refresh rate handling (Geert Uytterhoeven) - isofs: release buffer head before return (Pan Bian) - regulator: core: Avoid debugfs: Directory ... already present! error (Hans de Goede) - regulator: s5m8767: Drop regulators OF node reference (Krzysztof Kozlowski) - spi: atmel: Put allocated master before return (Pan Bian) - regulator: s5m8767: Fix reference count leak (Pan Bian) - certs: Fix blacklist flag type confusion (David Howells) - regulator: axp20x: Fix reference cout leak (Pan Bian) - clk: sunxi-ng: h6: Fix clock divider range on some clocks (Andre Przywara) - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation (Yishai Hadas) - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined (Tom Rix) - clocksource/drivers/ixp4xx: Select TIMER_OF when needed (Arnd Bergmann) - rtc: s5m: select REGMAP_I2C (Bartosz Golaszewski) - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (Claudiu Beznea) - of/fdt: Make sure no-map does not remove already reserved regions (Nicolas Boichat) - fdt: Properly handle no-map field in the memory region (KarimAllah Ahmed) - mfd: bd9571mwv: Use devm_mfd_add_devices() (Yoshihiro Shimoda) - dmaengine: hsu: disable spurious interrupt (Ferry Toth) - dmaengine: owl-dma: Fix a resource leak in the remove function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in the remove function (Christophe JAILLET) - RDMA/siw: Fix handling of zero-sized Read and Receive Queues. (Bernard Metzler) - HID: core: detect and skip invalid inputs to snto32() (Randy Dunlap) - clk: sunxi-ng: h6: Fix CEC clock (Andre Przywara) - spi: cadence-quadspi: Abort read if dummy cycles required are too many (Pratyush Yadav) - i2c: iproc: handle master read request (Rayagonda Kokatanur) - i2c: iproc: update slave isr mask (ISR_MASK_SLAVE) (Rayagonda Kokatanur) - i2c: iproc: handle only slave interrupts which are enabled (Rayagonda Kokatanur) - quota: Fix memory leak when handling corrupted quota file (Jan Kara) - selftests/powerpc: Make the test check in eeh-basic.sh posix compliant (Po-Hsu Lin) - clk: meson: clk-pll: propagate the error from meson_clk_pll_set_rate() (Martin Blumenstingl) - clk: meson: clk-pll: make ret a signed integer (Martin Blumenstingl) - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL (Martin Blumenstingl) - HSI: Fix PM usage counter unbalance in ssi_hw_init (Zhang Qilong) - capabilities: Dont allow writing ambiguous v3 file capabilities (Eric W. Biederman) - ubifs: Fix error return code in alloc_wbufs() (Wang ShaoBo) - ubifs: Fix memleak in ubifs_init_authentication (Dinghao Liu) - jffs2: fix use after free in jffs2_sum_write_data() (Tom Rix) - fs/jfs: fix potential integer overflow on shift of a int (Colin Ian King) - ASoC: simple-card-utils: Fix device module clock (Sameer Pujar) - ima: Free IMA measurement buffer after kexec syscall (Lakshmi Ramasubramanian) - ima: Free IMA measurement buffer on error (Lakshmi Ramasubramanian) - crypto: ecdh_helper - Ensure len >= secret.len in decode_key() (Daniele Alessandrelli) - hwrng: timeriomem - Fix cooldown period calculation (Jan Henrik Weinstock) - btrfs: clarify error returns values in __load_free_space_cache (Zhihao Cheng) - ASoC: SOF: debug: Fix a potential issue on string buffer termination (Hui Wang) - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() (Andrea Parri (Microsoft)) - f2fs: fix a wrong condition in __submit_bio (Dehe Gu) - drm/amdgpu: Prevent shift wrapping in amdgpu_read_mask() (Dan Carpenter) - f2fs: fix to avoid inconsistent quota data (Yi Chen) - mtd: parsers: afs: Fix freeing the part name memory in failure (Manivannan Sadhasivam) - ASoC: cpcap: fix microphone timeslot mask (Sebastian Reichel) - ata: ahci_brcm: Add back regulators management (Florian Fainelli) - crypto: talitos - Work around SEC6 ERRATA (AES-CTR mode data size error) (Christophe Leroy) - mtd: parser: imagetag: fix error codes in bcm963xx_parse_imagetag_partitions() (Dan Carpenter) - sched/eas: Dont update misfit status if the task is pinned (Qais Yousef) - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (Laurent Pinchart) - media: pxa_camera: declare variable when DEBUG is defined (Tom Rix) - media: cx25821: Fix a bug when reallocating some dma memory (Christophe JAILLET) - media: qm1d1c0042: fix error return code in qm1d1c0042_init() (Luo Meng) - media: lmedm04: Fix misuse of comma (Joe Perches) - media: software_node: Fix refcounts in software_node_get_next_child() (Daniel Scally) - drm/amd/display: Fix HDMI deep color output for DCE 6-11. (Mario Kleiner) - drm/amd/display: Fix 10/12 bpc setup in DCE output bit depth reduction. (Mario Kleiner) - bsg: free the request before return error code (Pan Bian) - MIPS: properly stop .eh_frame generation (Alexander Lobakin) - drm/sun4i: tcon: fix inverted DCLK polarity (Giulio Benetti) - crypto: bcm - Rename struct device_private to bcm_device_private (Jiri Olsa) - evm: Fix memleak in init_desc (Dinghao Liu) - ASoC: cs42l56: fix up error handling in probe (Dan Carpenter) - media: aspeed: fix error return code in aspeed_video_setup_video() (Zhang Changzhong) - media: tm6000: Fix memleak in tm6000_start_stream (Dinghao Liu) - media: media/pci: Fix memleak in empress_init (Dinghao Liu) - media: em28xx: Fix use-after-free in em28xx_alloc_urbs (Dinghao Liu) - media: vsp1: Fix an error handling path in the probe function (Christophe JAILLET) - media: camss: missing error code in msm_video_register() (Dan Carpenter) - media: imx: Fix csc/scaler unregister (Ezequiel Garcia) - media: imx: Unregister csc/scaler only if registered (Ezequiel Garcia) - media: i2c: ov5670: Fix PIXEL_RATE minimum value (Jacopo Mondi) - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 (Nathan Chancellor) - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init (Nathan Chancellor) - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if condition (Chenyang Li) - crypto: arm64/aes-ce - really hide slower algos when faster ones are enabled (Ard Biesheuvel) - crypto: sun4i-ss - fix kmap usage (Corentin Labbe) - crypto: sun4i-ss - linearize buffers content must be kept (Corentin Labbe) - drm/fb-helper: Add missed unlocks in setcmap_legacy() (Chuhong Yuan) - gma500: clean up error handling in init (Dan Carpenter) - drm/gma500: Fix error return code in psb_driver_load() (Jialin Zhang) - fbdev: aty: SPARC64 requires FB_ATY_CT (Randy Dunlap) - net: mvneta: Remove per-cpu queue mapping for Armada 3700 (Maxime Chevallier) - net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP (Shyam Sundar S K) - net: amd-xgbe: Reset link when the link never comes back (Shyam Sundar S K) - net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning (Shyam Sundar S K) - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (Shyam Sundar S K) - ibmvnic: skip send_request_unmap for timeout reset (Lijun Pan) - ibmvnic: add memory barrier to protect long term buffer (Lijun Pan) - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case (Colin Ian King) - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds (Ayush Sawal) - net: axienet: Handle deferred probe on clock properly (Robert Hancock) - tcp: fix SO_RCVLOWAT related hangs under mem pressure (Eric Dumazet) - bpf: Fix bpf_fib_lookup helper MTU check for SKB ctx (Jesper Dangaard Brouer) - mac80211: fix potential overflow when multiplying to u32 integers (Colin Ian King) - xen/netback: fix spurious event detection for common event case (Juergen Gross) - bnxt_en: reverse order of TX disable and carrier off (Edwin Peer) - ibmvnic: Set to CLOSED state even on error (Sukadev Bhattiprolu) - ath9k: fix data bus crash when setting nf_override via debugfs (Linus Lussing) - bpf_lru_list: Read double-checked variable once without lock (Marco Elver) - soc: aspeed: snoop: Add clock control logic (Jae Hyun Yoo) - ARM: s3c: fix fiq for clang IAS (Arnd Bergmann) - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address (Vincent Knecht) - Bluetooth: btusb: Fix memory leak in btusb_mtk_wmt_recv (Jupeng Zhong) - arm64: dts: armada-3720-turris-mox: rename u-boot mtd partition to a53-firmware (Marek Behun) - ARM: dts: armada388-helios4: assign pinctrl to each fan (Rosen Penev) - ARM: dts: armada388-helios4: assign pinctrl to LEDs (Rosen Penev) - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (Chen-Yu Tsai) - usb: dwc2: Make trimming xfer length a debug message (Guenter Roeck) - usb: dwc2: Abort transaction after errors with unknown reason (Guenter Roeck) - usb: dwc2: Do not update data length if it is 0 on inbound transfers (Guenter Roeck) - ARM: dts: Configure missing thermal interrupt for 4430 (Tony Lindgren) - memory: ti-aemif: Drop child node when jumping out loop (Pan Bian) - Bluetooth: Put HCI device if inquiry procedure interrupts (Pan Bian) - Bluetooth: drop HCI device reference before return (Pan Bian) - usb: gadget: u_audio: Free requests only after callback (Jack Pham) - ACPICA: Fix exception code class checks (Maximilian Luz) - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() (Christophe JAILLET) - cpufreq: brcmstb-avs-cpufreq: Free resources in error path (Christophe JAILLET) - arm64: dts: allwinner: A64: Limit MMC2 bus frequency to 150 MHz (Andre Przywara) - arm64: dts: allwinner: H6: Allow up to 150 MHz MMC bus frequency (Andre Przywara) - arm64: dts: allwinner: Drop non-removable from SoPine/LTS SD card (Andre Przywara) - arm64: dts: allwinner: H6: properly connect USB PHY to port 0 (Andre Przywara) - arm64: dts: allwinner: A64: properly connect USB PHY to port 0 (Andre Przywara) - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args (Andrii Nakryiko) - bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (Andrii Nakryiko) - memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops (Zhang Qilong) - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso (Krzysztof Kozlowski) - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 family (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 (Krzysztof Kozlowski) - Bluetooth: Fix initializing response id after clearing struct (Christopher William Snowhill) - Bluetooth: hci_uart: Fix a race for write_work scheduling (Claire Chang) - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - ath10k: Fix error handling in case of CE pipe init failure (Rakesh Pillai) - random: fix the RNDRESEEDCRNG ioctl (Eric Biggers) - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section (Alexander Lobakin) - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode (Takashi Iwai) - bfq: Avoid false bfq queue merging (Jan Kara) - virt: vbox: Do not use wait_event_interruptible when called from kernel context (Hans de Goede) - PCI: Decline to resize resources if boot config must be preserved (Ard Biesheuvel) - PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 (Ansuel Smith) - kdb: Make memory allocations more robust (Sumit Garg) - debugfs: do not attempt to create a new file before the filesystem is initalized (Greg Kroah-Hartman) - debugfs: be more robust at handling improper input in debugfs_lookup() (Greg Kroah-Hartman) - vmlinux.lds.h: add DWARF v5 sections (Nick Desaulniers) - x86/mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN (Tony Luck) [Orabug: 32978709] - x86/mce: Add Xeon Icelake to list of CPUs that support PPIN (Tony Luck) [Orabug: 32978709] - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() (Rafael J. Wysocki) [Orabug: 32977864] - ACPI: tables: x86: Reserve memory occupied by ACPI tables (Rafael J. Wysocki) [Orabug: 32977864] - uek-rpm: update kABI lists for a new symbol (Saeed Mirzamohammadi) [Orabug: 32977531] - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Thomas Gleixner) [Orabug: 32969739] - bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912033] {CVE-2021-32399} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23133 CVE-2021-33034 CVE-2021-32399 CVE-2021-33033 CVE-2019-2308 CVE-2020-25671 CVE-2020-25670 CVE-2020-25672 CVE-2021-29155 CVE-2021-31829 Oracle Linux 7 [4.14.35-2047.505.4.3] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33142065] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.52.5] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135634] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 7 [4.14.35-2047.505.4.3.el7] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33142065] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.203.6.el8uek] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135632] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.203.6.el7] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135632] {CVE-2021-33909} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 7 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32760 Oracle Linux 6 [2.6.32-754.35.1.0.4.OL6] - seq_file: disallow extremely large seq buffer allocations (CVE-2021-33909) (Eric Sandeen) [Orabug: 33137331] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.53.5] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33143006] {CVE-2021-33909} [4.1.12-124.53.3] - net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk) [Orabug: 31895301] {CVE-2020-14304} - net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query (Erez Alfasi) [Orabug: 31895301] {CVE-2020-14304} - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) [Orabug: 33093028] {CVE-2021-22555} - xen/blkback: Make sure all vbd fields are initialized (Boris Ostrovsky) [Orabug: 33131620] [4.1.12-124.53.2] - scsi: lpfc: Fix driver crash in target reset handler (James Smart) [Orabug: 33048899] [4.1.12-124.53.1] - xfs: fix lockup issue (Junxiao Bi) [Orabug: 32836026] - bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912036] {CVE-2021-32399} {CVE-2021-32399} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32399 CVE-2021-33909 CVE-2020-14304 CVE-2021-22555 Oracle Linux 8 olcne [1.2.4-5] - Updated registry-image-helper.sh to work with olcne-utils [1.2.4-4] - Fix istio template for 1.9.6 for k8s update failure [1.2.4-3] - Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282] [1.2.4-2] - Fix iptables issue when running on OL7 host using OL8 image [1.2.4-1] - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 istio [1.9.6-2] - Fix iptables issue when running on OL7 host using OL8 image - Added istio-mixs and istio-mixc to Obsoletes list [1.9.6-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 kubernetes [1.18.18-3] - Fix iptables OL7 host kernel issue when running with OL8 image [1.18.18-1] - Address CVE-2021-27918 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28683 CVE-2021-28682 CVE-2021-31920 CVE-2021-31921 CVE-2021-29258 CVE-2021-34824 Oracle Linux 7 olcne [1.2.4-5] - Updated registry-image-helper.sh to work with olcne-utils [1.2.4-4] - Fix istio template for 1.9.6 for k8s update failure [1.2.4-3] - Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282] [1.2.4-2] - Fix iptables issue when running on OL7 host using OL8 image [1.2.4-1] - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 istio [1.9.6-2] - Fix iptables issue when running on OL7 host using OL8 image - Added istio-mixs and istio-mixc to Obsoletes list [1.9.6-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 kubernetes [1.18.18-3] - Fix iptables OL7 host kernel issue when running with OL8 image [1.18.18-1] - Address CVE-2021-27918 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28683 CVE-2021-28682 CVE-2021-31920 CVE-2021-31921 CVE-2021-29258 CVE-2021-34824 Oracle Linux 8 olcne [1.3.1-5] - Updated registry-image-helper.sh to work with olcne-utils [1.3.1-4] - Fix istio template for 1.9.6 and 1.10.2 for k8s update failure [1.3.1-3] - Added END_VERSION_BLOCK for OLM image [1.3.1-2] - Fix iptables issue when running on OL7 host using OL8 image for 1.19.8 - Fix iptables issue when running on OL7 host using OL8 image - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 - Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282] - Fixed missing double semicolon in registry image helper kubernetes [1.20.6-2] - Fix iptables OL7 host kernel issue when running with OL8 image [1.20.6-1] - Added Oracle specific build files for Kubernetes kubernetes [1.19.8-3] - Fix iptables issue when running on OL7 host with OL8 image istio [1.9.6-2] - Fix iptables issue when running on OL7 host using OL8 image - Added istio-mixs and istio-mixc to Obsoletes list [1.9.6-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 istio [1.10.2-2] - Fix iptables problem when running on OL7 host using OL8 image [1.10.2-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28683 CVE-2021-28682 CVE-2021-31920 CVE-2021-31921 CVE-2021-29258 CVE-2021-34824 Oracle Linux 7 olcne [1.3.1-5] - Updated registry-image-helper.sh to work with olcne-utils [1.3.1-4] - Fix istio template for 1.9.6 and 1.10.2 for k8s update failure [1.3.1-3] - Added END_VERSION_BLOCK for OLM image [1.3.1-2] - Fix iptables issue when running on OL7 host using OL8 image for 1.19.8 - Fix iptables issue when running on OL7 host using OL8 image - Address Istio CVE's CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 - Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282] - Fixed missing double semicolon in registry image helper kubernetes [1.20.6-2] - Fix iptables OL7 host kernel issue when running with OL8 image [1.20.6-1] - Added Oracle specific build files for Kubernetes kubernetes [1.19.8-3] - Fix iptables issue when running on OL7 host with OL8 image istio [1.9.6-2] - Fix iptables issue when running on OL7 host using OL8 image - Added istio-mixs and istio-mixc to Obsoletes list [1.9.6-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 istio [1.10.2-2] - Fix iptables problem when running on OL7 host using OL8 image [1.10.2-1] - Address CVE-2021-28683, CVE-2021-28682, CVE-2021-29258, CVE-2021-31920, CVE-2021-31921, CVE-2021-34824 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28683 CVE-2021-28682 CVE-2021-31920 CVE-2021-31921 CVE-2021-29258 CVE-2021-34824 Oracle Linux 7 [3.0.0-7.0.1] - Backport jQuery CVE-2020-11023 fixes from jQuery v3.5.0 to bundled v1.10.2 [Orabug: 33181852] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-11023 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.204.4.2] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150447] [5.4.17-2102.204.4.1] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177348] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150427] - arm64: mm: kdump: Fix /proc/kcore (Henry Willard) [Orabug: 32570847] [5.4.17-2102.204.4] - Revert x86/reboot: Force all cpus to exit VMX root if VMX is supported (Somasundaram Krishnasamy) [Orabug: 33167303] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33165876] - A/A Bonding: dev_hold/put() the delayed GARP work handlers netdev in rdmaip (Sharath Srinivasan) [Orabug: 33161268] - rds: ib: Increase entropy of RDMA IOVAs (Hakon Bugge) [Orabug: 33104687] [5.4.17-2102.204.3] - rds: Check for illegal flags when creating an MR (Hakon Bugge) [Orabug: 33144338] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135632] {CVE-2021-33909} [5.4.17-2102.204.2] - RDMA/core/sa_query: Remove unused argument (Hakon Bugge) [Orabug: 33113136] - RDMA/cma: Fix incorrect Packet Lifetime calculation (Hakon Bugge) [Orabug: 33113136] - RDMA: Remove a few extra calls to ib_get_client_data() (Jason Gunthorpe) [Orabug: 33113136] - RDMA/cma: Protect RMW with qp_mutex (Hakon Bugge) [Orabug: 33113136] - IB/cma: Introduce rdma_set_min_rnr_timer() (Hakon Bugge) [Orabug: 33113136] - RDMA/iwcm: Allow AFONLY binding for IPv6 addresses (Bernard Metzler) [Orabug: 33113136] - RDMA/cma: Remove unnecessary INIT->INIT transition (Hakon Bugge) [Orabug: 33113136] - RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes) [Orabug: 33113136] - crypto: ccp - Dont initialize SEV support without the SEV feature (Venu Busireddy) [Orabug: 33110762] - xfs: fix out of bound access (Junxiao Bi) [Orabug: 33089469] - ext4: use ext4_grp_locked_error in mb_find_extent (Stephen Brennan) [Orabug: 33042746] - PCI/ERR: Retain status from error notification (Keith Busch) [Orabug: 32995246] - perf maps: Do not use an rbtree to sort by map name (Arnaldo Carvalho de Melo) [Orabug: 32726674] - block: return the correct bvec when checking for gaps (Long Li) [Orabug: 33000789] [5.4.17-2102.204.1] - LTS tag: v5.4.128 (Jack Vogel) - ARM: OMAP: replace setup_irq() by request_irq() (afzal mohammed) - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read (Eric Auger) - tools headers UAPI: Sync linux/in.h copy with the kernel sources (Arnaldo Carvalho de Melo) - net: fec_ptp: add clock rate zero check (Fugang Duan) - net: stmmac: disable clocks in stmmac_remove_config_dt() (Joakim Zhang) - mm/slub.c: include swab.h (Andrew Morton) - mm/slub: fix redzoning for small allocations (Kees Cook) - mm/slub: clarify verification reporting (Kees Cook) - net: bridge: fix vlan tunnel dst refcnt when egressing (Nikolay Aleksandrov) - net: bridge: fix vlan tunnel dst null pointer dereference (Nikolay Aleksandrov) - net: ll_temac: Fix TX BD buffer overwrite (Esben Haabendal) - net: ll_temac: Make sure to free skb when it is completely used (Esben Haabendal) - drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue. (Yifan Zhang) - drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell. (Yifan Zhang) - cfg80211: avoid double free of PMSR request (Avraham Stern) - cfg80211: make certificate generation more robust (Johannes Berg) - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (Bumyong Lee) - x86/fpu: Reset state for all signal restore failures (Thomas Gleixner) - x86/pkru: Write hardware init value to PKRU when xstate is init (Thomas Gleixner) - x86/process: Check PF_KTHREAD and not current->mm for kernel threads (Thomas Gleixner) - ARCv2: save ABI registers across signal handling (Vineet Gupta) - KVM: x86: Immediately reset the MMU context when the SMM flag is cleared (Sean Christopherson) - PCI: Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun) - PCI: Add ACS quirk for Broadcom BCM57414 NIC (Sriharsha Basavapatna) - PCI: aardvark: Fix kernel panic during PIO transfer (Pali Rohar) - PCI: aardvark: Dont rely on jiffies while holding spinlock (Remi Pommarel) - PCI: Mark some NVIDIA GPUs to avoid bus reset (Shanker Donthineni) - PCI: Mark TI C667X to avoid bus reset (Antti Jarvinen) - tracing: Do no increment trace_clock_global() by one (Steven Rostedt (VMware)) - tracing: Do not stop recording comms if the trace file is being read (Steven Rostedt (VMware)) - tracing: Do not stop recording cmdlines when tracing is off (Steven Rostedt (VMware)) - usb: core: hub: Disable autosuspend for Cypress CY7C65632 (Andrew Lunn) - can: mcba_usb: fix memory leak in mcba_usb (Pavel Skripkin) - can: j1939: fix Use-after-Free, hold skb ref while in use (Oleksij Rempel) - can: bcm/raw/isotp: use per module netdevice notifier (Tetsuo Handa) - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) - hwmon: (scpi-hwmon) shows the negative temperature properly (Riwen Lu) - radeon: use memcpy_to/fromio for UVD fw upload (Chen Li) - pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled (Sergio Paracuellos) - spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() (Patrice Chotard) - ASoC: rt5659: Fix the lost powers for the HDA header (Jack Yu) - regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting (Axel Lin) - net: ethernet: fix potential use-after-free in ec_bhf_remove (Pavel Skripkin) - icmp: dont send out ICMP messages with a source address of 0.0.0.0 (Toke Hoiland-Jorgensen) - bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path (Somnath Kotur) - bnxt_en: Rediscover PHY capabilities after firmware reset (Michael Chan) - cxgb4: fix wrong shift. (Pavel Machek) - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) - net: hamradio: fix memory leak in mkiss_close (Pavel Skripkin) - be2net: Fix an error handling path in be_probe() (Christophe JAILLET) - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock (Eric Dumazet) - net: ipv4: fix memory leak in ip_mc_add1_src (Chengyang Fan) - net: fec_ptp: fix issue caused by refactor the fec_devtype (Joakim Zhang) - net: usb: fix possible use-after-free in smsc75xx_bind (Dongliang Mu) - lantiq: net: fix duplicated skb in rx descriptor ring (Aleksander Jan Bajkowski) - net: cdc_ncm: switch to eth%d interface naming (Maciej zenczykowski) - ptp: improve max_adj check against unreasonable values (Jakub Kicinski) - net: qrtr: fix OOB Read in qrtr_endpoint_post (Pavel Skripkin) - netxen_nic: Fix an error handling path in netxen_nic_probe() (Christophe JAILLET) - qlcnic: Fix an error handling path in qlcnic_probe() (Christophe JAILLET) - net: make get_net_ns return error if NET_NS is disabled (Changbin Du) - net: stmmac: dwmac1000: Fix extended MAC address registers definition (Jisheng Zhang) - alx: Fix an error handling path in alx_probe() (Christophe JAILLET) - sch_cake: Fix out of bounds when parsing TCP options and header (Maxim Mikityanskiy) - netfilter: synproxy: Fix out of bounds when parsing TCP options (Maxim Mikityanskiy) - net/mlx5e: Block offload of outer header csum for UDP tunnels (Aya Levin) - net/mlx5e: allow TSO on VXLAN over VLAN topologies (Davide Caratti) - net/mlx5: Consider RoCE cap before init RDMA resources (Maor Gottlieb) - net/mlx5e: Fix page reclaim for dead peer hairpin (Dima Chumak) - net/mlx5e: Remove dependency in IPsec initialization flows (Huy Nguyen) - net/sched: act_ct: handle DNAT tuple collision (Marcelo Ricardo Leitner) - rtnetlink: Fix regression in bridge VLAN configuration (Ido Schimmel) - udp: fix race between close() and udp_abort() (Paolo Abeni) - net: lantiq: disable interrupt before sheduling NAPI (Aleksander Jan Bajkowski) - net: rds: fix memory leak in rds_recvmsg (Pavel Skripkin) - vrf: fix maximum MTU (Nicolas Dichtel) - net: ipv4: fix memory leak in netlbl_cipsov4_add_std (Nanyong Sun) - batman-adv: Avoid WARN_ON timing related checks (Sven Eckelmann) - kvm: LAPIC: Restore guard to prevent illegal APIC register access (Jim Mattson) - mm/memory-failure: make sure wait for page writeback in memory_failure (yangerkun) - afs: Fix an IS_ERR() vs NULL check (Dan Carpenter) - dmaengine: stedma40: add missing iounmap() on error in d40_probe() (Yang Yingliang) - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (Randy Dunlap) - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (Randy Dunlap) - LTS tag: v5.4.127 (Jack Vogel) - fib: Return the correct errno code (Zheng Yongjun) - net: Return the correct errno code (Zheng Yongjun) - net/x25: Return the correct errno code (Zheng Yongjun) - rtnetlink: Fix missing error code in rtnl_bridge_notify() (Jiapeng Chong) - drm/amd/display: Allow bandwidth validation for 0 streams. (Bindu Ramamurthy) - net: ipconfig: Dont override command-line hostnames or domains (Josh Triplett) - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() (Hannes Reinecke) - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails (Hannes Reinecke) - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() (Hannes Reinecke) - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (Ewan D. Milne) - scsi: qedf: Do not put host in qedf_vport_create() unconditionally (Daniel Wagner) - ethernet: myri10ge: Fix missing error code in myri10ge_probe() (Jiapeng Chong) - scsi: target: core: Fix warning on realtime kernels (Maurizio Lombardi) - gfs2: Fix use-after-free in gfs2_glock_shrink_scan (Hillf Danton) - riscv: Use -mno-relax when using lld linker (Khem Raj) - HID: gt683r: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - gfs2: Prevent direct-I/O write fallback errors from getting lost (Andreas Gruenbacher) - ARM: OMAP2+: Fix build warning when mmc_omap is not built (Yongqiang Liu) - drm/tegra: sor: Do not leak runtime PM reference (Pavel Machek (CIP)) - HID: usbhid: fix info leak in hid_submit_ctrl (Anirudh Rayabharam) - HID: Add BUS_VIRTUAL to hid_connect logging (Mark Bolhuis) - HID: multitouch: set Stylus suffix for Stylus-application devices, too (Ahelenia Ziemianska) - HID: hid-sensor-hub: Return error for hid_set_field() failure (Srinivas Pandruvada) - HID: hid-input: add mapping for emoji picker key (Dmitry Torokhov) - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (Nirenjan Krishnan) - net: ieee802154: fix null deref in parse dev addr (Dan Robertson) - LTS tag: v5.4.126 (Jack Vogel) - proc: only require mm_struct for writing (Linus Torvalds) - tracing: Correct the length check which causes memory corruption (Liangyan) - ftrace: Do not blindly read the ip address in ftrace_bug() (Steven Rostedt (VMware)) - scsi: core: Only put parent device if host state differs from SHOST_CREATED (Ming Lei) - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (Ming Lei) - scsi: core: Fix failure handling of scsi_add_host_with_dma() (Ming Lei) - scsi: core: Fix error handling of scsi_host_alloc() (Ming Lei) - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. (Dai Ngo) - NFSv4: Fix second deadlock in nfs4_evict_inode() (Trond Myklebust) - NFS: Fix use-after-free in nfs4_init_client() (Anna Schumaker) - kvm: fix previous commit for 32-bit builds (Paolo Bonzini) - perf session: Correct buffer copying when peeking events (Leo Yan) - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() (Trond Myklebust) - NFS: Fix a potential NULL dereference in nfs_get_client() (Dan Carpenter) - IB/mlx5: Fix initializing CQ fragments buffer (Alaa Hleihel) - KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message (Sean Christopherson) - sched/fair: Make sure to update tg contrib for blocked load (Vincent Guittot) - perf: Fix data race between pin_count increment/decrement (Marco Elver) - vmlinux.lds.h: Avoid orphan section with !SMP (Nathan Chancellor) - RDMA/mlx4: Do not map the core_clock page to user space unless enabled (Shay Drory) - RDMA/ipoib: Fix warning caused by destroying non-initial netns (Kamal Heib) - usb: typec: mux: Fix copy-paste mistake in typec_mux_match (Bjorn Andersson) - regulator: max77620: Use device_set_of_node_from_dev() (Dmitry Osipenko) - regulator: core: resolve supply for boot-on/always-on regulators (Dmitry Baryshkov) - usb: fix various gadget panics on 10gbps cabling (Maciej zenczykowski) - usb: fix various gadgets null ptr deref on 10gbps cabling. (Maciej zenczykowski) - usb: gadget: eem: fix wrong eem header operation (Linyu Yuan) - USB: serial: cp210x: fix alternate function for CP2102N QFN20 (Stefan Agner) - USB: serial: quatech2: fix control-request directions (Johan Hovold) - USB: serial: omninet: add device id for Zyxel Omni 56K Plus (Alexandre GRIVEAUX) - USB: serial: ftdi_sio: add NovaTech OrionMX product ID (George McCollister) - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (Wesley Cheng) - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (Mayank Rana) - usb: typec: wcove: Use LE to CPU conversion when accessing msg->header (Andy Shevchenko) - usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (Thomas Petazzoni) - usb: dwc3: ep0: fix NULL pointer exception (Marian-Cristian Rotariu) - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms (Kyle Tso) - usb: f_ncm: only first packet of aggregate needs to start timer (Maciej zenczykowski) - USB: f_ncm: ncm_bitrate (speed) is unsigned (Maciej zenczykowski) - cgroup1: dont allow in renaming (Alexander Kuznetsov) - btrfs: promote debugging asserts to full-fledged checks in validate_super (Nikolay Borisov) - btrfs: return value from btrfs_mark_extent_written() in case of error (Ritesh Harjani) - staging: rtl8723bs: Fix uninitialized variables (Wenli Looi) - kvm: avoid speculation-based attacks from out-of-range memslot accesses (Paolo Bonzini) - drm: Lock pointer access in drm_master_release() (Desmond Cheong Zhi Xi) - drm: Fix use-after-free read in drm_getunique() (Desmond Cheong Zhi Xi) - spi: bcm2835: Fix out-of-bounds access with more than 4 slaves (Lukas Wunner) - x86/boot: Add .text.* to setup.ld (Arvind Sankar) - i2c: mpc: implement erratum A-004447 workaround (Chris Packham) - i2c: mpc: Make use of i2c_recover_bus() (Chris Packham) - spi: Cleanup on failure of initial setup (Lukas Wunner) - spi: Dont have controller clean up spi device before driver unbind (Saravana Kannan) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers (Chris Packham) - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME (Sagi Grimberg) - bnx2x: Fix missing error code in bnx2x_iov_init_one() (Jiapeng Chong) - dm verity: fix require_signatures module_param permissions (John Keeping) - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER (Tiezhu Yang) - nvme-fabrics: decode host pathing error for connect (Hannes Reinecke) - net: dsa: microchip: enable phy errata workaround on 9567 (George McCollister) - net: appletalk: cops: Fix data race in cops_probe1 (Saubhik Mukherjee) - net: macb: ensure the device is available before accessing GEMGXL control registers (Zong Li) - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (Dmitry Bogdanov) - scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq (Yang Yingliang) - scsi: vmw_pvscsi: Set correct residual data length (Matt Wang) - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (Zheyu Ma) - wq: handle VM suspension in stall detection (Sergey Senozhatsky) - cgroup: disable controllers at parse time (Shakeel Butt) - net: mdiobus: get rid of a BUG_ON() (Dan Carpenter) - netlink: disable IRQs for netlink_lock_table() (Johannes Berg) - bonding: init notify_work earlier to avoid uninitialized use (Johannes Berg) - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) - spi: sprd: Add missing MODULE_DEVICE_TABLE (Chunyan Zhang) - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (Zou Wei) - vfio-ccw: Serialize FSM IDLE state with I/O completion (Eric Farman) - ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet (Hans de Goede) - usb: cdns3: Fix runtime PM imbalance on error (Dinghao Liu) - net/nfc/rawsock.c: fix a permission check bug (Jeimon) - spi: Fix spi device unregister flow (Saravana Kannan) - ASoC: max98088: fix ni clock divider calculation (Marco Felsch) - proc: Track /proc//attr/ opener mm_struct (Kees Cook) - LTS tag: v5.4.125 (Jack Vogel) - neighbour: allow NUD_NOARP entries to be forced GCed (David Ahern) - i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops (Roja Rani Yarubandi) - xen-pciback: redo VF placement in the virtual topology (Jan Beulich) - lib/lz4: explicitly support in-place decompression (Gao Xiang) - x86/kvm: Disable all PV features on crash (Vitaly Kuznetsov) - x86/kvm: Disable kvmclock on all CPUs on shutdown (Vitaly Kuznetsov) - x86/kvm: Teardown PV features on boot CPU as well (Vitaly Kuznetsov) - KVM: arm64: Fix debug register indexing (Marc Zyngier) - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode (Sean Christopherson) - btrfs: fix unmountable seed device after fstrim (Anand Jain) - mm/filemap: fix storing to a THP shadow entry (Matthew Wilcox (Oracle)) - XArray: add xas_split (Matthew Wilcox (Oracle)) - XArray: add xa_get_order (Matthew Wilcox (Oracle)) - mm: add thp_order (Matthew Wilcox (Oracle)) - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY (Mina Almasry) - btrfs: fixup error handling in fixup_inode_link_counts (Josef Bacik) - btrfs: return errors from btrfs_del_csums in cleanup_ref_head (Josef Bacik) - btrfs: fix error handling in btrfs_del_csums (Josef Bacik) - btrfs: mark ordered extent and inode with error if we fail to finish (Josef Bacik) - drm/amdgpu: make sure we unpin the UVD BO (Nirmoy Das) - drm/amdgpu: Dont query CE and UE errors (Luben Tuikov) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) - ocfs2: fix data corruption by fallocate (Junxiao Bi) - pid: take a reference when initializing (Mark Rutland) - usb: dwc2: Fix build in periphal-only mode (Phil Elwell) - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (Ye Bin) - ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (Marek Vasut) - ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch (Michal Vokax) - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx (Carlos M) - ALSA: timer: Fix master timer notification (Takashi Iwai) - HID: multitouch: require Finger field to mark Win8 reports as MT (Ahelenia Ziemianska) - HID: magicmouse: fix NULL-deref on disconnect (Johan Hovold) - HID: i2c-hid: Skip ELAN power-on command after reset (Johnny Chuang) - net: caif: fix memory leak in cfusbl_device_notify (Pavel Skripkin) - net: caif: fix memory leak in caif_device_notify (Pavel Skripkin) - net: caif: add proper error handling (Pavel Skripkin) - net: caif: added cfserl_release function (Pavel Skripkin) - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) - Bluetooth: fix the erroneous flush_work() order (Lin Ma) {CVE-2021-3564} - tipc: fix unique bearer names sanity check (Hoang Le) - tipc: add extack messages for bearer/media failure (Hoang Le) - bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act (Tony Lindgren) - ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (Geert Uytterhoeven) - ARM: dts: imx7d-pico: Fix the tuning-step property (Fabio Estevam) - ARM: dts: imx7d-meerkat96: Fix the tuning-step property (Fabio Estevam) - arm64: dts: zii-ultra: fix 12V_MAIN voltage (Lucas Stach) - arm64: dts: ls1028a: fix memory node (Michael Walle) - i40e: add correct exception tracing for XDP (Magnus Karlsson) - i40e: optimize for XDP_REDIRECT in xsk path (Magnus Karlsson) - i2c: qcom-geni: Add shutdown callback for i2c (Roja Rani Yarubandi) - ice: Allow all LLDP packets from PF to Tx (Dave Ertman) - ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared (Brett Creeley) - ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (Coco Li) - ixgbevf: add correct exception tracing for XDP (Magnus Karlsson) - ieee802154: fix error return code in ieee802154_llsec_getparams() (Wei Yongjun) - ieee802154: fix error return code in ieee802154_add_iface() (Zhen Lei) - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches (Pablo Neira Ayuso) - netfilter: nft_ct: skip expectations for confirmed conntrack (Pablo Neira Ayuso) - ACPICA: Clean up context mutex during object deletion (Erik Kaneda) - net/sched: act_ct: Fix ct template allocation for zone 0 (Ariel Levkovich) - HID: i2c-hid: fix format string mismatch (Arnd Bergmann) - HID: pidff: fix error return code in hid_pidff_init() (Zhen Lei) - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service (Julian Anastasov) - vfio/platform: fix module_put call in error flow (Max Gurtovoy) - samples: vfio-mdev: fix error handing in mdpy_fb_probe() (Wei Yongjun) - vfio/pci: zap_vma_ptes() needs MMU (Randy Dunlap) - vfio/pci: Fix error return code in vfio_ecap_init() (Zhen Lei) - efi: cper: fix snprintf() use in cper_dimm_err_location() (Rasmus Villemoes) - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (Heiner Kallweit) - netfilter: conntrack: unregister ipv4 sockopts on error unwind (Florian Westphal) - hwmon: (dell-smm-hwmon) Fix index values (Armin Wolf) - nl80211: validate key indexes for cfg80211_registered_device (Anant Thazhemadam) - ALSA: usb: update old-style static const declaration (Pierre-Louis Bossart) - net: usb: cdc_ncm: dont spew notifications (Grant Grundler) - btrfs: tree-checker: do not error out if extent ref hash doesnt match (Josef Bacik) - LTS tag: v5.4.124 (Jack Vogel) - usb: core: reduce power-on-good delay time of root hub (Chunfeng Yun) - neighbour: Prevent Race condition in neighbour subsytem (Chinmay Agarwal) - net: hso: bail out on interrupt URB allocation failure (Johan Hovold) - Revert Revert ALSA: usx2y: Fix potential NULL pointer dereference (Greg Kroah-Hartman) - net: hns3: check the return of skb_checksum_help() (Yunsheng Lin) - drivers/net/ethernet: clean up unused assignments (Jesse Brandeburg) - i915: fix build warning in intel_dp_get_link_status() (Greg Kroah-Hartman) - drm/i915/display: fix compiler warning about array overrun (Linus Torvalds) - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c (Randy Dunlap) - MIPS: alchemy: xxs1500: add gpio-au1000.h header file (Randy Dunlap) - sch_dsmark: fix a NULL deref in qdisc_reset() (Taehee Yoo) - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88 (Stefan Roese) - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static (kernel test robot) - ipv6: record frag_max_size in atomic fragments in input path (Francesco Ruggeri) - net: lantiq: fix memory corruption in RX ring (Aleksander Jan Bajkowski) - scsi: libsas: Use _safe() loop in sas_resume_port() (Dan Carpenter) - ixgbe: fix large MTU request from VF (Jesse Brandeburg) - bpf: Set mac_len in bpf_skb_change_head (Jussi Maki) - ASoC: cs35l33: fix an error code in probe() (Dan Carpenter) - staging: emxx_udc: fix loop in _nbu2ss_nuke() (Dan Carpenter) - cxgb4: avoid accessing registers when clearing filters (Raju Rangoju) - gve: Correct SKB queue index validation. (David Awogbemila) - gve: Upgrade memory barrier in poll routine (Catherine Sullivan) - gve: Add NULL pointer checks when freeing irqs. (David Awogbemila) - gve: Update mgmt_msix_idx if num_ntfy changes (David Awogbemila) - gve: Check TX QPL was actually assigned (Catherine Sullivan) - mld: fix panic in mld_newpack() (Taehee Yoo) - bnxt_en: Include new P5 HV definition in VF check. (Andy Gospodarek) - net: bnx2: Fix error return code in bnx2_init_board() (Zhen Lei) - net: hso: check for allocation failure in hso_create_bulk_serial_device() (Dan Carpenter) - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT (Jim Ma) - openvswitch: meter: fix race when getting now_ms. (Tao Liu) - net: mdio: octeon: Fix some double free issues (Christophe JAILLET) - net: mdio: thunder: Fix a double free issue in the .remove function (Christophe JAILLET) - net: fec: fix the potential memory leak in fec_enet_init() (Fugang Duan) - net: really orphan skbs tied to closing sk (Paolo Abeni) - vfio-ccw: Check initialized flag in cp_init() (Eric Farman) - ASoC: cs42l42: Regmap must use_single_read/write (Richard Fitzgerald) - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count (Vladimir Oltean) - net: netcp: Fix an error message (Christophe JAILLET) - drm/amd/amdgpu: fix a potential deadlock in gpu reset (Lang Yu) - drm/amdgpu: Fix a use-after-free (xinhui pan) - drm/amd/amdgpu: fix refcount leak (Jingwen Chen) - drm/amd/display: Disconnect non-DP with no EDID (Chris Park) - SMB3: incorrect file id in requests compounded with open (Steve French) - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet (Teava Radu) - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (Andy Shevchenko) - platform/x86: hp-wireless: add AMDs hardware id to the supported list (Shyam Sundar S K) - btrfs: do not BUG_ON in link_to_fixup_dir (Josef Bacik) - openrisc: Define memory barrier mb (Peter Zijlstra) - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (Matt Wang) - btrfs: return whole extents in fiemap (Boris Burkov) - brcmfmac: properly check for bus register errors (Greg Kroah-Hartman) - Revert brcmfmac: add a check for the status of usb_register (Greg Kroah-Hartman) - net: liquidio: Add missing null pointer checks (Tom Seewald) - Revert net: liquidio: fix a NULL pointer dereference (Greg Kroah-Hartman) - media: gspca: properly check for errors in po1030_probe() (Greg Kroah-Hartman) - Revert media: gspca: Check the return value of write_bridge for timeout (Greg Kroah-Hartman) - media: gspca: mt9m111: Check write_bridge for timeout (Alaa Emad) - Revert media: gspca: mt9m111: Check write_bridge for timeout (Greg Kroah-Hartman) - media: dvb: Add check on sp8870_readreg return (Alaa Emad) - Revert media: dvb: Add check on sp8870_readreg (Greg Kroah-Hartman) - ASoC: cs43130: handle errors in cs43130_probe() properly (Greg Kroah-Hartman) - Revert ASoC: cs43130: fix a NULL pointer dereference (Greg Kroah-Hartman) - libertas: register sysfs groups properly (Greg Kroah-Hartman) - Revert libertas: add checks for the return value of sysfs_create_group (Greg Kroah-Hartman) - dmaengine: qcom_hidma: comment platform_driver_register call (Phillip Potter) - Revert dmaengine: qcom_hidma: Check for driver register failure (Greg Kroah-Hartman) - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info (Phillip Potter) - Revert isdn: mISDN: Fix potential NULL pointer dereference of kzalloc (Greg Kroah-Hartman) - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() (Anirudh Rayabharam) - Revert ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() (Greg Kroah-Hartman) - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (Phillip Potter) - Revert isdn: mISDNinfineon: fix potential NULL pointer dereference (Greg Kroah-Hartman) - Revert ALSA: usx2y: Fix potential NULL pointer dereference (Greg Kroah-Hartman) - Revert ALSA: gus: add a check of the status of snd_ctl_add (Greg Kroah-Hartman) - char: hpet: add checks after calling ioremap (Tom Seewald) - Revert char: hpet: fix a missing check of ioremap (Greg Kroah-Hartman) - net: caif: remove BUG_ON(dev == NULL) in caif_xmit (Du Cheng) - Revert net/smc: fix a NULL pointer dereference (Greg Kroah-Hartman) - net: fujitsu: fix potential null-ptr-deref (Anirudh Rayabharam) - Revert net: fujitsu: fix a potential NULL pointer dereference (Greg Kroah-Hartman) - serial: max310x: unregister uart driver in case of failure and abort (Atul Gopinathan) - Revert serial: max310x: pass return value of spi_register_driver (Greg Kroah-Hartman) - Revert ALSA: sb: fix a missing check of snd_ctl_add (Greg Kroah-Hartman) - Revert media: usb: gspca: add a missed check for goto_low_power (Greg Kroah-Hartman) - gpio: cadence: Add missing MODULE_DEVICE_TABLE (Zou Wei) - platform/x86: hp_accel: Avoid invoking _INI to speed up resume (Kai-Heng Feng) - perf jevents: Fix getting maximum number of fds (Felix Fietkau) - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E (Geert Uytterhoeven) - i2c: i801: Dont generate an interrupt on bus reset (Jean Delvare) - i2c: s3c2410: fix possible NULL pointer deref on read message after write (Krzysztof Kozlowski) - net: dsa: sja1105: error out on unsupported PHY mode (Vladimir Oltean) - net: dsa: fix a crash if ->get_sset_count() fails (Dan Carpenter) - net: dsa: mt7530: fix VLAN traffic leaks (DENG Qingfang) - spi: spi-fsl-dspi: Fix a resource leak in an error handling path (Christophe JAILLET) - tipc: skb_linearize the head skb when reassembling msgs (Xin Long) - tipc: wait and exit until all work queues are done (Xin Long) - Revert net:tipc: Fix a double free in tipc_sk_mcast_rcv (Hoang Le) - net/mlx5e: Fix nullptr in add_vlan_push_action() (Dima Chumak) - net/mlx5e: Fix multipath lag activation (Dima Chumak) - drm/meson: fix shutdown crash when component not probed (Neil Armstrong) - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (Zhang Xiaoxu) - NFS: Dont corrupt the value of pg_bytes_written in nfs_do_recoalesce() (Trond Myklebust) - NFS: Fix an Oopsable condition in __nfs_pageio_add_request() (Trond Myklebust) - NFS: fix an incorrect limit in filelayout_decode_layout() (Dan Carpenter) - fs/nfs: Use fatal_signal_pending instead of signal_pending (zhouchuangao) - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) - spi: spi-geni-qcom: Fix use-after-free on unbind (Lukas Wunner) - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() (Yoshihiro Shimoda) - usb: dwc3: gadget: Properly track pending and queued SG (Thinh Nguyen) - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID (Srinivas Pandruvada) - USB: serial: pl2303: add device id for ADLINK ND-6530 GC (Zolton Jheng) - USB: serial: ftdi_sio: add IDs for IDS GmbH Products (Dominik Andreas Schorpp) - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (Daniele Palmas) - USB: serial: ti_usb_3410_5052: add startech.com device id (Sean MacLennan) - serial: rp2: use request_firmware instead of request_firmware_nowait (Zheyu Ma) - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (Geert Uytterhoeven) - serial: tegra: Fix a mask operation that is always true (Colin Ian King) - USB: usbfs: Dont WARN about excessively large memory allocations (Alan Stern) - USB: trancevibrator: fix control-request direction (Johan Hovold) - serial: 8250_pci: handle FL_NOIRQ board flag (Christian Gmeiner) - serial: 8250_pci: Add support for new HPE serial device (Randy Wright) - iio: adc: ad7793: Add missing error code in ad7793_setup() (YueHaibing) - iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers (Jonathan Cameron) - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error. (Jonathan Cameron) - iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: gyro: fxas21002c: balance runtime power in error path (Rui Miguel Silva) - staging: iio: cdc: ad7746: avoid overwrite of num_channels (Lucas Stankus) - mei: request autosuspend after sending rx flow control (Alexander Usyskin) - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (Mathias Nyman) - misc/uss720: fix memory leak in uss720_probe (Dongliang Mu) - serial: core: fix suspicious security_locked_down() call (Ondrej Mosnacek) - Documentation: seccomp: Fix user notification documentation (Sargun Dhillon) - kgdb: fix gcc-11 warnings harder (Greg Kroah-Hartman) - selftests/gpio: Fix build when source tree is read only (Michael Ellerman) - selftests/gpio: Move include of lib.mk up (Michael Ellerman) - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED (Michael Ellerman) - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate (James Zhu) - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate (James Zhu) - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate (James Zhu) - dm snapshot: properly fix a crash when an origin has no snapshots (Mikulas Patocka) - ath10k: Validate first subframe of A-MSDU before processing the list (Sriram R) - ath10k: Fix TKIP Michael MIC verification for PCIe (Wen Gong) {CVE-2020-26141} - ath10k: drop MPDU which has discard flag set by firmware for SDIO (Wen Gong) {CVE-2020-24588} - ath10k: drop fragments with multicast DA for SDIO (Wen Gong) {CVE-2020-26145} - ath10k: drop fragments with multicast DA for PCIe (Wen Gong) {CVE-2020-26145} - ath10k: add CCMP PN replay protection for fragmented frames for PCIe (Wen Gong) - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) - mac80211: check defrag PN against current frame (Johannes Berg) - mac80211: add fragment cache to sta_info (Johannes Berg) - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) {CVE-2020-26147} - net: hso: fix control-request directions (Johan Hovold) - proc: Check /proc//attr/ writes against file opener (Kees Cook) - perf scripts python: exported-sql-viewer.py: Fix warning display (Adrian Hunter) - perf scripts python: exported-sql-viewer.py: Fix Array TypeError (Adrian Hunter) - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report (Adrian Hunter) - perf intel-pt: Fix transaction abort handling (Adrian Hunter) - perf intel-pt: Fix sample instruction bytes (Adrian Hunter) - iommu/vt-d: Fix sysfs leak in alloc_iommu() (Rolf Eike Beer) - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (Anna Schumaker) - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 (Aurelien Aptel) - ALSA: usb-audio: scarlett2: Improve driver startup messages (Geoffrey D. Bennett) - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci (Geoffrey D. Bennett) - ALSA: hda/realtek: Headphone volume is controlled by Front mixer (Hui Wang) - LTS tag: v5.4.123 (Jack Vogel) - NFC: nci: fix memory leak in nci_allocate_device (Dongliang Mu) - perf unwind: Set userdata for all __report_module() paths (Dave Rigby) - perf unwind: Fix separate debug info files when using elfutils libdws unwinder (Jan Kratochvil) - usb: dwc3: gadget: Enable suspend events (Jack Pham) - bpf: No need to simulate speculative domain for immediates (Daniel Borkmann) - bpf: Fix mask direction swap upon off reg sign change (Daniel Borkmann) - bpf: Wrap aux data inside bpf_sanitize_info container (Daniel Borkmann) - LTS tag: v5.4.122 (Jack Vogel) - Bluetooth: SMP: Fail if remote and local public keys are identical (Luiz Augusto von Dentz) - video: hgafb: correctly handle card detect failure during probe (Anirudh Rayabharam) - nvmet: use new ana_log_size instead the old one (Hou Pu) - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS (Luiz Augusto von Dentz) - ext4: fix error handling in ext4_end_enable_verity() (Eric Biggers) - nvme-multipath: fix double initialization of ANA state (Christoph Hellwig) - tty: vt: always invoke vc->vc_sw->con_resize callback (Tetsuo Handa) - vt: Fix character height handling with VT_RESIZEX (Maciej W. Rozycki) - vgacon: Record video mode changes with VT_RESIZEX (Maciej W. Rozycki) - video: hgafb: fix potential NULL pointer dereference (Igor Matheus Andrade Torrente) - qlcnic: Add null check after calling netdev_alloc_skb (Tom Seewald) - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (Phillip Potter) - ics932s401: fix broken handling of errors when word reading fails (Darrick J. Wong) - net: rtlwifi: properly check for alloc_workqueue() failure (Greg Kroah-Hartman) - scsi: ufs: handle cleanup correctly on devm_reset_control_get error (Phillip Potter) - net: stmicro: handle clk_prepare() failure during init (Anirudh Rayabharam) - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (Du Cheng) - Revert niu: fix missing checks of niu_pci_eeprom_read (Greg Kroah-Hartman) - Revert qlcnic: Avoid potential NULL pointer dereference (Greg Kroah-Hartman) - Revert rtlwifi: fix a potential NULL pointer dereference (Greg Kroah-Hartman) - Revert media: rcar_drif: fix a memory disclosure (Greg Kroah-Hartman) - cdrom: gdrom: initialize global variable at init time (Greg Kroah-Hartman) - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom (Atul Gopinathan) - Revert gdrom: fix a memory leak bug (Greg Kroah-Hartman) - Revert scsi: ufs: fix a missing check of devm_reset_control_get (Greg Kroah-Hartman) - Revert ecryptfs: replace BUG_ON with error handling code (Greg Kroah-Hartman) - Revert video: imsttfb: fix potential NULL pointer dereferences (Greg Kroah-Hartman) - Revert hwmon: (lm80) fix a missing check of bus read in lm80 probe (Greg Kroah-Hartman) - Revert leds: lp5523: fix a missing check of return value of lp55xx_read (Greg Kroah-Hartman) - Revert net: stmicro: fix a missing check of clk_prepare (Greg Kroah-Hartman) - Revert video: hgafb: fix potential NULL pointer dereference (Greg Kroah-Hartman) - dm snapshot: fix crash with transient storage and zero chunk size (Mikulas Patocka) - xen-pciback: reconfigure also from backend watch handler (Jan Beulich) - mmc: sdhci-pci-gli: increase 1.8V regulator wait (Daniel Beer) - drm/amdgpu: update sdma golden setting for Navi12 (Guchun Chen) - drm/amdgpu: update gc golden setting for Navi12 (Guchun Chen) - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang (Changfeng) - Revert serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference (Greg Kroah-Hartman) - rapidio: handle create_workqueue() failure (Anirudh Rayabharam) - Revert rapidio: fix a NULL pointer dereference when create_workqueue() fails (Greg Kroah-Hartman) - uio_hv_generic: Fix a memory leak in error handling paths (Christophe JAILLET) - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx (Elia Devito) - ALSA: hda/realtek: Add fixup for HP OMEN laptop (Takashi Iwai) - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA (Takashi Iwai) - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 (PeiSen Hou) - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (Hui Wang) - ALSA: firewire-lib: fix check for the size of isochronous packet payload (Takashi Sakamoto) - Revert ALSA: sb8: add a check for request_region (Greg Kroah-Hartman) - ALSA: hda: fixup headset for ASUS GU502 laptop (Daniel Cordova A) - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - ALSA: usb-audio: Validate MS endpoint descriptors (Takashi Iwai) - ALSA: firewire-lib: fix calculation for size of IR context payload (Takashi Sakamoto) - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 (Takashi Sakamoto) - ALSA: line6: Fix racy initialization of LINE6 MIDI (Takashi Iwai) - ALSA: intel8x0: Dont update period unless prepared (Takashi Iwai) - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency (Takashi Sakamoto) - cifs: fix memory leak in smb2_copychunk_range (Ronnie Sahlberg) - btrfs: avoid RCU stalls while running delayed iputs (Josef Bacik) - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal (Zqiang) - nvmet: seset ns->file when open fails (Daniel Wagner) - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (Oleg Nesterov) - RDMA/uverbs: Fix a NULL vs IS_ERR() bug (Dan Carpenter) - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Hans de Goede) - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (Liming Sun) - RDMA/core: Dont access cm_id after its destruction (Shay Drory) - RDMA/mlx5: Recover from fatal event in dual port mode (Maor Gottlieb) - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (Zhen Lei) - scsi: ufs: core: Increase the usable queue depth (Bart Van Assche) - RDMA/rxe: Clear all QP fields if creation failed (Leon Romanovsky) - RDMA/siw: Release xarray entry (Leon Romanovsky) - RDMA/siw: Properly check send and receive CQ pointers (Leon Romanovsky) - openrisc: Fix a memory leak (Christophe JAILLET) - firmware: arm_scpi: Prevent the ternary sign expansion bug (Dan Carpenter) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 CVE-2020-14304 CVE-2020-24586 CVE-2020-26141 CVE-2021-23134 CVE-2020-24587 CVE-2020-24588 CVE-2020-26145 CVE-2020-26147 CVE-2021-3564 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.204.4.2] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150447] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177348] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150427] - arm64: mm: kdump: Fix /proc/kcore (Henry Willard) [Orabug: 32570847] [5.4.17-2102.204.4] - Revert x86/reboot: Force all cpus to exit VMX root if VMX is supported (Somasundaram Krishnasamy) [Orabug: 33167303] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33165876] - A/A Bonding: dev_hold/put() the delayed GARP work handlers netdev in rdmaip (Sharath Srinivasan) [Orabug: 33161268] - rds: ib: Increase entropy of RDMA IOVAs (Hakon Bugge) [Orabug: 33104687] [5.4.17-2102.204.3] - rds: Check for illegal flags when creating an MR (Hakon Bugge) [Orabug: 33144338] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135632] {CVE-2021-33909} [5.4.17-2102.204.2] - RDMA/core/sa_query: Remove unused argument (Hakon Bugge) [Orabug: 33113136] - RDMA/cma: Fix incorrect Packet Lifetime calculation (Hakon Bugge) [Orabug: 33113136] - RDMA: Remove a few extra calls to ib_get_client_data() (Jason Gunthorpe) [Orabug: 33113136] - RDMA/cma: Protect RMW with qp_mutex (Hakon Bugge) [Orabug: 33113136] - IB/cma: Introduce rdma_set_min_rnr_timer() (Hakon Bugge) [Orabug: 33113136] - RDMA/iwcm: Allow AFONLY binding for IPv6 addresses (Bernard Metzler) [Orabug: 33113136] - RDMA/cma: Remove unnecessary INIT->INIT transition (Hakon Bugge) [Orabug: 33113136] - RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes) [Orabug: 33113136] - crypto: ccp - Dont initialize SEV support without the SEV feature (Venu Busireddy) [Orabug: 33110762] - xfs: fix out of bound access (Junxiao Bi) [Orabug: 33089469] - ext4: use ext4_grp_locked_error in mb_find_extent (Stephen Brennan) [Orabug: 33042746] - PCI/ERR: Retain status from error notification (Keith Busch) [Orabug: 32995246] - perf maps: Do not use an rbtree to sort by map name (Arnaldo Carvalho de Melo) [Orabug: 32726674] - block: return the correct bvec when checking for gaps (Long Li) [Orabug: 33000789] [5.4.17-2102.204.1] - LTS tag: v5.4.128 (Jack Vogel) - ARM: OMAP: replace setup_irq() by request_irq() (afzal mohammed) - KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read (Eric Auger) - tools headers UAPI: Sync linux/in.h copy with the kernel sources (Arnaldo Carvalho de Melo) - net: fec_ptp: add clock rate zero check (Fugang Duan) - net: stmmac: disable clocks in stmmac_remove_config_dt() (Joakim Zhang) - mm/slub.c: include swab.h (Andrew Morton) - mm/slub: fix redzoning for small allocations (Kees Cook) - mm/slub: clarify verification reporting (Kees Cook) - net: bridge: fix vlan tunnel dst refcnt when egressing (Nikolay Aleksandrov) - net: bridge: fix vlan tunnel dst null pointer dereference (Nikolay Aleksandrov) - net: ll_temac: Fix TX BD buffer overwrite (Esben Haabendal) - net: ll_temac: Make sure to free skb when it is completely used (Esben Haabendal) - drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue. (Yifan Zhang) - drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell. (Yifan Zhang) - cfg80211: avoid double free of PMSR request (Avraham Stern) - cfg80211: make certificate generation more robust (Johannes Berg) - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (Bumyong Lee) - x86/fpu: Reset state for all signal restore failures (Thomas Gleixner) - x86/pkru: Write hardware init value to PKRU when xstate is init (Thomas Gleixner) - x86/process: Check PF_KTHREAD and not current->mm for kernel threads (Thomas Gleixner) - ARCv2: save ABI registers across signal handling (Vineet Gupta) - KVM: x86: Immediately reset the MMU context when the SMM flag is cleared (Sean Christopherson) - PCI: Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun) - PCI: Add ACS quirk for Broadcom BCM57414 NIC (Sriharsha Basavapatna) - PCI: aardvark: Fix kernel panic during PIO transfer (Pali Rohar) - PCI: aardvark: Dont rely on jiffies while holding spinlock (Remi Pommarel) - PCI: Mark some NVIDIA GPUs to avoid bus reset (Shanker Donthineni) - PCI: Mark TI C667X to avoid bus reset (Antti Jarvinen) - tracing: Do no increment trace_clock_global() by one (Steven Rostedt (VMware)) - tracing: Do not stop recording comms if the trace file is being read (Steven Rostedt (VMware)) - tracing: Do not stop recording cmdlines when tracing is off (Steven Rostedt (VMware)) - usb: core: hub: Disable autosuspend for Cypress CY7C65632 (Andrew Lunn) - can: mcba_usb: fix memory leak in mcba_usb (Pavel Skripkin) - can: j1939: fix Use-after-Free, hold skb ref while in use (Oleksij Rempel) - can: bcm/raw/isotp: use per module netdevice notifier (Tetsuo Handa) - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) - hwmon: (scpi-hwmon) shows the negative temperature properly (Riwen Lu) - radeon: use memcpy_to/fromio for UVD fw upload (Chen Li) - pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled (Sergio Paracuellos) - spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() (Patrice Chotard) - ASoC: rt5659: Fix the lost powers for the HDA header (Jack Yu) - regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting (Axel Lin) - net: ethernet: fix potential use-after-free in ec_bhf_remove (Pavel Skripkin) - icmp: dont send out ICMP messages with a source address of 0.0.0.0 (Toke Hoiland-Jorgensen) - bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path (Somnath Kotur) - bnxt_en: Rediscover PHY capabilities after firmware reset (Michael Chan) - cxgb4: fix wrong shift. (Pavel Machek) - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) - net: hamradio: fix memory leak in mkiss_close (Pavel Skripkin) - be2net: Fix an error handling path in be_probe() (Christophe JAILLET) - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock (Eric Dumazet) - net: ipv4: fix memory leak in ip_mc_add1_src (Chengyang Fan) - net: fec_ptp: fix issue caused by refactor the fec_devtype (Joakim Zhang) - net: usb: fix possible use-after-free in smsc75xx_bind (Dongliang Mu) - lantiq: net: fix duplicated skb in rx descriptor ring (Aleksander Jan Bajkowski) - net: cdc_ncm: switch to eth%d interface naming (Maciej zenczykowski) - ptp: improve max_adj check against unreasonable values (Jakub Kicinski) - net: qrtr: fix OOB Read in qrtr_endpoint_post (Pavel Skripkin) - netxen_nic: Fix an error handling path in netxen_nic_probe() (Christophe JAILLET) - qlcnic: Fix an error handling path in qlcnic_probe() (Christophe JAILLET) - net: make get_net_ns return error if NET_NS is disabled (Changbin Du) - net: stmmac: dwmac1000: Fix extended MAC address registers definition (Jisheng Zhang) - alx: Fix an error handling path in alx_probe() (Christophe JAILLET) - sch_cake: Fix out of bounds when parsing TCP options and header (Maxim Mikityanskiy) - netfilter: synproxy: Fix out of bounds when parsing TCP options (Maxim Mikityanskiy) - net/mlx5e: Block offload of outer header csum for UDP tunnels (Aya Levin) - net/mlx5e: allow TSO on VXLAN over VLAN topologies (Davide Caratti) - net/mlx5: Consider RoCE cap before init RDMA resources (Maor Gottlieb) - net/mlx5e: Fix page reclaim for dead peer hairpin (Dima Chumak) - net/mlx5e: Remove dependency in IPsec initialization flows (Huy Nguyen) - net/sched: act_ct: handle DNAT tuple collision (Marcelo Ricardo Leitner) - rtnetlink: Fix regression in bridge VLAN configuration (Ido Schimmel) - udp: fix race between close() and udp_abort() (Paolo Abeni) - net: lantiq: disable interrupt before sheduling NAPI (Aleksander Jan Bajkowski) - net: rds: fix memory leak in rds_recvmsg (Pavel Skripkin) - vrf: fix maximum MTU (Nicolas Dichtel) - net: ipv4: fix memory leak in netlbl_cipsov4_add_std (Nanyong Sun) - batman-adv: Avoid WARN_ON timing related checks (Sven Eckelmann) - kvm: LAPIC: Restore guard to prevent illegal APIC register access (Jim Mattson) - mm/memory-failure: make sure wait for page writeback in memory_failure (yangerkun) - afs: Fix an IS_ERR() vs NULL check (Dan Carpenter) - dmaengine: stedma40: add missing iounmap() on error in d40_probe() (Yang Yingliang) - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (Randy Dunlap) - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (Randy Dunlap) - LTS tag: v5.4.127 (Jack Vogel) - fib: Return the correct errno code (Zheng Yongjun) - net: Return the correct errno code (Zheng Yongjun) - net/x25: Return the correct errno code (Zheng Yongjun) - rtnetlink: Fix missing error code in rtnl_bridge_notify() (Jiapeng Chong) - drm/amd/display: Allow bandwidth validation for 0 streams. (Bindu Ramamurthy) - net: ipconfig: Dont override command-line hostnames or domains (Josh Triplett) - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() (Hannes Reinecke) - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails (Hannes Reinecke) - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() (Hannes Reinecke) - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (Ewan D. Milne) - scsi: qedf: Do not put host in qedf_vport_create() unconditionally (Daniel Wagner) - ethernet: myri10ge: Fix missing error code in myri10ge_probe() (Jiapeng Chong) - scsi: target: core: Fix warning on realtime kernels (Maurizio Lombardi) - gfs2: Fix use-after-free in gfs2_glock_shrink_scan (Hillf Danton) - riscv: Use -mno-relax when using lld linker (Khem Raj) - HID: gt683r: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - gfs2: Prevent direct-I/O write fallback errors from getting lost (Andreas Gruenbacher) - ARM: OMAP2+: Fix build warning when mmc_omap is not built (Yongqiang Liu) - drm/tegra: sor: Do not leak runtime PM reference (Pavel Machek (CIP)) - HID: usbhid: fix info leak in hid_submit_ctrl (Anirudh Rayabharam) - HID: Add BUS_VIRTUAL to hid_connect logging (Mark Bolhuis) - HID: multitouch: set Stylus suffix for Stylus-application devices, too (Ahelenia Ziemianska) - HID: hid-sensor-hub: Return error for hid_set_field() failure (Srinivas Pandruvada) - HID: hid-input: add mapping for emoji picker key (Dmitry Torokhov) - HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (Nirenjan Krishnan) - net: ieee802154: fix null deref in parse dev addr (Dan Robertson) - LTS tag: v5.4.126 (Jack Vogel) - proc: only require mm_struct for writing (Linus Torvalds) - tracing: Correct the length check which causes memory corruption (Liangyan) - ftrace: Do not blindly read the ip address in ftrace_bug() (Steven Rostedt (VMware)) - scsi: core: Only put parent device if host state differs from SHOST_CREATED (Ming Lei) - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (Ming Lei) - scsi: core: Fix failure handling of scsi_add_host_with_dma() (Ming Lei) - scsi: core: Fix error handling of scsi_host_alloc() (Ming Lei) - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. (Dai Ngo) - NFSv4: Fix second deadlock in nfs4_evict_inode() (Trond Myklebust) - NFS: Fix use-after-free in nfs4_init_client() (Anna Schumaker) - kvm: fix previous commit for 32-bit builds (Paolo Bonzini) - perf session: Correct buffer copying when peeking events (Leo Yan) - NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() (Trond Myklebust) - NFS: Fix a potential NULL dereference in nfs_get_client() (Dan Carpenter) - IB/mlx5: Fix initializing CQ fragments buffer (Alaa Hleihel) - KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message (Sean Christopherson) - sched/fair: Make sure to update tg contrib for blocked load (Vincent Guittot) - perf: Fix data race between pin_count increment/decrement (Marco Elver) - vmlinux.lds.h: Avoid orphan section with !SMP (Nathan Chancellor) - RDMA/mlx4: Do not map the core_clock page to user space unless enabled (Shay Drory) - RDMA/ipoib: Fix warning caused by destroying non-initial netns (Kamal Heib) - usb: typec: mux: Fix copy-paste mistake in typec_mux_match (Bjorn Andersson) - regulator: max77620: Use device_set_of_node_from_dev() (Dmitry Osipenko) - regulator: core: resolve supply for boot-on/always-on regulators (Dmitry Baryshkov) - usb: fix various gadget panics on 10gbps cabling (Maciej zenczykowski) - usb: fix various gadgets null ptr deref on 10gbps cabling. (Maciej zenczykowski) - usb: gadget: eem: fix wrong eem header operation (Linyu Yuan) - USB: serial: cp210x: fix alternate function for CP2102N QFN20 (Stefan Agner) - USB: serial: quatech2: fix control-request directions (Johan Hovold) - USB: serial: omninet: add device id for Zyxel Omni 56K Plus (Alexandre GRIVEAUX) - USB: serial: ftdi_sio: add NovaTech OrionMX product ID (George McCollister) - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (Wesley Cheng) - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (Mayank Rana) - usb: typec: wcove: Use LE to CPU conversion when accessing msg->header (Andy Shevchenko) - usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (Thomas Petazzoni) - usb: dwc3: ep0: fix NULL pointer exception (Marian-Cristian Rotariu) - usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms (Kyle Tso) - usb: f_ncm: only first packet of aggregate needs to start timer (Maciej zenczykowski) - USB: f_ncm: ncm_bitrate (speed) is unsigned (Maciej zenczykowski) - cgroup1: dont allow in renaming (Alexander Kuznetsov) - btrfs: promote debugging asserts to full-fledged checks in validate_super (Nikolay Borisov) - btrfs: return value from btrfs_mark_extent_written() in case of error (Ritesh Harjani) - staging: rtl8723bs: Fix uninitialized variables (Wenli Looi) - kvm: avoid speculation-based attacks from out-of-range memslot accesses (Paolo Bonzini) - drm: Lock pointer access in drm_master_release() (Desmond Cheong Zhi Xi) - drm: Fix use-after-free read in drm_getunique() (Desmond Cheong Zhi Xi) - spi: bcm2835: Fix out-of-bounds access with more than 4 slaves (Lukas Wunner) - x86/boot: Add .text.* to setup.ld (Arvind Sankar) - i2c: mpc: implement erratum A-004447 workaround (Chris Packham) - i2c: mpc: Make use of i2c_recover_bus() (Chris Packham) - spi: Cleanup on failure of initial setup (Lukas Wunner) - spi: Dont have controller clean up spi device before driver unbind (Saravana Kannan) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers (Chris Packham) - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME (Sagi Grimberg) - bnx2x: Fix missing error code in bnx2x_iov_init_one() (Jiapeng Chong) - dm verity: fix require_signatures module_param permissions (John Keeping) - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER (Tiezhu Yang) - nvme-fabrics: decode host pathing error for connect (Hannes Reinecke) - net: dsa: microchip: enable phy errata workaround on 9567 (George McCollister) - net: appletalk: cops: Fix data race in cops_probe1 (Saubhik Mukherjee) - net: macb: ensure the device is available before accessing GEMGXL control registers (Zong Li) - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (Dmitry Bogdanov) - scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq (Yang Yingliang) - scsi: vmw_pvscsi: Set correct residual data length (Matt Wang) - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (Zheyu Ma) - wq: handle VM suspension in stall detection (Sergey Senozhatsky) - cgroup: disable controllers at parse time (Shakeel Butt) - net: mdiobus: get rid of a BUG_ON() (Dan Carpenter) - netlink: disable IRQs for netlink_lock_table() (Johannes Berg) - bonding: init notify_work earlier to avoid uninitialized use (Johannes Berg) - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) - spi: sprd: Add missing MODULE_DEVICE_TABLE (Chunyan Zhang) - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (Zou Wei) - vfio-ccw: Serialize FSM IDLE state with I/O completion (Eric Farman) - ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet (Hans de Goede) - ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet (Hans de Goede) - usb: cdns3: Fix runtime PM imbalance on error (Dinghao Liu) - net/nfc/rawsock.c: fix a permission check bug (Jeimon) - spi: Fix spi device unregister flow (Saravana Kannan) - ASoC: max98088: fix ni clock divider calculation (Marco Felsch) - proc: Track /proc//attr/ opener mm_struct (Kees Cook) - LTS tag: v5.4.125 (Jack Vogel) - neighbour: allow NUD_NOARP entries to be forced GCed (David Ahern) - i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops (Roja Rani Yarubandi) - xen-pciback: redo VF placement in the virtual topology (Jan Beulich) - lib/lz4: explicitly support in-place decompression (Gao Xiang) - x86/kvm: Disable all PV features on crash (Vitaly Kuznetsov) - x86/kvm: Disable kvmclock on all CPUs on shutdown (Vitaly Kuznetsov) - x86/kvm: Teardown PV features on boot CPU as well (Vitaly Kuznetsov) - KVM: arm64: Fix debug register indexing (Marc Zyngier) - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode (Sean Christopherson) - btrfs: fix unmountable seed device after fstrim (Anand Jain) - mm/filemap: fix storing to a THP shadow entry (Matthew Wilcox (Oracle)) - XArray: add xas_split (Matthew Wilcox (Oracle)) - XArray: add xa_get_order (Matthew Wilcox (Oracle)) - mm: add thp_order (Matthew Wilcox (Oracle)) - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY (Mina Almasry) - btrfs: fixup error handling in fixup_inode_link_counts (Josef Bacik) - btrfs: return errors from btrfs_del_csums in cleanup_ref_head (Josef Bacik) - btrfs: fix error handling in btrfs_del_csums (Josef Bacik) - btrfs: mark ordered extent and inode with error if we fail to finish (Josef Bacik) - drm/amdgpu: make sure we unpin the UVD BO (Nirmoy Das) - drm/amdgpu: Dont query CE and UE errors (Luben Tuikov) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) - ocfs2: fix data corruption by fallocate (Junxiao Bi) - pid: take a reference when initializing (Mark Rutland) - usb: dwc2: Fix build in periphal-only mode (Phil Elwell) - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (Ye Bin) - ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (Marek Vasut) - ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch (Michal Vokax) - ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx (Carlos M) - ALSA: timer: Fix master timer notification (Takashi Iwai) - HID: multitouch: require Finger field to mark Win8 reports as MT (Ahelenia Ziemianska) - HID: magicmouse: fix NULL-deref on disconnect (Johan Hovold) - HID: i2c-hid: Skip ELAN power-on command after reset (Johnny Chuang) - net: caif: fix memory leak in cfusbl_device_notify (Pavel Skripkin) - net: caif: fix memory leak in caif_device_notify (Pavel Skripkin) - net: caif: add proper error handling (Pavel Skripkin) - net: caif: added cfserl_release function (Pavel Skripkin) - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) - Bluetooth: fix the erroneous flush_work() order (Lin Ma) {CVE-2021-3564} - tipc: fix unique bearer names sanity check (Hoang Le) - tipc: add extack messages for bearer/media failure (Hoang Le) - bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act (Tony Lindgren) - ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (Geert Uytterhoeven) - ARM: dts: imx7d-pico: Fix the tuning-step property (Fabio Estevam) - ARM: dts: imx7d-meerkat96: Fix the tuning-step property (Fabio Estevam) - arm64: dts: zii-ultra: fix 12V_MAIN voltage (Lucas Stach) - arm64: dts: ls1028a: fix memory node (Michael Walle) - i40e: add correct exception tracing for XDP (Magnus Karlsson) - i40e: optimize for XDP_REDIRECT in xsk path (Magnus Karlsson) - i2c: qcom-geni: Add shutdown callback for i2c (Roja Rani Yarubandi) - ice: Allow all LLDP packets from PF to Tx (Dave Ertman) - ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared (Brett Creeley) - ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (Coco Li) - ixgbevf: add correct exception tracing for XDP (Magnus Karlsson) - ieee802154: fix error return code in ieee802154_llsec_getparams() (Wei Yongjun) - ieee802154: fix error return code in ieee802154_add_iface() (Zhen Lei) - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches (Pablo Neira Ayuso) - netfilter: nft_ct: skip expectations for confirmed conntrack (Pablo Neira Ayuso) - ACPICA: Clean up context mutex during object deletion (Erik Kaneda) - net/sched: act_ct: Fix ct template allocation for zone 0 (Ariel Levkovich) - HID: i2c-hid: fix format string mismatch (Arnd Bergmann) - HID: pidff: fix error return code in hid_pidff_init() (Zhen Lei) - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service (Julian Anastasov) - vfio/platform: fix module_put call in error flow (Max Gurtovoy) - samples: vfio-mdev: fix error handing in mdpy_fb_probe() (Wei Yongjun) - vfio/pci: zap_vma_ptes() needs MMU (Randy Dunlap) - vfio/pci: Fix error return code in vfio_ecap_init() (Zhen Lei) - efi: cper: fix snprintf() use in cper_dimm_err_location() (Rasmus Villemoes) - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (Heiner Kallweit) - netfilter: conntrack: unregister ipv4 sockopts on error unwind (Florian Westphal) - hwmon: (dell-smm-hwmon) Fix index values (Armin Wolf) - nl80211: validate key indexes for cfg80211_registered_device (Anant Thazhemadam) - ALSA: usb: update old-style static const declaration (Pierre-Louis Bossart) - net: usb: cdc_ncm: dont spew notifications (Grant Grundler) - btrfs: tree-checker: do not error out if extent ref hash doesnt match (Josef Bacik) - LTS tag: v5.4.124 (Jack Vogel) - usb: core: reduce power-on-good delay time of root hub (Chunfeng Yun) - neighbour: Prevent Race condition in neighbour subsytem (Chinmay Agarwal) - net: hso: bail out on interrupt URB allocation failure (Johan Hovold) - Revert Revert ALSA: usx2y: Fix potential NULL pointer dereference (Greg Kroah-Hartman) - net: hns3: check the return of skb_checksum_help() (Yunsheng Lin) - drivers/net/ethernet: clean up unused assignments (Jesse Brandeburg) - i915: fix build warning in intel_dp_get_link_status() (Greg Kroah-Hartman) - drm/i915/display: fix compiler warning about array overrun (Linus Torvalds) - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c (Randy Dunlap) - MIPS: alchemy: xxs1500: add gpio-au1000.h header file (Randy Dunlap) - sch_dsmark: fix a NULL deref in qdisc_reset() (Taehee Yoo) - net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88 (Stefan Roese) - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static (kernel test robot) - ipv6: record frag_max_size in atomic fragments in input path (Francesco Ruggeri) - net: lantiq: fix memory corruption in RX ring (Aleksander Jan Bajkowski) - scsi: libsas: Use _safe() loop in sas_resume_port() (Dan Carpenter) - ixgbe: fix large MTU request from VF (Jesse Brandeburg) - bpf: Set mac_len in bpf_skb_change_head (Jussi Maki) - ASoC: cs35l33: fix an error code in probe() (Dan Carpenter) - staging: emxx_udc: fix loop in _nbu2ss_nuke() (Dan Carpenter) - cxgb4: avoid accessing registers when clearing filters (Raju Rangoju) - gve: Correct SKB queue index validation. (David Awogbemila) - gve: Upgrade memory barrier in poll routine (Catherine Sullivan) - gve: Add NULL pointer checks when freeing irqs. (David Awogbemila) - gve: Update mgmt_msix_idx if num_ntfy changes (David Awogbemila) - gve: Check TX QPL was actually assigned (Catherine Sullivan) - mld: fix panic in mld_newpack() (Taehee Yoo) - bnxt_en: Include new P5 HV definition in VF check. (Andy Gospodarek) - net: bnx2: Fix error return code in bnx2_init_board() (Zhen Lei) - net: hso: check for allocation failure in hso_create_bulk_serial_device() (Dan Carpenter) - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT (Jim Ma) - openvswitch: meter: fix race when getting now_ms. (Tao Liu) - net: mdio: octeon: Fix some double free issues (Christophe JAILLET) - net: mdio: thunder: Fix a double free issue in the .remove function (Christophe JAILLET) - net: fec: fix the potential memory leak in fec_enet_init() (Fugang Duan) - net: really orphan skbs tied to closing sk (Paolo Abeni) - vfio-ccw: Check initialized flag in cp_init() (Eric Farman) - ASoC: cs42l42: Regmap must use_single_read/write (Richard Fitzgerald) - net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count (Vladimir Oltean) - net: netcp: Fix an error message (Christophe JAILLET) - drm/amd/amdgpu: fix a potential deadlock in gpu reset (Lang Yu) - drm/amdgpu: Fix a use-after-free (xinhui pan) - drm/amd/amdgpu: fix refcount leak (Jingwen Chen) - drm/amd/display: Disconnect non-DP with no EDID (Chris Park) - SMB3: incorrect file id in requests compounded with open (Steve French) - platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet (Teava Radu) - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (Andy Shevchenko) - platform/x86: hp-wireless: add AMDs hardware id to the supported list (Shyam Sundar S K) - btrfs: do not BUG_ON in link_to_fixup_dir (Josef Bacik) - openrisc: Define memory barrier mb (Peter Zijlstra) - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (Matt Wang) - btrfs: return whole extents in fiemap (Boris Burkov) - brcmfmac: properly check for bus register errors (Greg Kroah-Hartman) - Revert brcmfmac: add a check for the status of usb_register (Greg Kroah-Hartman) - net: liquidio: Add missing null pointer checks (Tom Seewald) - Revert net: liquidio: fix a NULL pointer dereference (Greg Kroah-Hartman) - media: gspca: properly check for errors in po1030_probe() (Greg Kroah-Hartman) - Revert media: gspca: Check the return value of write_bridge for timeout (Greg Kroah-Hartman) - media: gspca: mt9m111: Check write_bridge for timeout (Alaa Emad) - Revert media: gspca: mt9m111: Check write_bridge for timeout (Greg Kroah-Hartman) - media: dvb: Add check on sp8870_readreg return (Alaa Emad) - Revert media: dvb: Add check on sp8870_readreg (Greg Kroah-Hartman) - ASoC: cs43130: handle errors in cs43130_probe() properly (Greg Kroah-Hartman) - Revert ASoC: cs43130: fix a NULL pointer dereference (Greg Kroah-Hartman) - libertas: register sysfs groups properly (Greg Kroah-Hartman) - Revert libertas: add checks for the return value of sysfs_create_group (Greg Kroah-Hartman) - dmaengine: qcom_hidma: comment platform_driver_register call (Phillip Potter) - Revert dmaengine: qcom_hidma: Check for driver register failure (Greg Kroah-Hartman) - isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info (Phillip Potter) - Revert isdn: mISDN: Fix potential NULL pointer dereference of kzalloc (Greg Kroah-Hartman) - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() (Anirudh Rayabharam) - Revert ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() (Greg Kroah-Hartman) - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (Phillip Potter) - Revert isdn: mISDNinfineon: fix potential NULL pointer dereference (Greg Kroah-Hartman) - Revert ALSA: usx2y: Fix potential NULL pointer dereference (Greg Kroah-Hartman) - Revert ALSA: gus: add a check of the status of snd_ctl_add (Greg Kroah-Hartman) - char: hpet: add checks after calling ioremap (Tom Seewald) - Revert char: hpet: fix a missing check of ioremap (Greg Kroah-Hartman) - net: caif: remove BUG_ON(dev == NULL) in caif_xmit (Du Cheng) - Revert net/smc: fix a NULL pointer dereference (Greg Kroah-Hartman) - net: fujitsu: fix potential null-ptr-deref (Anirudh Rayabharam) - Revert net: fujitsu: fix a potential NULL pointer dereference (Greg Kroah-Hartman) - serial: max310x: unregister uart driver in case of failure and abort (Atul Gopinathan) - Revert serial: max310x: pass return value of spi_register_driver (Greg Kroah-Hartman) - Revert ALSA: sb: fix a missing check of snd_ctl_add (Greg Kroah-Hartman) - Revert media: usb: gspca: add a missed check for goto_low_power (Greg Kroah-Hartman) - gpio: cadence: Add missing MODULE_DEVICE_TABLE (Zou Wei) - platform/x86: hp_accel: Avoid invoking _INI to speed up resume (Kai-Heng Feng) - perf jevents: Fix getting maximum number of fds (Felix Fietkau) - i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E (Geert Uytterhoeven) - i2c: i801: Dont generate an interrupt on bus reset (Jean Delvare) - i2c: s3c2410: fix possible NULL pointer deref on read message after write (Krzysztof Kozlowski) - net: dsa: sja1105: error out on unsupported PHY mode (Vladimir Oltean) - net: dsa: fix a crash if ->get_sset_count() fails (Dan Carpenter) - net: dsa: mt7530: fix VLAN traffic leaks (DENG Qingfang) - spi: spi-fsl-dspi: Fix a resource leak in an error handling path (Christophe JAILLET) - tipc: skb_linearize the head skb when reassembling msgs (Xin Long) - tipc: wait and exit until all work queues are done (Xin Long) - Revert net:tipc: Fix a double free in tipc_sk_mcast_rcv (Hoang Le) - net/mlx5e: Fix nullptr in add_vlan_push_action() (Dima Chumak) - net/mlx5e: Fix multipath lag activation (Dima Chumak) - drm/meson: fix shutdown crash when component not probed (Neil Armstrong) - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (Zhang Xiaoxu) - NFS: Dont corrupt the value of pg_bytes_written in nfs_do_recoalesce() (Trond Myklebust) - NFS: Fix an Oopsable condition in __nfs_pageio_add_request() (Trond Myklebust) - NFS: fix an incorrect limit in filelayout_decode_layout() (Dan Carpenter) - fs/nfs: Use fatal_signal_pending instead of signal_pending (zhouchuangao) - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) - spi: spi-geni-qcom: Fix use-after-free on unbind (Lukas Wunner) - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() (Yoshihiro Shimoda) - usb: dwc3: gadget: Properly track pending and queued SG (Thinh Nguyen) - thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID (Srinivas Pandruvada) - USB: serial: pl2303: add device id for ADLINK ND-6530 GC (Zolton Jheng) - USB: serial: ftdi_sio: add IDs for IDS GmbH Products (Dominik Andreas Schorpp) - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (Daniele Palmas) - USB: serial: ti_usb_3410_5052: add startech.com device id (Sean MacLennan) - serial: rp2: use request_firmware instead of request_firmware_nowait (Zheyu Ma) - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (Geert Uytterhoeven) - serial: tegra: Fix a mask operation that is always true (Colin Ian King) - USB: usbfs: Dont WARN about excessively large memory allocations (Alan Stern) - USB: trancevibrator: fix control-request direction (Johan Hovold) - serial: 8250_pci: handle FL_NOIRQ board flag (Christian Gmeiner) - serial: 8250_pci: Add support for new HPE serial device (Randy Wright) - iio: adc: ad7793: Add missing error code in ad7793_setup() (YueHaibing) - iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers (Jonathan Cameron) - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error. (Jonathan Cameron) - iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: gyro: fxas21002c: balance runtime power in error path (Rui Miguel Silva) - staging: iio: cdc: ad7746: avoid overwrite of num_channels (Lucas Stankus) - mei: request autosuspend after sending rx flow control (Alexander Usyskin) - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (Mathias Nyman) - misc/uss720: fix memory leak in uss720_probe (Dongliang Mu) - serial: core: fix suspicious security_locked_down() call (Ondrej Mosnacek) - Documentation: seccomp: Fix user notification documentation (Sargun Dhillon) - kgdb: fix gcc-11 warnings harder (Greg Kroah-Hartman) - selftests/gpio: Fix build when source tree is read only (Michael Ellerman) - selftests/gpio: Move include of lib.mk up (Michael Ellerman) - selftests/gpio: Use TEST_GEN_PROGS_EXTENDED (Michael Ellerman) - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate (James Zhu) - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate (James Zhu) - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate (James Zhu) - dm snapshot: properly fix a crash when an origin has no snapshots (Mikulas Patocka) - ath10k: Validate first subframe of A-MSDU before processing the list (Sriram R) - ath10k: Fix TKIP Michael MIC verification for PCIe (Wen Gong) {CVE-2020-26141} - ath10k: drop MPDU which has discard flag set by firmware for SDIO (Wen Gong) {CVE-2020-24588} - ath10k: drop fragments with multicast DA for SDIO (Wen Gong) {CVE-2020-26145} - ath10k: drop fragments with multicast DA for PCIe (Wen Gong) {CVE-2020-26145} - ath10k: add CCMP PN replay protection for fragmented frames for PCIe (Wen Gong) - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) - mac80211: check defrag PN against current frame (Johannes Berg) - mac80211: add fragment cache to sta_info (Johannes Berg) - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) {CVE-2020-26147} - net: hso: fix control-request directions (Johan Hovold) - proc: Check /proc//attr/ writes against file opener (Kees Cook) - perf scripts python: exported-sql-viewer.py: Fix warning display (Adrian Hunter) - perf scripts python: exported-sql-viewer.py: Fix Array TypeError (Adrian Hunter) - perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report (Adrian Hunter) - perf intel-pt: Fix transaction abort handling (Adrian Hunter) - perf intel-pt: Fix sample instruction bytes (Adrian Hunter) - iommu/vt-d: Fix sysfs leak in alloc_iommu() (Rolf Eike Beer) - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (Anna Schumaker) - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 (Aurelien Aptel) - ALSA: usb-audio: scarlett2: Improve driver startup messages (Geoffrey D. Bennett) - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci (Geoffrey D. Bennett) - ALSA: hda/realtek: Headphone volume is controlled by Front mixer (Hui Wang) - LTS tag: v5.4.123 (Jack Vogel) - NFC: nci: fix memory leak in nci_allocate_device (Dongliang Mu) - perf unwind: Set userdata for all __report_module() paths (Dave Rigby) - perf unwind: Fix separate debug info files when using elfutils libdws unwinder (Jan Kratochvil) - usb: dwc3: gadget: Enable suspend events (Jack Pham) - bpf: No need to simulate speculative domain for immediates (Daniel Borkmann) - bpf: Fix mask direction swap upon off reg sign change (Daniel Borkmann) - bpf: Wrap aux data inside bpf_sanitize_info container (Daniel Borkmann) - LTS tag: v5.4.122 (Jack Vogel) - Bluetooth: SMP: Fail if remote and local public keys are identical (Luiz Augusto von Dentz) - video: hgafb: correctly handle card detect failure during probe (Anirudh Rayabharam) - nvmet: use new ana_log_size instead the old one (Hou Pu) - Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS (Luiz Augusto von Dentz) - ext4: fix error handling in ext4_end_enable_verity() (Eric Biggers) - nvme-multipath: fix double initialization of ANA state (Christoph Hellwig) - tty: vt: always invoke vc->vc_sw->con_resize callback (Tetsuo Handa) - vt: Fix character height handling with VT_RESIZEX (Maciej W. Rozycki) - vgacon: Record video mode changes with VT_RESIZEX (Maciej W. Rozycki) - video: hgafb: fix potential NULL pointer dereference (Igor Matheus Andrade Torrente) - qlcnic: Add null check after calling netdev_alloc_skb (Tom Seewald) - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (Phillip Potter) - ics932s401: fix broken handling of errors when word reading fails (Darrick J. Wong) - net: rtlwifi: properly check for alloc_workqueue() failure (Greg Kroah-Hartman) - scsi: ufs: handle cleanup correctly on devm_reset_control_get error (Phillip Potter) - net: stmicro: handle clk_prepare() failure during init (Anirudh Rayabharam) - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (Du Cheng) - Revert niu: fix missing checks of niu_pci_eeprom_read (Greg Kroah-Hartman) - Revert qlcnic: Avoid potential NULL pointer dereference (Greg Kroah-Hartman) - Revert rtlwifi: fix a potential NULL pointer dereference (Greg Kroah-Hartman) - Revert media: rcar_drif: fix a memory disclosure (Greg Kroah-Hartman) - cdrom: gdrom: initialize global variable at init time (Greg Kroah-Hartman) - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom (Atul Gopinathan) - Revert gdrom: fix a memory leak bug (Greg Kroah-Hartman) - Revert scsi: ufs: fix a missing check of devm_reset_control_get (Greg Kroah-Hartman) - Revert ecryptfs: replace BUG_ON with error handling code (Greg Kroah-Hartman) - Revert video: imsttfb: fix potential NULL pointer dereferences (Greg Kroah-Hartman) - Revert hwmon: (lm80) fix a missing check of bus read in lm80 probe (Greg Kroah-Hartman) - Revert leds: lp5523: fix a missing check of return value of lp55xx_read (Greg Kroah-Hartman) - Revert net: stmicro: fix a missing check of clk_prepare (Greg Kroah-Hartman) - Revert video: hgafb: fix potential NULL pointer dereference (Greg Kroah-Hartman) - dm snapshot: fix crash with transient storage and zero chunk size (Mikulas Patocka) - xen-pciback: reconfigure also from backend watch handler (Jan Beulich) - mmc: sdhci-pci-gli: increase 1.8V regulator wait (Daniel Beer) - drm/amdgpu: update sdma golden setting for Navi12 (Guchun Chen) - drm/amdgpu: update gc golden setting for Navi12 (Guchun Chen) - drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang (Changfeng) - Revert serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference (Greg Kroah-Hartman) - rapidio: handle create_workqueue() failure (Anirudh Rayabharam) - Revert rapidio: fix a NULL pointer dereference when create_workqueue() fails (Greg Kroah-Hartman) - uio_hv_generic: Fix a memory leak in error handling paths (Christophe JAILLET) - ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx (Elia Devito) - ALSA: hda/realtek: Add fixup for HP OMEN laptop (Takashi Iwai) - ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA (Takashi Iwai) - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 (PeiSen Hou) - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (Hui Wang) - ALSA: firewire-lib: fix check for the size of isochronous packet payload (Takashi Sakamoto) - Revert ALSA: sb8: add a check for request_region (Greg Kroah-Hartman) - ALSA: hda: fixup headset for ASUS GU502 laptop (Daniel Cordova A) - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - ALSA: usb-audio: Validate MS endpoint descriptors (Takashi Iwai) - ALSA: firewire-lib: fix calculation for size of IR context payload (Takashi Sakamoto) - ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26 (Takashi Sakamoto) - ALSA: line6: Fix racy initialization of LINE6 MIDI (Takashi Iwai) - ALSA: intel8x0: Dont update period unless prepared (Takashi Iwai) - ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency (Takashi Sakamoto) - cifs: fix memory leak in smb2_copychunk_range (Ronnie Sahlberg) - btrfs: avoid RCU stalls while running delayed iputs (Josef Bacik) - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal (Zqiang) - nvmet: seset ns->file when open fails (Daniel Wagner) - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (Oleg Nesterov) - RDMA/uverbs: Fix a NULL vs IS_ERR() bug (Dan Carpenter) - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Hans de Goede) - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (Liming Sun) - RDMA/core: Dont access cm_id after its destruction (Shay Drory) - RDMA/mlx5: Recover from fatal event in dual port mode (Maor Gottlieb) - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (Zhen Lei) - scsi: ufs: core: Increase the usable queue depth (Bart Van Assche) - RDMA/rxe: Clear all QP fields if creation failed (Leon Romanovsky) - RDMA/siw: Release xarray entry (Leon Romanovsky) - RDMA/siw: Properly check send and receive CQ pointers (Leon Romanovsky) - openrisc: Fix a memory leak (Christophe JAILLET) - firmware: arm_scpi: Prevent the ternary sign expansion bug (Dan Carpenter) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-33909 CVE-2020-14304 CVE-2020-24586 CVE-2020-26141 CVE-2021-23134 CVE-2020-24587 CVE-2020-24588 CVE-2020-26145 CVE-2020-26147 CVE-2021-3564 Oracle Linux 7 [4.14.35-2047.506.8] - A/A Bonding: dev_hold/put() the delayed GARP work handler's netdev in rdmaip (Sharath Srinivasan) [Orabug: 33187189] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33187192] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33187195] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33187199] - rds: ib: Increase entropy of RDMA IOVAs (Hakon Bugge) [Orabug: 33187200] [4.14.35-2047.506.7] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33167357] - Revert 'x86/reboot: Force all cpus to exit VMX root if VMX is supported' (Somasundaram Krishnasamy) [Orabug: 33167350] [4.14.35-2047.506.6] - rds: Check for illegal flags when creating an MR (Hakon Bugge) [Orabug: 33144339] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135633] {CVE-2021-33909} [4.14.35-2047.506.5] - xen/blkback: Force flush and secure discard support flags (Boris Ostrovsky) [Orabug: 33131619] [4.14.35-2047.506.4] - rds/ib: avoid use of trace_printk() (Alan Maguire) [Orabug: 33120588] - RDMA/cma: Remove unnecessary INIT->INIT transition (Hakon Bugge) [Orabug: 33114515] - ext4: use ext4_grp_locked_error in mb_find_extent (Stephen Brennan) [Orabug: 33027709] [4.14.35-2047.506.3] - capmem: Mark the pages as non-readonly+dirty. (David Clear) [Orabug: 33116008] - PCI/ERR: Retain status from error notification (Keith Busch) [Orabug: 32747989] - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. (Dai Ngo) [Orabug: 33106366] - net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk) [Orabug: 31895299] {CVE-2020-14304} [4.14.35-2047.506.2] - KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (Joao Martins) [Orabug: 33089240] - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge (Naoya Horiguchi) [Orabug: 33042327] - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails (Naoya Horiguchi) [Orabug: 33042327] - mm: soft-offline: close the race against page allocation (Naoya Horiguchi) [Orabug: 33042327] - mm: fix race on soft-offlining free huge pages (Naoya Horiguchi) [Orabug: 33042327] - Revert 'xen/fb: allow xenfb initialization for hvm guests' (Joe Jin) [Orabug: 33075317] - scsi: qla2xxx: Fix use after free in bsg (Quinn Tran) [Orabug: 32912131] - block: fix a race between del_gendisk and BLKRRPART (Gulam Mohamed) [Orabug: 32285697] - block: prevent block device lookups at the beginning of del_gendisk (Christoph Hellwig) [Orabug: 32285697] - block: take bd_mutex around delete_partitions in del_gendisk (Christoph Hellwig) [Orabug: 32285697] - Linux 4.14.231 (Greg Kroah-Hartman) - xen/events: fix setting irq affinity (Juergen Gross) - perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches (Arnaldo Carvalho de Melo) - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) - net: phy: broadcom: Only advertise EEE for supported modes (Florian Fainelli) - block: only update parent bi_status when bio fail (Yufen Yu) - gfs2: report 'already frozen/thawed' errors (Bob Peterson) - drm/imx: imx-ldb: fix out of bounds array access warning (Arnd Bergmann) - KVM: arm64: Disable guest access to trace filter controls (Suzuki K Poulose) - KVM: arm64: Hide system instruction access to Trace registers (Suzuki K Poulose) - Revert 'cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.' (Greg Kroah-Hartman) - net: ieee802154: stop dump llsec params for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec seclevel (Alexander Aring) - net: ieee802154: forbid monitor for set llsec params (Alexander Aring) - net: ieee802154: fix nl802154 del llsec devkey (Alexander Aring) - net: ieee802154: fix nl802154 add llsec key (Alexander Aring) - net: ieee802154: fix nl802154 del llsec dev (Alexander Aring) - net: ieee802154: fix nl802154 del llsec key (Alexander Aring) - net: ieee802154: nl-mac: fix check on panid (Alexander Aring) - net: mac802154: Fix general protection fault (Pavel Skripkin) - drivers: net: fix memory leak in peak_usb_create_dev (Pavel Skripkin) - drivers: net: fix memory leak in atusb_probe (Pavel Skripkin) - net: tun: set tun->dev->addr_len during TUNSETLINK processing (Phillip Potter) - cfg80211: remove WARN_ON() in cfg80211_sme_connect (Du Cheng) - usbip: fix vudc usbip_sockfd_store races leading to gpf (Shuah Khan) - net/ncsi: Avoid GFP_KERNEL in response handler (Samuel Mendoza-Jonas) - net/ncsi: Refactor MAC, VLAN filters (Samuel Mendoza-Jonas) - net/ncsi: Add generic netlink family (Samuel Mendoza-Jonas) - net/ncsi: Don't return error on normal response (Samuel Mendoza-Jonas) - net/ncsi: Improve general state logging (Samuel Mendoza-Jonas) - net/ncsi: Make local function ncsi_get_filter() static (Wei Yongjun) - clk: socfpga: fix iomem pointer cast on 64-bit (Krzysztof Kozlowski) - RDMA/cxgb4: check for ipv6 address properly while destroying listener (Potnuri Bharat Teja) - net/mlx5: Fix placement of log_max_flow_counter (Raed Salem) - s390/cpcmd: fix inline assembly register clobbering (Alexander Gordeev) - workqueue: Move the position of debug_work_activate() in __queue_work() (Zqiang) - clk: fix invalid usage of list cursor in unregister (Lukasz Bartosik) - clk: fix invalid usage of list cursor in register (Lukasz Bartosik) - soc/fsl: qbman: fix conflicting alignment attributes (Arnd Bergmann) - ASoC: sunxi: sun4i-codec: fill ASoC card owner (Bastian Germann) - net/ncsi: Avoid channel_monitor hrtimer deadlock (Milton Miller) - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (Stefan Riedmueller) - net:tipc: Fix a double free in tipc_sk_mcast_rcv (Lv Yunlong) - gianfar: Handle error code at MAC address change (Claudiu Manoil) - sch_red: fix off-by-one checks in red_check_params() (Eric Dumazet) - amd-xgbe: Update DMA coherency values (Shyam Sundar S K) - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (Shengjiu Wang) - regulator: bd9571mwv: Fix AVS and DVFS voltage range (Geert Uytterhoeven) - i2c: turn recovery error on init to debug (Wolfram Sang) - usbip: synchronize event handler with sysfs code paths (Shuah Khan) - usbip: stub-dev synchronize sysfs code paths (Shuah Khan) - usbip: add sysfs_lock to synchronize sysfs code paths (Shuah Khan) - net: sched: sch_teql: fix null-pointer dereference (Pavel Tikhomirov) - net: ensure mac header is set in virtio_net_hdr_to_skb() (Eric Dumazet) - batman-adv: initialize 'struct batadv_tvlv_tt_vlan_data'->reserved field (Tetsuo Handa) - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (Marek Behun) - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers (Gao Xiang) - parisc: parisc-agp requires SBA IOMMU driver (Helge Deller) - fs: direct-io: fix missing sdio->boundary (Jack Qiu) - ia64: fix user_stack_pointer() for ptrace() (Sergei Trofimovich) - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh (Muhammad Usama Anjum) - xen/evtchn: Change irq_info lock to raw_spinlock_t (Luca Fancellu) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() (Xiaoming Ni) - nfc: fix memory leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25672} - nfc: fix refcount leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25671} - nfc: fix refcount leak in llcp_sock_bind() (Xiaoming Ni) {CVE-2020-25670} - ASoC: intel: atom: Stop advertising non working S24LE support (Hans de Goede) - ALSA: aloop: Fix initialization of controls (Jonas Holmberg) - Linux 4.14.230 (Greg Kroah-Hartman) - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate (Angelo Dureghello) - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM (Masahiro Yamada) - init/Kconfig: make COMPILE_TEST depend on !S390 (Heiko Carstens) - cifs: Silently ignore unknown oplock break handle (Vincent Whitchurch) - cifs: revalidate mapping when we open files for SMB1 POSIX (Ronnie Sahlberg) - ia64: mca: allocate early mca with GFP_ATOMIC (Sergei Trofimovich) - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() (Martin Wilck) - x86/build: Turn off -fcf-protection for realmode targets (Arnd Bergmann) - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (Esteve Varela Colominas) - drm/msm: Ratelimit invalid-fence message (Rob Clark) - mac80211: choose first enabled channel for monitor (Karthikeyan Kathirvel) - mISDN: fix crash in fritzpci (Tong Zhang) - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove (Pavel Andrianov) - ARM: dts: am33xx: add aliases for mmc interfaces (Mans Rullgard) - Linux 4.14.229 (Greg Kroah-Hartman) - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (Du Cheng) - staging: rtl8192e: Change state information from u16 to u8 (Atul Gopinathan) - staging: rtl8192e: Fix incorrect source in memcpy() (Atul Gopinathan) - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (Tong Zhang) - USB: cdc-acm: fix use-after-free after probe failure (Johan Hovold) - USB: cdc-acm: downgrade message to debug (Oliver Neukum) - USB: cdc-acm: untangle a circular dependency between callback and softint (Oliver Neukum) - cdc-acm: fix BREAK rx code path adding necessary calls (Oliver Neukum) - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (Chunfeng Yun) - usb: musb: Fix suspend with devices connected for a64 (Tony Lindgren) - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (Shuah Khan) - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (Zheyu Ma) - extcon: Fix error handling in extcon_dev_register (Dinghao Liu) - extcon: Add stubs for extcon_register_notifier_all() functions (Krzysztof Kozlowski) - pinctrl: rockchip: fix restore error in resume (Wang Panzhenzhuan) - reiserfs: update reiserfs_xattrs_initialized() condition (Tetsuo Handa) - drm/amdgpu: check alignment on CPU page for bo map (Xi Ruoyao) - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (Nirmoy Das) - mm: fix race by making init_zero_pfn() early_initcall (Ilya Lipnitskiy) - tracing: Fix stack trace event size (Steven Rostedt (VMware)) - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook (Hui Wang) - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO (Hui Wang) - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (Ikjoon Jang) - bpf: Remove MTU check in __bpf_skb_max_len (Jesper Dangaard Brouer) - net: wan/lmc: unregister device when no matching device is found (Tong Zhang) - appletalk: Fix skb allocation size in loopback case (Doug Brown) - net: ethernet: aquantia: Handle error cleanup of start on open (Nathan Rossi) - brcmfmac: clear EAP/association status bits on linkdown events (Luca Pesce) - ext4: do not iput inode under running transaction in ext4_rename() (zhangyi (F)) - ASoC: rt5659: Update MCLK rate in set_sysclk() (Sameer Pujar) - staging: comedi: cb_pcidas64: fix request_irq() warn (Tong Zhang) - staging: comedi: cb_pcidas: fix request_irq() warn (Tong Zhang) - scsi: qla2xxx: Fix broken #endif placement (Alexey Dobriyan) - scsi: st: Fix a use after free in st_open() (Lv Yunlong) - vhost: Fix vhost_vq_reset() (Laurent Vivier) - powerpc: Force inlining of cpu_has_feature() to avoid build failure (Christophe Leroy) - ASoC: cs42l42: Always wait at least 3ms after reset (Lucas Tanure) - ASoC: cs42l42: Fix mixer volume control (Lucas Tanure) - ASoC: es8316: Simplify adc_pga_gain_tlv table (Hans de Goede) - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe (Benjamin Rood) - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - rpc: fix NULL dereference on kmalloc failure (J. Bruce Fields) - ext4: fix bh ref count on error paths (Zhaolong Zhang) - ipv6: weaken the v4mapped source check (Jakub Kicinski) - selinux: vsock: Set SID for socket returned by accept() (David Brazdil) - Linux 4.14.228 (Greg Kroah-Hartman) - can: peak_usb: Revert 'can: peak_usb: add forgotten supported devices' (Marc Kleine-Budde) - ext4: add reclaim checks to xattr code (Jan Kara) - mac80211: fix double free in ibss_leave (Markus Theil) - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (Eric Dumazet) - net: sched: validate stab values (Eric Dumazet) - can: dev: Move device back to init netns on owning netns delete (Martin Willi) - locking/mutex: Fix non debug version of mutex_lock_io_nested() (Thomas Gleixner) - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() (Jia-Ju Bai) - scsi: qedi: Fix error return code of qedi_alloc_global_queues() (Jia-Ju Bai) - perf auxtrace: Fix auxtrace queue conflict (Adrian Hunter) - ACPI: scan: Use unique number for instance_no (Andy Shevchenko) - ACPI: scan: Rearrange memory allocation in acpi_device_add() (Rafael J. Wysocki) - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (Potnuri Bharat Teja) - net/mlx5e: Fix error path for ethtool set-priv-flag (Aya Levin) - arm64: kdump: update ppos when reading elfcorehdr (Pavel Tatashin) - drm/msm: fix shutdown hook in case GPU components failed to bind (Dmitry Baryshkov) - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (Corentin Labbe) - net: cdc-phonet: fix data-interface release on probe failure (Johan Hovold) - mac80211: fix rate mask reset (Johannes Berg) - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning (Torin Cooper-Bennun) - can: c_can: move runtime PM enable/disable to c_can_platform (Tong Zhang) - can: c_can_pci: c_can_pci_remove(): fix use-after-free (Tong Zhang) - can: peak_usb: add forgotten supported devices (Stephane Grosjean) - ftgmac100: Restart MAC HW once (Dylan Hung) - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (Lv Yunlong) - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (Dinghao Liu) - e1000e: add rtnl_lock() to e1000_reset_task (Vitaly Lifshits) - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (Florian Fainelli) - macvlan: macvlan_count_rx() needs to be aware of preemption (Eric Dumazet) - libbpf: Fix INSTALL flag order (Georgi Valkov) - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (Grygorii Strashko) - ARM: dts: at91-sama5d27_som1: fix phy address to 7 (Claudiu Beznea) - arm64: dts: ls1043a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1012a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1046a: mark crypto engine dma coherent (Horia Geanta) - squashfs: fix xattr id and id lookup sanity checks (Phillip Lougher) - squashfs: fix inode lookup sanity checks (Sean Nyekjaer) - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign (Sergei Trofimovich) - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls (Sergei Trofimovich) - nfs: we don't support removing system.nfs4_acl (J. Bruce Fields) - drm/radeon: fix AGP dependency (Christian Konig) - u64_stats,lockdep: Fix u64_stats_init() vs lockdep (Peter Zijlstra) - sparc64: Fix opcode filtering in handling of no fault loads (Rob Gardner) - atm: idt77252: fix null-ptr-dereference (Tong Zhang) - atm: uPD98402: fix incorrect allocation (Tong Zhang) - net: wan: fix error return code of uhdlc_init() (Jia-Ju Bai) - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() (Jia-Ju Bai) - NFS: Correct size calculation for create reply length (Frank Sorenson) - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default (Timo Rothenpieler) - gpiolib: acpi: Add missing IRQF_ONESHOT (Yang Li) - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count (Denis Efremov) - net: tehuti: fix error return code in bdx_probe() (Jia-Ju Bai) - ixgbe: Fix memleak in ixgbe_configure_clsu32 (Dinghao Liu) - Revert 'r8152: adjust the settings about MAC clock speed down for RTL8153' (Hayes Wang) - atm: lanai: dont run lanai_dev_close if not open (Tong Zhang) - atm: eni: dont release is never initialized (Tong Zhang) - powerpc/4xx: Fix build errors from mfdcr() (Michael Ellerman) - net: fec: ptp: avoid register access when ipg clock is disabled (Heiko Thiery) [4.14.35-2047.506.1] - drivers/uio: Fix incorrect calls to pm_runtime_enable/disable. (David Clear) [Orabug: 33070176] - dts/pensando: Add board config partitions. (David Clear) [Orabug: 33070176] - drivers: updates driver version string to 1.15.9.7 (Thomas Tai) [Orabug: 33065280] - drivers: updates for 1.15.9.7 (Shannon Nelson) [Orabug: 33065280] - arm64: Stop printing the virtual memory layout (Laura Abbott) [Orabug: 33059865] - uek-rpm: Fix Pensando's network application error (Thomas Tai) [Orabug: 33050671] - RDMA/cma: Fix rdma_resolve_route memory leak (Gerd Rausch) [Orabug: 33048382] - uek-rpm: enable selinux for Pensando (Thomas Tai) [Orabug: 33032940] - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted (Quinn Tran) [Orabug: 32989009] - xfs: fix lockup issue (Junxiao Bi) [Orabug: 32880215] - Build Pensando drivers for uek5 kernel (Vijay Kumar) [Orabug: 32569849] - net/ethernet/pensando: Fix Pensando driver build (Vijay Kumar) [Orabug: 32569849] - Added mdev, mnet_uio_pdrv and ionic_mnic driver src to UEK5 (Vijay Kumar) [Orabug: 32569849] - Linux 4.14.227 (Greg Kroah-Hartman) - genirq: Disable interrupts for force threaded handlers (Thomas Gleixner) - ext4: fix potential error in ext4_do_update_inode (Shijie Luo) - ext4: do not try to set xattr into ea_inode if value is empty (zhangyi (F)) - ext4: find old entry again if failed to rename whiteout (zhangyi (F)) - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (Oleg Nesterov) - x86: Move TS_COMPAT back to asm/thread_info.h (Oleg Nesterov) - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (Oleg Nesterov) - x86/ioapic: Ignore IRQ2 again (Thomas Gleixner) - PCI: rpadlpar: Fix potential drc_name corruption in store functions (Tyrel Datwyler) - iio: hid-sensor-temperature: Fix issues of timestamp channel (Ye Xiang) - iio: hid-sensor-prox: Fix scale not correct issue (Ye Xiang) - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel (Ye Xiang) - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler (Dinghao Liu) - iio: adis16400: Fix an error code in adis16400_initial_setup() (Dan Carpenter) - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel (Jonathan Albrieux) - iio:adc:stm32-adc: Add HAS_IOMEM dependency (Jonathan Cameron) - usb: gadget: configfs: Fix KASAN use-after-free (Jim Lin) - USB: replace hardcode maximum usb string length by definition (Macpaul Lin) - usb-storage: Add quirk to defeat Kindle's automatic unload (Alan Stern) - nvme-rdma: fix possible hang when failing to set io queues (Sagi Grimberg) - scsi: lpfc: Fix some error codes in debugfs (Dan Carpenter) - net/qrtr: fix __netdev_alloc_skb call (Pavel Skripkin) - sunrpc: fix refcount leak for rpc auth modules (Daniel Kobras) - svcrdma: disable timeouts on rdma backchannel (Timo Rothenpieler) - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. (Joe Korty) - nvmet: don't check iosqes,iocqes for discovery controllers (Sagi Grimberg) - tools build feature: Check if pthread_barrier_t is available (Arnaldo Carvalho de Melo) - perf: Make perf able to build with latest libbfd (Changbin Du) - tools build: Check if gettid() is available before providing helper (Arnaldo Carvalho de Melo) - tools build feature: Check if eventfd() is available (Arnaldo Carvalho de Melo) - tools build feature: Check if get_current_dir_name() is available (Arnaldo Carvalho de Melo) - perf tools: Use - Revert 'PM: runtime: Update device status before letting suppliers suspend' (Rafael J. Wysocki) - net: dsa: b53: Support setting learning on port (Florian Fainelli) - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) - ext4: check journal inode extents more carefully (Jan Kara) - ext4: don't allow overlapping system zones (Jan Kara) - Linux 4.14.226 (Greg Kroah-Hartman) - xen/events: avoid handling the same event on two cpus at the same time (Juergen Gross) - xen/events: don't unmask an event channel when an eoi is pending (Juergen Gross) - xen/events: reset affinity of 2-level event when tearing it down (Juergen Gross) - iio: imu: adis16400: release allocated memory on failure (Navid Emamdoost) - KVM: arm64: Fix exclusive limit for IPA size (Marc Zyngier) - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading (Boyang Yu) - binfmt_misc: fix possible deadlock in bm_register_write (Lior Ribak) - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (Naveen N. Rao) - include/linux/sched/mm.h: use rcu_dereference in in_vfork() (Matthew Wilcox (Oracle)) - stop_machine: mark helpers __always_inline (Arnd Bergmann) - configfs: fix a use-after-free in __configfs_open_file (Daiyue Zhang) - block: rsxx: fix error return code of rsxx_pci_probe() (Jia-Ju Bai) - NFSv4.2: fix return value of _nfs4_get_security_label() (Ondrej Mosnacek) - sh_eth: fix TRSCER mask for R7S72100 (Sergey Shtylyov) - staging: comedi: pcl818: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: pcl711: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: me4000: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: dmm32at: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das800: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das6402: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: adv_pci1710: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: addi_apci_1500: Fix endian problem for command sample (Ian Abbott) - staging: comedi: addi_apci_1032: Fix endian problem for COS sample (Ian Abbott) - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan (Lee Gibson) - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd (Lee Gibson) - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() (Dan Carpenter) - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() (Dan Carpenter) - staging: rtl8712: unterminated string leads to read overflow (Dan Carpenter) - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (Dan Carpenter) - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() (Dan Carpenter) - usbip: fix vhci_hcd attach_store() races leading to gpf (Shuah Khan) - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf (Shuah Khan) - usbip: fix vudc to check for stream socket (Shuah Khan) - usbip: fix vhci_hcd to check for stream socket (Shuah Khan) - usbip: fix stub_dev to check for stream socket (Shuah Khan) - USB: serial: cp210x: add some more GE USB IDs (Sebastian Reichel) - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (Karan Singhal) - USB: serial: ch341: add new Product ID (Niv Sardi) - USB: serial: io_edgeport: fix memory leak in edge_startup (Pavel Skripkin) - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (Forest Crossman) - xhci: Improve detection of device initiated wake signal. (Mathias Nyman) - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM (Yoshihiro Shimoda) - usb: gadget: f_uac1: stop playback on function disable (Ruslan Bilovol) - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot (Ruslan Bilovol) - USB: gadget: u_ether: Fix a configfs return code (Dan Carpenter) - Goodix Fingerprint device is not a modem (Yorick de Wid) - mmc: core: Fix partition switch time for eMMC (Adrian Hunter) - s390/dasd: fix hanging IO request during DASD driver unbind (Stefan Haberland) - s390/dasd: fix hanging DASD driver unbind (Stefan Haberland) - Revert 95ebabde382c ('capabilities: Don't allow writing ambiguous v3 file capabilities') (Eric W. Biederman) - ALSA: usb-audio: Fix 'cannot get freq eq' errors on Dell AE515 sound bar (Takashi Iwai) - ALSA: hda: Avoid spurious unsol event handling during S3/S4 (Takashi Iwai) - ALSA: hda: Drop the BATCH workaround for AMD controllers (Takashi Iwai) - ALSA: hda/hdmi: Cancel pending works before suspend (Takashi Iwai) - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (Mike Christie) - s390/smp: __smp_rescan_cpus() - move cpumask away from stack (Heiko Carstens) - PCI: mediatek: Add missing of_node_put() to fix reference leak (Krzysztof Wilczynski) - PCI: xgene-msi: Fix race in installing chained irq handler (Martin Kaiser) - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset (Athira Rajeev) - powerpc: improve handling of unrecoverable system reset (Nicholas Piggin) - mmc: mediatek: fix race condition between msdc_request_timeout and irq (Chaotian Jing) - mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()' (Christophe JAILLET) - udf: fix silent AED tagLocation corruption (Steven J. Magnani) - net: phy: fix save wrong speed and duplex problem if autoneg is on (Guangbin Huang) - media: usbtv: Fix deadlock on suspend (Maxim Mikityanskiy) - s390/cio: return -EFAULT if copy_to_user() fails (Eric Farman) - drm: meson_drv add shutdown function (Artem Lapkin) - drm/compat: Clear bounce structures (Daniel Vetter) - s390/cio: return -EFAULT if copy_to_user() fails again (Wang Qing) - perf traceevent: Ensure read cmdlines are null terminated. (Ian Rogers) - net: stmmac: stop each tx channel independently (Joakim Zhang) - net: davicom: Fix regulator not turned off on driver removal (Paul Cercueil) - net: davicom: Fix regulator not turned off on failed probe (Paul Cercueil) - net: lapbether: Remove netif_start_queue / netif_stop_queue (Xie He) - net: usb: qmi_wwan: allow qmimux add/del with master up (Daniele Palmas) - net: sched: avoid duplicates in classes dump (Maximilian Heyne) - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (Ong Boon Leong) - net/mlx4_en: update moderation when config reset (Kevin(Yudong) Yang) - sh_eth: fix TRSCER mask for SH771x (Sergey Shtylyov) - Revert 'mm, slub: consider rest of partial list if acquire_slab() fails' (Linus Torvalds) - cifs: return proper error code in statfs(2) (Paulo Alcantara) - netfilter: x_tables: gpf inside xt_find_revision() (Vasily Averin) - can: flexcan: enable RX FIFO after FRZ/HALT valid (Joakim Zhang) - can: flexcan: assert FRZ bit in flexcan_chip_freeze() (Joakim Zhang) - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership (Oleksij Rempel) - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 (Balazs Nemeth) - net: Fix gro aggregation for udp encaps with zero csum (Daniel Borkmann) - ath9k: fix transmitting to stations in dynamic SMPS mode (Felix Fietkau) - ethernet: alx: fix order of calls on resume (Jakub Kicinski) - uapi: nfnetlink_cthelper.h: fix userspace compilation error (Dmitry V. Levin) - Linux 4.14.225 (Greg Kroah-Hartman) - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register (AngeloGioacchino Del Regno) - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom (Aswath Govindraju) - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller (Bjorn Helgaas) - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 (Hans de Goede) - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices (Hans de Goede) - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag (Hans de Goede) - platform/x86: acer-wmi: Add new force_caps module parameter (Hans de Goede) - platform/x86: acer-wmi: Cleanup accelerometer device handling (Hans de Goede) - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (Hans de Goede) - mwifiex: pcie: skip cancel_work_sync() on reset failure path (Tsuchiya Yuto) - iommu/amd: Fix sleeping in atomic in increase_address_space() (Andrey Ryabinin) - dm table: fix iterate_devices based device capability checks (Jeffle Xu) - rsxx: Return -EFAULT if copy_to_user() fails (Dan Carpenter) - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (Colin Ian King) - usbip: tools: fix build error for multiple definition (Antonio Borneo) - PM: runtime: Update device status before letting suppliers suspend (Rafael J. Wysocki) - btrfs: fix raid6 qstripe kmap (Ira Weiny) - btrfs: raid56: simplify tracking of Q stripe presence (David Sterba) - Linux 4.14.224 (Greg Kroah-Hartman) - media: v4l: ioctl: Fix memory leak in video_usercopy (Sakari Ailus) - swap: fix swapfile read/write offset (Jens Axboe) - zsmalloc: account the number of compacted pages correctly (Rokudo Yan) - xen-netback: respect gnttab_map_refs()'s return value (Jan Beulich) - Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) - parisc: Bump 64-bit IRQ stack size to 64 KB (John David Anglin) - f2fs: handle unallocated section and zone on pinned/atgc (Jaegeuk Kim) - media: uvcvideo: Allow entities with no pads (Ricardo Ribalda) - staging: most: sound: add sanity check for function argument (Christian Gromm) - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data (Gopal Tiwari) - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (Fangrui Song) - ath10k: fix wmi mgmt tx queue full due to race condition (Miaoqing Pan) - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() (Di Zhu) - wlcore: Fix command execute failure 19 for wl12xx (Tony Lindgren) - vt/consolemap: do font sum unsigned (Jiri Slaby) - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk (Heiner Kallweit) - staging: fwserial: Fix error handling in fwserial_create (Dinghao Liu) - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ (Geert Uytterhoeven) - net: bridge: use switchdev for port flags set through sysfs too (Vladimir Oltean) - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing (Li Xinhai) - net: fix up truesize of cloned skb in skb_prepare_for_shift() (Marco Elver) - smackfs: restrict bytes count in smackfs write functions (Sabyrzhan Tasbolatov) - xfs: Fix assert failure in xfs_setattr_size() (Yumei Huang) - media: mceusb: sanity check for prescaler value (Sean Young) - JFS: more checks for invalid superblock (Randy Dunlap) - arm64: Use correct ll/sc atomic constraints (Andrew Murray) - arm64: cmpxchg: Use 'K' instead of 'L' for ll/sc immediate constraint (Will Deacon) - arm64: Avoid redundant type conversions in xchg() and cmpxchg() (Will Deacon) - arm64 module: set plt* section addresses to 0x0 (Shaoying Xu) - virtio/s390: implement virtio-ccw revision 2 correctly (Cornelia Huck) - drm/virtio: use kvmalloc for large allocations (Sergey Senozhatsky) - hugetlb: fix update_and_free_page contig page struct assumption (Mike Kravetz) - scripts: set proper OpenSSL include dir also for sign-file (Rolf Eike Beer) - scripts: use pkg-config to locate libcrypto (Rolf Eike Beer) - net: usb: qmi_wwan: support ZTE P685M modem (Lech Perczak) [4.14.35-2047.506.0] - Linux 4.14.223 (Greg Kroah-Hartman) - dm era: Update in-core bitset after committing the metadata (Nikos Tsironis) - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending (Jason A. Donenfeld) - ipv6: silence compilation warning for non-IPV6 builds (Leon Romanovsky) - ipv6: icmp6: avoid indirect call for icmpv6_send() (Eric Dumazet) - sunvnet: use icmp_ndo_send helper (Jason A. Donenfeld) - gtp: use icmp_ndo_send helper (Jason A. Donenfeld) - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n (Jason A. Donenfeld) - icmp: introduce helper for nat'd source address in network device context (Jason A. Donenfeld) - dm era: only resize metadata in preresume (Nikos Tsironis) - dm era: Reinitialize bitset cache before digesting a new writeset (Nikos Tsironis) - dm era: Use correct value size in equality function of writeset tree (Nikos Tsironis) - dm era: Fix bitset memory leaks (Nikos Tsironis) - dm era: Verify the data block size hasn't changed (Nikos Tsironis) - dm era: Recover committed writeset after crash (Nikos Tsironis) - gfs2: Don't skip dlm unlock if glock has an lvb (Bob Peterson) - sparc32: fix a user-triggerable oops in clear_user() (Al Viro) - f2fs: fix out-of-repair __setattr_copy() (Chao Yu) - printk: fix deadlock when kernel panic (Muchun Song) - gpio: pcf857x: Fix missing first interrupt (Maxim Kiselev) - mmc: sdhci-esdhc-imx: fix kernel panic when remove module (Frank Li) - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (Fangrui Song) - libnvdimm/dimm: Avoid race between probe and available_slots_show() (Dan Williams) - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() (Yoshihiro Shimoda) - mm: hugetlb: fix a race between freeing and dissolving the page (Muchun Song) - hugetlb: fix copy_huge_page_from_user contig page struct assumption (Mike Kravetz) - fs/affs: release old buffer head on error path (Pan Bian) - mtd: spi-nor: hisi-sfc: Put child node np on error path (Pan Bian) - watchdog: mei_wdt: request stop on unregister (Alexander Usyskin) - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (He Zhe) - floppy: reintroduce O_NDELAY fix (Jiri Kosina) - x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson) - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table (Martin Kaiser) - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue (Sabyrzhan Tasbolatov) - seccomp: Add missing return in non-void function (Paul Cercueil) - crypto: sun4i-ss - handle BigEndian for cipher (Corentin Labbe) - crypto: sun4i-ss - checking sg length is not sufficient (Corentin Labbe) - btrfs: fix extent buffer leak on failure to copy root (Filipe Manana) - btrfs: fix reloc root leak with 0 ref reloc roots on recovery (Josef Bacik) - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root (Josef Bacik) - KEYS: trusted: Fix migratable=1 failing (Jarkko Sakkinen) - tpm_tis: Fix check_locality for correct locality acquisition (James Bottomley) - ALSA: hda/realtek: modify EAPD in the ALC886 (PeiSen Hou) - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt (Thinh Nguyen) - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 (Thinh Nguyen) - USB: serial: mos7720: fix error code in mos7720_write() (Dan Carpenter) - USB: serial: mos7840: fix error code in mos7840_write() (Dan Carpenter) - usb: musb: Fix runtime PM race in musb_queue_resume_work (Paul Cercueil) - USB: serial: option: update interface mapping for ZTE P685M (Lech Perczak) - Input: i8042 - add ASUS Zenbook Flip to noselftest list (Marcos Paulo de Souza) - Input: joydev - prevent potential read overflow in ioctl (Dan Carpenter) - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S (Olivier Crate) - Input: raydium_ts_i2c - do not send zero length (jeffrey.lin) - HID: wacom: Ignore attempts to overwrite the touch_max value from HID (Jason Gerecke) - ACPI: configfs: add missing check after configfs_register_default_group() (Qinglang Miao) - ACPI: property: Fix fwnode string properties matching (Rafael J. Wysocki) - blk-settings: align max_sectors on 'logical_block_size' boundary (Mikulas Patocka) - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors (Randy Dunlap) - mm/rmap: fix potential pte_unmap on an not mapped pte (Miaohe Lin) - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (Maxime Ripard) - arm64: Add missing ISB after invalidating TLB in __primary_switch (Marc Zyngier) - mm/hugetlb: fix potential double free in hugetlb_register_node() error path (Miaohe Lin) - mm/memory.c: fix potential pte_unmap_unlock pte error (Miaohe Lin) - ocfs2: fix a use after free on error (Dan Carpenter) - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (Chuhong Yuan) - i40e: Fix overwriting flow control settings during driver loading (Mateusz Palczewski) - i40e: Fix flow for IPv6 next header (extension header) (Slawomir Laba) - ext4: fix potential htree index checksum corruption (Theodore Ts'o) - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (Konrad Dybcio) - PCI: Align checking of syscall user config accessors (Heiner Kallweit) - VMCI: Use set_page_dirty_lock() when unregistering guest memory (Jorgen Hansen) - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() (Simon South) - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (Aswath Govindraju) - misc: eeprom_93xx46: Fix module alias to enable module autoprobe (Aswath Govindraju) - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set (Randy Dunlap) - Input: elo - fix an error code in elo_connect() (Dan Carpenter) - perf test: Fix unaligned access in sample parsing test (Namhyung Kim) - perf intel-pt: Fix missing CYC processing in PSB (Adrian Hunter) - spi: pxa2xx: Fix the controller numbering for Wildcat Point (Andy Shevchenko) - powerpc/8xx: Fix software emulation interrupt (Christophe Leroy) - powerpc/pseries/dlpar: handle ibm, configure-connector delay status (Nathan Lynch) - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() (Dan Carpenter) - spi: stm32: properly handle 0 byte transfer (Alain Volmat) - RDMA/rxe: Fix coding error in rxe_recv.c (Bob Pearson) - perf tools: Fix DSO filtering when not finding a map for a sampled address (Arnaldo Carvalho de Melo) - tracepoint: Do not fail unregistering a probe due to memory failure (Steven Rostedt (VMware)) - amba: Fix resource leak for drivers without .remove (Uwe Kleine-Konig) - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (Vladimir Murzin) - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (Christophe JAILLET) - powerpc/47x: Disable 256k page size (Christophe Leroy) - IB/umad: Return EIO in case of when device disassociated (Shay Drory) - auxdisplay: ht16k33: Fix refresh rate handling (Geert Uytterhoeven) - isofs: release buffer head before return (Pan Bian) - spi: atmel: Put allocated master before return (Pan Bian) - certs: Fix blacklist flag type confusion (David Howells) - regulator: axp20x: Fix reference cout leak (Pan Bian) - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined (Tom Rix) - rtc: s5m: select REGMAP_I2C (Bartosz Golaszewski) - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (Claudiu Beznea) - of/fdt: Make sure no-map does not remove already reserved regions (Nicolas Boichat) - fdt: Properly handle 'no-map' field in the memory region (KarimAllah Ahmed) - mfd: bd9571mwv: Use devm_mfd_add_devices() (Yoshihiro Shimoda) - dmaengine: hsu: disable spurious interrupt (Ferry Toth) - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in the remove function (Christophe JAILLET) - HID: core: detect and skip invalid inputs to snto32() (Randy Dunlap) - spi: cadence-quadspi: Abort read if dummy cycles required are too many (Pratyush Yadav) - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL (Martin Blumenstingl) - capabilities: Don't allow writing ambiguous v3 file capabilities (Eric W. Biederman) - jffs2: fix use after free in jffs2_sum_write_data() (Tom Rix) - fs/jfs: fix potential integer overflow on shift of a int (Colin Ian King) - ima: Free IMA measurement buffer after kexec syscall (Lakshmi Ramasubramanian) - ima: Free IMA measurement buffer on error (Lakshmi Ramasubramanian) - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() (Daniele Alessandrelli) - hwrng: timeriomem - Fix cooldown period calculation (Jan Henrik Weinstock) - btrfs: clarify error returns values in __load_free_space_cache (Zhihao Cheng) - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() (Andrea Parri (Microsoft)) - ata: ahci_brcm: Add back regulators management (Florian Fainelli) - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (Laurent Pinchart) - media: pxa_camera: declare variable when DEBUG is defined (Tom Rix) - media: cx25821: Fix a bug when reallocating some dma memory (Christophe JAILLET) - media: qm1d1c0042: fix error return code in qm1d1c0042_init() (Luo Meng) - media: lmedm04: Fix misuse of comma (Joe Perches) - crypto: bcm - Rename struct device_private to bcm_device_private (Jiri Olsa) - ASoC: cs42l56: fix up error handling in probe (Dan Carpenter) - media: tm6000: Fix memleak in tm6000_start_stream (Dinghao Liu) - media: media/pci: Fix memleak in empress_init (Dinghao Liu) - media: vsp1: Fix an error handling path in the probe function (Christophe JAILLET) - media: i2c: ov5670: Fix PIXEL_RATE minimum value (Jacopo Mondi) - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 (Nathan Chancellor) - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init (Nathan Chancellor) - crypto: sun4i-ss - fix kmap usage (Corentin Labbe) - gma500: clean up error handling in init (Dan Carpenter) - drm/gma500: Fix error return code in psb_driver_load() (Jialin Zhang) - fbdev: aty: SPARC64 requires FB_ATY_CT (Randy Dunlap) - net: mvneta: Remove per-cpu queue mapping for Armada 3700 (Maxime Chevallier) - net: amd-xgbe: Reset link when the link never comes back (Shyam Sundar S K) - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (Shyam Sundar S K) - ibmvnic: skip send_request_unmap for timeout reset (Lijun Pan) - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case (Colin Ian King) - mac80211: fix potential overflow when multiplying to u32 integers (Colin Ian King) - bnxt_en: reverse order of TX disable and carrier off (Edwin Peer) - ath9k: fix data bus crash when setting nf_override via debugfs (Linus Lussing) - bpf_lru_list: Read double-checked variable once without lock (Marco Elver) - ARM: s3c: fix fiq for clang IAS (Arnd Bergmann) - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address (Vincent Knecht) - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (Chen-Yu Tsai) - usb: dwc2: Make 'trimming xfer length' a debug message (Guenter Roeck) - usb: dwc2: Abort transaction after errors with unknown reason (Guenter Roeck) - usb: dwc2: Do not update data length if it is 0 on inbound transfers (Guenter Roeck) - ARM: dts: Configure missing thermal interrupt for 4430 (Tony Lindgren) - Bluetooth: Put HCI device if inquiry procedure interrupts (Pan Bian) - Bluetooth: drop HCI device reference before return (Pan Bian) - usb: gadget: u_audio: Free requests only after callback (Jack Pham) - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() (Christophe JAILLET) - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso (Krzysztof Kozlowski) - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (Krzysztof Kozlowski) - Bluetooth: Fix initializing response id after clearing struct (Christopher William Snowhill) - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - random: fix the RNDRESEEDCRNG ioctl (Eric Biggers) - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section (Alexander Lobakin) - kdb: Make memory allocations more robust (Sumit Garg) - vmlinux.lds.h: add DWARF v5 sections (Nick Desaulniers) - scripts/recordmcount.pl: support big endian for ARCH sh (Rong Chen) - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. (Shyam Prasad N) - NET: usb: qmi_wwan: Adding support for Cinterion MV31 (Christoph Schemmel) - arm64: tegra: Add power-domain for Tegra210 HDA (Sameer Pujar) - ntfs: check for valid standard information attribute (Rustam Kovhaev) - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable (Stefan Ursella) - HID: make arrays usage and value to be the same (Will McVicker) - Linux 4.14.222 (Greg Kroah-Hartman) - kvm: check tlbs_dirty directly (Lai Jiangshan) - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (Manish Narani) - USB: Gadget Ethernet: Re-enable Jumbo frames. (John Greb) - scsi: qla2xxx: Fix crash during driver load on big endian machines (Arun Easi) - xen/arm: don't ignore return errors from set_phys_to_machine (Stefano Stabellini) - tracing: Avoid calling cc-option -mrecord-mcount for every Makefile (Vasily Gorbik) - tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord-mcount (Greg Thelen) - trace: Use -mcount-record for dynamic ftrace (Andi Kleen) - x86/build: Disable CET instrumentation in the kernel for 32-bit too (Borislav Petkov) - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined (Randy Dunlap) - i2c: stm32f7: fix configuration of the digital filter (Alain Volmat) - vsock: fix locking in vsock_shutdown() (Stefano Garzarella) - vsock/virtio: update credit only if socket is not closed (Stefano Garzarella) - net: watchdog: hold device global xmit lock during tx disable (Edwin Peer) - net/vmw_vsock: improve locking in vsock_connect_timeout() (Norbert Slusarek) - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (Serge Semin) - usb: dwc3: ulpi: fix checkpatch warning (Felipe Balbi) - netfilter: conntrack: skip identical origin tuple in same zone only (Florian Westphal) - netfilter: xt_recent: Fix attempt to update deleted entry (Jozsef Kadlecsik) - bpf: Check for integer overflow when using roundup_pow_of_two() (Bui Quang Minh) - memblock: do not start bottom-up allocations with kernel_end (Roman Gushchin) - ARM: ensure the signal page contains defined contents (Russell King) - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (Alexandre Belloni) - ovl: skip getxattr of security labels (Amir Goldstein) - cap: fix conversions on getxattr (Miklos Szeredi) - ovl: perform vfs_getxattr() with mounter creds (Miklos Szeredi) - platform/x86: hp-wmi: Disable tablet-mode reporting by default (Hans de Goede) - arm64: dts: rockchip: Fix PCIe DT properties on rk3399 (Marc Zyngier) - MIPS: BMIPS: Fix section mismatch warning (Jaedon Shin) - arm/xen: Don't probe xenbus as part of an early initcall (Julien Grall) - tracing: Check length before giving out the filter buffer (Steven Rostedt (VMware)) - tracing: Do not count ftrace events in top level enable output (Steven Rostedt (VMware)) - squashfs: add more sanity checks in xattr id lookup (Phillip Lougher) - squashfs: add more sanity checks in inode lookup (Phillip Lougher) - squashfs: add more sanity checks in id lookup (Phillip Lougher) - memcg: fix a crash in wb_workfn when a device disappears (Theodore Ts'o) - include/trace/events/writeback.h: fix -Wstringop-truncation warnings (Qian Cai) - lib/string: Add strscpy_pad() function (Tobin C. Harding) - SUNRPC: Handle 0 length opaque XDR object data properly (Dave Wysochanski) - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header (Dave Wysochanski) - iwlwifi: mvm: guard against device removal in reprobe (Johannes Berg) - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap (Emmanuel Grumbach) - iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time() (Johannes Berg) - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() (Trond Myklebust) - af_key: relax availability checks for skb size calculation (Cong Wang) - remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load (Sibi Sankar) - remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load (Sibi Sankar) - fgraph: Initialize tracing_graph_pause at task creation (Steven Rostedt (VMware)) - Linux 4.14.221 (Greg Kroah-Hartman) - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (DENG Qingfang) - iommu/vt-d: Do not use flush-queue when caching-mode is on (Nadav Amit) - Input: xpad - sync supported devices with fork on GitHub (Benjamin Valentin) - x86/apic: Add extra serialization for non-serializing MSRs (Dave Hansen) - x86/build: Disable CET instrumentation in the kernel (Josh Poimboeuf) - mm: thp: fix MADV_REMOVE deadlock on shmem THP (Hugh Dickins) - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active (Muchun Song) - mm: hugetlb: fix a race between isolating and freeing page (Muchun Song) - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page (Muchun Song) - ARM: footbridge: fix dc21285 PCI configuration accessors (Russell King) - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (Thorsten Leemhuis) - mmc: core: Limit retries when analyse of SDIO tuples fails (Fengnan Chang) - smb3: Fix out-of-bounds bug in SMB2_negotiate() (Gustavo A. R. Silva) - cifs: report error instead of invalid when revalidating a dentry fails (Aurelien Aptel) - xhci: fix bounce buffer usage for non-sg list case (Mathias Nyman) - kretprobe: Avoid re-registration of the same kretprobe earlier (Wang ShaoBo) - mac80211: fix station rate table updates on assoc (Felix Fietkau) - ovl: fix dentry leak in ovl_get_redirect (Liangyan) - usb: dwc2: Fix endpoint direction check in ep_from_windex (Heiko Stuebner) - USB: usblp: don't call usb_set_interface if there's a single alt (Jeremy Figgins) - USB: gadget: legacy: fix an error code in eth_bind() (Dan Carpenter) - ipv4: fix race condition between route lookup and invalidation (Wei Wang) - elfcore: fix building with clang (Arnd Bergmann) - objtool: Support Clang non-section symbols in ORC generation (Josh Poimboeuf) - net: lapb: Copy the skb before sending a packet (Xie He) - arm64: dts: ls1046a: fix dcfg address range (Zyta Szpak) - USB: serial: option: Adding support for Cinterion MV31 (Christoph Schemmel) - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 (Chenxin Jin) - USB: serial: cp210x: add pid/vid for WSDA-200-USB (Pho Tran) - Linux 4.14.220 (Greg Kroah-Hartman) - kthread: Extract KTHREAD_IS_PER_CPU (Peter Zijlstra) - objtool: Don't fail on missing symbol table (Josh Poimboeuf) - scsi: ibmvfc: Set default timeout to avoid crash during migration (Brian King) - mac80211: fix fast-rx encryption check (Felix Fietkau) - scsi: libfc: Avoid invoking response handler twice if ep is already completed (Javed Hasan) - scsi: scsi_transport_srp: Don't block target in failfast state (Martin Wilck) - x86: __always_inline __{rd,wr}msr() (Peter Zijlstra) - phy: cpcap-usb: Fix warning for missing regulator_disable (Tony Lindgren) - driver core: Extend device_is_dependent() (Rafael J. Wysocki) - base: core: Remove WARN_ON from link dependencies check (Benjamin Gaignard) - net_sched: gen_estimator: support large ewma log (Eric Dumazet) - net_sched: reject silly cell_log in qdisc_get_rtab() (Eric Dumazet) - ACPI: thermal: Do not call acpi_thermal_check() directly (Rafael J. Wysocki) - ibmvnic: Ensure that CRQ entry read are correctly ordered (Lijun Pan) - net: dsa: bcm_sf2: put device node before return (Pan Bian) - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863569] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863569] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982355] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820277] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25671 CVE-2020-25670 CVE-2020-25672 CVE-2021-33909 CVE-2020-14304 Oracle Linux 7 [4.14.35-2047.506.8.el7] - A/A Bonding: dev_hold/put() the delayed GARP work handler's netdev in rdmaip (Sharath Srinivasan) [Orabug: 33187189] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33187192] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33187195] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33187199] - rds: ib: Increase entropy of RDMA IOVAs (Hakon Bugge) [Orabug: 33187200] [4.14.35-2047.506.7.el7] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33167357] - Revert 'x86/reboot: Force all cpus to exit VMX root if VMX is supported' (Somasundaram Krishnasamy) [Orabug: 33167350] [4.14.35-2047.506.6.el7] - rds: Check for illegal flags when creating an MR (Hakon Bugge) [Orabug: 33144339] - seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33135633] {CVE-2021-33909} [4.14.35-2047.506.5.el7] - xen/blkback: Force flush and secure discard support flags (Boris Ostrovsky) [Orabug: 33131619] [4.14.35-2047.506.4.el7] - rds/ib: avoid use of trace_printk() (Alan Maguire) [Orabug: 33120588] - RDMA/cma: Remove unnecessary INIT->INIT transition (Hakon Bugge) [Orabug: 33114515] - ext4: use ext4_grp_locked_error in mb_find_extent (Stephen Brennan) [Orabug: 33027709] [4.14.35-2047.506.3.el7] - capmem: Mark the pages as non-readonly+dirty. (David Clear) [Orabug: 33116008] - PCI/ERR: Retain status from error notification (Keith Busch) [Orabug: 32747989] - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error. (Dai Ngo) [Orabug: 33106366] - net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk) [Orabug: 31895299] {CVE-2020-14304} [4.14.35-2047.506.2.el7] - KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts (Joao Martins) [Orabug: 33089240] - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge (Naoya Horiguchi) [Orabug: 33042327] - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails (Naoya Horiguchi) [Orabug: 33042327] - mm: soft-offline: close the race against page allocation (Naoya Horiguchi) [Orabug: 33042327] - mm: fix race on soft-offlining free huge pages (Naoya Horiguchi) [Orabug: 33042327] - Revert 'xen/fb: allow xenfb initialization for hvm guests' (Joe Jin) [Orabug: 33075317] - scsi: qla2xxx: Fix use after free in bsg (Quinn Tran) [Orabug: 32912131] - block: fix a race between del_gendisk and BLKRRPART (Gulam Mohamed) [Orabug: 32285697] - block: prevent block device lookups at the beginning of del_gendisk (Christoph Hellwig) [Orabug: 32285697] - block: take bd_mutex around delete_partitions in del_gendisk (Christoph Hellwig) [Orabug: 32285697] - Linux 4.14.231 (Greg Kroah-Hartman) - xen/events: fix setting irq affinity (Juergen Gross) - perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches (Arnaldo Carvalho de Melo) - netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) - net: phy: broadcom: Only advertise EEE for supported modes (Florian Fainelli) - block: only update parent bi_status when bio fail (Yufen Yu) - gfs2: report 'already frozen/thawed' errors (Bob Peterson) - drm/imx: imx-ldb: fix out of bounds array access warning (Arnd Bergmann) - KVM: arm64: Disable guest access to trace filter controls (Suzuki K Poulose) - KVM: arm64: Hide system instruction access to Trace registers (Suzuki K Poulose) - Revert 'cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.' (Greg Kroah-Hartman) - net: ieee802154: stop dump llsec params for monitors (Alexander Aring) - net: ieee802154: forbid monitor for del llsec seclevel (Alexander Aring) - net: ieee802154: forbid monitor for set llsec params (Alexander Aring) - net: ieee802154: fix nl802154 del llsec devkey (Alexander Aring) - net: ieee802154: fix nl802154 add llsec key (Alexander Aring) - net: ieee802154: fix nl802154 del llsec key (Alexander Aring) - net: ieee802154: nl-mac: fix check on panid (Alexander Aring) - net: mac802154: Fix general protection fault (Pavel Skripkin) - drivers: net: fix memory leak in peak_usb_create_dev (Pavel Skripkin) - drivers: net: fix memory leak in atusb_probe (Pavel Skripkin) - net: tun: set tun->dev->addr_len during TUNSETLINK processing (Phillip Potter) - cfg80211: remove WARN_ON() in cfg80211_sme_connect (Du Cheng) - usbip: fix vudc usbip_sockfd_store races leading to gpf (Shuah Khan) - net/ncsi: Avoid GFP_KERNEL in response handler (Samuel Mendoza-Jonas) - net/ncsi: Refactor MAC, VLAN filters (Samuel Mendoza-Jonas) - net/ncsi: Add generic netlink family (Samuel Mendoza-Jonas) - net/ncsi: Don't return error on normal response (Samuel Mendoza-Jonas) - net/ncsi: Improve general state logging (Samuel Mendoza-Jonas) - net/ncsi: Make local function ncsi_get_filter() static (Wei Yongjun) - clk: socfpga: fix iomem pointer cast on 64-bit (Krzysztof Kozlowski) - RDMA/cxgb4: check for ipv6 address properly while destroying listener (Potnuri Bharat Teja) - net/mlx5: Fix placement of log_max_flow_counter (Raed Salem) - s390/cpcmd: fix inline assembly register clobbering (Alexander Gordeev) - workqueue: Move the position of debug_work_activate() in __queue_work() (Zqiang) - clk: fix invalid usage of list cursor in unregister (Lukasz Bartosik) - clk: fix invalid usage of list cursor in register (Lukasz Bartosik) - soc/fsl: qbman: fix conflicting alignment attributes (Arnd Bergmann) - ASoC: sunxi: sun4i-codec: fill ASoC card owner (Bastian Germann) - net/ncsi: Avoid channel_monitor hrtimer deadlock (Milton Miller) - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (Stefan Riedmueller) - net:tipc: Fix a double free in tipc_sk_mcast_rcv (Lv Yunlong) - gianfar: Handle error code at MAC address change (Claudiu Manoil) - sch_red: fix off-by-one checks in red_check_params() (Eric Dumazet) - amd-xgbe: Update DMA coherency values (Shyam Sundar S K) - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (Shengjiu Wang) - regulator: bd9571mwv: Fix AVS and DVFS voltage range (Geert Uytterhoeven) - i2c: turn recovery error on init to debug (Wolfram Sang) - usbip: synchronize event handler with sysfs code paths (Shuah Khan) - usbip: stub-dev synchronize sysfs code paths (Shuah Khan) - usbip: add sysfs_lock to synchronize sysfs code paths (Shuah Khan) - net: sched: sch_teql: fix null-pointer dereference (Pavel Tikhomirov) - net: ensure mac header is set in virtio_net_hdr_to_skb() (Eric Dumazet) - batman-adv: initialize 'struct batadv_tvlv_tt_vlan_data'->reserved field (Tetsuo Handa) - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (Marek Behun) - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers (Gao Xiang) - parisc: parisc-agp requires SBA IOMMU driver (Helge Deller) - fs: direct-io: fix missing sdio->boundary (Jack Qiu) - ia64: fix user_stack_pointer() for ptrace() (Sergei Trofimovich) - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh (Muhammad Usama Anjum) - xen/evtchn: Change irq_info lock to raw_spinlock_t (Luca Fancellu) - nfc: Avoid endless loops caused by repeated llcp_sock_connect() (Xiaoming Ni) - nfc: fix memory leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25672} - nfc: fix refcount leak in llcp_sock_connect() (Xiaoming Ni) {CVE-2020-25671} - nfc: fix refcount leak in llcp_sock_bind() (Xiaoming Ni) {CVE-2020-25670} - ASoC: intel: atom: Stop advertising non working S24LE support (Hans de Goede) - ALSA: aloop: Fix initialization of controls (Jonas Holmberg) - Linux 4.14.230 (Greg Kroah-Hartman) - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate (Angelo Dureghello) - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM (Masahiro Yamada) - init/Kconfig: make COMPILE_TEST depend on !S390 (Heiko Carstens) - cifs: Silently ignore unknown oplock break handle (Vincent Whitchurch) - cifs: revalidate mapping when we open files for SMB1 POSIX (Ronnie Sahlberg) - ia64: mca: allocate early mca with GFP_ATOMIC (Sergei Trofimovich) - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() (Martin Wilck) - x86/build: Turn off -fcf-protection for realmode targets (Arnd Bergmann) - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (Esteve Varela Colominas) - drm/msm: Ratelimit invalid-fence message (Rob Clark) - mac80211: choose first enabled channel for monitor (Karthikeyan Kathirvel) - mISDN: fix crash in fritzpci (Tong Zhang) - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove (Pavel Andrianov) - ARM: dts: am33xx: add aliases for mmc interfaces (Mans Rullgard) - Linux 4.14.229 (Greg Kroah-Hartman) - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (Du Cheng) - staging: rtl8192e: Change state information from u16 to u8 (Atul Gopinathan) - staging: rtl8192e: Fix incorrect source in memcpy() (Atul Gopinathan) - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (Tong Zhang) - USB: cdc-acm: fix use-after-free after probe failure (Johan Hovold) - USB: cdc-acm: downgrade message to debug (Oliver Neukum) - USB: cdc-acm: untangle a circular dependency between callback and softint (Oliver Neukum) - cdc-acm: fix BREAK rx code path adding necessary calls (Oliver Neukum) - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (Chunfeng Yun) - usb: musb: Fix suspend with devices connected for a64 (Tony Lindgren) - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (Shuah Khan) - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (Zheyu Ma) - extcon: Fix error handling in extcon_dev_register (Dinghao Liu) - extcon: Add stubs for extcon_register_notifier_all() functions (Krzysztof Kozlowski) - pinctrl: rockchip: fix restore error in resume (Wang Panzhenzhuan) - reiserfs: update reiserfs_xattrs_initialized() condition (Tetsuo Handa) - drm/amdgpu: check alignment on CPU page for bo map (Xi Ruoyao) - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (Nirmoy Das) - mm: fix race by making init_zero_pfn() early_initcall (Ilya Lipnitskiy) - tracing: Fix stack trace event size (Steven Rostedt (VMware)) - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook (Hui Wang) - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO (Hui Wang) - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (Ikjoon Jang) - bpf: Remove MTU check in __bpf_skb_max_len (Jesper Dangaard Brouer) - net: wan/lmc: unregister device when no matching device is found (Tong Zhang) - appletalk: Fix skb allocation size in loopback case (Doug Brown) - net: ethernet: aquantia: Handle error cleanup of start on open (Nathan Rossi) - brcmfmac: clear EAP/association status bits on linkdown events (Luca Pesce) - ext4: do not iput inode under running transaction in ext4_rename() (zhangyi (F)) - ASoC: rt5659: Update MCLK rate in set_sysclk() (Sameer Pujar) - staging: comedi: cb_pcidas64: fix request_irq() warn (Tong Zhang) - staging: comedi: cb_pcidas: fix request_irq() warn (Tong Zhang) - scsi: qla2xxx: Fix broken #endif placement (Alexey Dobriyan) - scsi: st: Fix a use after free in st_open() (Lv Yunlong) - vhost: Fix vhost_vq_reset() (Laurent Vivier) - powerpc: Force inlining of cpu_has_feature() to avoid build failure (Christophe Leroy) - ASoC: cs42l42: Always wait at least 3ms after reset (Lucas Tanure) - ASoC: cs42l42: Fix mixer volume control (Lucas Tanure) - ASoC: es8316: Simplify adc_pga_gain_tlv table (Hans de Goede) - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe (Benjamin Rood) - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 (Hans de Goede) - rpc: fix NULL dereference on kmalloc failure (J. Bruce Fields) - ext4: fix bh ref count on error paths (Zhaolong Zhang) - ipv6: weaken the v4mapped source check (Jakub Kicinski) - selinux: vsock: Set SID for socket returned by accept() (David Brazdil) - Linux 4.14.228 (Greg Kroah-Hartman) - can: peak_usb: Revert 'can: peak_usb: add forgotten supported devices' (Marc Kleine-Budde) - ext4: add reclaim checks to xattr code (Jan Kara) - mac80211: fix double free in ibss_leave (Markus Theil) - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg() (Eric Dumazet) - net: sched: validate stab values (Eric Dumazet) - can: dev: Move device back to init netns on owning netns delete (Martin Willi) - locking/mutex: Fix non debug version of mutex_lock_io_nested() (Thomas Gleixner) - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() (Jia-Ju Bai) - scsi: qedi: Fix error return code of qedi_alloc_global_queues() (Jia-Ju Bai) - perf auxtrace: Fix auxtrace queue conflict (Adrian Hunter) - ACPI: scan: Use unique number for instance_no (Andy Shevchenko) - ACPI: scan: Rearrange memory allocation in acpi_device_add() (Rafael J. Wysocki) - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (Potnuri Bharat Teja) - net/mlx5e: Fix error path for ethtool set-priv-flag (Aya Levin) - arm64: kdump: update ppos when reading elfcorehdr (Pavel Tatashin) - drm/msm: fix shutdown hook in case GPU components failed to bind (Dmitry Baryshkov) - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (Corentin Labbe) - net: cdc-phonet: fix data-interface release on probe failure (Johan Hovold) - mac80211: fix rate mask reset (Johannes Berg) - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning (Torin Cooper-Bennun) - can: c_can: move runtime PM enable/disable to c_can_platform (Tong Zhang) - can: c_can_pci: c_can_pci_remove(): fix use-after-free (Tong Zhang) - ftgmac100: Restart MAC HW once (Dylan Hung) - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (Lv Yunlong) - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (Dinghao Liu) - e1000e: add rtnl_lock() to e1000_reset_task (Vitaly Lifshits) - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (Florian Fainelli) - macvlan: macvlan_count_rx() needs to be aware of preemption (Eric Dumazet) - libbpf: Fix INSTALL flag order (Georgi Valkov) - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (Grygorii Strashko) - ARM: dts: at91-sama5d27_som1: fix phy address to 7 (Claudiu Beznea) - arm64: dts: ls1043a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1012a: mark crypto engine dma coherent (Horia Geanta) - arm64: dts: ls1046a: mark crypto engine dma coherent (Horia Geanta) - squashfs: fix xattr id and id lookup sanity checks (Phillip Lougher) - squashfs: fix inode lookup sanity checks (Sean Nyekjaer) - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign (Sergei Trofimovich) - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls (Sergei Trofimovich) - nfs: we don't support removing system.nfs4_acl (J. Bruce Fields) - drm/radeon: fix AGP dependency (Christian Konig) - u64_stats,lockdep: Fix u64_stats_init() vs lockdep (Peter Zijlstra) - sparc64: Fix opcode filtering in handling of no fault loads (Rob Gardner) - atm: idt77252: fix null-ptr-dereference (Tong Zhang) - atm: uPD98402: fix incorrect allocation (Tong Zhang) - net: wan: fix error return code of uhdlc_init() (Jia-Ju Bai) - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch() (Jia-Ju Bai) - NFS: Correct size calculation for create reply length (Frank Sorenson) - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default (Timo Rothenpieler) - gpiolib: acpi: Add missing IRQF_ONESHOT (Yang Li) - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count (Denis Efremov) - net: tehuti: fix error return code in bdx_probe() (Jia-Ju Bai) - ixgbe: Fix memleak in ixgbe_configure_clsu32 (Dinghao Liu) - Revert 'r8152: adjust the settings about MAC clock speed down for RTL8153' (Hayes Wang) - atm: lanai: dont run lanai_dev_close if not open (Tong Zhang) - atm: eni: dont release is never initialized (Tong Zhang) - powerpc/4xx: Fix build errors from mfdcr() (Michael Ellerman) - net: fec: ptp: avoid register access when ipg clock is disabled (Heiko Thiery) [4.14.35-2047.506.1.el7] - drivers/uio: Fix incorrect calls to pm_runtime_enable/disable. (David Clear) [Orabug: 33070176] - dts/pensando: Add board config partitions. (David Clear) [Orabug: 33070176] - drivers: updates driver version string to 1.15.9.7 (Thomas Tai) [Orabug: 33065280] - drivers: updates for 1.15.9.7 (Shannon Nelson) [Orabug: 33065280] - arm64: Stop printing the virtual memory layout (Laura Abbott) [Orabug: 33059865] - uek-rpm: Fix Pensando's network application error (Thomas Tai) [Orabug: 33050671] - RDMA/cma: Fix rdma_resolve_route memory leak (Gerd Rausch) [Orabug: 33048382] - uek-rpm: enable selinux for Pensando (Thomas Tai) [Orabug: 33032940] - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted (Quinn Tran) [Orabug: 32989009] - xfs: fix lockup issue (Junxiao Bi) [Orabug: 32880215] - Build Pensando drivers for uek5 kernel (Vijay Kumar) [Orabug: 32569849] - net/ethernet/pensando: Fix Pensando driver build (Vijay Kumar) [Orabug: 32569849] - Added mdev, mnet_uio_pdrv and ionic_mnic driver src to UEK5 (Vijay Kumar) [Orabug: 32569849] - Linux 4.14.227 (Greg Kroah-Hartman) - genirq: Disable interrupts for force threaded handlers (Thomas Gleixner) - ext4: fix potential error in ext4_do_update_inode (Shijie Luo) - ext4: do not try to set xattr into ea_inode if value is empty (zhangyi (F)) - ext4: find old entry again if failed to rename whiteout (zhangyi (F)) - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (Oleg Nesterov) - x86: Move TS_COMPAT back to asm/thread_info.h (Oleg Nesterov) - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (Oleg Nesterov) - x86/ioapic: Ignore IRQ2 again (Thomas Gleixner) - PCI: rpadlpar: Fix potential drc_name corruption in store functions (Tyrel Datwyler) - iio: hid-sensor-temperature: Fix issues of timestamp channel (Ye Xiang) - iio: hid-sensor-prox: Fix scale not correct issue (Ye Xiang) - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel (Ye Xiang) - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler (Dinghao Liu) - iio: adis16400: Fix an error code in adis16400_initial_setup() (Dan Carpenter) - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel (Jonathan Albrieux) - iio:adc:stm32-adc: Add HAS_IOMEM dependency (Jonathan Cameron) - usb: gadget: configfs: Fix KASAN use-after-free (Jim Lin) - USB: replace hardcode maximum usb string length by definition (Macpaul Lin) - usb-storage: Add quirk to defeat Kindle's automatic unload (Alan Stern) - nvme-rdma: fix possible hang when failing to set io queues (Sagi Grimberg) - scsi: lpfc: Fix some error codes in debugfs (Dan Carpenter) - net/qrtr: fix __netdev_alloc_skb call (Pavel Skripkin) - sunrpc: fix refcount leak for rpc auth modules (Daniel Kobras) - svcrdma: disable timeouts on rdma backchannel (Timo Rothenpieler) - NFSD: Repair misuse of sv_lock in 5.10.16-rt30. (Joe Korty) - nvmet: don't check iosqes,iocqes for discovery controllers (Sagi Grimberg) - tools build feature: Check if pthread_barrier_t is available (Arnaldo Carvalho de Melo) - perf: Make perf able to build with latest libbfd (Changbin Du) - tools build: Check if gettid() is available before providing helper (Arnaldo Carvalho de Melo) - tools build feature: Check if eventfd() is available (Arnaldo Carvalho de Melo) - tools build feature: Check if get_current_dir_name() is available (Arnaldo Carvalho de Melo) - perf tools: Use - Revert 'PM: runtime: Update device status before letting suppliers suspend' (Rafael J. Wysocki) - net: dsa: b53: Support setting learning on port (Florian Fainelli) - bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) - ext4: check journal inode extents more carefully (Jan Kara) - ext4: don't allow overlapping system zones (Jan Kara) - Linux 4.14.226 (Greg Kroah-Hartman) - xen/events: avoid handling the same event on two cpus at the same time (Juergen Gross) - xen/events: don't unmask an event channel when an eoi is pending (Juergen Gross) - xen/events: reset affinity of 2-level event when tearing it down (Juergen Gross) - iio: imu: adis16400: release allocated memory on failure (Navid Emamdoost) - KVM: arm64: Fix exclusive limit for IPA size (Marc Zyngier) - hwmon: (lm90) Fix max6658 sporadic wrong temperature reading (Boyang Yu) - binfmt_misc: fix possible deadlock in bm_register_write (Lior Ribak) - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (Naveen N. Rao) - include/linux/sched/mm.h: use rcu_dereference in in_vfork() (Matthew Wilcox (Oracle)) - stop_machine: mark helpers __always_inline (Arnd Bergmann) - configfs: fix a use-after-free in __configfs_open_file (Daiyue Zhang) - block: rsxx: fix error return code of rsxx_pci_probe() (Jia-Ju Bai) - NFSv4.2: fix return value of _nfs4_get_security_label() (Ondrej Mosnacek) - sh_eth: fix TRSCER mask for R7S72100 (Sergey Shtylyov) - staging: comedi: pcl818: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: pcl711: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: me4000: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: dmm32at: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das800: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: das6402: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: adv_pci1710: Fix endian problem for AI command data (Ian Abbott) - staging: comedi: addi_apci_1500: Fix endian problem for command sample (Ian Abbott) - staging: comedi: addi_apci_1032: Fix endian problem for COS sample (Ian Abbott) - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan (Lee Gibson) - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd (Lee Gibson) - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() (Dan Carpenter) - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() (Dan Carpenter) - staging: rtl8712: unterminated string leads to read overflow (Dan Carpenter) - staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan() (Dan Carpenter) - staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan() (Dan Carpenter) - usbip: fix vhci_hcd attach_store() races leading to gpf (Shuah Khan) - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf (Shuah Khan) - usbip: fix vudc to check for stream socket (Shuah Khan) - usbip: fix vhci_hcd to check for stream socket (Shuah Khan) - usbip: fix stub_dev to check for stream socket (Shuah Khan) - USB: serial: cp210x: add some more GE USB IDs (Sebastian Reichel) - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (Karan Singhal) - USB: serial: io_edgeport: fix memory leak in edge_startup (Pavel Skripkin) - usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (Forest Crossman) - xhci: Improve detection of device initiated wake signal. (Mathias Nyman) - usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM (Yoshihiro Shimoda) - usb: gadget: f_uac1: stop playback on function disable (Ruslan Bilovol) - usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot (Ruslan Bilovol) - USB: gadget: u_ether: Fix a configfs return code (Dan Carpenter) - Goodix Fingerprint device is not a modem (Yorick de Wid) - mmc: core: Fix partition switch time for eMMC (Adrian Hunter) - s390/dasd: fix hanging IO request during DASD driver unbind (Stefan Haberland) - s390/dasd: fix hanging DASD driver unbind (Stefan Haberland) - Revert 95ebabde382c ('capabilities: Don't allow writing ambiguous v3 file capabilities') (Eric W. Biederman) - ALSA: usb-audio: Fix 'cannot get freq eq' errors on Dell AE515 sound bar (Takashi Iwai) - ALSA: hda: Avoid spurious unsol event handling during S3/S4 (Takashi Iwai) - ALSA: hda: Drop the BATCH workaround for AMD controllers (Takashi Iwai) - ALSA: hda/hdmi: Cancel pending works before suspend (Takashi Iwai) - scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (Mike Christie) - s390/smp: __smp_rescan_cpus() - move cpumask away from stack (Heiko Carstens) - PCI: mediatek: Add missing of_node_put() to fix reference leak (Krzysztof Wilczynski) - PCI: xgene-msi: Fix race in installing chained irq handler (Martin Kaiser) - powerpc/perf: Record counter overflow always if SAMPLE_IP is unset (Athira Rajeev) - powerpc: improve handling of unrecoverable system reset (Nicholas Piggin) - mmc: mediatek: fix race condition between msdc_request_timeout and irq (Chaotian Jing) - mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()' (Christophe JAILLET) - udf: fix silent AED tagLocation corruption (Steven J. Magnani) - net: phy: fix save wrong speed and duplex problem if autoneg is on (Guangbin Huang) - media: usbtv: Fix deadlock on suspend (Maxim Mikityanskiy) - s390/cio: return -EFAULT if copy_to_user() fails (Eric Farman) - drm: meson_drv add shutdown function (Artem Lapkin) - drm/compat: Clear bounce structures (Daniel Vetter) - s390/cio: return -EFAULT if copy_to_user() fails again (Wang Qing) - perf traceevent: Ensure read cmdlines are null terminated. (Ian Rogers) - net: stmmac: stop each tx channel independently (Joakim Zhang) - net: davicom: Fix regulator not turned off on driver removal (Paul Cercueil) - net: davicom: Fix regulator not turned off on failed probe (Paul Cercueil) - net: lapbether: Remove netif_start_queue / netif_stop_queue (Xie He) - net: usb: qmi_wwan: allow qmimux add/del with master up (Daniele Palmas) - net: sched: avoid duplicates in classes dump (Maximilian Heyne) - net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10 (Ong Boon Leong) - net/mlx4_en: update moderation when config reset (Kevin(Yudong) Yang) - sh_eth: fix TRSCER mask for SH771x (Sergey Shtylyov) - Revert 'mm, slub: consider rest of partial list if acquire_slab() fails' (Linus Torvalds) - cifs: return proper error code in statfs(2) (Paulo Alcantara) - netfilter: x_tables: gpf inside xt_find_revision() (Vasily Averin) - can: flexcan: enable RX FIFO after FRZ/HALT valid (Joakim Zhang) - can: flexcan: assert FRZ bit in flexcan_chip_freeze() (Joakim Zhang) - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership (Oleksij Rempel) - net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0 (Balazs Nemeth) - net: Fix gro aggregation for udp encaps with zero csum (Daniel Borkmann) - ath9k: fix transmitting to stations in dynamic SMPS mode (Felix Fietkau) - ethernet: alx: fix order of calls on resume (Jakub Kicinski) - uapi: nfnetlink_cthelper.h: fix userspace compilation error (Dmitry V. Levin) - Linux 4.14.225 (Greg Kroah-Hartman) - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register (AngeloGioacchino Del Regno) - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom (Aswath Govindraju) - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller (Bjorn Helgaas) - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 (Hans de Goede) - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices (Hans de Goede) - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag (Hans de Goede) - platform/x86: acer-wmi: Add new force_caps module parameter (Hans de Goede) - platform/x86: acer-wmi: Cleanup accelerometer device handling (Hans de Goede) - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (Hans de Goede) - mwifiex: pcie: skip cancel_work_sync() on reset failure path (Tsuchiya Yuto) - iommu/amd: Fix sleeping in atomic in increase_address_space() (Andrey Ryabinin) - dm table: fix iterate_devices based device capability checks (Jeffle Xu) - rsxx: Return -EFAULT if copy_to_user() fails (Dan Carpenter) - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (Colin Ian King) - usbip: tools: fix build error for multiple definition (Antonio Borneo) - btrfs: fix raid6 qstripe kmap (Ira Weiny) - btrfs: raid56: simplify tracking of Q stripe presence (David Sterba) - Linux 4.14.224 (Greg Kroah-Hartman) - media: v4l: ioctl: Fix memory leak in video_usercopy (Sakari Ailus) - swap: fix swapfile read/write offset (Jens Axboe) - zsmalloc: account the number of compacted pages correctly (Rokudo Yan) - xen-netback: respect gnttab_map_refs()'s return value (Jan Beulich) - parisc: Bump 64-bit IRQ stack size to 64 KB (John David Anglin) - f2fs: handle unallocated section and zone on pinned/atgc (Jaegeuk Kim) - media: uvcvideo: Allow entities with no pads (Ricardo Ribalda) - staging: most: sound: add sanity check for function argument (Christian Gromm) - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data (Gopal Tiwari) - x86/build: Treat R_386_PLT32 relocation as R_386_PC32 (Fangrui Song) - ath10k: fix wmi mgmt tx queue full due to race condition (Miaoqing Pan) - pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() (Di Zhu) - wlcore: Fix command execute failure 19 for wl12xx (Tony Lindgren) - vt/consolemap: do font sum unsigned (Jiri Slaby) - x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk (Heiner Kallweit) - staging: fwserial: Fix error handling in fwserial_create (Dinghao Liu) - dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ (Geert Uytterhoeven) - net: bridge: use switchdev for port flags set through sysfs too (Vladimir Oltean) - mm/hugetlb.c: fix unnecessary address expansion of pmd sharing (Li Xinhai) - net: fix up truesize of cloned skb in skb_prepare_for_shift() (Marco Elver) - smackfs: restrict bytes count in smackfs write functions (Sabyrzhan Tasbolatov) - xfs: Fix assert failure in xfs_setattr_size() (Yumei Huang) - media: mceusb: sanity check for prescaler value (Sean Young) - JFS: more checks for invalid superblock (Randy Dunlap) - arm64: Use correct ll/sc atomic constraints (Andrew Murray) - arm64: cmpxchg: Use 'K' instead of 'L' for ll/sc immediate constraint (Will Deacon) - arm64: Avoid redundant type conversions in xchg() and cmpxchg() (Will Deacon) - arm64 module: set plt* section addresses to 0x0 (Shaoying Xu) - virtio/s390: implement virtio-ccw revision 2 correctly (Cornelia Huck) - drm/virtio: use kvmalloc for large allocations (Sergey Senozhatsky) - hugetlb: fix update_and_free_page contig page struct assumption (Mike Kravetz) - scripts: set proper OpenSSL include dir also for sign-file (Rolf Eike Beer) - scripts: use pkg-config to locate libcrypto (Rolf Eike Beer) - net: usb: qmi_wwan: support ZTE P685M modem (Lech Perczak) [4.14.35-2047.506.0.el7] - Linux 4.14.223 (Greg Kroah-Hartman) - dm era: Update in-core bitset after committing the metadata (Nikos Tsironis) - net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending (Jason A. Donenfeld) - ipv6: silence compilation warning for non-IPV6 builds (Leon Romanovsky) - ipv6: icmp6: avoid indirect call for icmpv6_send() (Eric Dumazet) - sunvnet: use icmp_ndo_send helper (Jason A. Donenfeld) - gtp: use icmp_ndo_send helper (Jason A. Donenfeld) - icmp: allow icmpv6_ndo_send to work with CONFIG_IPV6=n (Jason A. Donenfeld) - icmp: introduce helper for nat'd source address in network device context (Jason A. Donenfeld) - dm era: only resize metadata in preresume (Nikos Tsironis) - dm era: Reinitialize bitset cache before digesting a new writeset (Nikos Tsironis) - dm era: Use correct value size in equality function of writeset tree (Nikos Tsironis) - dm era: Fix bitset memory leaks (Nikos Tsironis) - dm era: Verify the data block size hasn't changed (Nikos Tsironis) - dm era: Recover committed writeset after crash (Nikos Tsironis) - gfs2: Don't skip dlm unlock if glock has an lvb (Bob Peterson) - sparc32: fix a user-triggerable oops in clear_user() (Al Viro) - f2fs: fix out-of-repair __setattr_copy() (Chao Yu) - printk: fix deadlock when kernel panic (Muchun Song) - gpio: pcf857x: Fix missing first interrupt (Maxim Kiselev) - mmc: sdhci-esdhc-imx: fix kernel panic when remove module (Frank Li) - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (Fangrui Song) - libnvdimm/dimm: Avoid race between probe and available_slots_show() (Dan Williams) - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() (Yoshihiro Shimoda) - mm: hugetlb: fix a race between freeing and dissolving the page (Muchun Song) - hugetlb: fix copy_huge_page_from_user contig page struct assumption (Mike Kravetz) - fs/affs: release old buffer head on error path (Pan Bian) - mtd: spi-nor: hisi-sfc: Put child node np on error path (Pan Bian) - watchdog: mei_wdt: request stop on unregister (Alexander Usyskin) - arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (He Zhe) - floppy: reintroduce O_NDELAY fix (Jiri Kosina) - x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson) - staging: rtl8188eu: Add Edimax EW-7811UN V2 to device table (Martin Kaiser) - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue (Sabyrzhan Tasbolatov) - seccomp: Add missing return in non-void function (Paul Cercueil) - crypto: sun4i-ss - handle BigEndian for cipher (Corentin Labbe) - crypto: sun4i-ss - checking sg length is not sufficient (Corentin Labbe) - btrfs: fix extent buffer leak on failure to copy root (Filipe Manana) - btrfs: fix reloc root leak with 0 ref reloc roots on recovery (Josef Bacik) - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root (Josef Bacik) - KEYS: trusted: Fix migratable=1 failing (Jarkko Sakkinen) - tpm_tis: Fix check_locality for correct locality acquisition (James Bottomley) - ALSA: hda/realtek: modify EAPD in the ALC886 (PeiSen Hou) - usb: dwc3: gadget: Fix dep->interval for fullspeed interrupt (Thinh Nguyen) - usb: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 (Thinh Nguyen) - USB: serial: mos7720: fix error code in mos7720_write() (Dan Carpenter) - USB: serial: mos7840: fix error code in mos7840_write() (Dan Carpenter) - usb: musb: Fix runtime PM race in musb_queue_resume_work (Paul Cercueil) - USB: serial: option: update interface mapping for ZTE P685M (Lech Perczak) - Input: i8042 - add ASUS Zenbook Flip to noselftest list (Marcos Paulo de Souza) - Input: joydev - prevent potential read overflow in ioctl (Dan Carpenter) - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox Series X|S (Olivier Crate) - Input: raydium_ts_i2c - do not send zero length (jeffrey.lin) - HID: wacom: Ignore attempts to overwrite the touch_max value from HID (Jason Gerecke) - ACPI: configfs: add missing check after configfs_register_default_group() (Qinglang Miao) - ACPI: property: Fix fwnode string properties matching (Rafael J. Wysocki) - blk-settings: align max_sectors on 'logical_block_size' boundary (Mikulas Patocka) - scsi: bnx2fc: Fix Kconfig warning & CNIC build errors (Randy Dunlap) - mm/rmap: fix potential pte_unmap on an not mapped pte (Miaohe Lin) - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (Maxime Ripard) - arm64: Add missing ISB after invalidating TLB in __primary_switch (Marc Zyngier) - mm/hugetlb: fix potential double free in hugetlb_register_node() error path (Miaohe Lin) - mm/memory.c: fix potential pte_unmap_unlock pte error (Miaohe Lin) - ocfs2: fix a use after free on error (Dan Carpenter) - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (Chuhong Yuan) - i40e: Fix overwriting flow control settings during driver loading (Mateusz Palczewski) - i40e: Fix flow for IPv6 next header (extension header) (Slawomir Laba) - ext4: fix potential htree index checksum corruption (Theodore Ts'o) - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (Konrad Dybcio) - PCI: Align checking of syscall user config accessors (Heiner Kallweit) - VMCI: Use set_page_dirty_lock() when unregistering guest memory (Jorgen Hansen) - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() (Simon South) - misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (Aswath Govindraju) - misc: eeprom_93xx46: Fix module alias to enable module autoprobe (Aswath Govindraju) - sparc64: only select COMPAT_BINFMT_ELF if BINFMT_ELF is set (Randy Dunlap) - Input: elo - fix an error code in elo_connect() (Dan Carpenter) - perf test: Fix unaligned access in sample parsing test (Namhyung Kim) - perf intel-pt: Fix missing CYC processing in PSB (Adrian Hunter) - spi: pxa2xx: Fix the controller numbering for Wildcat Point (Andy Shevchenko) - powerpc/8xx: Fix software emulation interrupt (Christophe Leroy) - powerpc/pseries/dlpar: handle ibm, configure-connector delay status (Nathan Lynch) - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq() (Dan Carpenter) - spi: stm32: properly handle 0 byte transfer (Alain Volmat) - RDMA/rxe: Fix coding error in rxe_recv.c (Bob Pearson) - perf tools: Fix DSO filtering when not finding a map for a sampled address (Arnaldo Carvalho de Melo) - tracepoint: Do not fail unregistering a probe due to memory failure (Steven Rostedt (VMware)) - amba: Fix resource leak for drivers without .remove (Uwe Kleine-Konig) - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (Vladimir Murzin) - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (Christophe JAILLET) - powerpc/47x: Disable 256k page size (Christophe Leroy) - IB/umad: Return EIO in case of when device disassociated (Shay Drory) - auxdisplay: ht16k33: Fix refresh rate handling (Geert Uytterhoeven) - isofs: release buffer head before return (Pan Bian) - spi: atmel: Put allocated master before return (Pan Bian) - certs: Fix blacklist flag type confusion (David Howells) - regulator: axp20x: Fix reference cout leak (Pan Bian) - clocksource/drivers/mxs_timer: Add missing semicolon when DEBUG is defined (Tom Rix) - rtc: s5m: select REGMAP_I2C (Bartosz Golaszewski) - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (Claudiu Beznea) - of/fdt: Make sure no-map does not remove already reserved regions (Nicolas Boichat) - fdt: Properly handle 'no-map' field in the memory region (KarimAllah Ahmed) - mfd: bd9571mwv: Use devm_mfd_add_devices() (Yoshihiro Shimoda) - dmaengine: hsu: disable spurious interrupt (Ferry Toth) - dmaengine: fsldma: Fix a resource leak in an error handling path of the probe function (Christophe JAILLET) - dmaengine: fsldma: Fix a resource leak in the remove function (Christophe JAILLET) - HID: core: detect and skip invalid inputs to snto32() (Randy Dunlap) - spi: cadence-quadspi: Abort read if dummy cycles required are too many (Pratyush Yadav) - clk: meson: clk-pll: fix initializing the old rate (fallback) for a PLL (Martin Blumenstingl) - capabilities: Don't allow writing ambiguous v3 file capabilities (Eric W. Biederman) - jffs2: fix use after free in jffs2_sum_write_data() (Tom Rix) - fs/jfs: fix potential integer overflow on shift of a int (Colin Ian King) - ima: Free IMA measurement buffer after kexec syscall (Lakshmi Ramasubramanian) - ima: Free IMA measurement buffer on error (Lakshmi Ramasubramanian) - crypto: ecdh_helper - Ensure 'len >= secret.len' in decode_key() (Daniele Alessandrelli) - hwrng: timeriomem - Fix cooldown period calculation (Jan Henrik Weinstock) - btrfs: clarify error returns values in __load_free_space_cache (Zhihao Cheng) - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind() (Andrea Parri (Microsoft)) - ata: ahci_brcm: Add back regulators management (Florian Fainelli) - media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (Laurent Pinchart) - media: pxa_camera: declare variable when DEBUG is defined (Tom Rix) - media: cx25821: Fix a bug when reallocating some dma memory (Christophe JAILLET) - media: qm1d1c0042: fix error return code in qm1d1c0042_init() (Luo Meng) - media: lmedm04: Fix misuse of comma (Joe Perches) - crypto: bcm - Rename struct device_private to bcm_device_private (Jiri Olsa) - ASoC: cs42l56: fix up error handling in probe (Dan Carpenter) - media: tm6000: Fix memleak in tm6000_start_stream (Dinghao Liu) - media: media/pci: Fix memleak in empress_init (Dinghao Liu) - media: vsp1: Fix an error handling path in the probe function (Christophe JAILLET) - media: i2c: ov5670: Fix PIXEL_RATE minimum value (Jacopo Mondi) - MIPS: lantiq: Explicitly compare LTQ_EBU_PCC_ISTAT against 0 (Nathan Chancellor) - MIPS: c-r4k: Fix section mismatch for loongson2_sc_init (Nathan Chancellor) - crypto: sun4i-ss - fix kmap usage (Corentin Labbe) - gma500: clean up error handling in init (Dan Carpenter) - drm/gma500: Fix error return code in psb_driver_load() (Jialin Zhang) - fbdev: aty: SPARC64 requires FB_ATY_CT (Randy Dunlap) - net: mvneta: Remove per-cpu queue mapping for Armada 3700 (Maxime Chevallier) - net: amd-xgbe: Reset link when the link never comes back (Shyam Sundar S K) - net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout (Shyam Sundar S K) - ibmvnic: skip send_request_unmap for timeout reset (Lijun Pan) - b43: N-PHY: Fix the update of coef for the PHY revision >= 3case (Colin Ian King) - mac80211: fix potential overflow when multiplying to u32 integers (Colin Ian King) - bnxt_en: reverse order of TX disable and carrier off (Edwin Peer) - ath9k: fix data bus crash when setting nf_override via debugfs (Linus Lussing) - bpf_lru_list: Read double-checked variable once without lock (Marco Elver) - ARM: s3c: fix fiq for clang IAS (Arnd Bergmann) - arm64: dts: msm8916: Fix reserved and rfsa nodes unit address (Vincent Knecht) - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (Chen-Yu Tsai) - usb: dwc2: Make 'trimming xfer length' a debug message (Guenter Roeck) - usb: dwc2: Abort transaction after errors with unknown reason (Guenter Roeck) - usb: dwc2: Do not update data length if it is 0 on inbound transfers (Guenter Roeck) - ARM: dts: Configure missing thermal interrupt for 4430 (Tony Lindgren) - Bluetooth: Put HCI device if inquiry procedure interrupts (Pan Bian) - Bluetooth: drop HCI device reference before return (Pan Bian) - usb: gadget: u_audio: Free requests only after callback (Jack Pham) - cpufreq: brcmstb-avs-cpufreq: Fix resource leaks in ->remove() (Christophe JAILLET) - arm64: dts: exynos: correct PMIC interrupt trigger level on Espresso (Krzysztof Kozlowski) - arm64: dts: exynos: correct PMIC interrupt trigger level on TM2 (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale Octa (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (Krzysztof Kozlowski) - Bluetooth: Fix initializing response id after clearing struct (Christopher William Snowhill) - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (Christophe JAILLET) - random: fix the RNDRESEEDCRNG ioctl (Eric Biggers) - MIPS: vmlinux.lds.S: add missing PAGE_ALIGNED_DATA() section (Alexander Lobakin) - kdb: Make memory allocations more robust (Sumit Garg) - vmlinux.lds.h: add DWARF v5 sections (Nick Desaulniers) - scripts/recordmcount.pl: support big endian for ARCH sh (Rong Chen) - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath. (Shyam Prasad N) - NET: usb: qmi_wwan: Adding support for Cinterion MV31 (Christoph Schemmel) - arm64: tegra: Add power-domain for Tegra210 HDA (Sameer Pujar) - ntfs: check for valid standard information attribute (Rustam Kovhaev) - usb: quirks: add quirk to start video capture on ELMO L-12F document camera reliable (Stefan Ursella) - HID: make arrays usage and value to be the same (Will McVicker) - Linux 4.14.222 (Greg Kroah-Hartman) - kvm: check tlbs_dirty directly (Lai Jiangshan) - usb: gadget: u_ether: Fix MTU size mismatch with RX packet size (Manish Narani) - USB: Gadget Ethernet: Re-enable Jumbo frames. (John Greb) - scsi: qla2xxx: Fix crash during driver load on big endian machines (Arun Easi) - xen/arm: don't ignore return errors from set_phys_to_machine (Stefano Stabellini) - tracing: Avoid calling cc-option -mrecord-mcount for every Makefile (Vasily Gorbik) - tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord-mcount (Greg Thelen) - trace: Use -mcount-record for dynamic ftrace (Andi Kleen) - x86/build: Disable CET instrumentation in the kernel for 32-bit too (Borislav Petkov) - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined (Randy Dunlap) - i2c: stm32f7: fix configuration of the digital filter (Alain Volmat) - vsock: fix locking in vsock_shutdown() (Stefano Garzarella) - vsock/virtio: update credit only if socket is not closed (Stefano Garzarella) - net: watchdog: hold device global xmit lock during tx disable (Edwin Peer) - net/vmw_vsock: improve locking in vsock_connect_timeout() (Norbert Slusarek) - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (Serge Semin) - usb: dwc3: ulpi: fix checkpatch warning (Felipe Balbi) - netfilter: conntrack: skip identical origin tuple in same zone only (Florian Westphal) - netfilter: xt_recent: Fix attempt to update deleted entry (Jozsef Kadlecsik) - bpf: Check for integer overflow when using roundup_pow_of_two() (Bui Quang Minh) - memblock: do not start bottom-up allocations with kernel_end (Roman Gushchin) - ARM: ensure the signal page contains defined contents (Russell King) - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (Alexandre Belloni) - ovl: skip getxattr of security labels (Amir Goldstein) - cap: fix conversions on getxattr (Miklos Szeredi) - ovl: perform vfs_getxattr() with mounter creds (Miklos Szeredi) - platform/x86: hp-wmi: Disable tablet-mode reporting by default (Hans de Goede) - arm64: dts: rockchip: Fix PCIe DT properties on rk3399 (Marc Zyngier) - MIPS: BMIPS: Fix section mismatch warning (Jaedon Shin) - arm/xen: Don't probe xenbus as part of an early initcall (Julien Grall) - tracing: Check length before giving out the filter buffer (Steven Rostedt (VMware)) - tracing: Do not count ftrace events in top level enable output (Steven Rostedt (VMware)) - squashfs: add more sanity checks in xattr id lookup (Phillip Lougher) - squashfs: add more sanity checks in inode lookup (Phillip Lougher) - squashfs: add more sanity checks in id lookup (Phillip Lougher) - memcg: fix a crash in wb_workfn when a device disappears (Theodore Ts'o) - include/trace/events/writeback.h: fix -Wstringop-truncation warnings (Qian Cai) - lib/string: Add strscpy_pad() function (Tobin C. Harding) - SUNRPC: Handle 0 length opaque XDR object data properly (Dave Wysochanski) - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header (Dave Wysochanski) - iwlwifi: mvm: guard against device removal in reprobe (Johannes Berg) - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap (Emmanuel Grumbach) - iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time() (Johannes Berg) - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() (Trond Myklebust) - af_key: relax availability checks for skb size calculation (Cong Wang) - remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load (Sibi Sankar) - remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load (Sibi Sankar) - fgraph: Initialize tracing_graph_pause at task creation (Steven Rostedt (VMware)) - Linux 4.14.221 (Greg Kroah-Hartman) - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (DENG Qingfang) - iommu/vt-d: Do not use flush-queue when caching-mode is on (Nadav Amit) - Input: xpad - sync supported devices with fork on GitHub (Benjamin Valentin) - x86/apic: Add extra serialization for non-serializing MSRs (Dave Hansen) - mm: thp: fix MADV_REMOVE deadlock on shmem THP (Hugh Dickins) - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active (Muchun Song) - mm: hugetlb: fix a race between isolating and freeing page (Muchun Song) - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page (Muchun Song) - ARM: footbridge: fix dc21285 PCI configuration accessors (Russell King) - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs (Thorsten Leemhuis) - mmc: core: Limit retries when analyse of SDIO tuples fails (Fengnan Chang) - smb3: Fix out-of-bounds bug in SMB2_negotiate() (Gustavo A. R. Silva) - cifs: report error instead of invalid when revalidating a dentry fails (Aurelien Aptel) - xhci: fix bounce buffer usage for non-sg list case (Mathias Nyman) - kretprobe: Avoid re-registration of the same kretprobe earlier (Wang ShaoBo) - mac80211: fix station rate table updates on assoc (Felix Fietkau) - ovl: fix dentry leak in ovl_get_redirect (Liangyan) - usb: dwc2: Fix endpoint direction check in ep_from_windex (Heiko Stuebner) - USB: usblp: don't call usb_set_interface if there's a single alt (Jeremy Figgins) - USB: gadget: legacy: fix an error code in eth_bind() (Dan Carpenter) - ipv4: fix race condition between route lookup and invalidation (Wei Wang) - elfcore: fix building with clang (Arnd Bergmann) - objtool: Support Clang non-section symbols in ORC generation (Josh Poimboeuf) - net: lapb: Copy the skb before sending a packet (Xie He) - arm64: dts: ls1046a: fix dcfg address range (Zyta Szpak) - USB: serial: option: Adding support for Cinterion MV31 (Christoph Schemmel) - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 (Chenxin Jin) - USB: serial: cp210x: add pid/vid for WSDA-200-USB (Pho Tran) - Linux 4.14.220 (Greg Kroah-Hartman) - kthread: Extract KTHREAD_IS_PER_CPU (Peter Zijlstra) - objtool: Don't fail on missing symbol table (Josh Poimboeuf) - scsi: ibmvfc: Set default timeout to avoid crash during migration (Brian King) - mac80211: fix fast-rx encryption check (Felix Fietkau) - scsi: libfc: Avoid invoking response handler twice if ep is already completed (Javed Hasan) - scsi: scsi_transport_srp: Don't block target in failfast state (Martin Wilck) - x86: __always_inline __{rd,wr}msr() (Peter Zijlstra) - phy: cpcap-usb: Fix warning for missing regulator_disable (Tony Lindgren) - driver core: Extend device_is_dependent() (Rafael J. Wysocki) - base: core: Remove WARN_ON from link dependencies check (Benjamin Gaignard) - net_sched: gen_estimator: support large ewma log (Eric Dumazet) - net_sched: reject silly cell_log in qdisc_get_rtab() (Eric Dumazet) - ACPI: thermal: Do not call acpi_thermal_check() directly (Rafael J. Wysocki) - ibmvnic: Ensure that CRQ entry read are correctly ordered (Lijun Pan) - net: dsa: bcm_sf2: put device node before return (Pan Bian) - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044345] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32804265] - rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 32863569] - rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 32863569] - xfs: fix xlog_finish_defer_ops (Wengang Wang) [Orabug: 32982355] - Revert 'Allow mce to reset instead of panic on UE' (William Roche) [Orabug: 32820277] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-25671 CVE-2020-25670 CVE-2020-25672 CVE-2021-33909 CVE-2020-14304 Oracle Linux 7 [4.14.35-2047.506.10] - Revert 'rds/ib: reap tx completions during connection shutdown' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: handle posted ACK during connection shutdown' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: recover rds connection from interrupt loss scenario' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: move rds_ib_clear_irq_miss() to .h file' (Manjunath Patil) [Orabug: 33220435] [4.14.35-2047.506.9] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33205367] {CVE-2021-3656} {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33205444] {CVE-2021-3653} {CVE-2021-3653} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3656 CVE-2021-3653 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.204.4.3] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33205365] {CVE-2021-3656} {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33205443] {CVE-2021-3653} {CVE-2021-3653} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3656 CVE-2021-3653 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.204.4.3] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33205365] {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33205443] {CVE-2021-3653} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-3656 Oracle Linux 7 [4.14.35-2047.506.10.el7] - Revert 'rds/ib: reap tx completions during connection shutdown' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: handle posted ACK during connection shutdown' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: recover rds connection from interrupt loss scenario' (Manjunath Patil) [Orabug: 33220435] - Revert 'rds/ib: move rds_ib_clear_irq_miss() to .h file' (Manjunath Patil) [Orabug: 33220435] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33205367] {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33205444] {CVE-2021-3653} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-3656 Oracle Linux 7 [15:4.2.1-11.el7] - pvrdma: Fix the ring init error flow (CVE-2021-3608) (Marcel Apfelbaum) [Orabug: 33120142] {CVE-2021-3608} - pvrdma: Ensure correct input on ring init (CVE-2021-3607) (Marcel Apfelbaum) [Orabug: 33120146] {CVE-2021-3607} - hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582) (Marcel Apfelbaum) [Orabug: 33120084] {CVE-2021-3582} - vhost-user-gpu: reorder free calls. (Gerd Hoffmann) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: abstract vg_cleanup_mapping_iov (Li Qiang) [Orabug: 32950716] {CVE-2021-3546} - vhost-user-gpu: fix OOB write in 'virgl_cmd_get_capset' (CVE-2021-3546) (Li Qiang) [Orabug: 32950716] {CVE-2021-3546} - vhost-user-gpu: fix memory leak in 'virgl_resource_attach_backing' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: fix memory leak in 'virgl_cmd_resource_unref' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: fix memory leak while calling 'vg_resource_unref' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544) (Li Qiang) [Orabug: 32950701] {CVE-2021-3544} - vhost-user-gpu: fix memory disclosure in virgl_cmd_get_capset_info (CVE-2021-3545) (Li Qiang) [Orabug: 32950708] {CVE-2021-3545} - usb: limit combined packets to 1 MiB (CVE-2021-3527) (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527} - usb/redir: avoid dynamic stack allocation (CVE-2021-3527) (Gerd Hoffmann) [Orabug: 32842778] {CVE-2021-3527} - mptsas: Remove unused MPTSASState 'pending' field (CVE-2021-3392) (Michael Tokarev) [Orabug: 32470463] {CVE-2021-3392} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3392 CVE-2021-3527 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 Oracle Linux 7 [10.17-1] - Update to 10.17 Resolves: CVE-2021-32027 Also fixes: CVE-2021-32028 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32027 CVE-2021-32028 Oracle Linux 6 [2.6.32-754.35.1.0.5.OL6] - [kernel] futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [1922249] {CVE-2021-3347} [Orabug: 33150734] - [kernel] futex: Handle faults correctly for PI futexes (Thomas Gleixner) [1922249] {CVE-2021-3347} [Orabug: 33150734] - [kernel] futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [1922249] {CVE-2021-3347}[Orabug: 33150734] - [kernel] futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [1922249] {CVE-2021-3347} [Orabug: 33150734] - [kernel] futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [1922249] {CVE-2021-3347} [Orabug: 33150734] - [drm] drm/i915/guc: Disable firmware loading on i915 option (Dave Airlie) [1930246] {CVE-2020-12362} [Orabug: 33150734] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-12362 CVE-2021-3347 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.54.6] - xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33282046] [4.1.12-124.54.5] - l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng) [Orabug: 33113975] {CVE-2020-0429} - l2tp: fix duplicate session creation (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: fix race in l2tp_recv_common() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani) [Orabug: 33113975] {CVE-2020-0429} - l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com) [Orabug: 33113975] {CVE-2020-0429} [4.1.12-124.54.4] - USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 33113260] {CVE-2019-9456} - usb: usbmon: Read text within supplied buffer size (Pete Zaitcev) [Orabug: 33113260] {CVE-2019-9456} [4.1.12-124.54.3] - uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 32060376] - config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly) [Orabug: 33047770] {CVE-2020-28097} {CVE-2020-28097} - vgacon: remove software scrollback support (Linus Torvalds) [Orabug: 33047770] {CVE-2020-28097} - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114649] {CVE-2021-3609} - iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse) [Orabug: 33199774] [4.1.12-124.54.2] - qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran) [Orabug: 33196002] - qla2xxx: add heartbeat check (Quinn Tran) [Orabug: 33196002] [4.1.12-124.54.1] - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030701] {CVE-2021-34693} - CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna) [Orabug: 33063858] - CIFS: Reconnect expired SMB sessions (Pavel Shilovsky) [Orabug: 33063858] - media: v4l: event: Add subscription to list before calling 'add' operation (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458} - media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458} - chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon) [Orabug: 33113412] {CVE-2020-0305} - kobject: Export kobject_get_unless_zero() (Jan Kara) [Orabug: 33113412] {CVE-2020-0305} - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich) [Orabug: 33114443] {CVE-2020-27068} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-9458 CVE-2020-0305 CVE-2019-9456 CVE-2020-27068 CVE-2020-0429 CVE-2020-28097 CVE-2021-34693 CVE-2021-3609 Oracle Linux 7 Oracle Linux 8 [9.0.0-5] - Use static path configuration for oswatcher scripts {CVE-2021-2464} [Orabug: 33220951] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-2464 Oracle Linux 8 [1.1.4-4.0.1] - Backport fix for CVE-2018-14621 in libtirpc [Orabug: 33017925] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-14621 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.205.7.2] - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276] [5.4.17-2102.205.7.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518] [5.4.17-2102.205.7] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33253169] - vfio/pci: (fixup) Handle concurrent vma faults (Ankur Arora) [Orabug: 33200737] [Orabug: 33187733] [5.4.17-2102.205.6] - xfs: dont drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 33241131] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 33241131] - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372379] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2020-36311 CVE-2021-3573 CVE-2021-3609 CVE-2021-22543 CVE-2021-3656 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.205.7.2.el7] - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276] [5.4.17-2102.205.7.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518] [5.4.17-2102.205.7] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33253169] - vfio/pci: (fixup) Handle concurrent vma faults (Ankur Arora) [Orabug: 33200737] [Orabug: 33187733] [5.4.17-2102.205.6] - xfs: dont drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 33241131] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 33241131] - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372379] [5.4.17-2102.205.5] - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Maxim Levitsky) [Orabug: 33226010] {CVE-2021-3653} - Revert KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Liam Merwick) [Orabug: 33226010] {CVE-2021-3653} - LTS tag: v5.4.140 (Jack Vogel) - arm64: fix compat syscall return truncation (Mark Rutland) - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset (Letu Ren) - alpha: Send stop IPI to send to online CPUs (Prarit Bhargava) - virt_wifi: fix error on connect (Matteo Croce) - reiserfs: check directory items on read from disk (Shreyansh Chouhan) - reiserfs: add check for root_inode in reiserfs_fill_super (Yu Kuai) - libata: fix ata_pio_sector for CONFIG_HIGHMEM (Christoph Hellwig) - bpf, selftests: Adjust few selftest result_unpriv outcomes (Daniel Borkmann) - soc: ixp4xx/qmgr: fix invalid __iomem access (Arnd Bergmann) - spi: meson-spicc: fix memory leak in meson_spicc_remove (Dongliang Mu) - soc: ixp4xx: fix printing resources (Arnd Bergmann) - arm64: vdso: Avoid ISB after reading from cntvct_el0 (Will Deacon) - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds (Sean Christopherson) - KVM: Do not leak memory for duplicate debugfs directories (Paolo Bonzini) - KVM: x86: accept userspace interrupt only if no event is injected (Paolo Bonzini) - md/raid10: properly indicate failure when ending a failed write request (Wei Shuyu) - pcmcia: i82092: fix a null pointer dereference bug (Zheyu Ma) - timers: Move clearing of base::timer_running under base:: Lock (Thomas Gleixner) - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts. (Mario Kleiner) - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver (Andy Shevchenko) - MIPS: Malta: Do not byte-swap accesses to the CBUS UART (Maciej W. Rozycki) - serial: 8250: Mask out floating 16/32-bit bus bits (Maciej W. Rozycki) - serial: 8250_mtk: fix uart corruption issue when rx power off (Zhiyong Tao) - serial: tegra: Only print FIFO error message when an error occurs (Jon Hunter) - ext4: fix potential htree corruption when growing large_dir directories (Theodore Tso) - pipe: increase minimum default pipe size to 2 pages (Alex Xu (Hello71)) - media: rtl28xxu: fix zero-length control request (Johan Hovold) - staging: rtl8712: get rid of flush_scheduled_work (Pavel Skripkin) - staging: rtl8723bs: Fix a resource leak in sd_int_dpc (Xiangyang Zhang) - tpm_ftpm_tee: Free and unregister TEE shared memory during kexec (Tyler Hicks) - optee: Fix memory leak when failing to register shm pages (Tyler Hicks) - tee: add tee_shm_alloc_kernel_buf() (Jens Wiklander) - optee: Clear stale cache entries during initialization (Tyler Hicks) - tracing / histogram: Give calculation hist_fields a size (Steven Rostedt (VMware)) - scripts/tracing: fix the bug that cant parse raw_trace_func (Hui Su) - clk: fix leak on devm_clk_bulk_get_all() unwind (Brian Norris) - usb: otg-fsm: Fix hrtimer list corruption (Dmitry Osipenko) - usb: gadget: f_hid: idle uses the highest byte for duration (Maxim Devaev) - usb: gadget: f_hid: fixed NULL pointer dereference (Phil Elwell) - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (Maxim Devaev) - usb: cdns3: Fixed incorrect gadget state (Pawel Laszczak) - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (Alexander Tsoy) - ALSA: hda/realtek: add mic quirk for Acer SF314-42 (Alexander Monakov) - firmware_loader: fix use-after-free in firmware_fallback_sysfs (Anirudh Rayabharam) - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback (Anirudh Rayabharam) - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (David Bauer) - USB: serial: ch341: fix character loss at high transfer rates (Willy Tarreau) - USB: serial: option: add Telit FD980 composition 0x1056 (Daniele Palmas) - USB: usbtmc: Fix RCU stall warning (Qiang.zhang) - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) {CVE-2021-3573} - blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() (Yu Kuai) - net: vxge: fix use-after-free in vxge_device_unregister (Pavel Skripkin) - net: fec: fix use-after-free in fec_drv_remove (Pavel Skripkin) - net: pegasus: fix uninit-value in get_interrupt_interval (Pavel Skripkin) - bnx2x: fix an error code in bnx2x_nic_load() (Dan Carpenter) - mips: Fix non-POSIX regexp (H. Nikolaus Schaller) - net: ipv6: fix returned variable type in ip6_skb_dst_mtu (Antoine Tenart) - nfp: update ethtool reporting of pauseframe control (Fei Qin) - sctp: move the active_key update after sh_keys is added (Xin Long) - gpio: tqmx86: really make IRQ optional (Matthias Schiffer) - net: natsemi: Fix missing pci_disable_device() in probe and remove (Wang Hai) - net: phy: micrel: Fix detection of ksz87xx switch (Steve Bennett) - net: dsa: sja1105: invalidate dynamic FDB entries learned concurrently with statically added ones (Vladimir Oltean) - net: dsa: sja1105: overwrite dynamic FDB entries with static ones in .port_fdb_add (Vladimir Oltean) - net, gro: Set inner transport header offset in tcp/udp GRO hook (Jakub Sitnicki) - dmaengine: imx-dma: configure the generic DMA type to make it work (Juergen Borleis) - media: videobuf2-core: dequeue if start_streaming fails (Hans Verkuil) - scsi: sr: Return correct event when media event code is 3 (Li Manyi) - spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation (Marek Vasut) - spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (Marek Vasut) - omap5-board-common: remove not physically existing vdds_1v8_main fixed-regulator (H. Nikolaus Schaller) - ARM: dts: am437x-l4: fix typo in can@0 node (Dario Binacchi) - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (Dario Binacchi) - ALSA: usb-audio: fix incorrect clock source setting (chihhao.chen) - arm64: dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode (Pali Rohar) - ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out pins (Marek Vasut) - ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init (Colin Ian King) - ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz (Oleksandr Suvorov) - ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms (Maxime Chevallier) - ARM: imx: add missing clk_disable_unprepare() (Yang Yingliang) - ARM: imx: add missing iounmap() (Yang Yingliang) - arm64: dts: ls1028a: fix node name for the sysclk (Vladimir Oltean) - ALSA: seq: Fix racy deletion of subscriber (Takashi Iwai) - Revert ACPICA: Fix memory leak caused by _CID repair function (Rafael J. Wysocki) - LTS tag: v5.4.139 (Jack Vogel) - spi: mediatek: Fix fifo transfer (Guenter Roeck) - bpf, selftests: Adjust few selftest outcomes wrt unreachable code (Daniel Borkmann) - bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit ones (John Fastabend) - bpf: Test_verifier, add alu32 bounds tracking tests (John Fastabend) - bpf: Fix leakage under speculation on mispredicted branches (Daniel Borkmann) - bpf: Do not mark insn as seen under speculative path verification (Daniel Borkmann) - bpf: Inherit expanded/patched seen count from old aux data (Daniel Borkmann) - Revert watchdog: iTCO_wdt: Account for rebooting on second timeout (Greg Kroah-Hartman) - firmware: arm_scmi: Add delayed response status check (Cristian Marussi) - firmware: arm_scmi: Ensure drivers provide a probe function (Sudeep Holla) - Revert Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Greg Kroah-Hartman) - ACPI: fix NULL pointer dereference (Linus Torvalds) - nvme: fix nvme_setup_command metadata trace event (Keith Busch) - net: Fix zero-copy head len calculation. (Pravin B Shelar) - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() (Jia He) - r8152: Fix potential PM refcount imbalance (Takashi Iwai) - ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (Kyle Russell) - spi: stm32h7: fix full duplex irq handler handling (Alain Volmat) - regulator: rt5033: Fix n_voltages settings for BUCK and LDO (Axel Lin) - btrfs: fix lost inode on log replay after mix of fsync, rename and inode eviction (Filipe Manana) - btrfs: fix race causing unnecessary inode logging during link and rename (Filipe Manana) - btrfs: do not commit logs and transactions during link and rename operations (Filipe Manana) - btrfs: delete duplicated words + other fixes in comments (Randy Dunlap) - uek/ol/config-aarch64: Disable CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER (Vijay Kumar) [Orabug: 33215814] - Revert rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 33220434] - Revert rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 33220434] - Revert rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 33220434] - Revert rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33220434] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33235071] {CVE-2021-3656} - LTS tag: v5.4.138 (Jack Vogel) - can: j1939: j1939_session_deactivate(): clarify lifetime of session object (Oleksij Rempel) - i40e: Add additional info to PHY type error (Lukasz Cieplicki) - Revert perf map: Fix dso->nsinfo refcounting (Arnaldo Carvalho de Melo) - powerpc/pseries: Fix regression while building external modules (Srikar Dronamraju) - PCI: mvebu: Setup BAR0 in order to fix MSI (Shmuel Hazan) - can: hi311x: fix a signedness bug in hi3110_cmd() (Dan Carpenter) - sis900: Fix missing pci_disable_device() in probe and remove (Wang Hai) - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove (Wang Hai) - sctp: fix return value check in __sctp_rcv_asconf_lookup (Marcelo Ricardo Leitner) - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (Dima Chumak) - net/mlx5: Fix flow table chaining (Maor Gottlieb) - net: llc: fix skb_over_panic (Pavel Skripkin) - mlx4: Fix missing error code in mlx4_load_one() (Jiapeng Chong) - net: Set true network header for ECN decapsulation (Gilad Naaman) - tipc: fix sleeping in tipc accept routine (Hoang Le) - i40e: Fix log TC creation failure when max num of queues is exceeded (Jedrzej Jagielski) - i40e: Fix queue-to-TC mapping on Tx (Jedrzej Jagielski) - i40e: Fix firmware LLDP agent related warning (Arkadiusz Kubalewski) - i40e: Fix logic of disabling queues (Arkadiusz Kubalewski) - netfilter: nft_nat: allow to specify layer 4 protocol NAT only (Pablo Neira Ayuso) - netfilter: conntrack: adjust stop timestamp to real expiry value (Florian Westphal) - cfg80211: Fix possible memory leak in function cfg80211_bss_update (Nguyen Dinh Phi) - nfc: nfcsim: fix use after free during module unload (Krzysztof Kozlowski) - NIU: fix incorrect error return, missed in previous revert (Paul Jakma) - HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT (Jason Gerecke) - can: esd_usb2: fix memory leak (Pavel Skripkin) - can: ems_usb: fix memory leak (Pavel Skripkin) - can: usb_8dev: fix memory leak (Pavel Skripkin) - can: mcba_usb_start(): add missing urb->transfer_dma initialization (Pavel Skripkin) - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (Ziyang Xuan) - can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive TP.DT to 750ms (Zhang Changzhong) - ocfs2: issue zeroout to EOF blocks (Junxiao Bi) - ocfs2: fix zero out valid data (Junxiao Bi) - KVM: add missing compat KVM_CLEAR_DIRTY_LOG (Paolo Bonzini) - x86/kvm: fix vcpu-id indexed array sizes (Juergen Gross) - Revert ACPI: resources: Add checks for ACPI IRQ override (Hui Wang) - btrfs: mark compressed range uptodate only if all bio succeed (Goldwyn Rodrigues) - btrfs: fix rw device counting in __btrfs_free_extra_devids (Desmond Cheong Zhi Xi) - x86/asm: Ensure asm/proto.h can be included stand-alone (Jan Kiszka) - net_sched: check error pointer in tcf_dump_walker() (Cong Wang) - LTS tag: v5.4.137 (Jack Vogel) - ipv6: ip6_finish_output2: set sk into newly allocated nskb (Vasily Averin) - ARM: dts: versatile: Fix up interrupt controller node names (Sudeep Holla) - iomap: remove the length variable in iomap_seek_hole (Christoph Hellwig) - iomap: remove the length variable in iomap_seek_data (Christoph Hellwig) - cifs: fix the out of range assignment to bit fields in parse_server_interfaces (Hyunchul Lee) - firmware: arm_scmi: Fix range check for the maximum number of pending messages (Cristian Marussi) - firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (Sudeep Holla) - hfs: add lock nesting notation to hfs_find_init (Desmond Cheong Zhi Xi) - hfs: fix high memory mapping in hfs_bnode_read (Desmond Cheong Zhi Xi) - hfs: add missing clean-up in hfs_fill_super (Desmond Cheong Zhi Xi) - ipv6: allocate enough headroom in ip6_finish_output2() (Vasily Averin) - sctp: move 198 addresses from unusable to private scope (Xin Long) - net: annotate data race around sk_ll_usec (Eric Dumazet) - net/802/garp: fix memleak in garp_request_join() (Yang Yingliang) - net/802/mrp: fix memleak in mrp_request_join() (Yang Yingliang) - cgroup1: fix leaked context root causing sporadic NULL deref in LTP (Paul Gortmaker) - workqueue: fix UAF in pwq_unbound_release_workfn() (Yang Yingliang) - af_unix: fix garbage collect vs MSG_PEEK (Miklos Szeredi) - KVM: x86: determine if an exception has an error code only when injecting it. (Maxim Levitsky) - tools: Allow proper CC/CXX/... override with LLVM=1 in Makefile.include (Yonghong Song) - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c (Greg Kroah-Hartman) - LTS tag: v5.4.136 (Jack Vogel) - xhci: add xhci_get_virt_ep() helper (Mathias Nyman) - perf inject: Close inject.output on exit (Riccardo Mancini) - PCI: Mark AMD Navi14 GPU ATS as broken (Evan Quan) - btrfs: compression: dont try to compress if we dont have enough pages (David Sterba) - iio: accel: bma180: Fix BMA25x bandwidth register values (Stephan Gerhold) - iio: accel: bma180: Use explicit member assignment (Linus Walleij) - net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear (Doug Berger) - net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz (Marek Behun) - drm: Return -ENOTTY for non-drm ioctls (Charles Baylis) - nds32: fix up stack guard gap (Greg Kroah-Hartman) - rbd: always kick acquire on acquired and released notifications (Ilya Dryomov) - rbd: dont hold lock_rwsem while running_list is being drained (Ilya Dryomov) - hugetlbfs: fix mount mode command line processing (Mike Kravetz) - userfaultfd: do not untag user pointers (Peter Collingbourne) - selftest: use mmap instead of posix_memalign to allocate memory (Peter Collingbourne) - ixgbe: Fix packet corruption due to missing DMA sync (Markus Boehme) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (Gustavo A. R. Silva) - btrfs: check for missing device in btrfs_trim_fs (Anand Jain) - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) - tracing/histogram: Rename cpu to common_cpu (Steven Rostedt (VMware)) - firmware/efi: Tell memblock about EFI iomem reservations (Marc Zyngier) - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. (Minas Harutyunyan) - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (John Keeping) - USB: serial: cp210x: fix comments for GE CS1000 (Ian Ray) - USB: serial: option: add support for u-blox LARA-R6 family (Marco De Marco) - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (Yoshihiro Shimoda) - usb: max-3421: Prevent corruption of freed memory (Mark Tomlinson) - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (Julian Sikorski) - usb: hub: Fix link power management max exit latency (MEL) calculations (Mathias Nyman) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (Mathias Nyman) - KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state (Nicholas Piggin) - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Nicholas Piggin) - xhci: Fix lost USB 2 remote wake (Mathias Nyman) - ALSA: hdmi: Expose all pins on MSI MS-7C94 board (Takashi Iwai) - ALSA: sb: Fix potential ABBA deadlock in CSP driver (Takashi Iwai) - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (Alexander Tsoy) - ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (Takashi Iwai) - s390/boot: fix use of expolines in the DMA code (Alexander Egorenkov) - s390/ftrace: fix ftrace_update_ftrace_func implementation (Vasily Gorbik) - Revert MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei) - proc: Avoid mixing integer types in mem_rw() (Marcelo Henrique Cerri) - drm/panel: raspberrypi-touchscreen: Prevent double-free (Maxime Ripard) - net: sched: cls_api: Fix the the wrong parameter (Yajun Deng) - sctp: update active_key for asoc when old key is being replaced (Xin Long) - nvme: set the PRACT bit when using Write Zeroes with T10 PI (Christoph Hellwig) - r8169: Avoid duplicate sysfs entry creation error (Sayanta Pattanayak) - afs: Fix tracepoint string placement with built-in AFS (David Howells) - Revert USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - nvme-pci: dont WARN_ON in nvme_reset_work if ctrl.state is not RESETTING (Zhihao Cheng) - ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (Paolo Abeni) - net/sched: act_skbmod: Skip non-Ethernet packets (Peilin Ye) - net: hns3: fix rx VLAN offload state inconsistent issue (Jian Shen) - net/tcp_fastopen: fix data races around tfo_active_disable_stamp (Eric Dumazet) - net: hisilicon: rename CACHE_LINE_MASK to avoid redefinition (Randy Dunlap) - bnxt_en: Check abort error state in bnxt_half_open_nic() (Somnath Kotur) - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (Michael Chan) - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (Michael Chan) - spi: cadence: Correct initialisation of runtime PM again (Marek Vasut) - scsi: target: Fix protect handling in WRITE SAME(32) (Dmitry Bogdanov) - scsi: iscsi: Fix iface sysfs attr detection (Mike Christie) - netrom: Decrease sock refcount when sock timers expire (Nguyen Dinh Phi) - net: sched: fix memory leak in tcindex_partial_destroy_work (Pavel Skripkin) - KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (Nicholas Piggin) - KVM: PPC: Book3S: Fix CONFIG_TRANSACTIONAL_MEM=n crash (Nicholas Piggin) - net: decnet: Fix sleeping inside in af_decnet (Yajun Deng) - efi/tpm: Differentiate missing and invalid final event log table. (Michal Suchanek) - net: fix uninit-value in caif_seqpkt_sendmsg (Ziyang Xuan) - bpftool: Check malloc return value in mount_bpffs_for_pin (Tobias Klauser) - bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats (John Fastabend) - s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] (Colin Ian King) - liquidio: Fix unintentional sign extension issue on left shift of u16 (Colin Ian King) - ASoC: rt5631: Fix regcache sync errors on resume (Maxim Schwalm) - spi: mediatek: fix fifo rx mode (Peter Hess) - regulator: hi6421: Fix getting wrong drvdata (Axel Lin) - regulator: hi6421: Use correct variable type for regmap api val argument (Axel Lin) - spi: stm32: fixes pm_runtime calls in probe/remove (Alain Volmat) - spi: stm32: Use dma_request_chan() instead dma_request_slave_channel() (Peter Ujfalusi) - spi: imx: add a check for speed_hz before calculating the clock (Clark Wang) - perf data: Close all files in close_dir() (Riccardo Mancini) - perf probe-file: Delete namelist in del_events() on the error path (Riccardo Mancini) - perf lzma: Close lzma stream on exit (Riccardo Mancini) - perf script: Fix memory threads and cpus leaks on exit (Riccardo Mancini) - perf dso: Fix memory leak in dso__new_map() (Riccardo Mancini) - perf test event_update: Fix memory leak of evlist (Riccardo Mancini) - perf test session_topology: Delete session->evlist (Riccardo Mancini) - perf env: Fix sibling_dies memory leak (Riccardo Mancini) - perf probe: Fix dso->nsinfo refcounting (Riccardo Mancini) - nvme-pci: do not call nvme_dev_remove_admin from nvme_remove (Casey Chen) - cxgb4: fix IRQ free race during driver unload (Shahjada Abul Husain) - pwm: sprd: Ensure configuring period and duty_cycle isnt wrongly skipped (Uwe Kleine-Konig) - selftests: icmp_redirect: IPv6 PMTU info should be cleared after redirect (Hangbin Liu) - selftests: icmp_redirect: remove from checking for IPv6 route get (Hangbin Liu) - ipv6: fix disable_policy for fwd packets (Nicolas Dichtel) - gve: Fix an error handling path in gve_probe() (Christophe JAILLET) - igb: Fix position of assignment to *ring (Jedrzej Jagielski) - igb: Check if num of q_vectors is smaller than max before array access (Aleksandr Loktionov) - iavf: Fix an error handling path in iavf_probe() (Christophe JAILLET) - e1000e: Fix an error handling path in e1000_probe() (Christophe JAILLET) - fm10k: Fix an error handling path in fm10k_probe() (Christophe JAILLET) - igb: Fix an error handling path in igb_probe() (Christophe JAILLET) - igc: Fix an error handling path in igc_probe() (Christophe JAILLET) - igc: Prefer to use the pci_release_mem_regions method (Sasha Neftin) - ixgbe: Fix an error handling path in ixgbe_probe() (Christophe JAILLET) - igc: change default return of igc_read_phy_reg() (Tom Rix) - igb: Fix use-after-free error during reset (Vinicius Costa Gomes) - igc: Fix use-after-free error during reset (Vinicius Costa Gomes) - LTS tag: v5.4.135 (Jack Vogel) - udp: annotate data races around unix_sk(sk)->gso_size (Eric Dumazet) - perf test bpf: Free obj_buf (Riccardo Mancini) - bpftool: Properly close va_list ap by va_end() on error (Gu Shengxian) - ipv6: tcp: drop silly ICMPv6 packet too big messages (Eric Dumazet) - tcp: annotate data races around tp->mtu_info (Eric Dumazet) - dma-buf/sync_file: Dont leak fences on merge failure (Jason Ekstrand) - net: fddi: fix UAF in fza_probe (Pavel Skripkin) - net: validate lwtstate->data before returning from skb_tunnel_info() (Taehee Yoo) - net: send SYNACK packet with accepted fwmark (Alexander Ovechkin) - net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) - net: qcom/emac: fix UAF in emac_remove (Pavel Skripkin) - net: moxa: fix UAF in moxart_mac_probe (Pavel Skripkin) - net: ip_tunnel: fix mtu calculation for ETHER tunnel devices (Hangbin Liu) - net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (Florian Fainelli) - net: bridge: sync fdb to new unicast-filtering ports (Wolfgang Bumiller) - net/sched: act_ct: fix err check for nf_conntrack_confirm (wenxu) - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (Vasily Averin) - net: ipv6: fix return value of ip6_skb_dst_mtu (Vadim Fedorenko) - net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz (Marek Behun) - net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz (Marek Behun) - dm writecache: return the exact table values that were set (Mikulas Patocka) - usb: cdns3: Enable TDL_CHK only for OUT ep (Sanket Parmar) - f2fs: Show casefolding support only when supported (Daniel Rosenberg) - arm64: dts: marvell: armada-37xx: move firmware node to generic dtsi file (Pali Rohar) - firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware compatible string (Pali Rohar) - arm64: dts: armada-3720-turris-mox: add firmware node (Marek Behun) - cifs: prevent NULL deref in cifs_compose_mount_options() (Paulo Alcantara) - s390: introduce proper type handling call_on_stack() macro (Heiko Carstens) - sched/fair: Fix CFS bandwidth hrtimer expiry type (Odin Ugedal) - scsi: qedf: Add check to synchronize abort and flush (Javed Hasan) - scsi: libfc: Fix array index out of bound exception (Javed Hasan) - scsi: libsas: Add LUN number check in .slave_alloc callback (Yufen Yu) - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 (Colin Ian King) - rtc: max77686: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set (Matthias Maennich) - thermal/core: Correct function name thermal_zone_device_unregister() (Yang Yingliang) - arm64: dts: imx8mq: assign PCIe clocks (Lucas Stach) - arm64: dts: ls208xa: remove bus-num from dspi node (Mian Yousaf Kaukab) - firmware: tegra: bpmp: Fix Tegra234-only builds (Thierry Reding) - soc/tegra: fuse: Fix Tegra234-only builds (Thierry Reding) - ARM: dts: stm32: move stmmac axi config in ethernet node on stm32mp15 (Alexandre Torgue) - ARM: dts: stm32: fix i2c node name on stm32f746 to prevent warnings (Alexandre Torgue) - ARM: dts: rockchip: fix supply properties in io-domains nodes (Johan Jonker) - arm64: dts: juno: Update SCPI nodes as per the YAML schema (Sudeep Holla) - ARM: dts: stm32: fix timer nodes on STM32 MCU to prevent warnings (Alexandre Torgue) - ARM: dts: stm32: fix RCC node name on stm32f429 MCU (Alexandre Torgue) - ARM: dts: stm32: fix gpio-keys node on STM32 MCU boards (Alexandre Torgue) - ARM: dts: am437x-gp-evm: fix ti,no-reset-on-init flag for gpios (Grygorii Strashko) - ARM: dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios (Grygorii Strashko) - kbuild: sink stdout from cmd for silent build (Masahiro Yamada) - rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info (Jonathan Neuschafer) - ARM: dts: imx6: phyFLEX: Fix UART hardware flow control (Primoz Fiser) - ARM: dts: Hurricane 2: Fix NAND nodes names (Rafal Milecki) - ARM: dts: BCM63xx: Fix NAND nodes names (Rafal Milecki) - ARM: NSP: dts: fix NAND nodes names (Rafal Milecki) - ARM: Cygnus: dts: fix NAND nodes names (Rafal Milecki) - ARM: brcmstb: dts: fix NAND nodes names (Rafal Milecki) - reset: ti-syscon: fix to_ti_syscon_reset_data macro (Philipp Zabel) - arm64: dts: rockchip: Fix power-controller node names for rk3328 (Elaine Zhang) - arm64: dts: rockchip: Fix power-controller node names for px30 (Elaine Zhang) - ARM: dts: rockchip: Fix power-controller node names for rk3288 (Elaine Zhang) - ARM: dts: rockchip: Fix power-controller node names for rk3188 (Elaine Zhang) - ARM: dts: rockchip: Fix power-controller node names for rk3066a (Elaine Zhang) - ARM: dts: rockchip: Fix IOMMU nodes properties on rk322x (Benjamin Gaignard) - ARM: dts: rockchip: Fix the timer clocks order (Ezequiel Garcia) - arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi (Johan Jonker) - ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 (Johan Jonker) - ARM: dts: gemini: add device_type on pci (Corentin Labbe) - ARM: dts: gemini: rename mdio to the right name (Corentin Labbe) - LTS tag: v5.4.134 (Jack Vogel) - misc: alcor_pci: fix inverted branch condition (Tong Zhang) - scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() (Dan Carpenter) - MIPS: vdso: Invalid GIC access through VDSO (Martin Facknitz) - mips: disable branch profiling in boot/decompress.o (Randy Dunlap) - mips: always link byteswap helpers into decompressor (Arnd Bergmann) - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() (Christophe JAILLET) - firmware: turris-mox-rwtm: fail probing when firmware does not support hwrng (Pali Rohar) - firmware: turris-mox-rwtm: report failures better (Marek Behun) - firmware: turris-mox-rwtm: fix reply status decoding function (Marek Behun) - thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (Niklas Soderlund) - ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery (Christoph Niedermaier) - ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems (Christoph Niedermaier) - ARM: dts: imx6q-dhcom: Fix ethernet reset time properties (Christoph Niedermaier) - ARM: dts: am437x: align ti,pindir-d0-out-d1-in property with dt-shema (Aswath Govindraju) - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (Aswath Govindraju) - memory: fsl_ifc: fix leak of private memory on probe failure (Krzysztof Kozlowski) - memory: fsl_ifc: fix leak of IO mapping on probe failure (Krzysztof Kozlowski) - reset: bail if try_module_get() fails (Philipp Zabel) - ARM: dts: BCM5301X: Fixup SPI binding (Rafal Milecki) - firmware: arm_scmi: Reset Rx buffer to max size during async commands (Cristian Marussi) - firmware: tegra: Fix error return code in tegra210_bpmp_init() (Zhen Lei) - ARM: dts: r8a7779, marzen: Fix DU clock names (Geert Uytterhoeven) - arm64: dts: renesas: v3msk: Fix memory size (Valentine Barshak) - rtc: fix snprintf() checking in is_rtc_hctosys() (Dan Carpenter) - memory: pl353: Fix error return code in pl353_smc_probe() (Zhen Lei) - reset: brcmstb: Add missing MODULE_DEVICE_TABLE (Zou Wei) - memory: atmel-ebi: add missing of_node_put for loop iteration (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (Krzysztof Kozlowski) - ARM: exynos: add missing of_node_put for loop iteration (Krzysztof Kozlowski) - reset: a10sr: add missing of_match_table reference (Krzysztof Kozlowski) - ARM: dts: gemini-rut1xx: remove duplicate ethernet node (Corentin Labbe) - hexagon: use common DISCARDS macro (Nathan Chancellor) - NFSv4/pNFS: Dont call _nfs4_pnfs_v3_ds_connect multiple times (Trond Myklebust) - ALSA: isa: Fix error return code in snd_cmi8330_probe() (Zhen Lei) - nvme-tcp: cant set sk_user_data without write_lock (Maurizio Lombardi) - virtio_net: move tx vq operation under tx queue lock (Michael S. Tsirkin) - pwm: imx1: Dont disable clocks at device remove time (Uwe Kleine-Konig) - x86/fpu: Limit xstate copy size in xstateregs_set() (Thomas Gleixner) - PCI: iproc: Support multi-MSI only on uniprocessor kernel (Sandor Bodo-Merle) - PCI: iproc: Fix multi-MSI base vector number allocation (Sandor Bodo-Merle) - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (Zhihao Cheng) - nfs: fix acl memory leak of posix_acl_create() (Gao Xiang) - watchdog: aspeed: fix hardware timeout calculation (Tao Ren) - um: fix error return code in winch_tramp() (Zhen Lei) - um: fix error return code in slip_open() (Zhen Lei) - NFSv4: Initialise connection to the server in nfs4_alloc_client() (Trond Myklebust) - power: supply: rt5033_battery: Fix device tree enumeration (Stephan Gerhold) - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (Krzysztof Wilczynski) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs (Chao Yu) - x86/signal: Detect and prevent an alternate signal stack overflow (Chang S. Bae) - virtio_console: Assure used length from device is limited (Xie Yongji) - virtio_net: Fix error handling in virtnet_restore() (Xie Yongji) - virtio-blk: Fix memory leak among suspend/resume procedure (Xie Yongji) - ACPI: video: Add quirk for the Dell Vostro 3350 (Hans de Goede) - ACPI: AMBA: Fix resource name in /proc/iomem (Liguang Zhang) - pwm: tegra: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - pwm: img: Fix PM reference leak in img_pwm_enable() (Zou Wei) - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (Zou Wei) - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (Zou Wei) - NFS: nfs_find_open_context() may only select open files (Trond Myklebust) - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton) - orangefs: fix orangefs df output. (Mike Marshall) - PCI: tegra: Add missing MODULE_DEVICE_TABLE (Zou Wei) - x86/fpu: Return proper error codes from user access functions (Thomas Gleixner) - watchdog: imx_sc_wdt: fix pretimeout (Stefan Eichenberger) - watchdog: Fix possible use-after-free by calling del_timer_sync() (Zou Wei) - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (Zou Wei) - watchdog: Fix possible use-after-free in wdt_startup() (Zou Wei) - PCI/P2PDMA: Avoid pci_get_slot(), which may sleep (Logan Gunthorpe) - ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 (Nick Desaulniers) - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - power: supply: ab8500: Avoid NULL pointers (Linus Walleij) - pwm: spear: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (Zou Wei) - power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (Zou Wei) - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. (Dimitri John Ledkov) - i2c: core: Disable client irq on reboot/shutdown (Dmitry Torokhov) - intel_th: Wait until port is in reset before programming it (Alexander Shishkin) - staging: rtl8723bs: fix macro value for 2.4Ghz only device (Fabio Aiuto) - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (Geoffrey D. Bennett) - ALSA: hda: Add IRQ check for platform_get_irq() (Jiajun Cao) - backlight: lm3630a: Fix return code of .update_status() callback (Uwe Kleine-Konig) - ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (Pierre-Louis Bossart) - powerpc/boot: Fixup device-tree on little endian (Benjamin Herrenschmidt) - usb: gadget: hid: fix error return code in hid_bind() (Yang Yingliang) - usb: gadget: f_hid: fix endianness issue with descriptors (Ruslan Bilovol) - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (Geoffrey D. Bennett) - ALSA: usb-audio: scarlett2: Fix data_mutex lock (Geoffrey D. Bennett) - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (Geoffrey D. Bennett) - ALSA: bebob: add support for ToneWeal FW66 (Takashi Sakamoto) - Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (Yizhuo Zhai) - s390/mem_detect: fix tprot() program check new psw handling (Heiko Carstens) - s390/mem_detect: fix diag260() program check new psw handling (Heiko Carstens) - s390/ipl_parm: fix program check new psw handling (Heiko Carstens) - s390/processor: always inline stap() and __load_psw_mask() (Heiko Carstens) - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (Zhen Lei) - gpio: pca953x: Add support for the On Semi pca9655 (Peter Robinson) - selftests/powerpc: Fix no_handler EBB selftest (Athira Rajeev) - ALSA: ppc: fix error return code in snd_pmac_probe() (Yang Yingliang) - gpio: zynq: Check return value of pm_runtime_get_sync (Srinivas Neeli) - iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation (Xiyu Yang) - iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails (Xiyu Yang) - powerpc/ps3: Add dma_mask to ps3_dma_region (Geoff Levand) - ALSA: sb: Fix potential double-free of CSP mixer elements (Takashi Iwai) - selftests: timers: rtcpie: skip test if default RTC device does not exist (Po-Hsu Lin) - s390/sclp_vt220: fix console name to match device (Valentin Vidic) - serial: tty: uartlite: fix console setup (Daniel Mack) - ASoC: img: Fix PM reference leak in img_i2s_in_probe() (Yufen Yu) - mfd: cpcap: Fix cpcap dmamask not set warnings (Tony Lindgren) - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (Zou Wei) - scsi: qedi: Fix null ref during abort handling (Mike Christie) - scsi: iscsi: Fix shost->max_id use (Mike Christie) - scsi: iscsi: Fix conn use after free during resets (Mike Christie) - scsi: iscsi: Add iscsi_cls_conn refcount helpers (Mike Christie) - scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs (Chandrakanth Patil) - scsi: megaraid_sas: Early detection of VD deletion through RaidMap update (Kashyap Desai) - scsi: megaraid_sas: Fix resource leak in case of probe failure (Chandrakanth Patil) - fs/jfs: Fix missing error code in lmLogInit() (Jiapeng Chong) - scsi: scsi_dh_alua: Check for negative result value (Hannes Reinecke) - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (Christophe JAILLET) - ALSA: ac97: fix PM reference leak in ac97_bus_remove() (Yufen Yu) - scsi: core: Cap scsi_host cmd_per_lun at can_queue (John Garry) - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (James Smart) - scsi: lpfc: Fix Unexpected timeout error in direct attach topology (James Smart) - scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw() (Sergey Shtylyov) - w1: ds2438: fixing bug that would always get page0 (Luiz Sampaio) - Revert ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - ALSA: usx2y: Dont call free_pages_exact() with NULL address (Takashi Iwai) - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (Jonathan Cameron) - iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get(). (Jonathan Cameron) - misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (Tong Zhang) - misc/libmasm/module: Fix two use after free in ibmasm_init_one (Lv Yunlong) - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (Sherry Sun) - srcu: Fix broken node geometry after early ssp init (Frederic Weisbecker) - dmaengine: fsl-qdma: check dma_set_mask return value (Robin Gong) - net: moxa: Use devm_platform_get_and_ioremap_resource() (Yang Yingliang) - fbmem: Do not delete the mode that is still in use (Zhen Lei) - cgroup: verify that source is a string (Christian Brauner) - tracing: Do not reference char * as a string in histograms (Steven Rostedt (VMware)) - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (Tyrel Datwyler) - KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() (Lai Jiangshan) - KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled (Sean Christopherson) - KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (Kefeng Wang) - LTS tag: v5.4.133 (Jack Vogel) - smackfs: restrict bytes count in smk_set_cipso() (Tetsuo Handa) - jfs: fix GPF in diFree (Pavel Skripkin) - pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (Zou Wei) [5.4.17-2102.205.2] - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150447] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177348] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150427] - arm64: mm: kdump: Fix /proc/kcore (Henry Willard) [Orabug: 32570847] [5.4.17-2102.205.0] - LTS tag: v5.4.132 (Jack Vogel) - iommu/dma: Fix compile warning in 32-bit builds (Joerg Roedel) - mmc: vub3000: fix control-request direction (Johan Hovold) - mmc: block: Disable CMDQ on the ioctl path (Bean Huo) - scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd() (Varun Prakash) - perf llvm: Return -ENOMEM when asprintf() fails (Arnaldo Carvalho de Melo) - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random (Dave Hansen) - mm/z3fold: fix potential memory leak in z3fold_destroy_pool() (Miaohe Lin) - mm/huge_memory.c: dont discard hugepage if other processes are mapping it (Miaohe Lin) - vfio/pci: Handle concurrent vma faults (Alex Williamson) - arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART (Pali Rohar) - serial: mvebu-uart: correctly calculate minimal possible baudrate (Pali Rohar) - serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (Pali Rohar) - powerpc: Offline CPU in stop_this_cpu() (Nicholas Piggin) - leds: ktd2692: Fix an error handling path (Christophe JAILLET) - leds: as3645a: Fix error return code in as3645a_parse_node() (Zhen Lei) - configfs: fix memleak in configfs_release_bin_file (Chung-Chiang Cheng) - ASoC: atmel-i2s: Fix usage of capture and playback at the same time (Codrin Ciubotariu) - extcon: max8997: Add missing modalias string (Marek Szyprowski) - extcon: sm5502: Drop invalid register write in sm5502_reg_data (Stephan Gerhold) - phy: ti: dm816x: Fix the error handling path in dm816x_usb_phy_probe() (Christophe JAILLET) - phy: uniphier-pcie: Fix updating phy parameters (Kunihiko Hayashi) - soundwire: stream: Fix test for DP prepare complete (Richard Fitzgerald) - scsi: mpt3sas: Fix error return value in _scsih_expander_add() (Zhen Lei) - mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (Yang Yingliang) - of: Fix truncation of memory sizes on 32-bit platforms (Geert Uytterhoeven) - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (Richard Fitzgerald) - iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (Maciej W. Rozycki) - staging: mt7621-dts: fix pci address for PCI memory range (Sergio Paracuellos) - staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (Pavel Skripkin) - staging: rtl8712: remove redundant check in r871xu_drv_init (Pavel Skripkin) - staging: gdm724x: check for overflow in gdm_lte_netif_rx() (Dan Carpenter) - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (Dan Carpenter) - iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (Alexandru Ardelean) - eeprom: idt_89hpesx: Restore printing the unsupported fwnode name (Andy Shevchenko) - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (Andy Shevchenko) - usb: dwc2: Dont reset the core after setting turnaround time (Clement Lassieur) - usb: gadget: f_fs: Fix setting of device and driver data cross-references (Andrew Gabbasov) - ASoC: mediatek: mtk-btcvsd: Fix an error handling path in mtk_btcvsd_snd_probe() (Christophe JAILLET) - iommu/dma: Fix IOVA reserve dma ranges (Srinath Mannam) - s390: appldata depends on PROC_SYSCTL (Randy Dunlap) - visorbus: fix error return code in visorchipset_init() (Zhen Lei) - fsi/sbefifo: Fix reset timeout (Joachim Fenkes) - fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE (Joachim Fenkes) - fsi: occ: Dont accept response from un-initialized OCC (Eddie James) - fsi: scom: Reset the FSI2PIB engine for any error (Eddie James) - fsi: core: Fix return of error values on failures (Colin Ian King) - scsi: FlashPoint: Rename si_flags field (Randy Dunlap) - leds: lm3692x: Put fwnode in any case during ->probe() (Andy Shevchenko) - leds: lm36274: cosmetic: rename lm36274_data to chip (Marek Behun) - leds: lm3532: select regmap I2C API (Andy Shevchenko) - tty: nozomi: Fix the error handling path of nozomi_card_init() (Christophe JAILLET) - firmware: stratix10-svc: Fix a resource leak in an error handling path (Christophe JAILLET) - char: pcmcia: error out if num_bytes_read is greater than 4 in set_protocol() (Yu Kuai) - mtd: partitions: redboot: seek fis-index-block in the right node (Corentin Labbe) - Input: hil_kbd - fix error return code in hil_dev_connect() (Zhen Lei) - ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (Kuninori Morimoto) - backlight: lm3630a_bl: Put fwnode in error case during ->probe() (Andy Shevchenko) - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (Yang Yingliang) - ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (Yang Yingliang) - iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: cros_ec_sensors: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: mxc4005: Fix overread of data and alignment issue. (Jonathan Cameron) - iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (Jonathan Cameron) - iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adis16400: do not return ints in irq handlers (Nuno Sa) - iio: adis_buffer: do not return ints in irq handlers (Nuno Sa) - mwifiex: re-fix for unaligned accesses (Arnd Bergmann) - tty: nozomi: Fix a resource leak in an error handling function (Christophe JAILLET) - rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread() (Paul E. McKenney) - staging: fbtft: Rectify GPIO handling (Andy Shevchenko) - MIPS: Fix PKMAP with 32-bit MIPS huge page support (Wei Li) - RDMA/mlx5: Dont access NULL-cleared mpi pointer (Leon Romanovsky) - net: sched: fix warning in tcindex_alloc_perfect_hash (Pavel Skripkin) - net: lwtunnel: handle MTU calculation in forwading (Vadim Fedorenko) - writeback: fix obtain a reference to a freeing memcg css (Muchun Song) - clk: si5341: Update initialization magic (Robert Hancock) - clk: si5341: Avoid divide errors due to bogus register contents (Robert Hancock) - clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (Cristian Ciocaltea) - clk: actions: Fix SD clocks factor table on Owl S500 SoC (Cristian Ciocaltea) - clk: actions: Fix UART clock dividers on Owl S500 SoC (Cristian Ciocaltea) - Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (Luiz Augusto von Dentz) - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (Luiz Augusto von Dentz) - Revert be2net: disable bh with spin_lock in be_process_mcc (Petr Oros) - gve: Fix swapped vars when fetching max queues (Bailey Forrest) - bpfilter: Specify the log level for the kmsg message (Gary Lin) - e1000e: Check the PCIm state (Sasha Neftin) - ipv6: fix out-of-bound access in ip6_parse_tlv() (Eric Dumazet) - ibmvnic: free tx_pool if tso_pool alloc fails (Sukadev Bhattiprolu) - Revert ibmvnic: remove duplicate napi_schedule call in open function (Dany Madden) - i40e: Fix autoneg disabling for non-10GBaseT links (Mateusz Palczewski) - i40e: Fix error handling in i40e_vsi_open (Dinghao Liu) - bpf: Do not change gso_size during bpf_skb_change_proto() (Maciej zenczykowski) - ipv6: exthdrs: do not blindly use init_net (Eric Dumazet) - net: bcmgenet: Fix attaching to PYH failed on RPi 4B (Jian-Hong Pan) - mac80211: remove iwlwifi specific workaround NDPs of null_response (Ping-Ke Shih) - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() (Eric Dumazet) - ieee802154: hwsim: Fix memory leak in hwsim_add_one (Dongliang Mu) - tc-testing: fix list handling (Marcelo Ricardo Leitner) - net/ipv4: swap flow ports when validating source (Miao Wang) - vxlan: add missing rcu_read_lock() in neigh_reduce() (Eric Dumazet) - pkt_sched: sch_qfq: fix qfq_change_class() error path (Eric Dumazet) - tls: prevent oversized sendfile() hangs by ignoring MSG_MORE (Jakub Kicinski) - net: sched: add barrier to ensure correct ordering for lockless qdisc (Yunsheng Lin) - vrf: do not push non-ND strict packets with a source LLA through packet taps again (Antoine Tenart) - net: ethernet: ezchip: fix error handling (Pavel Skripkin) - net: ethernet: ezchip: fix UAF in nps_enet_remove (Pavel Skripkin) - net: ethernet: aeroflex: fix UAF in greth_of_remove (Pavel Skripkin) - samples/bpf: Fix the error return code of xdp_redirects main() (Wang Hai) - RDMA/rxe: Fix qp reference counting for atomic ops (Bob Pearson) - netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols (Pablo Neira Ayuso) - netfilter: nft_osf: check for TCP packet before further processing (Pablo Neira Ayuso) - netfilter: nft_exthdr: check for IPv6 packet before further processing (Pablo Neira Ayuso) - RDMA/mlx5: Dont add slave port to unaffiliated list (Leon Romanovsky) - netlabel: Fix memory leak in netlbl_mgmt_add_common (Liu Shixin) - ath10k: Fix an error code in ath10k_add_interface() (Yang Li) - brcmsmac: mac80211_if: Fix a resource leak in an error handling path (Christophe JAILLET) - brcmfmac: correctly report average RSSI in station info (Alvin Sipraga) - brcmfmac: fix setting of station info chains bitmask (Alvin Sipraga) - ssb: Fix error return code in ssb_bus_scan() (Zhen Lei) - wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (Bryan ODonoghue) - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others (Dongliang Mu) - wireless: carl9170: fix LEDS build errors & warnings (Randy Dunlap) - ath10k: add missing error return code in ath10k_pci_probe() (Yang Yingliang) - ath10k: go to path err_unsupported when chip id is not supported (Yang Yingliang) - tools/bpftool: Fix error return code in do_batch() (Zhihao Cheng) - drm: qxl: ensure surf.data is ininitialized (Colin Ian King) - RDMA/rxe: Fix failure during driver load (Kamal Heib) - RDMA/core: Sanitize WQ state received from the userspace (Leon Romanovsky) - net/sched: act_vlan: Fix modify to allow 0 (Boris Sukholitko) - ehea: fix error return code in ehea_restart_qps() (Zhen Lei) - drm/rockchip: dsi: move all lane config except LCDC mux to bind() (Thomas Hebb) - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (Yang Yingliang) - net: ftgmac100: add missing error return code in ftgmac100_probe() (Yang Yingliang) - clk: meson: g12a: fix gp0 and hifi ranges (Jerome Brunet) - pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities (Geert Uytterhoeven) - pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin (Geert Uytterhoeven) - net: pch_gbe: Propagate error from devm_gpio_request_one() (Andy Shevchenko) - net: mvpp2: Put fwnode in error case during ->probe() (Andy Shevchenko) - video: fbdev: imxfb: Fix an error message (Christophe JAILLET) - xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (Sabrina Dubroca) - dax: fix ENOMEM handling in grab_mapping_entry() (Jan Kara) - ocfs2: fix snprintf() checking (Dan Carpenter) - cpufreq: Make cpufreq_online() call driver->offline() on errors (Rafael J. Wysocki) - ACPI: bgrt: Fix CFI violation (Nathan Chancellor) - ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros (Dwaipayan Ray) - blk-wbt: make sure throttle is enabled properly (Zhang Yi) - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() (Zhang Yi) - extcon: extcon-max8997: Fix IRQ freeing at error path (Matti Vaittinen) - ACPI: sysfs: Fix a buffer overrun problem with description_show() (Krzysztof Wilczynski) - crypto: nx - Fix RCU warning in nx842_OF_upd_status (Herbert Xu) - spi: spi-sun6i: Fix chipselect/clock bug (Mirko Vogt) - sched/uclamp: Fix uclamp_tg_restrict() (Qais Yousef) - sched/rt: Fix Deadline utilization tracking during policy change (Vincent Donnefort) - sched/rt: Fix RT utilization tracking during policy change (Vincent Donnefort) - btrfs: clear log tree recovering status if starting transaction fails (David Sterba) - regulator: hi655x: Fix pass wrong pointer to config.driver_data (Axel Lin) - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (Sean Christopherson) - hwmon: (max31790) Fix fan speed reporting for fan7..12 (Guenter Roeck) - hwmon: (max31722) Remove non-standard ACPI device IDs (Guenter Roeck) - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (Dillon Min) - arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (Anshuman Khandual) - arm64: consistently use reserved_pg_dir (Mark Rutland) - mmc: usdhi6rol0: fix error return code in usdhi6_probe() (Zhen Lei) - crypto: omap-sham - Fix PM reference leak in omap sham ops (Zhang Qilong) - crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (Tong Tiangen) - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (Gustavo A. R. Silva) - m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning (Randy Dunlap) - media: gspca/gl860: fix zero-length control requests (Johan Hovold) - media: tc358743: Fix error return code in tc358743_probe_of() (Zhen Lei) - media: au0828: fix a NULL vs IS_ERR() check (Dan Carpenter) - media: exynos4-is: Fix a use after free in isp_video_release (Lv Yunlong) - pata_ep93xx: fix deferred probing (Sergey Shtylyov) - media: rc: i2c: Fix an error message (Christophe JAILLET) - crypto: ccp - Fix a resource leak in an error handling path (Christophe JAILLET) - evm: fix writing <securityfs>/evm overflow (Mimi Zohar) - pata_octeon_cf: avoid WARN_ON() in ata_host_activate() (Sergey Shtylyov) - kbuild: Fix objtool dependency for OBJECT_FILES_NON_STANDARD_<obj> := n (Josh Poimboeuf) - kbuild: run the checker after the compiler (Luc Van Oostenryck) - sched/uclamp: Fix locking around cpu_util_update_eff() (Qais Yousef) - sched/uclamp: Fix wrong implementation of cpu.uclamp.min (Qais Yousef) - media: I2C: change RST to RSET to fix multiple build errors (Randy Dunlap) - pata_rb532_cf: fix deferred probing (Sergey Shtylyov) - sata_highbank: fix deferred probing (Sergey Shtylyov) - crypto: ux500 - Fix error return code in hash_hw_final() (Zhen Lei) - crypto: ixp4xx - dma_unmap the correct address (Corentin Labbe) - media: s5p_cec: decrement usage count if disabled (Mauro Carvalho Chehab) - writeback, cgroup: increment isw_nr_in_flight before grabbing an inode (Roman Gushchin) - ia64: mca_drv: fix incorrect array size calculation (Arnd Bergmann) - kthread_worker: fix return value when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (Petr Mladek) - block: fix discard request merge (Ming Lei) - cifs: fix missing spinlock around update to ses->status (Steve French) - HID: wacom: Correct base usage for capacitive ExpressKey status bits (Jason Gerecke) - ACPI: tables: Add custom DSDT file as makefile prerequisite (Richard Fitzgerald) - clocksource: Retry clock read if long delays detected (Paul E. McKenney) - PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() (Haiyang Zhang) - EDAC/Intel: Do not load EDAC driver when running as a guest (Tony Luck) - nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst() (Hannes Reinecke) - platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (Jiapeng Chong) - block: fix race between adding/removing rq qos and normal IO (Ming Lei) - ACPI: resources: Add checks for ACPI IRQ override (Hui Wang) - ACPI: bus: Call kobject_put() in acpi_init() error path (Hanjun Guo) - ACPICA: Fix memory leak caused by _CID repair function (Erik Kaneda) - fs: dlm: fix memory leak when fenced (Alexander Aring) - random32: Fix implicit truncation warning in prandom_seed_state() (Richard Fitzgerald) - fs: dlm: cancel work sync othercon (Alexander Aring) - block_dump: remove block_dump feature in mark_inode_dirty() (zhangyi (F)) - ACPI: EC: Make more Asus laptops use ECDT _GPE (Chris Chiu) - lib: vsprintf: Fix handling of number field widths in vsscanf (Richard Fitzgerald) - hv_utils: Fix passing zero to PTR_ERR warning (YueHaibing) - ACPI: processor idle: Fix up C-state latency if not ordered (Mario Limonciello) - EDAC/ti: Add missing MODULE_DEVICE_TABLE (Bixuan Cui) - HID: do not use down_interruptible() when unbinding devices (Dmitry Torokhov) - media: Fix Media Controller API config checks (Shuah Khan) - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (Axel Lin) - regulator: mt6358: Fix vdram2 .vsel_mask (Hsin-Hsiung Wang) - KVM: s390: get rid of register asm usage (Heiko Carstens) - lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage() (Boqun Feng) - locking/lockdep: Fix the dep path printing for backwards BFS (Boqun Feng) - btrfs: disable build on platforms having page size 256K (Christophe Leroy) - btrfs: abort transaction if we fail to update the delayed inode (Josef Bacik) - btrfs: fix error handling in __btrfs_update_delayed_inode (Josef Bacik) - KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 processors (Suraj Jitindar Singh) - drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe() (Jing Xiangfeng) - hwmon: (max31790) Fix pwmX_enable attributes (Guenter Roeck) - hwmon: (max31790) Report correct current pwm duty cycles (Guenter Roeck) - media: imx-csi: Skip first few frames from a BT.656 source (Steve Longerbeam) - media: siano: fix device register error path (Mauro Carvalho Chehab) - media: dvb_net: avoid speculation from net slot (Mauro Carvalho Chehab) - crypto: shash - avoid comparing pointers to exported functions under CFI (Ard Biesheuvel) - mmc: via-sdmmc: add a check against NULL pointer dereference (Zheyu Ma) - mmc: sdhci-sprd: use sdhci_sprd_writew (Krzysztof Kozlowski) - memstick: rtsx_usb_ms: fix UAF (Tong Zhang) - media: dvd_usb: memory leak in cinergyt2_fe_attach (Dongliang Mu) - Makefile: fix GDB warning with CONFIG_RELR (Nick Desaulniers) - media: st-hva: Fix potential NULL pointer dereferences (Evgeny Novikov) - media: bt8xx: Fix a missing check bug in bt878_probe (Zheyu Ma) - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (Lv Yunlong) - media: em28xx: Fix possible memory leak of em28xx struct (Igor Matheus Andrade Torrente) - sched/fair: Fix ascii art by relpacing tabs (Odin Ugedal) - crypto: qat - remove unused macro in FW loader (Jack Xu) - crypto: qat - check return code of qat_hal_rd_rel_reg() (Jack Xu) - media: imx: imx7_mipi_csis: Fix logging of only error event counters (Laurent Pinchart) - media: pvrusb2: fix warning in pvr2_i2c_core_done (Anirudh Rayabharam) - media: cobalt: fix race condition in setting HPD (Hans Verkuil) - media: cpia2: fix memory leak in cpia2_usb_probe (Pavel Skripkin) - media: sti: fix obj- targets (Mauro Carvalho Chehab) - crypto: nx - add missing MODULE_DEVICE_TABLE (Bixuan Cui) - hwrng: exynos - Fix runtime PM imbalance on error (Lukasz Stelmach) - regulator: uniphier: Add missing MODULE_DEVICE_TABLE (Zou Wei) - spi: omap-100k: Fix the length judgment problem (Tian Tao) - spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (Jay Fang) - spi: spi-loopback-test: Fix tx_buf might be rx_buf (Jay Fang) - media: exynos-gsc: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: sti/bdisp: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: s5p-jpeg: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: mtk-vcodec: fix PM runtime get logic (Mauro Carvalho Chehab) - media: sh_vou: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: s5p: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: mdk-mdp: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - spi: Make of_register_spi_device also set the fwnode (Charles Keepax) - fuse: reject internal errno (Miklos Szeredi) - fuse: check connected before queueing on fpq->io (Miklos Szeredi) - fuse: ignore PG_workingset after stealing (Miklos Szeredi) - evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded (Roberto Sassu) - evm: Execute evm_inode_init_security() only when an HMAC key is loaded (Roberto Sassu) - powerpc/stacktrace: Fix spurious stale traces in raise_backtrace_ipi() (Michael Ellerman) - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (Yun Zhou) - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (Steven Rostedt (VMware)) - tracing/histograms: Fix parsing of sym-offset modifier (Steven Rostedt (VMware)) - rsi: fix AP mode with WPA failure due to encrypted EAPOL (Martin Fuzzey) - rsi: Assign beacon rate settings to the correct rate_info descriptor field (Marek Vasut) - ssb: sdio: Dont overwrite const buffer if block_write fails (Michael Buesch) - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (Pali Rohar) - serial_cs: remove wrong GLOBETROTTER.cis entry (Ondrej Zary) - serial_cs: Add Option International GSM-Ready 56K/ISDN modem (Ondrej Zary) - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() (Yoshihiro Shimoda) - serial: mvebu-uart: fix calculation of clock divisor (Pali Rohar) - iio: ltr501: ltr501_read_ps(): add missing endianness conversion (Oliver Lang) - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (Oliver Lang) - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (Marc Kleine-Budde) - iio: light: tcs3472: do not free unallocated IRQ (frank zago) - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (Martin Fuzzey) - s390/cio: dont call css_wait_for_slow_path() inside a lock (Vineeth Vijayan) - KVM: PPC: Book3S HV: Workaround high stack usage with clang (Nathan Chancellor) - perf/smmuv3: Dont trample existing events with global filter (Robin Murphy) - SUNRPC: Should wake up the privileged task firstly. (Zhang Xiaoxu) - SUNRPC: Fix the batch tasks count wraparound. (Zhang Xiaoxu) - mac80211: remove iwlwifi specific workaround that broke sta NDP tx (Felix Fietkau) - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (Stephane Grosjean) - can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after RCU is done (Oleksij Rempel) - can: gw: synchronize rcu operations before removing gw job entry (Oliver Hartkopp) - ext4: fix avefreec in find_group_orlov (Pan Dong) - ext4: remove check for zero nr_to_scan in ext4_es_scan() (Zhang Yi) - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (Zhang Yi) - ext4: return error code when ext4_fill_flex_info() fails (Yang Yingliang) - ext4: fix kernel infoleak via ext4_extent_header (Anirudh Rayabharam) - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (Zhang Yi) - btrfs: clear defrag status of a root if starting transaction fails (David Sterba) - btrfs: send: fix invalid path for unlink operations after parent orphanization (Filipe Manana) - ARM: dts: at91: sama5d4: fix pinctrl muxing (Ludovic Desroches) - arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (Yang Jihong) - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (Alexander Larkin) - iov_iter_fault_in_readable() should do nothing in xarray case (Al Viro) - copy_page_to_iter(): fix ITER_DISCARD case (Al Viro) - ntfs: fix validity check for file name attribute (Desmond Cheong Zhi Xi) - xhci: solve a double free problem while doing s4 (Zhangjiantao (Kirin, nanjing)) - usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (Jing Xiangfeng) - usb: dwc3: Fix debugfs creation flow (Minas Harutyunyan) - USB: cdc-acm: blacklist Heimann USB Appset device (Hannu Hartikainen) - usb: gadget: eem: fix echo command packet response issue (Linyu Yuan) - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (Pavel Skripkin) - Input: usbtouchscreen - fix control-request directions (Johan Hovold) - media: dvb-usb: fix wrong definition (Pavel Skripkin) - ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (Takashi Iwai) - ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (Takashi Iwai) - ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (Elia Devito) - ALSA: hda/realtek: Add another ALC236 variant support (Takashi Iwai) - ALSA: intel8x0: Fix breakage at ac97 clock measurement (Takashi Iwai) - ALSA: usb-audio: scarlett2: Fix wrong resume call (Takashi Iwai) - ALSA: usb-audio: Fix OOB access at proc output (Takashi Iwai) - ALSA: usb-audio: fix rate on Ozone Z90 USB headset (Daehwan Jung) - LTS tag: v5.4.131 (Jack Vogel) - xen/events: reset active flag for lateeoi events later (Juergen Gross) - KVM: SVM: Call SEV Guest Decommission if ASID binding fails (Alper Gun) - s390/stack: fix possible register corruption with stack switch helper (Heiko Carstens) - KVM: SVM: Periodically schedule when unregistering regions on destroy (David Rientjes) {CVE-2020-36311} - LTS tag: v5.4.130 (Jack Vogel) - RDMA/mlx5: Block FDB rules when not in switchdev mode (Mark Bloch) - gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (Johannes Berg) - drm/nouveau: fix dma_address check for CPU/GPU sync (Christian Konig) - scsi: sr: Return appropriate error code when disk is ejected (ManYi Li) - LTS tag v5.4.129 (Jack Vogel) - x86/efi: move common keyring handler functions to new file (Nayna Jain) - certs: Add wrapper function to check blacklisted binary hash (Nayna Jain) - mm, futex: fix shared futex pgoff on shmem huge page (Hugh Dickins) - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() (Hugh Dickins) - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes (Hugh Dickins) - mm: page_vma_mapped_walk(): get vma_address_end() earlier (Hugh Dickins) - mm: page_vma_mapped_walk(): use goto instead of while (1) (Hugh Dickins) - mm: page_vma_mapped_walk(): add a level of indentation (Hugh Dickins) - mm: page_vma_mapped_walk(): crossing page table boundary (Hugh Dickins) - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block (Hugh Dickins) - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd (Hugh Dickins) - mm: page_vma_mapped_walk(): settle PageHuge on entry (Hugh Dickins) - mm: page_vma_mapped_walk(): use page for pvmw->page (Hugh Dickins) - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split (Yang Shi) - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (Hugh Dickins) - mm/thp: fix page_address_in_vma() on file THP tails (Jue Wang) - mm/thp: fix vma_address() if virtual address below file offset (Hugh Dickins) - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting (Hugh Dickins) - mm/thp: make is_huge_zero_pmd() safe and quicker (Hugh Dickins) - mm/thp: fix __split_huge_pmd_locked() on shmem migration entry (Hugh Dickins) - mm, thp: use head page in __migration_entry_wait() (Xu Yu) - mm/rmap: use page_not_mapped in try_to_unmap() (Miaohe Lin) - mm/rmap: remove unneeded semicolon in page_not_mapped() (Miaohe Lin) - mm: add VM_WARN_ON_ONCE_PAGE() macro (Alex Shi) - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (Petr Mladek) - kthread_worker: split code for canceling the delayed work timer (Petr Mladek) - i2c: robotfuzz-osif: fix control-request directions (Johan Hovold) - KVM: do not allow mapping valid but non-reference-counted pages (Nicholas Piggin) {CVE-2021-22543} - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group (Pavel Skripkin) - pinctrl: stm32: fix the reported number of GPIO lines per bank (Fabien Dessenne) - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY (Esben Haabendal) - net: ll_temac: Add memory-barriers for TX BD access (Esben Haabendal) - PCI: Add AMD RS690 quirk to enable 64-bit DMA (Mikel Rychliski) - recordmcount: Correct st_shndx handling (Peter Zijlstra) - net: qed: Fix memcpy() overflow of qed_dcbx_params() (Kees Cook) - KVM: selftests: Fix kvm_check_cap() assertion (Fuad Tabba) - r8169: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - r8152: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - net/packet: annotate accesses to po->ifindex (Eric Dumazet) - net/packet: annotate accesses to po->bind (Eric Dumazet) - net: caif: fix memory leak in ldisc_open (Pavel Skripkin) - net: phy: dp83867: perform soft reset and retain established link (Praneeth Bajjuri) - inet: annotate date races around sk->sk_txhash (Eric Dumazet) - ping: Check return value of function ping_queue_rcv_skb (Zheng Yongjun) - net: ethtool: clear heap allocations for ethtool function (Austin Kim) - mac80211: drop multicast fragments (Johannes Berg) - net: ipv4: Remove unneed BUG() function (Zheng Yongjun) - dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (Guillaume Ranquet) - dmaengine: mediatek: do not issue a new desc if one is still current (Guillaume Ranquet) - dmaengine: mediatek: free the proper desc in desc_free handler (Guillaume Ranquet) - dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (Zou Wei) - cfg80211: call cfg80211_leave_ocb when switching away from OCB (Du Cheng) - mac80211_hwsim: drop pending frames on stop (Johannes Berg) - dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (Yu Kuai) - Revert PCI: PM: Do not read power state in pci_enable_device_flags() (Rafael J. Wysocki) - spi: spi-nxp-fspi: move the register operation after the clock enable (Haibo Chen) - MIPS: generic: Update node names to avoid unit addresses (Nathan Chancellor) - arm64: link with -z norelro for LLD or aarch64-elf (Nick Desaulniers) - kbuild: add CONFIG_LD_IS_LLD (Sami Tolvanen) - mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk (Neil Armstrong) - ARM: 9081/1: fix gcc-10 thumb2-kernel regression (Arnd Bergmann) - drm/radeon: wait for moving fence after pinning (Christian Konig) - drm/nouveau: wait for moving fence after pinning v2 (Christian Konig) - Revert drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell. (Yifan Zhang) - Revert drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue. (Yifan Zhang) - module: limit enabling module.sig_enforce (Mimi Zohar) - mac80211: remove warning in ieee80211_get_sband() (Johannes Berg) [Orabug: 33171088] - platform/x86: ISST: Account for increased timeout in some cases (Srinivas Pandruvada) [Orabug: 33126078] - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114646] {CVE-2021-3609} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2020-36311 CVE-2021-3573 CVE-2021-3609 CVE-2021-22543 CVE-2021-3656 Oracle Linux 7 [4.14.35-2047.507.7.4] - KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33362693] [4.14.35-2047.507.7.3] - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33354710] [4.14.35-2047.507.7.2] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33337449] - ip: Manual backport of pskb_inet_may_pull() (Hakon Bugge) [Orabug: 33337449] - Revert Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Hakon Bugge) [Orabug: 33337449] [4.14.35-2047.507.7.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306519] - Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Somasundaram Krishnasamy) [Orabug: 33323390] [4.14.35-2047.507.7] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296813] - Revert mm: memcontrol: eliminate raw access to stat and event counters (Ritika Srivastava) [Orabug: 33254727] - Revert mm: memcontrol: implement lruvec stat functions on top of each other (Ritika Srivastava) [Orabug: 33254727] - KVM: do not allow mapping valid but non-reference-counted pages (Nicholas Piggin) [Orabug: 33054089] {CVE-2021-22543} {CVE-2021-22543} - ocfs2: issue zeroout to EOF blocks (Junxiao Bi) [Orabug: 32974988] - ocfs2: fix zero out valid data (Junxiao Bi) [Orabug: 32974988] [4.14.35-2047.507.6] - xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33277336] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33253068] - uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33246581] - scsi: lpfc: Fix crash due to port reset racing vs adapter error handling (James Smart) [Orabug: 33213341] - xfs: dont drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 33141334] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 33141334] - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (Alexander Larkin) [Orabug: 33114988] {CVE-2021-3612} - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372381] - dsc-drivers: update for 1.15.9-C-32 (Shannon Nelson) [Orabug: 33281086] - dts/pensando: creating reserved dma memory pool for mnet devices (Neel Patel) [Orabug: 33281086] - pcie: rm pcie register access message (#256) (Brad Smith) [Orabug: 33281086] - drivers: updates for 1.15.9-C-28 (Shannon Nelson) [Orabug: 33281086] [4.14.35-2047.507.5] - rds_rdma: add missing rds_ib_cm_handle_connect tracepoint (Alan Maguire) [Orabug: 33243560] - KVM: SVM: use vmsave/vmload for saving/restoring additional host state (Michael Roth) [Orabug: 33225761] - KVM: SVM: Use asm goto to handle unexpected #UD on SVM instructions (Sean Christopherson) [Orabug: 33225761] - kvm: svm/avic: Do not send AVIC doorbell to self (Suthikulpanit, Suravee) [Orabug: 33225761] - svm/avic: Fix invalidate logical APIC id entry (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix improper check when deactivate AVIC (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix AVIC DFR and LDR handling (Suthikulpanit, Suravee) [Orabug: 33225761] - scsi: qla2xxx: Add heartbeat check (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (Baokun Li) [Orabug: 33116624] - scsi: qla2xxx: Remove duplicate declarations (Shaokun Zhang) [Orabug: 33116624] - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (Daniel Wagner) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant assignment to rval (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Prevent PRLI in target mode (Anastasia Kovaleva) [Orabug: 33116624] - scsi: qla2xxx: Add marginal path handling support (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Reserve extra IRQ vectors (Roman Bolshakov) [Orabug: 33116624] - scsi: qla2xxx: Reuse existing error handling path (Christophe JAILLET) [Orabug: 33116624] - scsi: qla2xxx: Remove unneeded if-null-free check (Qiheng Lin) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.106-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Update default AER debug mask (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox recovery during PCIe error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in PCIe error handling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix RISC RESET completion polling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix stuck session (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Add H:C:T info in the log message for fc ports (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix IOPS drop seen in some adapters (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Check kzalloc() return value (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Simplify qla8044_minidump_process_control() (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Fix endianness annotations (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Use dma_pool_zalloc() (Wang Qing) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misdocumented functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp() (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misnamed functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix some incorrect formatting/spelling issues (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Replace __qla2x00_marker()s missing underscores (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Simplify if statement (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Simplify the calculation of variables (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: Fix some memory corruption (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant NULL check (Yang Li) [Orabug: 33116624] - scsi: qla2xxx: Remove unnecessary NULL check (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Assign boolean values to a bool variable (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value (Hannes Reinecke) [Orabug: 33116624] - scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit (Enzo Matsumiya) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.105-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox Ch erroneous error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Move some messages from debug to normal log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Add error counters to debugfs node (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Implementation to get and manage host, target stats and initiator port (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.104-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Fix device loss on 4G and older HBAs (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix the call trace for flush workqueue (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix N2N and NVMe connect retry failure (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix FW initialization error on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix compilation issue in PPC systems (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Dont check for fw_started while posting NVMe command (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Tear down session if FW say it is down (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Limit interrupt vectors to number of CPUs (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Change post del message from debug level to log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Remove trailing semicolon in macro definition (Tom Rix) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (Ahmed S. Darwish) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: Remove unneeded break statements (Tom Rix) [Orabug: 33116624] - scsi: scsi_transport_fc: Add store capability to rport port_state in sysfs (Muneendra Kumar) [Orabug: 33116624] - scsi: scsi_transport_fc: Add a new rport state FC_PORTSTATE_MARGINAL (Muneendra Kumar) [Orabug: 33116624] - scsi: core: No retries on abort success (Muneendra Kumar) [Orabug: 33116624] - scsi: core: Add a new error code DID_TRANSPORT_MARGINAL in scsi.h (Muneendra Kumar) [Orabug: 33116624] [4.14.35-2047.507.4] - drivers: updated for 1.15.9.26 (Shannon Nelson) [Orabug: 33235357] - XFS: code enhancement to help debug (Wengang Wang) [Orabug: 33186644] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33234941] {CVE-2021-3656} {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33234967] {CVE-2021-3653} {CVE-2021-3653} [4.14.35-2047.507.3] - drivers: updates for 1.15.9.21 (Shannon Nelson) [Orabug: 33220300] - Revert rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33220435] - NFS: Dont call generic_error_remove_page() while holding locks (Trond Myklebust) [Orabug: 33213898] - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods (aloktiw) [Orabug: 33179252] - ifb: fix packets checksum (Jon Maxwell) [Orabug: 33145562] - Linux 4.14.239 (Greg Kroah-Hartman) - xen/events: reset active flag for lateeoi events later (Juergen Gross) - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (Petr Mladek) - kthread_worker: split code for canceling the delayed work timer (Petr Mladek) - kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (Sean Young) - drm/nouveau: fix dma_address check for CPU/GPU sync (Christian Konig) - scsi: sr: Return appropriate error code when disk is ejected (ManYi Li) - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() (Hugh Dickins) - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes (Hugh Dickins) - mm: page_vma_mapped_walk(): get vma_address_end() earlier (Hugh Dickins) - mm: page_vma_mapped_walk(): use goto instead of while (1) (Hugh Dickins) - mm: page_vma_mapped_walk(): add a level of indentation (Hugh Dickins) - mm: page_vma_mapped_walk(): crossing page table boundary (Hugh Dickins) - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block (Hugh Dickins) - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd (Hugh Dickins) - mm: page_vma_mapped_walk(): settle PageHuge on entry (Hugh Dickins) - mm: page_vma_mapped_walk(): use page for pvmw->page (Hugh Dickins) - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split (Yang Shi) - mm/thp: fix page_address_in_vma() on file THP tails (Jue Wang) - mm/thp: fix vma_address() if virtual address below file offset (Hugh Dickins) - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting (Hugh Dickins) - mm/rmap: use page_not_mapped in try_to_unmap() (Miaohe Lin) - mm/rmap: remove unneeded semicolon in page_not_mapped() (Miaohe Lin) - mm: add VM_WARN_ON_ONCE_PAGE() macro (Alex Shi) - include/linux/mmdebug.h: make VM_WARN* non-rvals (Michal Hocko) [4.14.35-2047.507.2] - uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 33186981] - rds: Congestion tracepoints should be enabled by default (Greg Jumper) [Orabug: 33145670] - Linux 4.14.238 (Sasha Levin) - i2c: robotfuzz-osif: fix control-request directions (Johan Hovold) - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group (Pavel Skripkin) - pinctrl: stm32: fix the reported number of GPIO lines per bank (Fabien Dessenne) - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY (Esben Haabendal) - net: qed: Fix memcpy() overflow of qed_dcbx_params() (Kees Cook) - r8169: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - r8152: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - net/packet: annotate accesses to po->ifindex (Eric Dumazet) - net/packet: annotate accesses to po->bind (Eric Dumazet) - net: caif: fix memory leak in ldisc_open (Pavel Skripkin) - inet: annotate date races around sk->sk_txhash (Eric Dumazet) - ping: Check return value of function ping_queue_rcv_skb (Zheng Yongjun) - mac80211: drop multicast fragments (Johannes Berg) - cfg80211: call cfg80211_leave_ocb when switching away from OCB (Du Cheng) - mac80211: remove warning in ieee80211_get_sband() (Johannes Berg) - Revert PCI: PM: Do not read power state in pci_enable_device_flags() (Rafael J. Wysocki) - arm64: perf: Disable PMU while processing counter overflows (Suzuki K Poulose) - MIPS: generic: Update node names to avoid unit addresses (Nathan Chancellor) - Makefile: Move -Wno-unused-but-set-variable out of GCC only block (Nathan Chancellor) - ARM: 9081/1: fix gcc-10 thumb2-kernel regression (Arnd Bergmann) - drm/radeon: wait for moving fence after pinning (Christian Konig) - drm/nouveau: wait for moving fence after pinning v2 (Christian Konig) - x86/fpu: Reset state for all signal restore failures (Thomas Gleixner) - unfuck sysfs_mount() (Al Viro) - kernfs: deal with kernfs_fill_super() failures (Al Viro) - usb: dwc3: core: fix kernel panic when do reboot (Peter Chen) - inet: use bigger hash table for IP ID generation (Eric Dumazet) - can: bcm/raw/isotp: use per module netdevice notifier (Tetsuo Handa) - net: fec_ptp: add clock rate zero check (Fugang Duan) - mm/slub.c: include swab.h (Andrew Morton) - net: bridge: fix vlan tunnel dst refcnt when egressing (Nikolay Aleksandrov) - net: bridge: fix vlan tunnel dst null pointer dereference (Nikolay Aleksandrov) - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (Bumyong Lee) - ARCv2: save ABI registers across signal handling (Vineet Gupta) - PCI: Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun) - PCI: Add ACS quirk for Broadcom BCM57414 NIC (Sriharsha Basavapatna) - PCI: Mark some NVIDIA GPUs to avoid bus reset (Shanker Donthineni) - PCI: Mark TI C667X to avoid bus reset (Antti Jarvinen) - tracing: Do no increment trace_clock_global() by one (Steven Rostedt (VMware)) - tracing: Do not stop recording comms if the trace file is being read (Steven Rostedt (VMware)) - tracing: Do not stop recording cmdlines when tracing is off (Steven Rostedt (VMware)) - usb: core: hub: Disable autosuspend for Cypress CY7C65632 (Andrew Lunn) - can: mcba_usb: fix memory leak in mcba_usb (Pavel Skripkin) - hwmon: (scpi-hwmon) shows the negative temperature properly (Riwen Lu) - radeon: use memcpy_to/fromio for UVD fw upload (Chen Li) - net: ethernet: fix potential use-after-free in ec_bhf_remove (Pavel Skripkin) - icmp: dont send out ICMP messages with a source address of 0.0.0.0 (Toke Hoiland-Jorgensen) - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) - net: hamradio: fix memory leak in mkiss_close (Pavel Skripkin) - be2net: Fix an error handling path in be_probe() (Christophe JAILLET) - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock (Eric Dumazet) - net: ipv4: fix memory leak in ip_mc_add1_src (Chengyang Fan) - net: usb: fix possible use-after-free in smsc75xx_bind (Dongliang Mu) - net: cdc_ncm: switch to eth%d interface naming (Maciej zenczykowski) - netxen_nic: Fix an error handling path in netxen_nic_probe() (Christophe JAILLET) - qlcnic: Fix an error handling path in qlcnic_probe() (Christophe JAILLET) - net: stmmac: dwmac1000: Fix extended MAC address registers definition (Jisheng Zhang) - alx: Fix an error handling path in alx_probe() (Christophe JAILLET) - netfilter: synproxy: Fix out of bounds when parsing TCP options (Maxim Mikityanskiy) - rtnetlink: Fix regression in bridge VLAN configuration (Ido Schimmel) - udp: fix race between close() and udp_abort() (Paolo Abeni) - net: rds: fix memory leak in rds_recvmsg (Pavel Skripkin) - net: ipv4: fix memory leak in netlbl_cipsov4_add_std (Nanyong Sun) - batman-adv: Avoid WARN_ON timing related checks (Sven Eckelmann) - mm/memory-failure: make sure wait for page writeback in memory_failure (yangerkun) - dmaengine: stedma40: add missing iounmap() on error in d40_probe() (Yang Yingliang) - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (Randy Dunlap) - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (Randy Dunlap) - fib: Return the correct errno code (Zheng Yongjun) - net: Return the correct errno code (Zheng Yongjun) - net/x25: Return the correct errno code (Zheng Yongjun) - rtnetlink: Fix missing error code in rtnl_bridge_notify() (Jiapeng Chong) - net: ipconfig: Dont override command-line hostnames or domains (Josh Triplett) - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() (Hannes Reinecke) - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails (Hannes Reinecke) - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() (Hannes Reinecke) - ethernet: myri10ge: Fix missing error code in myri10ge_probe() (Jiapeng Chong) - scsi: target: core: Fix warning on realtime kernels (Maurizio Lombardi) - gfs2: Fix use-after-free in gfs2_glock_shrink_scan (Hillf Danton) - HID: gt683r: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - ARM: OMAP2+: Fix build warning when mmc_omap is not built (Yongqiang Liu) - HID: usbhid: fix info leak in hid_submit_ctrl (Anirudh Rayabharam) - HID: Add BUS_VIRTUAL to hid_connect logging (Mark Bolhuis) - HID: hid-sensor-hub: Return error for hid_set_field() failure (Srinivas Pandruvada) - net: ieee802154: fix null deref in parse dev addr (Dan Robertson) - Linux 4.14.237 (Greg Kroah-Hartman) - proc: only require mm_struct for writing (Linus Torvalds) - tracing: Correct the length check which causes memory corruption (Liangyan) - ftrace: Do not blindly read the ip address in ftrace_bug() (Steven Rostedt (VMware)) - scsi: core: Only put parent device if host state differs from SHOST_CREATED (Ming Lei) - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (Ming Lei) - scsi: core: Fix error handling of scsi_host_alloc() (Ming Lei) - NFS: Fix use-after-free in nfs4_init_client() (Anna Schumaker) - kvm: fix previous commit for 32-bit builds (Paolo Bonzini) - perf session: Correct buffer copying when peeking events (Leo Yan) - NFS: Fix a potential NULL dereference in nfs_get_client() (Dan Carpenter) - perf: Fix data race between pin_count increment/decrement (Marco Elver) - regulator: max77620: Use device_set_of_node_from_dev() (Dmitry Osipenko) - regulator: core: resolve supply for boot-on/always-on regulators (Dmitry Baryshkov) - usb: fix various gadget panics on 10gbps cabling (Maciej zenczykowski) - usb: fix various gadgets null ptr deref on 10gbps cabling. (Maciej zenczykowski) - usb: gadget: eem: fix wrong eem header operation (Linyu Yuan) - USB: serial: quatech2: fix control-request directions (Johan Hovold) - USB: serial: omninet: add device id for Zyxel Omni 56K Plus (Alexandre GRIVEAUX) - USB: serial: ftdi_sio: add NovaTech OrionMX product ID (George McCollister) - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (Wesley Cheng) - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (Mayank Rana) - usb: dwc3: ep0: fix NULL pointer exception (Marian-Cristian Rotariu) - USB: f_ncm: ncm_bitrate (speed) is unsigned (Maciej zenczykowski) - cgroup1: dont allow in renaming (Alexander Kuznetsov) - btrfs: return value from btrfs_mark_extent_written() in case of error (Ritesh Harjani) - staging: rtl8723bs: Fix uninitialized variables (Wenli Looi) - kvm: avoid speculation-based attacks from out-of-range memslot accesses (Paolo Bonzini) - drm: Lock pointer access in drm_master_release() (Desmond Cheong Zhi Xi) - drm: Fix use-after-free read in drm_getunique() (Desmond Cheong Zhi Xi) - i2c: mpc: implement erratum A-004447 workaround (Chris Packham) - i2c: mpc: Make use of i2c_recover_bus() (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers (Chris Packham) - bnx2x: Fix missing error code in bnx2x_iov_init_one() (Jiapeng Chong) - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER (Tiezhu Yang) - net: appletalk: cops: Fix data race in cops_probe1 (Saubhik Mukherjee) - net: macb: ensure the device is available before accessing GEMGXL control registers (Zong Li) - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (Dmitry Bogdanov) - scsi: vmw_pvscsi: Set correct residual data length (Matt Wang) - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (Zheyu Ma) - wq: handle VM suspension in stall detection (Sergey Senozhatsky) - cgroup: disable controllers at parse time (Shakeel Butt) - net: mdiobus: get rid of a BUG_ON() (Dan Carpenter) - netlink: disable IRQs for netlink_lock_table() (Johannes Berg) - bonding: init notify_work earlier to avoid uninitialized use (Johannes Berg) - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (Zou Wei) - net/nfc/rawsock.c: fix a permission check bug (Jeimon) - proc: Track /proc//attr/ opener mm_struct (Kees Cook) - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150437] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150414] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177350] - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114648] {CVE-2021-3609} [4.14.35-2047.507.1] - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030700] {CVE-2021-34693} - Linux 4.14.236 (Greg Kroah-Hartman) - xen-pciback: redo VF placement in the virtual topology (Jan Beulich) - sched/fair: Optimize select_idle_cpu (Cheng Jian) - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode (Sean Christopherson) - bnxt_en: Remove the setting of dev_port. (Michael Chan) - bpf: No need to simulate speculative domain for immediates (Daniel Borkmann) - bpf: Fix mask direction swap upon off reg sign change (Daniel Borkmann) - bpf: Wrap aux data inside bpf_sanitize_info container (Daniel Borkmann) - bpf: Fix leakage of uninitialized bpf stack under speculation (Daniel Borkmann) - selftests/bpf: make dubious pointer arithmetic test useful (Alexei Starovoitov) - selftests/bpf: fix test_align (Alexei Starovoitov) - bpf/verifier: disallow pointer subtraction (Alexei Starovoitov) - bpf: Update selftests to reflect new error states (Daniel Borkmann) - bpf: Tighten speculative pointer arithmetic mask (Daniel Borkmann) - bpf: Move sanitize_val_alu out of op switch (Daniel Borkmann) - bpf: Refactor and streamline bounds check into helper (Daniel Borkmann) - bpf: Improve verifier error messages for users (Daniel Borkmann) - bpf: Rework ptr_limit into alu_limit and add common error path (Daniel Borkmann) - bpf: Ensure off_reg has no mixed signed bounds for all types (Daniel Borkmann) - bpf: Move off_reg into sanitize_ptr_alu (Daniel Borkmann) - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY (Mina Almasry) - btrfs: fixup error handling in fixup_inode_link_counts (Josef Bacik) - btrfs: fix error handling in btrfs_del_csums (Josef Bacik) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) - ocfs2: fix data corruption by fallocate (Junxiao Bi) - pid: take a reference when initializing (Mark Rutland) - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (Ye Bin) - ALSA: timer: Fix master timer notification (Takashi Iwai) - net: caif: fix memory leak in cfusbl_device_notify (Pavel Skripkin) - net: caif: fix memory leak in caif_device_notify (Pavel Skripkin) - net: caif: add proper error handling (Pavel Skripkin) - net: caif: added cfserl_release function (Pavel Skripkin) - ieee802154: fix error return code in ieee802154_llsec_getparams() (Wei Yongjun) - ieee802154: fix error return code in ieee802154_add_iface() (Zhen Lei) - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches (Pablo Neira Ayuso) - HID: i2c-hid: fix format string mismatch (Arnd Bergmann) - HID: pidff: fix error return code in hid_pidff_init() (Zhen Lei) - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service (Julian Anastasov) - vfio/platform: fix module_put call in error flow (Max Gurtovoy) - vfio/pci: zap_vma_ptes() needs MMU (Randy Dunlap) - vfio/pci: Fix error return code in vfio_ecap_init() (Zhen Lei) - efi: cper: fix snprintf() use in cper_dimm_err_location() (Rasmus Villemoes) - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (Heiner Kallweit) - net: usb: cdc_ncm: dont spew notifications (Grant Grundler) - Linux 4.14.235 (Greg Kroah-Hartman) - usb: core: reduce power-on-good delay time of root hub (Chunfeng Yun) - drivers/net/ethernet: clean up unused assignments (Jesse Brandeburg) - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (Mike Kravetz) - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c (Randy Dunlap) - MIPS: alchemy: xxs1500: add gpio-au1000.h header file (Randy Dunlap) - sch_dsmark: fix a NULL deref in qdisc_reset() (Taehee Yoo) - ipv6: record frag_max_size in atomic fragments in input path (Francesco Ruggeri) - scsi: libsas: Use _safe() loop in sas_resume_port() (Dan Carpenter) - ixgbe: fix large MTU request from VF (Jesse Brandeburg) - bpf: Set mac_len in bpf_skb_change_head (Jussi Maki) - ASoC: cs35l33: fix an error code in probe() (Dan Carpenter) - staging: emxx_udc: fix loop in _nbu2ss_nuke() (Dan Carpenter) - mld: fix panic in mld_newpack() (Taehee Yoo) - net: bnx2: Fix error return code in bnx2_init_board() (Zhen Lei) - net: mdio: octeon: Fix some double free issues (Christophe JAILLET) - net: mdio: thunder: Fix a double free issue in the .remove function (Christophe JAILLET) - net: netcp: Fix an error message (Christophe JAILLET) - drm/amdgpu: Fix a use-after-free (xinhui pan) - SMB3: incorrect file id in requests compounded with open (Steve French) - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (Andy Shevchenko) - platform/x86: hp-wireless: add AMDs hardware id to the supported list (Shyam Sundar S K) - btrfs: do not BUG_ON in link_to_fixup_dir (Josef Bacik) - openrisc: Define memory barrier mb (Peter Zijlstra) - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (Matt Wang) - media: gspca: properly check for errors in po1030_probe() (Greg Kroah-Hartman) - media: dvb: Add check on sp8870_readreg return (Alaa Emad) - libertas: register sysfs groups properly (Greg Kroah-Hartman) - dmaengine: qcom_hidma: comment platform_driver_register call (Phillip Potter) - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (Phillip Potter) - char: hpet: add checks after calling ioremap (Tom Seewald) - net: caif: remove BUG_ON(dev == NULL) in caif_xmit (Du Cheng) - net: fujitsu: fix potential null-ptr-deref (Anirudh Rayabharam) - serial: max310x: unregister uart driver in case of failure and abort (Atul Gopinathan) - platform/x86: hp_accel: Avoid invoking _INI to speed up resume (Kai-Heng Feng) - perf jevents: Fix getting maximum number of fds (Felix Fietkau) - i2c: i801: Dont generate an interrupt on bus reset (Jean Delvare) - i2c: s3c2410: fix possible NULL pointer deref on read message after write (Krzysztof Kozlowski) - tipc: skb_linearize the head skb when reassembling msgs (Xin Long) - Revert net:tipc: Fix a double free in tipc_sk_mcast_rcv (Hoang Le) - drm/meson: fix shutdown crash when component not probed (Neil Armstrong) - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (Zhang Xiaoxu) - NFS: Dont corrupt the value of pg_bytes_written in nfs_do_recoalesce() (Trond Myklebust) - NFS: fix an incorrect limit in filelayout_decode_layout() (Dan Carpenter) - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() (Yoshihiro Shimoda) - USB: serial: pl2303: add device id for ADLINK ND-6530 GC (Zolton Jheng) - USB: serial: ftdi_sio: add IDs for IDS GmbH Products (Dominik Andreas Schorpp) - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (Daniele Palmas) - USB: serial: ti_usb_3410_5052: add startech.com device id (Sean MacLennan) - serial: rp2: use request_firmware instead of request_firmware_nowait (Zheyu Ma) - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (Geert Uytterhoeven) - USB: trancevibrator: fix control-request direction (Johan Hovold) - iio: adc: ad7793: Add missing error code in ad7793_setup() (YueHaibing) - staging: iio: cdc: ad7746: avoid overwrite of num_channels (Lucas Stankus) - mei: request autosuspend after sending rx flow control (Alexander Usyskin) - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (Mathias Nyman) - misc/uss720: fix memory leak in uss720_probe (Dongliang Mu) - kgdb: fix gcc-11 warnings harder (Greg Kroah-Hartman) - dm snapshot: properly fix a crash when an origin has no snapshots (Mikulas Patocka) - ath10k: Validate first subframe of A-MSDU before processing the list (Sriram R) - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) - mac80211: check defrag PN against current frame (Johannes Berg) - mac80211: add fragment cache to sta_info (Johannes Berg) - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) {CVE-2020-26147} - net: hso: fix control-request directions (Johan Hovold) - proc: Check /proc//attr/ writes against file opener (Kees Cook) - perf intel-pt: Fix transaction abort handling (Adrian Hunter) - perf intel-pt: Fix sample instruction bytes (Adrian Hunter) - iommu/vt-d: Fix sysfs leak in alloc_iommu() (Rolf Eike Beer) - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (Anna Schumaker) - NFC: nci: fix memory leak in nci_allocate_device (Dongliang Mu) - usb: dwc3: gadget: Enable suspend events (Jack Pham) - scripts: switch explicitly to Python 3 (Andy Shevchenko) - tweewide: Fix most Shebang lines (Finn Behrens) - A/A Bonding: dev_hold/put() the delayed GARP work handlers netdev in rdmaip (Sharath Srinivasan) [Orabug: 33161269] - capmem: Mark the pages as non-readonly+dirty. (David Clear) [Orabug: 33155665] - Revert capmem: Mark the pages as non-readonly+dirty. (Dave Kleikamp) [Orabug: 33155665] - ionic: clean interrupt before enabling queue to avoid credit race (Shannon Nelson) [Orabug: 33155665] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33165871] - Revert x86/reboot: Force all cpus to exit VMX root if VMX is supported (Somasundaram Krishnasamy) [Orabug: 33156450] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-34693 CVE-2021-3612 CVE-2020-24586 CVE-2021-23134 CVE-2020-24587 CVE-2020-24588 CVE-2020-26147 CVE-2021-22543 CVE-2021-3656 CVE-2021-3609 Oracle Linux 7 [4.14.35-2047.507.7.4.el7] - KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33362693] [4.14.35-2047.507.7.3] - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33354710] [4.14.35-2047.507.7.2] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33337449] - ip: Manual backport of pskb_inet_may_pull() (Hakon Bugge) [Orabug: 33337449] - Revert Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Hakon Bugge) [Orabug: 33337449] [4.14.35-2047.507.7.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306519] - Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Somasundaram Krishnasamy) [Orabug: 33323390] [4.14.35-2047.507.7] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296813] - Revert mm: memcontrol: eliminate raw access to stat and event counters (Ritika Srivastava) [Orabug: 33254727] - Revert mm: memcontrol: implement lruvec stat functions on top of each other (Ritika Srivastava) [Orabug: 33254727] - KVM: do not allow mapping valid but non-reference-counted pages (Nicholas Piggin) [Orabug: 33054089] {CVE-2021-22543} {CVE-2021-22543} - ocfs2: issue zeroout to EOF blocks (Junxiao Bi) [Orabug: 32974988] - ocfs2: fix zero out valid data (Junxiao Bi) [Orabug: 32974988] [4.14.35-2047.507.6] - xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33277336] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33253068] - uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33246581] - scsi: lpfc: Fix crash due to port reset racing vs adapter error handling (James Smart) [Orabug: 33213341] - xfs: dont drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 33141334] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 33141334] - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (Alexander Larkin) [Orabug: 33114988] {CVE-2021-3612} - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372381] - dsc-drivers: update for 1.15.9-C-32 (Shannon Nelson) [Orabug: 33281086] - dts/pensando: creating reserved dma memory pool for mnet devices (Neel Patel) [Orabug: 33281086] - pcie: rm pcie register access message (#256) (Brad Smith) [Orabug: 33281086] - drivers: updates for 1.15.9-C-28 (Shannon Nelson) [Orabug: 33281086] [4.14.35-2047.507.5] - rds_rdma: add missing rds_ib_cm_handle_connect tracepoint (Alan Maguire) [Orabug: 33243560] - KVM: SVM: use vmsave/vmload for saving/restoring additional host state (Michael Roth) [Orabug: 33225761] - KVM: SVM: Use asm goto to handle unexpected #UD on SVM instructions (Sean Christopherson) [Orabug: 33225761] - kvm: svm/avic: Do not send AVIC doorbell to self (Suthikulpanit, Suravee) [Orabug: 33225761] - svm/avic: Fix invalidate logical APIC id entry (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix improper check when deactivate AVIC (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix AVIC DFR and LDR handling (Suthikulpanit, Suravee) [Orabug: 33225761] - scsi: qla2xxx: Add heartbeat check (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (Baokun Li) [Orabug: 33116624] - scsi: qla2xxx: Remove duplicate declarations (Shaokun Zhang) [Orabug: 33116624] - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (Daniel Wagner) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant assignment to rval (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Prevent PRLI in target mode (Anastasia Kovaleva) [Orabug: 33116624] - scsi: qla2xxx: Add marginal path handling support (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Reserve extra IRQ vectors (Roman Bolshakov) [Orabug: 33116624] - scsi: qla2xxx: Reuse existing error handling path (Christophe JAILLET) [Orabug: 33116624] - scsi: qla2xxx: Remove unneeded if-null-free check (Qiheng Lin) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.106-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Update default AER debug mask (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox recovery during PCIe error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in PCIe error handling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix RISC RESET completion polling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix stuck session (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Add H:C:T info in the log message for fc ports (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix IOPS drop seen in some adapters (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Check kzalloc() return value (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Simplify qla8044_minidump_process_control() (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Fix endianness annotations (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Use dma_pool_zalloc() (Wang Qing) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misdocumented functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp() (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misnamed functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix some incorrect formatting/spelling issues (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Replace __qla2x00_marker()s missing underscores (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Simplify if statement (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Simplify the calculation of variables (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: Fix some memory corruption (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant NULL check (Yang Li) [Orabug: 33116624] - scsi: qla2xxx: Remove unnecessary NULL check (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Assign boolean values to a bool variable (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value (Hannes Reinecke) [Orabug: 33116624] - scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit (Enzo Matsumiya) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.105-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox Ch erroneous error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Move some messages from debug to normal log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Add error counters to debugfs node (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Implementation to get and manage host, target stats and initiator port (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.104-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Fix device loss on 4G and older HBAs (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix the call trace for flush workqueue (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix N2N and NVMe connect retry failure (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix FW initialization error on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix compilation issue in PPC systems (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Dont check for fw_started while posting NVMe command (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Tear down session if FW say it is down (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Limit interrupt vectors to number of CPUs (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Change post del message from debug level to log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Remove trailing semicolon in macro definition (Tom Rix) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (Ahmed S. Darwish) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: Remove unneeded break statements (Tom Rix) [Orabug: 33116624] - scsi: scsi_transport_fc: Add store capability to rport port_state in sysfs (Muneendra Kumar) [Orabug: 33116624] - scsi: scsi_transport_fc: Add a new rport state FC_PORTSTATE_MARGINAL (Muneendra Kumar) [Orabug: 33116624] - scsi: core: No retries on abort success (Muneendra Kumar) [Orabug: 33116624] - scsi: core: Add a new error code DID_TRANSPORT_MARGINAL in scsi.h (Muneendra Kumar) [Orabug: 33116624] [4.14.35-2047.507.4] - drivers: updated for 1.15.9.26 (Shannon Nelson) [Orabug: 33235357] - XFS: code enhancement to help debug (Wengang Wang) [Orabug: 33186644] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33234941] {CVE-2021-3656} {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33234967] {CVE-2021-3653} {CVE-2021-3653} [4.14.35-2047.507.3] - drivers: updates for 1.15.9.21 (Shannon Nelson) [Orabug: 33220300] - Revert rds/ib: reap tx completions during connection shutdown (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: handle posted ACK during connection shutdown (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 33220435] - Revert rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33220435] - NFS: Dont call generic_error_remove_page() while holding locks (Trond Myklebust) [Orabug: 33213898] - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods (aloktiw) [Orabug: 33179252] - ifb: fix packets checksum (Jon Maxwell) [Orabug: 33145562] - Linux 4.14.239 (Greg Kroah-Hartman) - xen/events: reset active flag for lateeoi events later (Juergen Gross) - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (Petr Mladek) - kthread_worker: split code for canceling the delayed work timer (Petr Mladek) - kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (Sean Young) - drm/nouveau: fix dma_address check for CPU/GPU sync (Christian Konig) - scsi: sr: Return appropriate error code when disk is ejected (ManYi Li) - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() (Hugh Dickins) - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes (Hugh Dickins) - mm: page_vma_mapped_walk(): get vma_address_end() earlier (Hugh Dickins) - mm: page_vma_mapped_walk(): use goto instead of while (1) (Hugh Dickins) - mm: page_vma_mapped_walk(): add a level of indentation (Hugh Dickins) - mm: page_vma_mapped_walk(): crossing page table boundary (Hugh Dickins) - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block (Hugh Dickins) - mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd (Hugh Dickins) - mm: page_vma_mapped_walk(): settle PageHuge on entry (Hugh Dickins) - mm: page_vma_mapped_walk(): use page for pvmw->page (Hugh Dickins) - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split (Yang Shi) - mm/thp: fix page_address_in_vma() on file THP tails (Jue Wang) - mm/thp: fix vma_address() if virtual address below file offset (Hugh Dickins) - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting (Hugh Dickins) - mm/rmap: use page_not_mapped in try_to_unmap() (Miaohe Lin) - mm/rmap: remove unneeded semicolon in page_not_mapped() (Miaohe Lin) - mm: add VM_WARN_ON_ONCE_PAGE() macro (Alex Shi) - include/linux/mmdebug.h: make VM_WARN* non-rvals (Michal Hocko) [4.14.35-2047.507.2] - uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 33186981] - rds: Congestion tracepoints should be enabled by default (Greg Jumper) [Orabug: 33145670] - Linux 4.14.238 (Sasha Levin) - i2c: robotfuzz-osif: fix control-request directions (Johan Hovold) - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group (Pavel Skripkin) - pinctrl: stm32: fix the reported number of GPIO lines per bank (Fabien Dessenne) - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY (Esben Haabendal) - net: qed: Fix memcpy() overflow of qed_dcbx_params() (Kees Cook) - r8169: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - r8152: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - net/packet: annotate accesses to po->ifindex (Eric Dumazet) - net/packet: annotate accesses to po->bind (Eric Dumazet) - net: caif: fix memory leak in ldisc_open (Pavel Skripkin) - inet: annotate date races around sk->sk_txhash (Eric Dumazet) - ping: Check return value of function ping_queue_rcv_skb (Zheng Yongjun) - mac80211: drop multicast fragments (Johannes Berg) - cfg80211: call cfg80211_leave_ocb when switching away from OCB (Du Cheng) - mac80211: remove warning in ieee80211_get_sband() (Johannes Berg) - Revert PCI: PM: Do not read power state in pci_enable_device_flags() (Rafael J. Wysocki) - arm64: perf: Disable PMU while processing counter overflows (Suzuki K Poulose) - MIPS: generic: Update node names to avoid unit addresses (Nathan Chancellor) - Makefile: Move -Wno-unused-but-set-variable out of GCC only block (Nathan Chancellor) - ARM: 9081/1: fix gcc-10 thumb2-kernel regression (Arnd Bergmann) - drm/radeon: wait for moving fence after pinning (Christian Konig) - drm/nouveau: wait for moving fence after pinning v2 (Christian Konig) - x86/fpu: Reset state for all signal restore failures (Thomas Gleixner) - unfuck sysfs_mount() (Al Viro) - kernfs: deal with kernfs_fill_super() failures (Al Viro) - usb: dwc3: core: fix kernel panic when do reboot (Peter Chen) - inet: use bigger hash table for IP ID generation (Eric Dumazet) - can: bcm/raw/isotp: use per module netdevice notifier (Tetsuo Handa) - net: fec_ptp: add clock rate zero check (Fugang Duan) - mm/slub.c: include swab.h (Andrew Morton) - net: bridge: fix vlan tunnel dst refcnt when egressing (Nikolay Aleksandrov) - net: bridge: fix vlan tunnel dst null pointer dereference (Nikolay Aleksandrov) - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (Bumyong Lee) - ARCv2: save ABI registers across signal handling (Vineet Gupta) - PCI: Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun) - PCI: Add ACS quirk for Broadcom BCM57414 NIC (Sriharsha Basavapatna) - PCI: Mark some NVIDIA GPUs to avoid bus reset (Shanker Donthineni) - PCI: Mark TI C667X to avoid bus reset (Antti Jarvinen) - tracing: Do no increment trace_clock_global() by one (Steven Rostedt (VMware)) - tracing: Do not stop recording comms if the trace file is being read (Steven Rostedt (VMware)) - tracing: Do not stop recording cmdlines when tracing is off (Steven Rostedt (VMware)) - usb: core: hub: Disable autosuspend for Cypress CY7C65632 (Andrew Lunn) - can: mcba_usb: fix memory leak in mcba_usb (Pavel Skripkin) - hwmon: (scpi-hwmon) shows the negative temperature properly (Riwen Lu) - radeon: use memcpy_to/fromio for UVD fw upload (Chen Li) - net: ethernet: fix potential use-after-free in ec_bhf_remove (Pavel Skripkin) - icmp: dont send out ICMP messages with a source address of 0.0.0.0 (Toke Hoiland-Jorgensen) - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) - net: hamradio: fix memory leak in mkiss_close (Pavel Skripkin) - be2net: Fix an error handling path in be_probe() (Christophe JAILLET) - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock (Eric Dumazet) - net: ipv4: fix memory leak in ip_mc_add1_src (Chengyang Fan) - net: usb: fix possible use-after-free in smsc75xx_bind (Dongliang Mu) - net: cdc_ncm: switch to eth%d interface naming (Maciej zenczykowski) - netxen_nic: Fix an error handling path in netxen_nic_probe() (Christophe JAILLET) - qlcnic: Fix an error handling path in qlcnic_probe() (Christophe JAILLET) - net: stmmac: dwmac1000: Fix extended MAC address registers definition (Jisheng Zhang) - alx: Fix an error handling path in alx_probe() (Christophe JAILLET) - netfilter: synproxy: Fix out of bounds when parsing TCP options (Maxim Mikityanskiy) - rtnetlink: Fix regression in bridge VLAN configuration (Ido Schimmel) - udp: fix race between close() and udp_abort() (Paolo Abeni) - net: rds: fix memory leak in rds_recvmsg (Pavel Skripkin) - net: ipv4: fix memory leak in netlbl_cipsov4_add_std (Nanyong Sun) - batman-adv: Avoid WARN_ON timing related checks (Sven Eckelmann) - mm/memory-failure: make sure wait for page writeback in memory_failure (yangerkun) - dmaengine: stedma40: add missing iounmap() on error in d40_probe() (Yang Yingliang) - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (Randy Dunlap) - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (Randy Dunlap) - fib: Return the correct errno code (Zheng Yongjun) - net: Return the correct errno code (Zheng Yongjun) - net/x25: Return the correct errno code (Zheng Yongjun) - rtnetlink: Fix missing error code in rtnl_bridge_notify() (Jiapeng Chong) - net: ipconfig: Dont override command-line hostnames or domains (Josh Triplett) - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() (Hannes Reinecke) - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails (Hannes Reinecke) - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() (Hannes Reinecke) - ethernet: myri10ge: Fix missing error code in myri10ge_probe() (Jiapeng Chong) - scsi: target: core: Fix warning on realtime kernels (Maurizio Lombardi) - gfs2: Fix use-after-free in gfs2_glock_shrink_scan (Hillf Danton) - HID: gt683r: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - ARM: OMAP2+: Fix build warning when mmc_omap is not built (Yongqiang Liu) - HID: usbhid: fix info leak in hid_submit_ctrl (Anirudh Rayabharam) - HID: Add BUS_VIRTUAL to hid_connect logging (Mark Bolhuis) - HID: hid-sensor-hub: Return error for hid_set_field() failure (Srinivas Pandruvada) - net: ieee802154: fix null deref in parse dev addr (Dan Robertson) - Linux 4.14.237 (Greg Kroah-Hartman) - proc: only require mm_struct for writing (Linus Torvalds) - tracing: Correct the length check which causes memory corruption (Liangyan) - ftrace: Do not blindly read the ip address in ftrace_bug() (Steven Rostedt (VMware)) - scsi: core: Only put parent device if host state differs from SHOST_CREATED (Ming Lei) - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (Ming Lei) - scsi: core: Fix error handling of scsi_host_alloc() (Ming Lei) - NFS: Fix use-after-free in nfs4_init_client() (Anna Schumaker) - kvm: fix previous commit for 32-bit builds (Paolo Bonzini) - perf session: Correct buffer copying when peeking events (Leo Yan) - NFS: Fix a potential NULL dereference in nfs_get_client() (Dan Carpenter) - perf: Fix data race between pin_count increment/decrement (Marco Elver) - regulator: max77620: Use device_set_of_node_from_dev() (Dmitry Osipenko) - regulator: core: resolve supply for boot-on/always-on regulators (Dmitry Baryshkov) - usb: fix various gadget panics on 10gbps cabling (Maciej zenczykowski) - usb: fix various gadgets null ptr deref on 10gbps cabling. (Maciej zenczykowski) - usb: gadget: eem: fix wrong eem header operation (Linyu Yuan) - USB: serial: quatech2: fix control-request directions (Johan Hovold) - USB: serial: omninet: add device id for Zyxel Omni 56K Plus (Alexandre GRIVEAUX) - USB: serial: ftdi_sio: add NovaTech OrionMX product ID (George McCollister) - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (Wesley Cheng) - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (Mayank Rana) - usb: dwc3: ep0: fix NULL pointer exception (Marian-Cristian Rotariu) - USB: f_ncm: ncm_bitrate (speed) is unsigned (Maciej zenczykowski) - cgroup1: dont allow in renaming (Alexander Kuznetsov) - btrfs: return value from btrfs_mark_extent_written() in case of error (Ritesh Harjani) - staging: rtl8723bs: Fix uninitialized variables (Wenli Looi) - kvm: avoid speculation-based attacks from out-of-range memslot accesses (Paolo Bonzini) - drm: Lock pointer access in drm_master_release() (Desmond Cheong Zhi Xi) - drm: Fix use-after-free read in drm_getunique() (Desmond Cheong Zhi Xi) - i2c: mpc: implement erratum A-004447 workaround (Chris Packham) - i2c: mpc: Make use of i2c_recover_bus() (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers (Chris Packham) - bnx2x: Fix missing error code in bnx2x_iov_init_one() (Jiapeng Chong) - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER (Tiezhu Yang) - net: appletalk: cops: Fix data race in cops_probe1 (Saubhik Mukherjee) - net: macb: ensure the device is available before accessing GEMGXL control registers (Zong Li) - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (Dmitry Bogdanov) - scsi: vmw_pvscsi: Set correct residual data length (Matt Wang) - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (Zheyu Ma) - wq: handle VM suspension in stall detection (Sergey Senozhatsky) - cgroup: disable controllers at parse time (Shakeel Butt) - net: mdiobus: get rid of a BUG_ON() (Dan Carpenter) - netlink: disable IRQs for netlink_lock_table() (Johannes Berg) - bonding: init notify_work earlier to avoid uninitialized use (Johannes Berg) - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (Zou Wei) - net/nfc/rawsock.c: fix a permission check bug (Jeimon) - proc: Track /proc//attr/ opener mm_struct (Kees Cook) - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150437] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150414] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177350] - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114648] {CVE-2021-3609} [4.14.35-2047.507.1] - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030700] {CVE-2021-34693} - Linux 4.14.236 (Greg Kroah-Hartman) - xen-pciback: redo VF placement in the virtual topology (Jan Beulich) - sched/fair: Optimize select_idle_cpu (Cheng Jian) - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode (Sean Christopherson) - bnxt_en: Remove the setting of dev_port. (Michael Chan) - bpf: No need to simulate speculative domain for immediates (Daniel Borkmann) - bpf: Fix mask direction swap upon off reg sign change (Daniel Borkmann) - bpf: Wrap aux data inside bpf_sanitize_info container (Daniel Borkmann) - bpf: Fix leakage of uninitialized bpf stack under speculation (Daniel Borkmann) - selftests/bpf: make dubious pointer arithmetic test useful (Alexei Starovoitov) - selftests/bpf: fix test_align (Alexei Starovoitov) - bpf/verifier: disallow pointer subtraction (Alexei Starovoitov) - bpf: Update selftests to reflect new error states (Daniel Borkmann) - bpf: Tighten speculative pointer arithmetic mask (Daniel Borkmann) - bpf: Move sanitize_val_alu out of op switch (Daniel Borkmann) - bpf: Refactor and streamline bounds check into helper (Daniel Borkmann) - bpf: Improve verifier error messages for users (Daniel Borkmann) - bpf: Rework ptr_limit into alu_limit and add common error path (Daniel Borkmann) - bpf: Ensure off_reg has no mixed signed bounds for all types (Daniel Borkmann) - bpf: Move off_reg into sanitize_ptr_alu (Daniel Borkmann) - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY (Mina Almasry) - btrfs: fixup error handling in fixup_inode_link_counts (Josef Bacik) - btrfs: fix error handling in btrfs_del_csums (Josef Bacik) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) - ocfs2: fix data corruption by fallocate (Junxiao Bi) - pid: take a reference when initializing (Mark Rutland) - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (Ye Bin) - ALSA: timer: Fix master timer notification (Takashi Iwai) - net: caif: fix memory leak in cfusbl_device_notify (Pavel Skripkin) - net: caif: fix memory leak in caif_device_notify (Pavel Skripkin) - net: caif: add proper error handling (Pavel Skripkin) - net: caif: added cfserl_release function (Pavel Skripkin) - ieee802154: fix error return code in ieee802154_llsec_getparams() (Wei Yongjun) - ieee802154: fix error return code in ieee802154_add_iface() (Zhen Lei) - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches (Pablo Neira Ayuso) - HID: i2c-hid: fix format string mismatch (Arnd Bergmann) - HID: pidff: fix error return code in hid_pidff_init() (Zhen Lei) - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service (Julian Anastasov) - vfio/platform: fix module_put call in error flow (Max Gurtovoy) - vfio/pci: zap_vma_ptes() needs MMU (Randy Dunlap) - vfio/pci: Fix error return code in vfio_ecap_init() (Zhen Lei) - efi: cper: fix snprintf() use in cper_dimm_err_location() (Rasmus Villemoes) - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (Heiner Kallweit) - net: usb: cdc_ncm: dont spew notifications (Grant Grundler) - Linux 4.14.235 (Greg Kroah-Hartman) - usb: core: reduce power-on-good delay time of root hub (Chunfeng Yun) - drivers/net/ethernet: clean up unused assignments (Jesse Brandeburg) - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (Mike Kravetz) - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c (Randy Dunlap) - MIPS: alchemy: xxs1500: add gpio-au1000.h header file (Randy Dunlap) - sch_dsmark: fix a NULL deref in qdisc_reset() (Taehee Yoo) - ipv6: record frag_max_size in atomic fragments in input path (Francesco Ruggeri) - scsi: libsas: Use _safe() loop in sas_resume_port() (Dan Carpenter) - ixgbe: fix large MTU request from VF (Jesse Brandeburg) - bpf: Set mac_len in bpf_skb_change_head (Jussi Maki) - ASoC: cs35l33: fix an error code in probe() (Dan Carpenter) - staging: emxx_udc: fix loop in _nbu2ss_nuke() (Dan Carpenter) - mld: fix panic in mld_newpack() (Taehee Yoo) - net: bnx2: Fix error return code in bnx2_init_board() (Zhen Lei) - net: mdio: octeon: Fix some double free issues (Christophe JAILLET) - net: mdio: thunder: Fix a double free issue in the .remove function (Christophe JAILLET) - net: netcp: Fix an error message (Christophe JAILLET) - drm/amdgpu: Fix a use-after-free (xinhui pan) - SMB3: incorrect file id in requests compounded with open (Steve French) - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (Andy Shevchenko) - platform/x86: hp-wireless: add AMDs hardware id to the supported list (Shyam Sundar S K) - btrfs: do not BUG_ON in link_to_fixup_dir (Josef Bacik) - openrisc: Define memory barrier mb (Peter Zijlstra) - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (Matt Wang) - media: gspca: properly check for errors in po1030_probe() (Greg Kroah-Hartman) - media: dvb: Add check on sp8870_readreg return (Alaa Emad) - libertas: register sysfs groups properly (Greg Kroah-Hartman) - dmaengine: qcom_hidma: comment platform_driver_register call (Phillip Potter) - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (Phillip Potter) - char: hpet: add checks after calling ioremap (Tom Seewald) - net: caif: remove BUG_ON(dev == NULL) in caif_xmit (Du Cheng) - net: fujitsu: fix potential null-ptr-deref (Anirudh Rayabharam) - serial: max310x: unregister uart driver in case of failure and abort (Atul Gopinathan) - platform/x86: hp_accel: Avoid invoking _INI to speed up resume (Kai-Heng Feng) - perf jevents: Fix getting maximum number of fds (Felix Fietkau) - i2c: i801: Dont generate an interrupt on bus reset (Jean Delvare) - i2c: s3c2410: fix possible NULL pointer deref on read message after write (Krzysztof Kozlowski) - tipc: skb_linearize the head skb when reassembling msgs (Xin Long) - Revert net:tipc: Fix a double free in tipc_sk_mcast_rcv (Hoang Le) - drm/meson: fix shutdown crash when component not probed (Neil Armstrong) - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (Zhang Xiaoxu) - NFS: Dont corrupt the value of pg_bytes_written in nfs_do_recoalesce() (Trond Myklebust) - NFS: fix an incorrect limit in filelayout_decode_layout() (Dan Carpenter) - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() (Yoshihiro Shimoda) - USB: serial: pl2303: add device id for ADLINK ND-6530 GC (Zolton Jheng) - USB: serial: ftdi_sio: add IDs for IDS GmbH Products (Dominik Andreas Schorpp) - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (Daniele Palmas) - USB: serial: ti_usb_3410_5052: add startech.com device id (Sean MacLennan) - serial: rp2: use request_firmware instead of request_firmware_nowait (Zheyu Ma) - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (Geert Uytterhoeven) - USB: trancevibrator: fix control-request direction (Johan Hovold) - iio: adc: ad7793: Add missing error code in ad7793_setup() (YueHaibing) - staging: iio: cdc: ad7746: avoid overwrite of num_channels (Lucas Stankus) - mei: request autosuspend after sending rx flow control (Alexander Usyskin) - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (Mathias Nyman) - misc/uss720: fix memory leak in uss720_probe (Dongliang Mu) - kgdb: fix gcc-11 warnings harder (Greg Kroah-Hartman) - dm snapshot: properly fix a crash when an origin has no snapshots (Mikulas Patocka) - ath10k: Validate first subframe of A-MSDU before processing the list (Sriram R) - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) - mac80211: check defrag PN against current frame (Johannes Berg) - mac80211: add fragment cache to sta_info (Johannes Berg) - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) {CVE-2020-26147} - net: hso: fix control-request directions (Johan Hovold) - proc: Check /proc//attr/ writes against file opener (Kees Cook) - perf intel-pt: Fix transaction abort handling (Adrian Hunter) - perf intel-pt: Fix sample instruction bytes (Adrian Hunter) - iommu/vt-d: Fix sysfs leak in alloc_iommu() (Rolf Eike Beer) - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (Anna Schumaker) - NFC: nci: fix memory leak in nci_allocate_device (Dongliang Mu) - usb: dwc3: gadget: Enable suspend events (Jack Pham) - scripts: switch explicitly to Python 3 (Andy Shevchenko) - tweewide: Fix most Shebang lines (Finn Behrens) - A/A Bonding: dev_hold/put() the delayed GARP work handlers netdev in rdmaip (Sharath Srinivasan) [Orabug: 33161269] - capmem: Mark the pages as non-readonly+dirty. (David Clear) [Orabug: 33155665] - Revert capmem: Mark the pages as non-readonly+dirty. (Dave Kleikamp) [Orabug: 33155665] - ionic: clean interrupt before enabling queue to avoid credit race (Shannon Nelson) [Orabug: 33155665] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33165871] - Revert x86/reboot: Force all cpus to exit VMX root if VMX is supported (Somasundaram Krishnasamy) [Orabug: 33156450] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-34693 CVE-2021-3612 CVE-2020-24586 CVE-2021-23134 CVE-2020-24587 CVE-2020-24588 CVE-2020-26147 CVE-2021-3609 CVE-2021-22543 CVE-2021-3656 Oracle Linux 8 Oracle Linux 7 [5.4.17-2102.205.7.3] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3739 Oracle Linux 7 [4.14.35-2047.507.7.5.el7] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33369947] {CVE-2021-3564} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369956] {CVE-2021-40490} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 33369955] {CVE-2020-36322} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33369954] {CVE-2021-3679} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369953] {CVE-2021-38160} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369952] {CVE-2021-3655} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36322 CVE-2021-3573 CVE-2021-3679 CVE-2021-38160 CVE-2021-3655 CVE-2021-40490 CVE-2021-3564 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.54.6.1] - fs/namespace.c: fix mountpoint reference counter race (Piotr Krysiuk) [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik) [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid copying malformed SSIDs (Will Deacon) [Orabug: 33369390] {CVE-2019-17133} - vhost_net: fix possible infinite loop (Jason Wang) [Orabug: 33369374] {CVE-2019-3900} {CVE-2019-3900} - vhost: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900} - vhost_net: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900} - vhost_net: use packet weight for rx handler, too (Paolo Abeni) [Orabug: 33369374] {CVE-2019-3900} - vhost-net: set packet weight of tx polling to 2 * vq size (haibinzhang) [Orabug: 33369374] {CVE-2019-3900} - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: check defrag PN against current frame (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: add fragment cache to sta_info (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369303] {CVE-2021-3655} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369276] {CVE-2021-38160} - net_sched: cls_route: remove the right filter from hashtable (Cong Wang) [Orabug: 33369231] {CVE-2021-3715} - HID: make arrays usage and value to be the same (Will McVicker) [Orabug: 33369121] {CVE-2021-0512} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369043] {CVE-2021-40490} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2019-3900 CVE-2019-17133 CVE-2020-12114 CVE-2019-19448 CVE-2021-3715 CVE-2021-38160 CVE-2021-3655 CVE-2021-40490 CVE-2020-26140 CVE-2020-26143 CVE-2020-26144 CVE-2020-26139 CVE-2020-26142 CVE-2020-26146 CVE-2021-0512 CVE-2020-24586 CVE-2020-26141 CVE-2020-24587 CVE-2020-24588 CVE-2020-26145 CVE-2020-26147 Oracle Linux 7 [4.14.35-2047.507.7.5] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33369947] {CVE-2021-3564} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369956] {CVE-2021-40490} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 33369955] {CVE-2020-36322} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33369954] {CVE-2021-3679} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369953] {CVE-2021-38160} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369952] {CVE-2021-3655} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-36322 CVE-2021-3573 CVE-2021-3679 CVE-2021-38160 CVE-2021-3655 CVE-2021-40490 CVE-2021-3564 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.205.7.3.el7] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3739 Oracle Linux 7 [7:3.5.20-17.0.1] - Mutiple CVE fixes for squid [Orabug: 33146289] - Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing (#778) - Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing (#788) - Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range requests (#790) - Resolves: CVE-2021-33620 squid: Handle more partial responses (#791) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28651 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-28652 CVE-2021-33620 Oracle Linux 7 [4.14.35-2047.507.7.6] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33406810] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33406819] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33406814] - net/mlx5: Rate limit errors in command interface (Leon Romanovsky) [Orabug: 33406805] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28950 Oracle Linux 7 [4.14.35-2047.507.7.6.el7] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33406810] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33406819] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33406814] - net/mlx5: Rate limit errors in command interface (Leon Romanovsky) [Orabug: 33406805] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28950 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.56.1] - ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (alex chen) [Orabug: 29184589] {CVE-2017-18216} - bcache: fix potential deadlock problem in btree_gc_coalesce (Zhiqiang Liu) {CVE-2020-12771} - filldir[64]: remove WARN_ON_ONCE() for bad directory entries (Linus Torvalds) [Orabug: 31351271] {CVE-2019-10220} - Make filldir[64]() verify the directory entry filename is valid (Linus Torvalds) [Orabug: 31351271] {CVE-2019-10220} - ath9k: release allocated buffer if timed out (Navid Emamdoost) [Orabug: 31351559] {CVE-2019-19074} - scsi: bfa: release allocated memory in case of error (Navid Emamdoost) [Orabug: 31351615] {CVE-2019-19066} - rtlwifi: prevent memory leak in rtl_usb_probe (Navid Emamdoost) [Orabug: 31351626] {CVE-2019-19063} - perf/core: Fix perf_event_open() vs. execve() race (Peter Zijlstra) [Orabug: 31351766] {CVE-2019-3901} - l2tp: pass tunnel pointer to ->session_create() (Guillaume Nault) [Orabug: 31352004] {CVE-2018-9517} - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33039295] - Revert 'uek-rpm: mark /etc/ld.so.conf.d/ files as %config' (aloktiw) [Orabug: 33359684] - ksplice: Fix build warning with ksplice_sysctls (John Donnelly) [Orabug: 33365274] - kvm:vmx Fix build error in kvm/vmx.c (John Donnelly) [Orabug: 33375485] - vmscan: Fix build error in mm/vmscan.c (John Donnelly) [Orabug: 33375931] - constify iov_iter_count() and iter_is_iovec() (Al Viro) [Orabug: 33381741] [4.1.12-124.55.3] - fs/namespace.c: fix mountpoint reference counter race (Piotr Krysiuk) [Orabug: 31350976] {CVE-2020-12114} {CVE-2020-12114} - btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik) [Orabug: 31351025] {CVE-2019-19448} {CVE-2019-19448} - cfg80211: wext: avoid copying malformed SSIDs (Will Deacon) [Orabug: 31351800] {CVE-2019-17133} - vhost_net: fix possible infinite loop (Jason Wang) [Orabug: 31351950] {CVE-2019-3900} {CVE-2019-3900} - vhost: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 31351950] {CVE-2019-3900} - vhost_net: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 31351950] {CVE-2019-3900} - vhost_net: use packet weight for rx handler, too (Paolo Abeni) [Orabug: 31351950] {CVE-2019-3900} - vhost-net: set packet weight of tx polling to 2 * vq size (haibinzhang) [Orabug: 31351950] {CVE-2019-3900} - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: check defrag PN against current frame (Johannes Berg) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: add fragment cache to sta_info (Johannes Berg) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) [Orabug: 33009788] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33198409] {CVE-2021-3655} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33209274] {CVE-2021-38160} - net_sched: cls_route: remove the right filter from hashtable (Cong Wang) [Orabug: 33326887] {CVE-2021-3715} - HID: make arrays usage and value to be the same (Will McVicker) [Orabug: 33326939] {CVE-2021-0512} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33327200] {CVE-2021-40490} [4.1.12-124.55.2] - x86/mm: Fix compiler warning in pageattr.c (John Donnelly) [Orabug: 33332673] - security: Make inode argument of inode_getsecid non-const (Andreas Gruenbacher) [Orabug: 33337179] - security: Make inode argument of inode_getsecurity non-const (Andreas Gruenbacher) [Orabug: 33337179] [4.1.12-124.55.1] - cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE (Srinivas Dasari) [Orabug: 31351335] {CVE-2017-11089} - ocfs2: issue zeroout to EOF blocks (Junxiao Bi) [Orabug: 32974989] - ocfs2: fix zero out valid data (Junxiao Bi) [Orabug: 32974989] - ocfs2: fix data corruption by fallocate (Junxiao Bi) [Orabug: 32974989] - l2tp: fix l2tp_eth module loading (Guillaume Nault) [Orabug: 33114384] {CVE-2020-27067} - af_key: pfkey_dump needs parameter validation (Mark Salyzyn) [Orabug: 33114539] {CVE-2021-0605} - af_key: Add lock to key dump (Yuejie Shi) [Orabug: 33114539] {CVE-2021-0605} - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (Alexander Larkin) [Orabug: 33114989] {CVE-2021-3612} - Input: joydev - prevent potential read overflow in ioctl (Dan Carpenter) [Orabug: 33114989] {CVE-2021-3612} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33198437] {CVE-2021-3679} - dtrace: Corrects - warning: assignment makes pointer from integer without a cast (John Donnelly) [Orabug: 33314947] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-9517 CVE-2019-3901 CVE-2019-19074 CVE-2019-19063 CVE-2019-19066 CVE-2020-12771 CVE-2019-10220 CVE-2017-18216 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.206.1] - Revert 'scsi: core: Cap scsi_host cmd_per_lun at can_queue' (Jack Vogel) [Orabug: 33403144] [5.4.17-2102.206.0] - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' (Jack Vogel) [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring (Eric Snowberg) [Orabug: 33418496] - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33359395] - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33352679] - Revert 'uek-rpm: mark /etc/ld.so.conf.d/ files as %config' (aloktiw) [Orabug: 33311489] - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134286] - IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33134286] - IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33134286] - IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33134286] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134286] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739} - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276] - net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33284937] {CVE-2021-3743} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33327177] {CVE-2021-40490} - xfs: remove unused variable (Wengang Wang) [Orabug: 33313442] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518] - uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo (Somasundaram Krishnasamy) [Orabug: 33245043] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33209458] {CVE-2021-38198} - usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33174795] {CVE-2021-37159} - hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33174795] {CVE-2021-37159} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-40490 CVE-2021-3739 CVE-2021-37159 CVE-2021-38198 CVE-2021-3743 Oracle Linux 7 Oracle Linux 8 [5.4.17-2102.206.1] - Revert 'scsi: core: Cap scsi_host cmd_per_lun at can_queue' (Jack Vogel) [Orabug: 33403144] [5.4.17-2102.206.0] - Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' (Jack Vogel) [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring (Eric Snowberg) [Orabug: 33418496] - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33359395] - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33352679] - Revert 'uek-rpm: mark /etc/ld.so.conf.d/ files as %config' (aloktiw) [Orabug: 33311489] - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134286] - IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33134286] - IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33134286] - IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33134286] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134286] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739} - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276] - net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33284937] {CVE-2021-3743} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33327177] {CVE-2021-40490} - xfs: remove unused variable (Wengang Wang) [Orabug: 33313442] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296812] - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33209458] {CVE-2021-38198} - usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33174795] {CVE-2021-37159} - hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33174795] {CVE-2021-37159} IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-40490 CVE-2021-3739 CVE-2021-37159 CVE-2021-38198 CVE-2021-3743 Oracle Linux 7 [1.0.2k-22] - fix CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz#1932132, rhbz#1932126 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23840 CVE-2021-23841 Oracle Linux 7 [4.14.35-2047.508.3] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33352735] [4.14.35-2047.508.2] - KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33360245] - Revert uek-rpm: mark /etc/ld.so.conf.d/ files as %config (aloktiw) [Orabug: 33359680] - net/mlx5: Rate limit errors in command interface (Leon Romanovsky) [Orabug: 33305503] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33292634] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33292634] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33292634] {CVE-2021-3564} - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134287] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134287] - uek-rpm: Add dm-cache-smq.ko module (John Donnelly) [Orabug: 29198153] [4.14.35-2047.508.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33324346] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33329032] - ip: Manual backport of pskb_inet_may_pull() (Hakon Bugge) [Orabug: 33329032] - Revert Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Hakon Bugge) [Orabug: 33329032] - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Tso) [Orabug: 33327179] {CVE-2021-40490} - uek-rpm: add CONFIG_PVPANIC_PCI to aarch64 (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: fix set driver data (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic-pci: Allow automatic loading (Eric Auger) [Orabug: 33155642] - misc/pvpanic: Remove some dead-code (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic: Make pvpanic_probe() resource managed (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-mmio: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-mmio: Fix error handling in pvpanic_mmio_probe() (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-pci: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-pci: Fix error handling in pvpanic_pci_probe() (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic: Make some symbols static (YueHaibing) [Orabug: 33155642] - misc/pvpanic: fix return value check in pvpanic_pci_probe() (Qiheng Lin) [Orabug: 33155642] - misc/pvpanic: add PCI driver (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: probe multiple instances (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: split-up generic and platform dependent code (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: Export module FDT device table (Shile Zhang) [Orabug: 33155642] - misc: pvpanic: sysfs_emit uses should have a newline (Joe Perches) [Orabug: 33155642] - misc: pvpanic: introduce events device attribue (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: introduce device capability (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: Check devm_ioport_map() for NULL (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Replace OF headers by mod_devicetable.h (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Combine ACPI and platform drivers (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Use devm_platform_ioremap_resource() (Wang ShaoBo) [Orabug: 33155642] - driver core: platform: Introduce platform_get_mem_or_io() (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: move bit definition to uapi header file (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: fix warning implicit declaration (Anders Roxell) [Orabug: 33155642] - misc/pvpanic: resolve compile errors for arch=um (Peng Hao) [Orabug: 33155642] - misc/pvpanic: fix a NULL vs IS_ERR() check (Dan Carpenter) [Orabug: 33155642] - misc/pvpanic: remove a redundant comma (Peng Hao) [Orabug: 33155642] - misc/pvpanic: convert to SPDX license tags (Peng Hao) [Orabug: 33155642] - misc/pvpanic: change header file sort style (Peng Hao) [Orabug: 33155642] - misc/pvpanic: remove unnecessary header file (Peng Hao) [Orabug: 33155642] - misc/pvpanic : break dependency on ACPI (Peng Hao) [Orabug: 33155642] - misc/pvpanic : grouping ACPI related stuff (Peng Hao) [Orabug: 33155642] - misc/pvpanic: add support to get pvpanic device info FDT (Peng Hao) [Orabug: 33155642] - dt-bindings: misc/pvpanic: add document for pvpanic-mmio (Peng Hao) [Orabug: 33155642] - misc/pvpanic: add MMIO support (Peng Hao) [Orabug: 33155642] - misc/pvpanic: simplify the code using acpi_dev_resource_io (Peng Hao) [Orabug: 33155642] - pvpanic: move pvpanic to misc as common driver (Peng Hao) [Orabug: 33155642] - fuse: fix bad inode (Miklos Szeredi) [Orabug: 32769032] {CVE-2020-36322} - Linux 4.14.243 (Greg Kroah-Hartman) - spi: mediatek: Fix fifo transfer (Guenter Roeck) - Revert watchdog: iTCO_wdt: Account for rebooting on second timeout (Greg Kroah-Hartman) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() (Sean Christopherson) - KVM: do not assume PTE is writable after follow_pfn (Paolo Bonzini) - Revert Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Greg Kroah-Hartman) - net: Fix zero-copy head len calculation. (Pravin B Shelar) - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() (Jia He) - r8152: Fix potential PM refcount imbalance (Takashi Iwai) - regulator: rt5033: Fix n_voltages settings for BUCK and LDO (Axel Lin) - btrfs: mark compressed range uptodate only if all bio succeed (Goldwyn Rodrigues) - Linux 4.14.242 (Greg Kroah-Hartman) - Revert perf map: Fix dso->nsinfo refcounting (Arnaldo Carvalho de Melo) - can: hi311x: fix a signedness bug in hi3110_cmd() (Dan Carpenter) - sis900: Fix missing pci_disable_device() in probe and remove (Wang Hai) - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove (Wang Hai) - sctp: fix return value check in __sctp_rcv_asconf_lookup (Marcelo Ricardo Leitner) - net/mlx5: Fix flow table chaining (Maor Gottlieb) - net: llc: fix skb_over_panic (Pavel Skripkin) - mlx4: Fix missing error code in mlx4_load_one() (Jiapeng Chong) - tipc: fix sleeping in tipc accept routine (Hoang Le) - netfilter: nft_nat: allow to specify layer 4 protocol NAT only (Pablo Neira Ayuso) - netfilter: conntrack: adjust stop timestamp to real expiry value (Florian Westphal) - cfg80211: Fix possible memory leak in function cfg80211_bss_update (Nguyen Dinh Phi) - x86/asm: Ensure asm/proto.h can be included stand-alone (Jan Kiszka) - nfc: nfcsim: fix use after free during module unload (Krzysztof Kozlowski) - NIU: fix incorrect error return, missed in previous revert (Paul Jakma) - can: esd_usb2: fix memory leak (Pavel Skripkin) - can: ems_usb: fix memory leak (Pavel Skripkin) - can: usb_8dev: fix memory leak (Pavel Skripkin) - can: mcba_usb_start(): add missing urb->transfer_dma initialization (Pavel Skripkin) - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (Ziyang Xuan) - x86/kvm: fix vcpu-id indexed array sizes (Juergen Gross) - gro: ensure frag0 meets IP header alignment (Eric Dumazet) - virtio_net: Do not pull payload in skb->head (Eric Dumazet) - ARM: dts: versatile: Fix up interrupt controller node names (Sudeep Holla) - hfs: add lock nesting notation to hfs_find_init (Desmond Cheong Zhi Xi) - hfs: fix high memory mapping in hfs_bnode_read (Desmond Cheong Zhi Xi) - hfs: add missing clean-up in hfs_fill_super (Desmond Cheong Zhi Xi) - sctp: move 198 addresses from unusable to private scope (Xin Long) - net: annotate data race around sk_ll_usec (Eric Dumazet) - net/802/garp: fix memleak in garp_request_join() (Yang Yingliang) - net/802/mrp: fix memleak in mrp_request_join() (Yang Yingliang) - workqueue: fix UAF in pwq_unbound_release_workfn() (Yang Yingliang) - af_unix: fix garbage collect vs MSG_PEEK (Miklos Szeredi) - net: split out functions related to registering inflight socket files (Jens Axboe) - KVM: x86: determine if an exception has an error code only when injecting it. (Maxim Levitsky) - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c (Greg Kroah-Hartman) [4.14.35-2047.508.0] - Linux 4.14.241 (Greg Kroah-Hartman) - xhci: add xhci_get_virt_ep() helper (Mathias Nyman) - spi: spi-fsl-dspi: Fix a resource leak in an error handling path (Christophe JAILLET) - btrfs: compression: dont try to compress if we dont have enough pages (David Sterba) - iio: accel: bma180: Fix BMA25x bandwidth register values (Stephan Gerhold) - iio: accel: bma180: Use explicit member assignment (Linus Walleij) - net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear (Doug Berger) - drm: Return -ENOTTY for non-drm ioctls (Charles Baylis) - selftest: use mmap instead of posix_memalign to allocate memory (Peter Collingbourne) - ixgbe: Fix packet corruption due to missing DMA sync (Markus Boehme) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (Gustavo A. R. Silva) - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33198436] {CVE-2021-3679} - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. (Minas Harutyunyan) - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (John Keeping) - USB: serial: cp210x: fix comments for GE CS1000 (Ian Ray) - USB: serial: option: add support for u-blox LARA-R6 family (Marco De Marco) - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (Yoshihiro Shimoda) - usb: max-3421: Prevent corruption of freed memory (Mark Tomlinson) - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (Julian Sikorski) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (Mathias Nyman) - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Nicholas Piggin) - xhci: Fix lost USB 2 remote wake (Mathias Nyman) - ALSA: sb: Fix potential ABBA deadlock in CSP driver (Takashi Iwai) - s390/ftrace: fix ftrace_update_ftrace_func implementation (Vasily Gorbik) - Revert MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei) - proc: Avoid mixing integer types in mem_rw() (Marcelo Henrique Cerri) - Revert USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - spi: cadence: Correct initialisation of runtime PM again (Marek Vasut) - scsi: target: Fix protect handling in WRITE SAME(32) (Dmitry Bogdanov) - scsi: iscsi: Fix iface sysfs attr detection (Mike Christie) - netrom: Decrease sock refcount when sock timers expire (Nguyen Dinh Phi) - net: decnet: Fix sleeping inside in af_decnet (Yajun Deng) - net: fix uninit-value in caif_seqpkt_sendmsg (Ziyang Xuan) - s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] (Colin Ian King) - liquidio: Fix unintentional sign extension issue on left shift of u16 (Colin Ian King) - spi: mediatek: fix fifo rx mode (Peter Hess) - perf probe-file: Delete namelist in del_events() on the error path (Riccardo Mancini) - perf test bpf: Free obj_buf (Riccardo Mancini) - perf lzma: Close lzma stream on exit (Riccardo Mancini) - perf probe: Fix dso->nsinfo refcounting (Riccardo Mancini) - perf map: Fix dso->nsinfo refcounting (Riccardo Mancini) - igb: Check if num of q_vectors is smaller than max before array access (Aleksandr Loktionov) - iavf: Fix an error handling path in iavf_probe() (Christophe JAILLET) - e1000e: Fix an error handling path in e1000_probe() (Christophe JAILLET) - fm10k: Fix an error handling path in fm10k_probe() (Christophe JAILLET) - igb: Fix an error handling path in igb_probe() (Christophe JAILLET) - ixgbe: Fix an error handling path in ixgbe_probe() (Christophe JAILLET) - igb: Fix use-after-free error during reset (Vinicius Costa Gomes) - ipv6: tcp: drop silly ICMPv6 packet too big messages (Eric Dumazet) - tcp: annotate data races around tp->mtu_info (Eric Dumazet) - dma-buf/sync_file: Dont leak fences on merge failure (Jason Ekstrand) - net: validate lwtstate->data before returning from skb_tunnel_info() (Taehee Yoo) - net: send SYNACK packet with accepted fwmark (Alexander Ovechkin) - net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) - net: qcom/emac: fix UAF in emac_remove (Pavel Skripkin) - net: moxa: fix UAF in moxart_mac_probe (Pavel Skripkin) - net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (Florian Fainelli) - net: bridge: sync fdb to new unicast-filtering ports (Wolfgang Bumiller) - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (Vasily Averin) - net: ipv6: fix return value of ip6_skb_dst_mtu (Vadim Fedorenko) - sched/fair: Fix CFS bandwidth hrtimer expiry type (Odin Ugedal) - scsi: libfc: Fix array index out of bound exception (Javed Hasan) - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 (Colin Ian King) - rtc: max77686: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set (Matthias Maennich) - thermal/core: Correct function name thermal_zone_device_unregister() (Yang Yingliang) - arm64: dts: ls208xa: remove bus-num from dspi node (Mian Yousaf Kaukab) - arm64: dts: juno: Update SCPI nodes as per the YAML schema (Sudeep Holla) - ARM: dts: stm32: fix RCC node name on stm32f429 MCU (Alexandre Torgue) - ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info (Jonathan Neuschafer) - ARM: dts: imx6: phyFLEX: Fix UART hardware flow control (Primoz Fiser) - ARM: dts: BCM63xx: Fix NAND nodes names (Rafal Milecki) - ARM: NSP: dts: fix NAND nodes names (Rafal Milecki) - ARM: Cygnus: dts: fix NAND nodes names (Rafal Milecki) - ARM: brcmstb: dts: fix NAND nodes names (Rafal Milecki) - reset: ti-syscon: fix to_ti_syscon_reset_data macro (Philipp Zabel) - arm64: dts: rockchip: Fix power-controller node names for rk3328 (Elaine Zhang) - ARM: dts: rockchip: Fix power-controller node names for rk3288 (Elaine Zhang) - ARM: dts: rockchip: Fix the timer clocks order (Ezequiel Garcia) - arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi (Johan Jonker) - ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 (Johan Jonker) - ARM: dts: gemini: add device_type on pci (Corentin Labbe) - Linux 4.14.240 (Greg Kroah-Hartman) - net: bridge: multicast: fix PIM hello router port marking race (Nikolay Aleksandrov) - MIPS: vdso: Invalid GIC access through VDSO (Martin Facknitz) - mips: disable branch profiling in boot/decompress.o (Randy Dunlap) - mips: always link byteswap helpers into decompressor (Arnd Bergmann) - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() (Christophe JAILLET) - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (Aswath Govindraju) - memory: fsl_ifc: fix leak of private memory on probe failure (Krzysztof Kozlowski) - memory: fsl_ifc: fix leak of IO mapping on probe failure (Krzysztof Kozlowski) - reset: bail if try_module_get() fails (Philipp Zabel) - ARM: dts: BCM5301X: Fixup SPI binding (Rafal Milecki) - ARM: dts: r8a7779, marzen: Fix DU clock names (Geert Uytterhoeven) - rtc: fix snprintf() checking in is_rtc_hctosys() (Dan Carpenter) - memory: atmel-ebi: add missing of_node_put for loop iteration (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (Krzysztof Kozlowski) - reset: a10sr: add missing of_match_table reference (Krzysztof Kozlowski) - hexagon: use common DISCARDS macro (Nathan Chancellor) - NFSv4/pNFS: Dont call _nfs4_pnfs_v3_ds_connect multiple times (Trond Myklebust) - ALSA: isa: Fix error return code in snd_cmi8330_probe() (Zhen Lei) - x86/fpu: Limit xstate copy size in xstateregs_set() (Thomas Gleixner) - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (Zhihao Cheng) - nfs: fix acl memory leak of posix_acl_create() (Gao Xiang) - watchdog: aspeed: fix hardware timeout calculation (Tao Ren) - um: fix error return code in winch_tramp() (Zhen Lei) - um: fix error return code in slip_open() (Zhen Lei) - power: supply: rt5033_battery: Fix device tree enumeration (Stephan Gerhold) - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (Krzysztof Wilczynski) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs (Chao Yu) - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33209273] {CVE-2021-38160} - virtio_net: Fix error handling in virtnet_restore() (Xie Yongji) - virtio-blk: Fix memory leak among suspend/resume procedure (Xie Yongji) - ACPI: video: Add quirk for the Dell Vostro 3350 (Hans de Goede) - ACPI: AMBA: Fix resource name in /proc/iomem (Liguang Zhang) - pwm: tegra: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (Zou Wei) - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (Zou Wei) - NFS: nfs_find_open_context() may only select open files (Trond Myklebust) - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton) - orangefs: fix orangefs df output. (Mike Marshall) - x86/fpu: Return proper error codes from user access functions (Thomas Gleixner) - watchdog: iTCO_wdt: Account for rebooting on second timeout (Jan Kiszka) - watchdog: Fix possible use-after-free by calling del_timer_sync() (Zou Wei) - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (Zou Wei) - watchdog: Fix possible use-after-free in wdt_startup() (Zou Wei) - ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 (Nick Desaulniers) - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - power: supply: ab8500: Avoid NULL pointers (Linus Walleij) - pwm: spear: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. (Dimitri John Ledkov) - i2c: core: Disable client irq on reboot/shutdown (Dmitry Torokhov) - intel_th: Wait until port is in reset before programming it (Alexander Shishkin) - staging: rtl8723bs: fix macro value for 2.4Ghz only device (Fabio Aiuto) - ALSA: hda: Add IRQ check for platform_get_irq() (Jiajun Cao) - backlight: lm3630a: Fix return code of .update_status() callback (Uwe Kleine-Konig) - powerpc/boot: Fixup device-tree on little endian (Benjamin Herrenschmidt) - usb: gadget: hid: fix error return code in hid_bind() (Yang Yingliang) - usb: gadget: f_hid: fix endianness issue with descriptors (Ruslan Bilovol) - ALSA: bebob: add support for ToneWeal FW66 (Takashi Sakamoto) - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (Zhen Lei) - selftests/powerpc: Fix no_handler EBB selftest (Athira Rajeev) - ALSA: ppc: fix error return code in snd_pmac_probe() (Yang Yingliang) - gpio: zynq: Check return value of pm_runtime_get_sync (Srinivas Neeli) - powerpc/ps3: Add dma_mask to ps3_dma_region (Geoff Levand) - ALSA: sb: Fix potential double-free of CSP mixer elements (Takashi Iwai) - s390/sclp_vt220: fix console name to match device (Valentin Vidic) - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (Zou Wei) - scsi: qedi: Fix null ref during abort handling (Mike Christie) - scsi: iscsi: Fix shost->max_id use (Mike Christie) - scsi: iscsi: Add iscsi_cls_conn refcount helpers (Mike Christie) - fs/jfs: Fix missing error code in lmLogInit() (Jiapeng Chong) - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (Christophe JAILLET) - scsi: core: Cap scsi_host cmd_per_lun at can_queue (John Garry) - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (James Smart) - scsi: lpfc: Fix Unexpected timeout error in direct attach topology (James Smart) - w1: ds2438: fixing bug that would always get page0 (Luiz Sampaio) - Revert ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - misc/libmasm/module: Fix two use after free in ibmasm_init_one (Lv Yunlong) - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (Sherry Sun) - PCI: aardvark: Fix kernel panic during PIO transfer (Pali Rohar) - PCI: aardvark: Dont rely on jiffies while holding spinlock (Remi Pommarel) - tracing: Do not reference char * as a string in histograms (Steven Rostedt (VMware)) - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (Tyrel Datwyler) - KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() (Lai Jiangshan) - KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled (Sean Christopherson) - smackfs: restrict bytes count in smk_set_cipso() (Tetsuo Handa) - jfs: fix GPF in diFree (Pavel Skripkin) - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (Benjamin Drung) - media: gspca/sunplus: fix zero-length control requests (Johan Hovold) - media: gspca/sq905: fix control-request direction (Johan Hovold) - media: zr364xx: fix memory leak in zr364xx_start_readpipe (Pavel Skripkin) - media: dtv5100: fix control-request directions (Johan Hovold) - dm btree remove: assign new_root only when removal succeeds (Hou Tao) - ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe (Lv Yunlong) - tracing: Simplify & fix saved_tgids logic (Paul Burton) - seq_buf: Fix overflow in seq_buf_putmem_hex() (Yun Zhou) - power: supply: ab8500: Fix an old bug (Linus Walleij) - ipmi/watchdog: Stop watchdog timer when the current action is none (Petr Pavlu) - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (Nathan Chancellor) - ASoC: tegra: Set driver_name=tegra for all machine drivers (Dmitry Osipenko) - cpu/hotplug: Cure the cpusets trainwreck (Thomas Gleixner) - ata: ahci_sunxi: Disable DIPM (Timo Sigurdsson) - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (Christian Lohle) - mmc: core: clear flags before allowing to retune (Wolfram Sang) - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (Al Cooper) - pinctrl/amd: Add device HID for new AMD GPIO controller (Maximilian Luz) - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (Jing Xiangfeng) - usb: gadget: f_fs: Fix setting of device and driver data cross-references (Andrew Gabbasov) - powerpc/barrier: Avoid collision with clangs __lwsync macro (Nathan Chancellor) - mac80211: fix memory corruption in EAPOL handling (Davis Mosenkovs) - fuse: reject internal errno (Miklos Szeredi) - bdi: Do not use freezable workqueue (Mika Westerberg) - fscrypt: dont ignore minor_hash when hash is 0 (Eric Biggers) - sctp: add size validation when walking chunks (Marcelo Ricardo Leitner) - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33198408] {CVE-2021-3655} - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. (Tim Jiang) - Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Kai-Heng Feng) - Bluetooth: Fix the HCI to MGMT status conversion table (Yu Liu) - wireless: wext-spy: Fix out-of-bounds warning (Gustavo A. R. Silva) - sfc: error code if SRIOV cannot be disabled (inigo Huguet) - sfc: avoid double pci_remove of VFs (inigo Huguet) - iwlwifi: mvm: dont change band on bound PHY contexts (Johannes Berg) - RDMA/rxe: Dont overwrite errno from ib_umem_get() (Xiao Yang) - vsock: notify server to shutdown when client has pending signal (Longpeng(Mike)) - atm: nicstar: register the interrupt handler in the right place (Zheyu Ma) - atm: nicstar: use dma_free_coherent instead of kfree (Zheyu Ma) - MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei) - cw1200: add missing MODULE_DEVICE_TABLE (Zou Wei) - wl1251: Fix possible buffer overflow in wl1251_cmd_scan (Lee Gibson) - wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (Tony Lindgren) - xfrm: Fix error reporting in xfrm_state_construct. (Steffen Klassert) - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC (Minchan Kim) - fjes: check return value after calling platform_get_resource() (Yang Yingliang) - net: micrel: check return value after calling platform_get_resource() (Yang Yingliang) - net: bcmgenet: check return value after calling platform_get_resource() (Yang Yingliang) - virtio_net: Remove BUG() to avoid machine dead (Xianting Tian) - dm space maps: dont reset space map allocation cursor when committing (Joe Thornber) - RDMA/cxgb4: Fix missing error code in create_qp() (Jiapeng Chong) - ipv6: use prandom_u32() for ID generation (Willy Tarreau) - clk: tegra: Ensure that PLLU configuration is applied properly (Dmitry Osipenko) - clk: renesas: r8a77995: Add ZA2 clock (Kuninori Morimoto) - e100: handle eeprom as little endian (Jesse Brandeburg) - udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) - drm/virtio: Fix double free on probe failure (Xie Yongji) - reiserfs: add check for invalid 1st journal block (Pavel Skripkin) - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT (Sebastian Andrzej Siewior) - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() (Zou Wei) - mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) - atm: iphase: fix possible use-after-free in ia_module_exit() (Zou Wei) - hugetlb: clear huge pte during flush function on mips platform (Bibo Mao) - net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() (Andy Shevchenko) - drm/amd/amdgpu/sriov disable all ip hw status by default (Jack Zhang) - drm/zte: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann) - drm/mxsfb: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann) - mmc: vub3000: fix control-request direction (Johan Hovold) - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random (Dave Hansen) - mm/huge_memory.c: dont discard hugepage if other processes are mapping it (Miaohe Lin) - leds: ktd2692: Fix an error handling path (Christophe JAILLET) - leds: as3645a: Fix error return code in as3645a_parse_node() (Zhen Lei) - configfs: fix memleak in configfs_release_bin_file (Chung-Chiang Cheng) - extcon: max8997: Add missing modalias string (Marek Szyprowski) - extcon: sm5502: Drop invalid register write in sm5502_reg_data (Stephan Gerhold) - phy: ti: dm816x: Fix the error handling path in dm816x_usb_phy_probe() (Christophe JAILLET) - scsi: mpt3sas: Fix error return value in _scsih_expander_add() (Zhen Lei) - of: Fix truncation of memory sizes on 32-bit platforms (Geert Uytterhoeven) - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (Richard Fitzgerald) - staging: gdm724x: check for overflow in gdm_lte_netif_rx() (Dan Carpenter) - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (Dan Carpenter) - iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (Andy Shevchenko) - s390: appldata depends on PROC_SYSCTL (Randy Dunlap) - scsi: FlashPoint: Rename si_flags field (Randy Dunlap) - tty: nozomi: Fix the error handling path of nozomi_card_init() (Christophe JAILLET) - char: pcmcia: error out if num_bytes_read is greater than 4 in set_protocol() (Yu Kuai) - Input: hil_kbd - fix error return code in hil_dev_connect() (Zhen Lei) - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (Yang Yingliang) - iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adis_buffer: do not return ints in irq handlers (Nuno Sa) - mwifiex: re-fix for unaligned accesses (Arnd Bergmann) - tty: nozomi: Fix a resource leak in an error handling function (Christophe JAILLET) - net: sched: fix warning in tcindex_alloc_perfect_hash (Pavel Skripkin) - writeback: fix obtain a reference to a freeing memcg css (Muchun Song) - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (Luiz Augusto von Dentz) - Revert ibmvnic: remove duplicate napi_schedule call in open function (Dany Madden) - i40e: Fix error handling in i40e_vsi_open (Dinghao Liu) - net: bcmgenet: Fix attaching to PYH failed on RPi 4B (Jian-Hong Pan) - vxlan: add missing rcu_read_lock() in neigh_reduce() (Eric Dumazet) - pkt_sched: sch_qfq: fix qfq_change_class() error path (Eric Dumazet) - net: ethernet: ezchip: fix error handling (Pavel Skripkin) - net: ethernet: ezchip: fix UAF in nps_enet_remove (Pavel Skripkin) - net: ethernet: aeroflex: fix UAF in greth_of_remove (Pavel Skripkin) - samples/bpf: Fix the error return code of xdp_redirects main() (Wang Hai) - netfilter: nft_exthdr: check for IPv6 packet before further processing (Pablo Neira Ayuso) - netlabel: Fix memory leak in netlbl_mgmt_add_common (Liu Shixin) - ath10k: Fix an error code in ath10k_add_interface() (Yang Li) - brcmsmac: mac80211_if: Fix a resource leak in an error handling path (Christophe JAILLET) - wireless: carl9170: fix LEDS build errors & warnings (Randy Dunlap) - drm: qxl: ensure surf.data is ininitialized (Colin Ian King) - RDMA/rxe: Fix failure during driver load (Kamal Heib) - ehea: fix error return code in ehea_restart_qps() (Zhen Lei) - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (Yang Yingliang) - net: pch_gbe: Propagate error from devm_gpio_request_one() (Andy Shevchenko) - ocfs2: fix snprintf() checking (Dan Carpenter) - ACPI: sysfs: Fix a buffer overrun problem with description_show() (Krzysztof Wilczynski) - crypto: nx - Fix RCU warning in nx842_OF_upd_status (Herbert Xu) - spi: spi-sun6i: Fix chipselect/clock bug (Mirko Vogt) - btrfs: clear log tree recovering status if starting transaction fails (David Sterba) - hwmon: (max31790) Fix fan speed reporting for fan7..12 (Guenter Roeck) - hwmon: (max31722) Remove non-standard ACPI device IDs (Guenter Roeck) - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (Dillon Min) - mmc: usdhi6rol0: fix error return code in usdhi6_probe() (Zhen Lei) - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (Gustavo A. R. Silva) - media: tc358743: Fix error return code in tc358743_probe_of() (Zhen Lei) - media: exynos4-is: Fix a use after free in isp_video_release (Lv Yunlong) - pata_ep93xx: fix deferred probing (Sergey Shtylyov) - crypto: ccp - Fix a resource leak in an error handling path (Christophe JAILLET) - pata_octeon_cf: avoid WARN_ON() in ata_host_activate() (Sergey Shtylyov) - media: I2C: change RST to RSET to fix multiple build errors (Randy Dunlap) - pata_rb532_cf: fix deferred probing (Sergey Shtylyov) - sata_highbank: fix deferred probing (Sergey Shtylyov) - crypto: ux500 - Fix error return code in hash_hw_final() (Zhen Lei) - crypto: ixp4xx - dma_unmap the correct address (Corentin Labbe) - media: s5p_cec: decrement usage count if disabled (Mauro Carvalho Chehab) - ia64: mca_drv: fix incorrect array size calculation (Arnd Bergmann) - HID: wacom: Correct base usage for capacitive ExpressKey status bits (Jason Gerecke) - ACPI: tables: Add custom DSDT file as makefile prerequisite (Richard Fitzgerald) - platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (Jiapeng Chong) - ACPI: bus: Call kobject_put() in acpi_init() error path (Hanjun Guo) - ACPICA: Fix memory leak caused by _CID repair function (Erik Kaneda) - fs: dlm: fix memory leak when fenced (Alexander Aring) - random32: Fix implicit truncation warning in prandom_seed_state() (Richard Fitzgerald) - fs: dlm: cancel work sync othercon (Alexander Aring) - block_dump: remove block_dump feature in mark_inode_dirty() (zhangyi (F)) - ACPI: EC: Make more Asus laptops use ECDT _GPE (Chris Chiu) - lib: vsprintf: Fix handling of number field widths in vsscanf (Richard Fitzgerald) - hv_utils: Fix passing zero to PTR_ERR warning (YueHaibing) - ACPI: processor idle: Fix up C-state latency if not ordered (Mario Limonciello) - HID: do not use down_interruptible() when unbinding devices (Dmitry Torokhov) - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (Axel Lin) - btrfs: disable build on platforms having page size 256K (Christophe Leroy) - btrfs: abort transaction if we fail to update the delayed inode (Josef Bacik) - btrfs: fix error handling in __btrfs_update_delayed_inode (Josef Bacik) - media: siano: fix device register error path (Mauro Carvalho Chehab) - media: dvb_net: avoid speculation from net slot (Mauro Carvalho Chehab) - crypto: shash - avoid comparing pointers to exported functions under CFI (Ard Biesheuvel) - mmc: via-sdmmc: add a check against NULL pointer dereference (Zheyu Ma) - media: dvd_usb: memory leak in cinergyt2_fe_attach (Dongliang Mu) - media: st-hva: Fix potential NULL pointer dereferences (Evgeny Novikov) - media: bt8xx: Fix a missing check bug in bt878_probe (Zheyu Ma) - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (Lv Yunlong) - media: em28xx: Fix possible memory leak of em28xx struct (Igor Matheus Andrade Torrente) - crypto: qat - remove unused macro in FW loader (Jack Xu) - crypto: qat - check return code of qat_hal_rd_rel_reg() (Jack Xu) - media: pvrusb2: fix warning in pvr2_i2c_core_done (Anirudh Rayabharam) - media: cobalt: fix race condition in setting HPD (Hans Verkuil) - media: cpia2: fix memory leak in cpia2_usb_probe (Pavel Skripkin) - crypto: nx - add missing MODULE_DEVICE_TABLE (Bixuan Cui) - spi: omap-100k: Fix the length judgment problem (Tian Tao) - spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (Jay Fang) - spi: spi-loopback-test: Fix tx_buf might be rx_buf (Jay Fang) - spi: Make of_register_spi_device also set the fwnode (Charles Keepax) - fuse: check connected before queueing on fpq->io (Miklos Szeredi) - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (Yun Zhou) - rsi: Assign beacon rate settings to the correct rate_info descriptor field (Marek Vasut) - ssb: sdio: Dont overwrite const buffer if block_write fails (Michael Buesch) - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (Pali Rohar) - serial_cs: remove wrong GLOBETROTTER.cis entry (Ondrej Zary) - serial_cs: Add Option International GSM-Ready 56K/ISDN modem (Ondrej Zary) - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() (Yoshihiro Shimoda) - iio: ltr501: ltr501_read_ps(): add missing endianness conversion (Oliver Lang) - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (Oliver Lang) - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (Marc Kleine-Budde) - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (Martin Fuzzey) - s390/cio: dont call css_wait_for_slow_path() inside a lock (Vineeth Vijayan) - SUNRPC: Should wake up the privileged task firstly. (Zhang Xiaoxu) - SUNRPC: Fix the batch tasks count wraparound. (Zhang Xiaoxu) - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (Stephane Grosjean) - can: gw: synchronize rcu operations before removing gw job entry (Oliver Hartkopp) - ext4: fix avefreec in find_group_orlov (Pan Dong) - ext4: remove check for zero nr_to_scan in ext4_es_scan() (Zhang Yi) - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (Zhang Yi) - ext4: fix kernel infoleak via ext4_extent_header (Anirudh Rayabharam) - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (Zhang Yi) - btrfs: clear defrag status of a root if starting transaction fails (David Sterba) - btrfs: send: fix invalid path for unlink operations after parent orphanization (Filipe Manana) - ARM: dts: at91: sama5d4: fix pinctrl muxing (Ludovic Desroches) - iov_iter_fault_in_readable() should do nothing in xarray case (Al Viro) - ntfs: fix validity check for file name attribute (Desmond Cheong Zhi Xi) - USB: cdc-acm: blacklist Heimann USB Appset device (Hannu Hartikainen) - usb: gadget: eem: fix echo command packet response issue (Linyu Yuan) - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (Pavel Skripkin) - Input: usbtouchscreen - fix control-request directions (Johan Hovold) - media: dvb-usb: fix wrong definition (Pavel Skripkin) - ALSA: usb-audio: fix rate on Ozone Z90 USB headset (Daehwan Jung) - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33309109] - Revert 'net: geneve: check skb is large enough for IPv4/IPv6 header' (Somasundaram Krishnasamy) [Orabug: 33307212] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28950 CVE-2020-36322 CVE-2021-3573 CVE-2021-3679 CVE-2021-38160 CVE-2021-3655 CVE-2021-40490 CVE-2021-3564 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.300.7] - KVM: SVM: Fix mismerge in svm_update_pi_irte() (Liam Merwick) [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page (Liam Merwick) [Orabug: 33450675] [5.4.17-2136.300.6] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue (Jack Vogel) [Orabug: 33441404] [5.4.17-2136.300.5] - dccp: dont duplicate ccid when cloning dccp sock (Lin, Zhenpeng) [Orabug: 33408808] {CVE-2017-6074} {CVE-2020-16119} {CVE-2020-16119} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33396355] - uek-rpm: add ofb.ko and crypto_user.ko modules to nano kernel (Somasundaram Krishnasamy) [Orabug: 31895743] [5.4.17-2136.300.4] - Reintroduce: certs: Add EFI_CERT_X509_GUID support for dbx entries (Konrad Rzeszutek Wilk) [Orabug: 33382994] - bnxt_en: Update the driver version string (Jack Vogel) [Orabug: 33392416] [5.4.17-2136.300.3] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33379543] - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33359297] {CVE-2021-38198} - KVM: x86: adjust SEV for commit 7e8e6eed75e (Paolo Bonzini) [Orabug: 33375655] - net/mlx5: Implement Oracle-only solution for mlx device names (Mikhael Goikhman) [Orabug: 33247746] [5.4.17-2136.300.2] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33365609] {CVE-2021-3739} - Revert uek-rpm: mark /etc/ld.so.conf.d/ files as %config (aloktiw) [Orabug: 33359669] - bpf: provide BPF Type Format (BTF) info for kernel (Alan Maguire) [Orabug: 33331233] - perf/x86/amd: Dont touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33194216] - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33283556] - IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33283556] - IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33283556] - IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33283556] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33283556] - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33106728] [5.4.17-2136.300.1] - net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33336805] {CVE-2021-3743} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Tso) [Orabug: 33336785] {CVE-2021-40490} - net/mlx5: E-Switch, Fix vlan or qos setting in legacy mode (Vu Pham) [Orabug: 33291040] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33331710] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33331640] - usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33329086] {CVE-2021-37159} - hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33329086] {CVE-2021-37159} - uek-rpm: Set DEFAULTKERNEL in /etc/sysconfig/kernel correctly (Dave Kleikamp) [Orabug: 33219604] - RDMA/mlx5: Fix crash when unbind multiport slave (Maor Gottlieb) [Orabug: 33303425] - net/mlx5: Dont overwrite HCA capabilities when setting MSI-X count (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Implement sriov_get_vf_total_msix/count() callbacks (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Dynamically assign MSI-X vectors count (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Add dynamic MSI-X capabilities bits (Leon Romanovsky) [Orabug: 33220810] - PCI/IOV: Add sysfs MSI-X vector assignment interface (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Check that driver was probed prior attaching the device (Leon Romanovsky) [Orabug: 33286656] [5.4.17-2136.300.0] - misc/pvpanic: fix set driver data (Mihai Carabas) [Orabug: 33290806] - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33265208] - vdpa/mlx5: fix feature negotiation across device reset (Si-Wei Liu) [Orabug: 33247045] - net/mlx5: E-switch, When eswitch is unsupported, return -EOPNOTSUPP (Parav Pandit) [Orabug: 33241452] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) - net/mlx5: E-switch, Use eswitch total_vports (Parav Pandit) [Orabug: 33213269] - net/mlx5: E-switch, Reuse total_vports and avoid duplicate nvports (Parav Pandit) [Orabug: 33213269] - net/mlx5: E-switch, Consider maximum vf vports for steering init (Parav Pandit) [Orabug: 33213269] - RDMA/mlx5: Fix NULL pointer dereference in destroy_prefetch_work (Maor Gottlieb) [Orabug: 33303297] - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372378] - KVM: X86: Micro-optimize IPI fastpath delay (Wanpeng Li) [Orabug: 33119431] - net/mlx5_core: Restore driver version (Roy Novich) [Orabug: 33112151] - RDMA/umem: Use ib_dma_max_seg_size instead of dma_get_max_seg_size (Christoph Hellwig) [Orabug: 33107202] - lib/scatterlist: Do not limit max_segment to PAGE_ALIGNED values (Jason Gunthorpe) [Orabug: 33107202] - RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 33107202] - lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 33107202] - uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33246580] - rdmaip: trace message buffer size too small for rdmaip debug tracepoints (Alan Maguire) [Orabug: 33267573] - driver core: auxiliary bus: Fix memory leak when driver_register() fail (Peter Ujfalusi) [Orabug: 32461425] - driver core: auxiliary bus: Remove unneeded module bits (Dave Jiang) [Orabug: 32461425] - driver core: auxiliary bus: Fix calling stage for auxiliary bus init (Dave Jiang) [Orabug: 32461425] - driver core: auxiliary bus: Fix auxiliary bus shutdown null auxdrv ptr (Dave Jiang) [Orabug: 32461425] - bnxt_en: Use register window 6 instead of 5 to read the PHC (Michael Chan) [Orabug: 33181761] - bnxt_en: Update firmware call to retrieve TX PTP timestamp (Michael Chan) [Orabug: 33181761] - bnxt_en: Update firmware interface to 1.10.2.52 (Michael Chan) [Orabug: 33181761] [5.4.17-2122.305.7] - ice: implement device flash update via devlink (Jacob Keller) [Orabug: 33236075] - ice: add board identifier info to devlink .info_get (Jacob Keller) [Orabug: 33236075] - ice: add basic handler for devlink .info_get (Jacob Keller) [Orabug: 33236075] - ice: enable initial devlink support (Jacob Keller) [Orabug: 33236075] - bitops: introduce the for_each_set_clump8 macro (William Breathitt Gray) [Orabug: 33236075] - Add pldmfw library for PLDM firmware update (Jacob Keller) [Orabug: 33236075] - devlink: expand the devlink-info documentation (Jakub Kicinski) [Orabug: 33236075] - devlink: promote fw.bundle_id to a generic info version (Jacob Keller) [Orabug: 33236075] - devlink: remove trigger command from devlink-region.rst (Jacob Keller) [Orabug: 33236075] - devlink: add trap metadata type for cookie (Jiri Pirko) [Orabug: 33236075] - devlink: add ACL generic packet traps (Jiri Pirko) [Orabug: 33236075] - devlink: Force enclosing array on binary fmsg data (Aya Levin) [Orabug: 33236075] - devlink: document devlink info versions reported by bnxt_en driver (Vasundhara Volam) [Orabug: 33236075] - devlink: add macro for fw.roce (Vasundhara Volam) [Orabug: 33236075] - devlink: Add health recover notifications on devlink flows (Moshe Shemesh) [Orabug: 33236075] - devlink: Add overlay source MAC is multicast trap (Amit Cohen) [Orabug: 33236075] - devlink: Add tunnel generic packet traps (Amit Cohen) [Orabug: 33236075] - devlink: Add non-routable packet trap (Amit Cohen) [Orabug: 33236075] - devlink: fix typos in qed documentation (Jacob Keller) [Orabug: 33236075] - devlink: correct misspelling of snapshot (Jacob Keller) [Orabug: 33236075] - devlink: document region snapshot triggering from userspace (Jacob Keller) [Orabug: 33236075] - devlink: introduce devlink-dpipe.rst documentation file (Jacob Keller) [Orabug: 33236075] - devlink: add a devlink-resource.rst documentation file (Jacob Keller) [Orabug: 33236075] - devlink: rename and expand devlink-trap-netdevsim.rst (Jacob Keller) [Orabug: 33236075] - devlink: add documentation for ionic device driver (Jacob Keller) [Orabug: 33236075] - devlink: add a file documenting devlink regions (Jacob Keller) [Orabug: 33236075] - devlink: add a driver-specific file for the qed driver (Jacob Keller) [Orabug: 33236075] - devlink: add parameter documentation for the mlx4 driver (Jacob Keller) [Orabug: 33236075] - devlink: document info versions for each driver (Jacob Keller) [Orabug: 33236075] - devlink: convert driver-specific files to reStructuredText (Jacob Keller) [Orabug: 33236075] - devlink: mention reloading in devlink-params.rst (Jacob Keller) [Orabug: 33236075] - devlink: add documentation for generic devlink parameters (Jacob Keller) [Orabug: 33236075] - devlink: convert devlink-params.txt to reStructuredText (Jacob Keller) [Orabug: 33236075] - devlink: rename devlink-info-versions.rst and add a header (Jacob Keller) [Orabug: 33236075] - devlink: convert devlink-health.txt to rst format (Jacob Keller) [Orabug: 33236075] - devlink: move devlink documentation to subfolder (Jacob Keller) [Orabug: 33236075] - devlink: add macro for fw.psid (Jacob Keller) [Orabug: 33236075] - devlink: add devink notification when reporter update health state (Vikas Gupta) [Orabug: 33236075] - rds_rdma: add missing rds_ib_cm_handle_connect tracepoint (Alan Maguire) [Orabug: 33243559] [5.4.17-2122.305.6] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33352735] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2017-6074 CVE-2020-16119 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.300.7.el7] - KVM: SVM: Fix mismerge in svm_update_pi_irte() (Liam Merwick) [Orabug: 33446526] - Revert KVM: x86: hyperv: Remove duplicate definitions of Reference TSC Page (Liam Merwick) [Orabug: 33450675] [5.4.17-2136.300.6] - Revert scsi: core: Cap scsi_host cmd_per_lun at can_queue (Jack Vogel) [Orabug: 33441404] [5.4.17-2136.300.5] - dccp: dont duplicate ccid when cloning dccp sock (Lin, Zhenpeng) [Orabug: 33408808] {CVE-2017-6074} {CVE-2020-16119} {CVE-2020-16119} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33396355] - uek-rpm: add ofb.ko and crypto_user.ko modules to nano kernel (Somasundaram Krishnasamy) [Orabug: 31895743] [5.4.17-2136.300.4] - Reintroduce: certs: Add EFI_CERT_X509_GUID support for dbx entries (Konrad Rzeszutek Wilk) [Orabug: 33382994] - bnxt_en: Update the driver version string (Jack Vogel) [Orabug: 33392416] [5.4.17-2136.300.3] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33379543] - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33359297] {CVE-2021-38198} - KVM: x86: adjust SEV for commit 7e8e6eed75e (Paolo Bonzini) [Orabug: 33375655] - net/mlx5: Implement Oracle-only solution for mlx device names (Mikhael Goikhman) [Orabug: 33247746] [5.4.17-2136.300.2] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33365609] {CVE-2021-3739} - Revert uek-rpm: mark /etc/ld.so.conf.d/ files as %config (aloktiw) [Orabug: 33359669] - bpf: provide BPF Type Format (BTF) info for kernel (Alan Maguire) [Orabug: 33331233] - perf/x86/amd: Dont touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33194216] - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33283556] - IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33283556] - IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33283556] - IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33283556] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33283556] - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33106728] [5.4.17-2136.300.1] - net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33336805] {CVE-2021-3743} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Tso) [Orabug: 33336785] {CVE-2021-40490} - net/mlx5: E-Switch, Fix vlan or qos setting in legacy mode (Vu Pham) [Orabug: 33291040] - rds: ib: Set SEND_SIGNALED on the last WR posted (Hakon Bugge) [Orabug: 33331710] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33331640] - usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33329086] {CVE-2021-37159} - hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33329086] {CVE-2021-37159} - uek-rpm: Set DEFAULTKERNEL in /etc/sysconfig/kernel correctly (Dave Kleikamp) [Orabug: 33219604] - RDMA/mlx5: Fix crash when unbind multiport slave (Maor Gottlieb) [Orabug: 33303425] - net/mlx5: Dont overwrite HCA capabilities when setting MSI-X count (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Implement sriov_get_vf_total_msix/count() callbacks (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Dynamically assign MSI-X vectors count (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Add dynamic MSI-X capabilities bits (Leon Romanovsky) [Orabug: 33220810] - PCI/IOV: Add sysfs MSI-X vector assignment interface (Leon Romanovsky) [Orabug: 33220810] - net/mlx5: Check that driver was probed prior attaching the device (Leon Romanovsky) [Orabug: 33286656] [5.4.17-2136.300.0] - misc/pvpanic: fix set driver data (Mihai Carabas) [Orabug: 33290806] - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33265208] - vdpa/mlx5: fix feature negotiation across device reset (Si-Wei Liu) [Orabug: 33247045] - net/mlx5: E-switch, When eswitch is unsupported, return -EOPNOTSUPP (Parav Pandit) [Orabug: 33241452] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) - net/mlx5: E-switch, Use eswitch total_vports (Parav Pandit) [Orabug: 33213269] - net/mlx5: E-switch, Reuse total_vports and avoid duplicate nvports (Parav Pandit) [Orabug: 33213269] - net/mlx5: E-switch, Consider maximum vf vports for steering init (Parav Pandit) [Orabug: 33213269] - RDMA/mlx5: Fix NULL pointer dereference in destroy_prefetch_work (Maor Gottlieb) [Orabug: 33303297] - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372378] - KVM: X86: Micro-optimize IPI fastpath delay (Wanpeng Li) [Orabug: 33119431] - net/mlx5_core: Restore driver version (Roy Novich) [Orabug: 33112151] - RDMA/umem: Use ib_dma_max_seg_size instead of dma_get_max_seg_size (Christoph Hellwig) [Orabug: 33107202] - lib/scatterlist: Do not limit max_segment to PAGE_ALIGNED values (Jason Gunthorpe) [Orabug: 33107202] - RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 33107202] - lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 33107202] - uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33246580] - rdmaip: trace message buffer size too small for rdmaip debug tracepoints (Alan Maguire) [Orabug: 33267573] - driver core: auxiliary bus: Fix memory leak when driver_register() fail (Peter Ujfalusi) [Orabug: 32461425] - driver core: auxiliary bus: Remove unneeded module bits (Dave Jiang) [Orabug: 32461425] - driver core: auxiliary bus: Fix calling stage for auxiliary bus init (Dave Jiang) [Orabug: 32461425] - driver core: auxiliary bus: Fix auxiliary bus shutdown null auxdrv ptr (Dave Jiang) [Orabug: 32461425] - bnxt_en: Use register window 6 instead of 5 to read the PHC (Michael Chan) [Orabug: 33181761] - bnxt_en: Update firmware call to retrieve TX PTP timestamp (Michael Chan) [Orabug: 33181761] - bnxt_en: Update firmware interface to 1.10.2.52 (Michael Chan) [Orabug: 33181761] [5.4.17-2122.305.7] - ice: implement device flash update via devlink (Jacob Keller) [Orabug: 33236075] - ice: add board identifier info to devlink .info_get (Jacob Keller) [Orabug: 33236075] - ice: add basic handler for devlink .info_get (Jacob Keller) [Orabug: 33236075] - ice: enable initial devlink support (Jacob Keller) [Orabug: 33236075] - bitops: introduce the for_each_set_clump8 macro (William Breathitt Gray) [Orabug: 33236075] - Add pldmfw library for PLDM firmware update (Jacob Keller) [Orabug: 33236075] - devlink: expand the devlink-info documentation (Jakub Kicinski) [Orabug: 33236075] - devlink: promote fw.bundle_id to a generic info version (Jacob Keller) [Orabug: 33236075] - devlink: remove trigger command from devlink-region.rst (Jacob Keller) [Orabug: 33236075] - devlink: add trap metadata type for cookie (Jiri Pirko) [Orabug: 33236075] - devlink: add ACL generic packet traps (Jiri Pirko) [Orabug: 33236075] - devlink: Force enclosing array on binary fmsg data (Aya Levin) [Orabug: 33236075] - devlink: document devlink info versions reported by bnxt_en driver (Vasundhara Volam) [Orabug: 33236075] - devlink: add macro for fw.roce (Vasundhara Volam) [Orabug: 33236075] - devlink: Add health recover notifications on devlink flows (Moshe Shemesh) [Orabug: 33236075] - devlink: Add overlay source MAC is multicast trap (Amit Cohen) [Orabug: 33236075] - devlink: Add tunnel generic packet traps (Amit Cohen) [Orabug: 33236075] - devlink: Add non-routable packet trap (Amit Cohen) [Orabug: 33236075] - devlink: fix typos in qed documentation (Jacob Keller) [Orabug: 33236075] - devlink: correct misspelling of snapshot (Jacob Keller) [Orabug: 33236075] - devlink: document region snapshot triggering from userspace (Jacob Keller) [Orabug: 33236075] - devlink: introduce devlink-dpipe.rst documentation file (Jacob Keller) [Orabug: 33236075] - devlink: add a devlink-resource.rst documentation file (Jacob Keller) [Orabug: 33236075] - devlink: rename and expand devlink-trap-netdevsim.rst (Jacob Keller) [Orabug: 33236075] - devlink: add documentation for ionic device driver (Jacob Keller) [Orabug: 33236075] - devlink: add a file documenting devlink regions (Jacob Keller) [Orabug: 33236075] - devlink: add a driver-specific file for the qed driver (Jacob Keller) [Orabug: 33236075] - devlink: add parameter documentation for the mlx4 driver (Jacob Keller) [Orabug: 33236075] - devlink: document info versions for each driver (Jacob Keller) [Orabug: 33236075] - devlink: convert driver-specific files to reStructuredText (Jacob Keller) [Orabug: 33236075] - devlink: mention reloading in devlink-params.rst (Jacob Keller) [Orabug: 33236075] - devlink: add documentation for generic devlink parameters (Jacob Keller) [Orabug: 33236075] - devlink: convert devlink-params.txt to reStructuredText (Jacob Keller) [Orabug: 33236075] - devlink: rename devlink-info-versions.rst and add a header (Jacob Keller) [Orabug: 33236075] - devlink: convert devlink-health.txt to rst format (Jacob Keller) [Orabug: 33236075] - devlink: move devlink documentation to subfolder (Jacob Keller) [Orabug: 33236075] - devlink: add macro for fw.psid (Jacob Keller) [Orabug: 33236075] - devlink: add devink notification when reporter update health state (Vikas Gupta) [Orabug: 33236075] - rds_rdma: add missing rds_ib_cm_handle_connect tracepoint (Alan Maguire) [Orabug: 33243559] [5.4.17-2122.305.6] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33352735] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2017-6074 CVE-2020-16119 Oracle Linux 7 [4.14.35-2047.508.3.el7] - fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950} - block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33392821] - net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33352735] [4.14.35-2047.508.2] - KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33360245] - Revert uek-rpm: mark /etc/ld.so.conf.d/ files as %config (aloktiw) [Orabug: 33359680] - net/mlx5: Rate limit errors in command interface (Leon Romanovsky) [Orabug: 33305503] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33292634] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33292634] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33292634] {CVE-2021-3564} - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134287] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134287] - uek-rpm: Add dm-cache-smq.ko module (John Donnelly) [Orabug: 29198153] [4.14.35-2047.508.1] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33324346] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33329032] - ip: Manual backport of pskb_inet_may_pull() (Hakon Bugge) [Orabug: 33329032] - Revert Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Hakon Bugge) [Orabug: 33329032] - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Tso) [Orabug: 33327179] {CVE-2021-40490} - uek-rpm: add CONFIG_PVPANIC_PCI to aarch64 (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: fix set driver data (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic-pci: Allow automatic loading (Eric Auger) [Orabug: 33155642] - misc/pvpanic: Remove some dead-code (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic: Make pvpanic_probe() resource managed (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-mmio: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-mmio: Fix error handling in pvpanic_mmio_probe() (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-pci: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic-pci: Fix error handling in pvpanic_pci_probe() (Christophe JAILLET) [Orabug: 33155642] - misc/pvpanic: Make some symbols static (YueHaibing) [Orabug: 33155642] - misc/pvpanic: fix return value check in pvpanic_pci_probe() (Qiheng Lin) [Orabug: 33155642] - misc/pvpanic: add PCI driver (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: probe multiple instances (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: split-up generic and platform dependent code (Mihai Carabas) [Orabug: 33155642] - misc/pvpanic: Export module FDT device table (Shile Zhang) [Orabug: 33155642] - misc: pvpanic: sysfs_emit uses should have a newline (Joe Perches) [Orabug: 33155642] - misc: pvpanic: introduce events device attribue (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: introduce device capability (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: Check devm_ioport_map() for NULL (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Replace OF headers by mod_devicetable.h (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Combine ACPI and platform drivers (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: Use devm_platform_ioremap_resource() (Wang ShaoBo) [Orabug: 33155642] - driver core: platform: Introduce platform_get_mem_or_io() (Andy Shevchenko) [Orabug: 33155642] - misc: pvpanic: move bit definition to uapi header file (zhenwei pi) [Orabug: 33155642] - misc: pvpanic: fix warning implicit declaration (Anders Roxell) [Orabug: 33155642] - misc/pvpanic: resolve compile errors for arch=um (Peng Hao) [Orabug: 33155642] - misc/pvpanic: fix a NULL vs IS_ERR() check (Dan Carpenter) [Orabug: 33155642] - misc/pvpanic: remove a redundant comma (Peng Hao) [Orabug: 33155642] - misc/pvpanic: convert to SPDX license tags (Peng Hao) [Orabug: 33155642] - misc/pvpanic: change header file sort style (Peng Hao) [Orabug: 33155642] - misc/pvpanic: remove unnecessary header file (Peng Hao) [Orabug: 33155642] - misc/pvpanic : break dependency on ACPI (Peng Hao) [Orabug: 33155642] - misc/pvpanic : grouping ACPI related stuff (Peng Hao) [Orabug: 33155642] - misc/pvpanic: add support to get pvpanic device info FDT (Peng Hao) [Orabug: 33155642] - dt-bindings: misc/pvpanic: add document for pvpanic-mmio (Peng Hao) [Orabug: 33155642] - misc/pvpanic: add MMIO support (Peng Hao) [Orabug: 33155642] - misc/pvpanic: simplify the code using acpi_dev_resource_io (Peng Hao) [Orabug: 33155642] - pvpanic: move pvpanic to misc as common driver (Peng Hao) [Orabug: 33155642] - fuse: fix bad inode (Miklos Szeredi) [Orabug: 32769032] {CVE-2020-36322} - Linux 4.14.243 (Greg Kroah-Hartman) - spi: mediatek: Fix fifo transfer (Guenter Roeck) - Revert watchdog: iTCO_wdt: Account for rebooting on second timeout (Greg Kroah-Hartman) - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() (Sean Christopherson) - KVM: do not assume PTE is writable after follow_pfn (Paolo Bonzini) - Revert Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Greg Kroah-Hartman) - net: Fix zero-copy head len calculation. (Pravin B Shelar) - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() (Jia He) - r8152: Fix potential PM refcount imbalance (Takashi Iwai) - regulator: rt5033: Fix n_voltages settings for BUCK and LDO (Axel Lin) - btrfs: mark compressed range uptodate only if all bio succeed (Goldwyn Rodrigues) - Linux 4.14.242 (Greg Kroah-Hartman) - Revert perf map: Fix dso->nsinfo refcounting (Arnaldo Carvalho de Melo) - can: hi311x: fix a signedness bug in hi3110_cmd() (Dan Carpenter) - sis900: Fix missing pci_disable_device() in probe and remove (Wang Hai) - tulip: windbond-840: Fix missing pci_disable_device() in probe and remove (Wang Hai) - sctp: fix return value check in __sctp_rcv_asconf_lookup (Marcelo Ricardo Leitner) - net/mlx5: Fix flow table chaining (Maor Gottlieb) - net: llc: fix skb_over_panic (Pavel Skripkin) - mlx4: Fix missing error code in mlx4_load_one() (Jiapeng Chong) - tipc: fix sleeping in tipc accept routine (Hoang Le) - netfilter: nft_nat: allow to specify layer 4 protocol NAT only (Pablo Neira Ayuso) - netfilter: conntrack: adjust stop timestamp to real expiry value (Florian Westphal) - cfg80211: Fix possible memory leak in function cfg80211_bss_update (Nguyen Dinh Phi) - x86/asm: Ensure asm/proto.h can be included stand-alone (Jan Kiszka) - nfc: nfcsim: fix use after free during module unload (Krzysztof Kozlowski) - NIU: fix incorrect error return, missed in previous revert (Paul Jakma) - can: esd_usb2: fix memory leak (Pavel Skripkin) - can: ems_usb: fix memory leak (Pavel Skripkin) - can: usb_8dev: fix memory leak (Pavel Skripkin) - can: mcba_usb_start(): add missing urb->transfer_dma initialization (Pavel Skripkin) - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (Ziyang Xuan) - x86/kvm: fix vcpu-id indexed array sizes (Juergen Gross) - gro: ensure frag0 meets IP header alignment (Eric Dumazet) - virtio_net: Do not pull payload in skb->head (Eric Dumazet) - ARM: dts: versatile: Fix up interrupt controller node names (Sudeep Holla) - hfs: add lock nesting notation to hfs_find_init (Desmond Cheong Zhi Xi) - hfs: fix high memory mapping in hfs_bnode_read (Desmond Cheong Zhi Xi) - hfs: add missing clean-up in hfs_fill_super (Desmond Cheong Zhi Xi) - sctp: move 198 addresses from unusable to private scope (Xin Long) - net: annotate data race around sk_ll_usec (Eric Dumazet) - net/802/garp: fix memleak in garp_request_join() (Yang Yingliang) - net/802/mrp: fix memleak in mrp_request_join() (Yang Yingliang) - workqueue: fix UAF in pwq_unbound_release_workfn() (Yang Yingliang) - af_unix: fix garbage collect vs MSG_PEEK (Miklos Szeredi) - net: split out functions related to registering inflight socket files (Jens Axboe) - KVM: x86: determine if an exception has an error code only when injecting it. (Maxim Levitsky) - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c (Greg Kroah-Hartman) [4.14.35-2047.508.0] - Linux 4.14.241 (Greg Kroah-Hartman) - xhci: add xhci_get_virt_ep() helper (Mathias Nyman) - spi: spi-fsl-dspi: Fix a resource leak in an error handling path (Christophe JAILLET) - btrfs: compression: dont try to compress if we dont have enough pages (David Sterba) - iio: accel: bma180: Fix BMA25x bandwidth register values (Stephan Gerhold) - iio: accel: bma180: Use explicit member assignment (Linus Walleij) - net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear (Doug Berger) - drm: Return -ENOTTY for non-drm ioctls (Charles Baylis) - selftest: use mmap instead of posix_memalign to allocate memory (Peter Collingbourne) - ixgbe: Fix packet corruption due to missing DMA sync (Markus Boehme) - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (Gustavo A. R. Silva) - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33198436] {CVE-2021-3679} - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. (Minas Harutyunyan) - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (John Keeping) - USB: serial: cp210x: fix comments for GE CS1000 (Ian Ray) - USB: serial: option: add support for u-blox LARA-R6 family (Marco De Marco) - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (Yoshihiro Shimoda) - usb: max-3421: Prevent corruption of freed memory (Mark Tomlinson) - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (Julian Sikorski) - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (Mathias Nyman) - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Nicholas Piggin) - xhci: Fix lost USB 2 remote wake (Mathias Nyman) - ALSA: sb: Fix potential ABBA deadlock in CSP driver (Takashi Iwai) - s390/ftrace: fix ftrace_update_ftrace_func implementation (Vasily Gorbik) - Revert MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei) - proc: Avoid mixing integer types in mem_rw() (Marcelo Henrique Cerri) - Revert USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin) - spi: cadence: Correct initialisation of runtime PM again (Marek Vasut) - scsi: target: Fix protect handling in WRITE SAME(32) (Dmitry Bogdanov) - scsi: iscsi: Fix iface sysfs attr detection (Mike Christie) - netrom: Decrease sock refcount when sock timers expire (Nguyen Dinh Phi) - net: decnet: Fix sleeping inside in af_decnet (Yajun Deng) - net: fix uninit-value in caif_seqpkt_sendmsg (Ziyang Xuan) - s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] (Colin Ian King) - liquidio: Fix unintentional sign extension issue on left shift of u16 (Colin Ian King) - spi: mediatek: fix fifo rx mode (Peter Hess) - perf probe-file: Delete namelist in del_events() on the error path (Riccardo Mancini) - perf test bpf: Free obj_buf (Riccardo Mancini) - perf lzma: Close lzma stream on exit (Riccardo Mancini) - perf probe: Fix dso->nsinfo refcounting (Riccardo Mancini) - perf map: Fix dso->nsinfo refcounting (Riccardo Mancini) - igb: Check if num of q_vectors is smaller than max before array access (Aleksandr Loktionov) - iavf: Fix an error handling path in iavf_probe() (Christophe JAILLET) - e1000e: Fix an error handling path in e1000_probe() (Christophe JAILLET) - fm10k: Fix an error handling path in fm10k_probe() (Christophe JAILLET) - igb: Fix an error handling path in igb_probe() (Christophe JAILLET) - ixgbe: Fix an error handling path in ixgbe_probe() (Christophe JAILLET) - igb: Fix use-after-free error during reset (Vinicius Costa Gomes) - ipv6: tcp: drop silly ICMPv6 packet too big messages (Eric Dumazet) - tcp: annotate data races around tp->mtu_info (Eric Dumazet) - dma-buf/sync_file: Dont leak fences on merge failure (Jason Ekstrand) - net: validate lwtstate->data before returning from skb_tunnel_info() (Taehee Yoo) - net: send SYNACK packet with accepted fwmark (Alexander Ovechkin) - net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) - net: qcom/emac: fix UAF in emac_remove (Pavel Skripkin) - net: moxa: fix UAF in moxart_mac_probe (Pavel Skripkin) - net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (Florian Fainelli) - net: bridge: sync fdb to new unicast-filtering ports (Wolfgang Bumiller) - netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (Vasily Averin) - net: ipv6: fix return value of ip6_skb_dst_mtu (Vadim Fedorenko) - sched/fair: Fix CFS bandwidth hrtimer expiry type (Odin Ugedal) - scsi: libfc: Fix array index out of bound exception (Javed Hasan) - scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 (Colin Ian King) - rtc: max77686: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set (Matthias Maennich) - thermal/core: Correct function name thermal_zone_device_unregister() (Yang Yingliang) - arm64: dts: ls208xa: remove bus-num from dspi node (Mian Yousaf Kaukab) - arm64: dts: juno: Update SCPI nodes as per the YAML schema (Sudeep Holla) - ARM: dts: stm32: fix RCC node name on stm32f429 MCU (Alexandre Torgue) - ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info (Jonathan Neuschafer) - ARM: dts: imx6: phyFLEX: Fix UART hardware flow control (Primoz Fiser) - ARM: dts: BCM63xx: Fix NAND nodes names (Rafal Milecki) - ARM: NSP: dts: fix NAND nodes names (Rafal Milecki) - ARM: Cygnus: dts: fix NAND nodes names (Rafal Milecki) - ARM: brcmstb: dts: fix NAND nodes names (Rafal Milecki) - reset: ti-syscon: fix to_ti_syscon_reset_data macro (Philipp Zabel) - arm64: dts: rockchip: Fix power-controller node names for rk3328 (Elaine Zhang) - ARM: dts: rockchip: Fix power-controller node names for rk3288 (Elaine Zhang) - ARM: dts: rockchip: Fix the timer clocks order (Ezequiel Garcia) - arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi (Johan Jonker) - ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 (Johan Jonker) - ARM: dts: gemini: add device_type on pci (Corentin Labbe) - Linux 4.14.240 (Greg Kroah-Hartman) - net: bridge: multicast: fix PIM hello router port marking race (Nikolay Aleksandrov) - MIPS: vdso: Invalid GIC access through VDSO (Martin Facknitz) - mips: disable branch profiling in boot/decompress.o (Randy Dunlap) - mips: always link byteswap helpers into decompressor (Arnd Bergmann) - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() (Christophe JAILLET) - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (Aswath Govindraju) - memory: fsl_ifc: fix leak of private memory on probe failure (Krzysztof Kozlowski) - memory: fsl_ifc: fix leak of IO mapping on probe failure (Krzysztof Kozlowski) - reset: bail if try_module_get() fails (Philipp Zabel) - ARM: dts: BCM5301X: Fixup SPI binding (Rafal Milecki) - ARM: dts: r8a7779, marzen: Fix DU clock names (Geert Uytterhoeven) - rtc: fix snprintf() checking in is_rtc_hctosys() (Dan Carpenter) - memory: atmel-ebi: add missing of_node_put for loop iteration (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (Krzysztof Kozlowski) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (Krzysztof Kozlowski) - reset: a10sr: add missing of_match_table reference (Krzysztof Kozlowski) - hexagon: use common DISCARDS macro (Nathan Chancellor) - NFSv4/pNFS: Dont call _nfs4_pnfs_v3_ds_connect multiple times (Trond Myklebust) - ALSA: isa: Fix error return code in snd_cmi8330_probe() (Zhen Lei) - x86/fpu: Limit xstate copy size in xstateregs_set() (Thomas Gleixner) - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (Zhihao Cheng) - nfs: fix acl memory leak of posix_acl_create() (Gao Xiang) - watchdog: aspeed: fix hardware timeout calculation (Tao Ren) - um: fix error return code in winch_tramp() (Zhen Lei) - um: fix error return code in slip_open() (Zhen Lei) - power: supply: rt5033_battery: Fix device tree enumeration (Stephan Gerhold) - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (Krzysztof Wilczynski) - f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs (Chao Yu) - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33209273] {CVE-2021-38160} - virtio_net: Fix error handling in virtnet_restore() (Xie Yongji) - virtio-blk: Fix memory leak among suspend/resume procedure (Xie Yongji) - ACPI: video: Add quirk for the Dell Vostro 3350 (Hans de Goede) - ACPI: AMBA: Fix resource name in /proc/iomem (Liguang Zhang) - pwm: tegra: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (Zou Wei) - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (Zou Wei) - NFS: nfs_find_open_context() may only select open files (Trond Myklebust) - ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton) - orangefs: fix orangefs df output. (Mike Marshall) - x86/fpu: Return proper error codes from user access functions (Thomas Gleixner) - watchdog: iTCO_wdt: Account for rebooting on second timeout (Jan Kiszka) - watchdog: Fix possible use-after-free by calling del_timer_sync() (Zou Wei) - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (Zou Wei) - watchdog: Fix possible use-after-free in wdt_startup() (Zou Wei) - ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 (Nick Desaulniers) - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski) - power: supply: ab8500: Avoid NULL pointers (Linus Walleij) - pwm: spear: Dont modify HW state in .remove callback (Uwe Kleine-Konig) - lib/decompress_unlz4.c: correctly handle zero-padding around initrds. (Dimitri John Ledkov) - i2c: core: Disable client irq on reboot/shutdown (Dmitry Torokhov) - intel_th: Wait until port is in reset before programming it (Alexander Shishkin) - staging: rtl8723bs: fix macro value for 2.4Ghz only device (Fabio Aiuto) - ALSA: hda: Add IRQ check for platform_get_irq() (Jiajun Cao) - backlight: lm3630a: Fix return code of .update_status() callback (Uwe Kleine-Konig) - powerpc/boot: Fixup device-tree on little endian (Benjamin Herrenschmidt) - usb: gadget: hid: fix error return code in hid_bind() (Yang Yingliang) - usb: gadget: f_hid: fix endianness issue with descriptors (Ruslan Bilovol) - ALSA: bebob: add support for ToneWeal FW66 (Takashi Sakamoto) - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (Zhen Lei) - selftests/powerpc: Fix no_handler EBB selftest (Athira Rajeev) - ALSA: ppc: fix error return code in snd_pmac_probe() (Yang Yingliang) - gpio: zynq: Check return value of pm_runtime_get_sync (Srinivas Neeli) - powerpc/ps3: Add dma_mask to ps3_dma_region (Geoff Levand) - ALSA: sb: Fix potential double-free of CSP mixer elements (Takashi Iwai) - s390/sclp_vt220: fix console name to match device (Valentin Vidic) - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (Zou Wei) - scsi: qedi: Fix null ref during abort handling (Mike Christie) - scsi: iscsi: Fix shost->max_id use (Mike Christie) - scsi: iscsi: Add iscsi_cls_conn refcount helpers (Mike Christie) - fs/jfs: Fix missing error code in lmLogInit() (Jiapeng Chong) - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (Christophe JAILLET) - scsi: core: Cap scsi_host cmd_per_lun at can_queue (John Garry) - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (James Smart) - scsi: lpfc: Fix Unexpected timeout error in direct attach topology (James Smart) - w1: ds2438: fixing bug that would always get page0 (Luiz Sampaio) - Revert ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - misc/libmasm/module: Fix two use after free in ibmasm_init_one (Lv Yunlong) - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (Sherry Sun) - PCI: aardvark: Fix kernel panic during PIO transfer (Pali Rohar) - PCI: aardvark: Dont rely on jiffies while holding spinlock (Remi Pommarel) - tracing: Do not reference char * as a string in histograms (Steven Rostedt (VMware)) - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (Tyrel Datwyler) - KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() (Lai Jiangshan) - KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled (Sean Christopherson) - smackfs: restrict bytes count in smk_set_cipso() (Tetsuo Handa) - jfs: fix GPF in diFree (Pavel Skripkin) - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (Benjamin Drung) - media: gspca/sunplus: fix zero-length control requests (Johan Hovold) - media: gspca/sq905: fix control-request direction (Johan Hovold) - media: zr364xx: fix memory leak in zr364xx_start_readpipe (Pavel Skripkin) - media: dtv5100: fix control-request directions (Johan Hovold) - dm btree remove: assign new_root only when removal succeeds (Hou Tao) - ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe (Lv Yunlong) - tracing: Simplify & fix saved_tgids logic (Paul Burton) - seq_buf: Fix overflow in seq_buf_putmem_hex() (Yun Zhou) - power: supply: ab8500: Fix an old bug (Linus Walleij) - ipmi/watchdog: Stop watchdog timer when the current action is none (Petr Pavlu) - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (Nathan Chancellor) - ASoC: tegra: Set driver_name=tegra for all machine drivers (Dmitry Osipenko) - cpu/hotplug: Cure the cpusets trainwreck (Thomas Gleixner) - ata: ahci_sunxi: Disable DIPM (Timo Sigurdsson) - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (Christian Lohle) - mmc: core: clear flags before allowing to retune (Wolfram Sang) - mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (Al Cooper) - pinctrl/amd: Add device HID for new AMD GPIO controller (Maximilian Luz) - drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (Jing Xiangfeng) - usb: gadget: f_fs: Fix setting of device and driver data cross-references (Andrew Gabbasov) - powerpc/barrier: Avoid collision with clangs __lwsync macro (Nathan Chancellor) - mac80211: fix memory corruption in EAPOL handling (Davis Mosenkovs) - fuse: reject internal errno (Miklos Szeredi) - bdi: Do not use freezable workqueue (Mika Westerberg) - fscrypt: dont ignore minor_hash when hash is 0 (Eric Biggers) - sctp: add size validation when walking chunks (Marcelo Ricardo Leitner) - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33198408] {CVE-2021-3655} - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. (Tim Jiang) - Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Kai-Heng Feng) - Bluetooth: Fix the HCI to MGMT status conversion table (Yu Liu) - wireless: wext-spy: Fix out-of-bounds warning (Gustavo A. R. Silva) - sfc: error code if SRIOV cannot be disabled (inigo Huguet) - sfc: avoid double pci_remove of VFs (inigo Huguet) - iwlwifi: mvm: dont change band on bound PHY contexts (Johannes Berg) - RDMA/rxe: Dont overwrite errno from ib_umem_get() (Xiao Yang) - vsock: notify server to shutdown when client has pending signal (Longpeng(Mike)) - atm: nicstar: register the interrupt handler in the right place (Zheyu Ma) - atm: nicstar: use dma_free_coherent instead of kfree (Zheyu Ma) - MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei) - cw1200: add missing MODULE_DEVICE_TABLE (Zou Wei) - wl1251: Fix possible buffer overflow in wl1251_cmd_scan (Lee Gibson) - wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (Tony Lindgren) - xfrm: Fix error reporting in xfrm_state_construct. (Steffen Klassert) - selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC (Minchan Kim) - fjes: check return value after calling platform_get_resource() (Yang Yingliang) - net: micrel: check return value after calling platform_get_resource() (Yang Yingliang) - net: bcmgenet: check return value after calling platform_get_resource() (Yang Yingliang) - virtio_net: Remove BUG() to avoid machine dead (Xianting Tian) - dm space maps: dont reset space map allocation cursor when committing (Joe Thornber) - RDMA/cxgb4: Fix missing error code in create_qp() (Jiapeng Chong) - ipv6: use prandom_u32() for ID generation (Willy Tarreau) - clk: tegra: Ensure that PLLU configuration is applied properly (Dmitry Osipenko) - clk: renesas: r8a77995: Add ZA2 clock (Kuninori Morimoto) - e100: handle eeprom as little endian (Jesse Brandeburg) - udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) - drm/virtio: Fix double free on probe failure (Xie Yongji) - reiserfs: add check for invalid 1st journal block (Pavel Skripkin) - net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT (Sebastian Andrzej Siewior) - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() (Zou Wei) - mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) - atm: iphase: fix possible use-after-free in ia_module_exit() (Zou Wei) - hugetlb: clear huge pte during flush function on mips platform (Bibo Mao) - net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() (Andy Shevchenko) - drm/amd/amdgpu/sriov disable all ip hw status by default (Jack Zhang) - drm/zte: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann) - drm/mxsfb: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann) - mmc: vub3000: fix control-request direction (Johan Hovold) - selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random (Dave Hansen) - mm/huge_memory.c: dont discard hugepage if other processes are mapping it (Miaohe Lin) - leds: ktd2692: Fix an error handling path (Christophe JAILLET) - leds: as3645a: Fix error return code in as3645a_parse_node() (Zhen Lei) - configfs: fix memleak in configfs_release_bin_file (Chung-Chiang Cheng) - extcon: max8997: Add missing modalias string (Marek Szyprowski) - extcon: sm5502: Drop invalid register write in sm5502_reg_data (Stephan Gerhold) - phy: ti: dm816x: Fix the error handling path in dm816x_usb_phy_probe() (Christophe JAILLET) - scsi: mpt3sas: Fix error return value in _scsih_expander_add() (Zhen Lei) - of: Fix truncation of memory sizes on 32-bit platforms (Geert Uytterhoeven) - ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (Richard Fitzgerald) - staging: gdm724x: check for overflow in gdm_lte_netif_rx() (Dan Carpenter) - staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (Dan Carpenter) - iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (Andy Shevchenko) - s390: appldata depends on PROC_SYSCTL (Randy Dunlap) - scsi: FlashPoint: Rename si_flags field (Randy Dunlap) - tty: nozomi: Fix the error handling path of nozomi_card_init() (Christophe JAILLET) - char: pcmcia: error out if num_bytes_read is greater than 4 in set_protocol() (Yu Kuai) - Input: hil_kbd - fix error return code in hil_dev_connect() (Zhen Lei) - ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (Yang Yingliang) - iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron) - iio: adis_buffer: do not return ints in irq handlers (Nuno Sa) - mwifiex: re-fix for unaligned accesses (Arnd Bergmann) - tty: nozomi: Fix a resource leak in an error handling function (Christophe JAILLET) - net: sched: fix warning in tcindex_alloc_perfect_hash (Pavel Skripkin) - writeback: fix obtain a reference to a freeing memcg css (Muchun Song) - Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (Luiz Augusto von Dentz) - Revert ibmvnic: remove duplicate napi_schedule call in open function (Dany Madden) - i40e: Fix error handling in i40e_vsi_open (Dinghao Liu) - net: bcmgenet: Fix attaching to PYH failed on RPi 4B (Jian-Hong Pan) - vxlan: add missing rcu_read_lock() in neigh_reduce() (Eric Dumazet) - pkt_sched: sch_qfq: fix qfq_change_class() error path (Eric Dumazet) - net: ethernet: ezchip: fix error handling (Pavel Skripkin) - net: ethernet: ezchip: fix UAF in nps_enet_remove (Pavel Skripkin) - net: ethernet: aeroflex: fix UAF in greth_of_remove (Pavel Skripkin) - samples/bpf: Fix the error return code of xdp_redirects main() (Wang Hai) - netfilter: nft_exthdr: check for IPv6 packet before further processing (Pablo Neira Ayuso) - netlabel: Fix memory leak in netlbl_mgmt_add_common (Liu Shixin) - ath10k: Fix an error code in ath10k_add_interface() (Yang Li) - brcmsmac: mac80211_if: Fix a resource leak in an error handling path (Christophe JAILLET) - wireless: carl9170: fix LEDS build errors & warnings (Randy Dunlap) - drm: qxl: ensure surf.data is ininitialized (Colin Ian King) - RDMA/rxe: Fix failure during driver load (Kamal Heib) - ehea: fix error return code in ehea_restart_qps() (Zhen Lei) - drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (Yang Yingliang) - net: pch_gbe: Propagate error from devm_gpio_request_one() (Andy Shevchenko) - ocfs2: fix snprintf() checking (Dan Carpenter) - ACPI: sysfs: Fix a buffer overrun problem with description_show() (Krzysztof Wilczynski) - crypto: nx - Fix RCU warning in nx842_OF_upd_status (Herbert Xu) - spi: spi-sun6i: Fix chipselect/clock bug (Mirko Vogt) - btrfs: clear log tree recovering status if starting transaction fails (David Sterba) - hwmon: (max31790) Fix fan speed reporting for fan7..12 (Guenter Roeck) - hwmon: (max31722) Remove non-standard ACPI device IDs (Guenter Roeck) - media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (Dillon Min) - mmc: usdhi6rol0: fix error return code in usdhi6_probe() (Zhen Lei) - media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (Gustavo A. R. Silva) - media: tc358743: Fix error return code in tc358743_probe_of() (Zhen Lei) - media: exynos4-is: Fix a use after free in isp_video_release (Lv Yunlong) - pata_ep93xx: fix deferred probing (Sergey Shtylyov) - crypto: ccp - Fix a resource leak in an error handling path (Christophe JAILLET) - pata_octeon_cf: avoid WARN_ON() in ata_host_activate() (Sergey Shtylyov) - media: I2C: change RST to RSET to fix multiple build errors (Randy Dunlap) - pata_rb532_cf: fix deferred probing (Sergey Shtylyov) - sata_highbank: fix deferred probing (Sergey Shtylyov) - crypto: ux500 - Fix error return code in hash_hw_final() (Zhen Lei) - crypto: ixp4xx - dma_unmap the correct address (Corentin Labbe) - media: s5p_cec: decrement usage count if disabled (Mauro Carvalho Chehab) - ia64: mca_drv: fix incorrect array size calculation (Arnd Bergmann) - HID: wacom: Correct base usage for capacitive ExpressKey status bits (Jason Gerecke) - ACPI: tables: Add custom DSDT file as makefile prerequisite (Richard Fitzgerald) - platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (Jiapeng Chong) - ACPI: bus: Call kobject_put() in acpi_init() error path (Hanjun Guo) - ACPICA: Fix memory leak caused by _CID repair function (Erik Kaneda) - fs: dlm: fix memory leak when fenced (Alexander Aring) - random32: Fix implicit truncation warning in prandom_seed_state() (Richard Fitzgerald) - fs: dlm: cancel work sync othercon (Alexander Aring) - block_dump: remove block_dump feature in mark_inode_dirty() (zhangyi (F)) - ACPI: EC: Make more Asus laptops use ECDT _GPE (Chris Chiu) - lib: vsprintf: Fix handling of number field widths in vsscanf (Richard Fitzgerald) - hv_utils: Fix passing zero to PTR_ERR warning (YueHaibing) - ACPI: processor idle: Fix up C-state latency if not ordered (Mario Limonciello) - HID: do not use down_interruptible() when unbinding devices (Dmitry Torokhov) - regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (Axel Lin) - btrfs: disable build on platforms having page size 256K (Christophe Leroy) - btrfs: abort transaction if we fail to update the delayed inode (Josef Bacik) - btrfs: fix error handling in __btrfs_update_delayed_inode (Josef Bacik) - media: siano: fix device register error path (Mauro Carvalho Chehab) - media: dvb_net: avoid speculation from net slot (Mauro Carvalho Chehab) - crypto: shash - avoid comparing pointers to exported functions under CFI (Ard Biesheuvel) - mmc: via-sdmmc: add a check against NULL pointer dereference (Zheyu Ma) - media: dvd_usb: memory leak in cinergyt2_fe_attach (Dongliang Mu) - media: st-hva: Fix potential NULL pointer dereferences (Evgeny Novikov) - media: bt8xx: Fix a missing check bug in bt878_probe (Zheyu Ma) - media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (Lv Yunlong) - media: em28xx: Fix possible memory leak of em28xx struct (Igor Matheus Andrade Torrente) - crypto: qat - remove unused macro in FW loader (Jack Xu) - crypto: qat - check return code of qat_hal_rd_rel_reg() (Jack Xu) - media: pvrusb2: fix warning in pvr2_i2c_core_done (Anirudh Rayabharam) - media: cobalt: fix race condition in setting HPD (Hans Verkuil) - media: cpia2: fix memory leak in cpia2_usb_probe (Pavel Skripkin) - crypto: nx - add missing MODULE_DEVICE_TABLE (Bixuan Cui) - spi: omap-100k: Fix the length judgment problem (Tian Tao) - spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (Jay Fang) - spi: spi-loopback-test: Fix tx_buf might be rx_buf (Jay Fang) - spi: Make of_register_spi_device also set the fwnode (Charles Keepax) - fuse: check connected before queueing on fpq->io (Miklos Szeredi) - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (Yun Zhou) - rsi: Assign beacon rate settings to the correct rate_info descriptor field (Marek Vasut) - ssb: sdio: Dont overwrite const buffer if block_write fails (Michael Buesch) - ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (Pali Rohar) - serial_cs: remove wrong GLOBETROTTER.cis entry (Ondrej Zary) - serial_cs: Add Option International GSM-Ready 56K/ISDN modem (Ondrej Zary) - serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() (Yoshihiro Shimoda) - iio: ltr501: ltr501_read_ps(): add missing endianness conversion (Oliver Lang) - iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (Oliver Lang) - iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (Marc Kleine-Budde) - rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (Martin Fuzzey) - s390/cio: dont call css_wait_for_slow_path() inside a lock (Vineeth Vijayan) - SUNRPC: Should wake up the privileged task firstly. (Zhang Xiaoxu) - SUNRPC: Fix the batch tasks count wraparound. (Zhang Xiaoxu) - can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (Stephane Grosjean) - can: gw: synchronize rcu operations before removing gw job entry (Oliver Hartkopp) - ext4: fix avefreec in find_group_orlov (Pan Dong) - ext4: remove check for zero nr_to_scan in ext4_es_scan() (Zhang Yi) - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (Zhang Yi) - ext4: fix kernel infoleak via ext4_extent_header (Anirudh Rayabharam) - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (Zhang Yi) - btrfs: clear defrag status of a root if starting transaction fails (David Sterba) - btrfs: send: fix invalid path for unlink operations after parent orphanization (Filipe Manana) - ARM: dts: at91: sama5d4: fix pinctrl muxing (Ludovic Desroches) - iov_iter_fault_in_readable() should do nothing in xarray case (Al Viro) - ntfs: fix validity check for file name attribute (Desmond Cheong Zhi Xi) - USB: cdc-acm: blacklist Heimann USB Appset device (Hannu Hartikainen) - usb: gadget: eem: fix echo command packet response issue (Linyu Yuan) - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (Pavel Skripkin) - Input: usbtouchscreen - fix control-request directions (Johan Hovold) - media: dvb-usb: fix wrong definition (Pavel Skripkin) - ALSA: usb-audio: fix rate on Ozone Z90 USB headset (Daehwan Jung) - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33309109] - Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Somasundaram Krishnasamy) [Orabug: 33307212] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-28950 CVE-2020-36322 CVE-2021-3573 CVE-2021-3679 CVE-2021-38160 CVE-2021-3655 CVE-2021-40490 CVE-2021-3564 Oracle Linux 8 Oracle Linux 7 olcne [1.2.5-2] - Update Istio to 1.9.8 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 - Update proxyv2 image to select iptables legacy or latest based on host operating system - Turn off Istio PodDisruptionBudget istio [1.9.8-3] - Updated iptables-switch for OL8 and OL7 logic [1.9.8-2] - Bump release, addresses the following envoy CVEs, CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 [1.9.8-1] - Added Oracle specific files for 1.9.8-1 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32777 CVE-2021-32780 CVE-2021-32781 CVE-2021-32779 CVE-2021-32778 Oracle Linux 7 olcne [1.3.2-2] - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 - Update proxyv2 image to select iptables legacy or latest based on host operating system - Fix major.minor k8s version istio [1.9.8-3] - Updated iptables-switch for OL8 and OL7 logic [1.9.8-2] - Bump release, addresses the following envoy CVEs, CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 [1.9.8-1] - Added Oracle specific files for 1.9.8-1 istio [1.10.4-3] - Updated iptables-switch for OL8 and OL7 logic [1.10.4-2] - Bump release, addresses the following envoy CVEs, CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 [1.10.4-1] - Added Oracle specific files for 1.10.4-1 kubernetes [1.20.11-4] - Fix major.minor version [1.20.11-3] - Updated iptables-switch for OL8 and OL7 logic [1.20.11-2] - Bump release for CVE fix, addresses CVE-2021-25741 [1.20.11-1] - Added Oracle specific build files for Kubernetes IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32777 CVE-2021-32780 CVE-2021-32781 CVE-2021-32779 CVE-2021-25741 Oracle Linux 7 [1.0.2k-22_fips] - Change Epoch from 1 to 10 - Fix DH self-test to add shared secret comparison [Orabug: 32467026] - Add DH support changes for SP 800-56A rev3 requirements [Orabug: 32467059] - Add TLS KDF self-test [Orabug: 32467193] - Add EC keys pairwise consistency test [Orabug: 32467059] [1.0.2k-22] - fix CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() - fix CVE-2021-23840 openssl: integer overflow in CipherUpdate - Resolves: rhbz#1932132, rhbz#1932126 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-23840 CVE-2021-23841 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.57.1] - target; fix print statement warning (John Donnelly) [Orabug: 33495661] - enic;: fix warning on module_param disable_vlan0, (John Donnelly) [Orabug: 33495661] - bnx2fc: correct BNX2FC_TM_TIMEOUT to be 60 sec (John Donnelly) [Orabug: 33495661] - target: Fix linux-4.1.y specific compile warning (Nicholas Bellinger) [Orabug: 33495661] - net/mlx4: Fixing warning in mlx4_get_module_info() (John Donnelly) [Orabug: 33495661] - rds: Avoid compiler warning in ib_send.c: opcode (John Donnelly) [Orabug: 33495661] - RDMA/mad: correct build warning (John Donnelly) [Orabug: 33495661] - dtrace: Fix warning in dtrace_sync() (Tomas Jedlicka) [Orabug: 33495661] - virtio: Silence uninitialized variable warning (Dan Carpenter) [Orabug: 33495661] - scsi: correct uninitialized variable (John Donnelly) [Orabug: 33495661] - media: smsusb: better handle optional alignment (Mauro Carvalho Chehab) [Orabug: 33495661] - media: usb: siano: Fix false-positive 'uninitialized variable' warning (Alan Stern) [Orabug: 33495661] - toshiba_acpi: correct build warning (John Donnelly) [Orabug: 33495661] - RDS/IB: corrects build warning (John Donnelly) [Orabug: 33495661] - x86/mce: correct return warning (John Donnelly) [Orabug: 33495661] - x86/asm/msr: Make wrmsrl_safe() a function (Andy Lutomirski) [Orabug: 33495661] - x86/mitigations: fix warnings in taa_select_mitigation() (John Donnelly) [Orabug: 33495661] - mm: correct build warning with pgprot (John Donnelly) [Orabug: 33495661] - Thermal: remove unused variable (John Donnelly) [Orabug: 33495661] - ixgbe: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - i40e: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - mlx4: remove unused variables and functions, (John Donnelly) [Orabug: 33495661] - nvme: remove unused variables and functions (John Donnelly) [Orabug: 33495661] - ocfs2: remove unused function: ocfs2_prepare_inode_for_refcount() (John Donnelly) [Orabug: 33495661] - ipv6: remove unused variable: payload_len (John Donnelly) [Orabug: 33495661] - Revert 'efi: Fix out-of-bounds read in variable_matches()' (John Donnelly) [Orabug: 33495661] - dtrace: remove unused variable 'iph' (John Donnelly) [Orabug: 33495661] - ext4: remove unused function ext4_init_inode_bitmap() (John Donnelly) [Orabug: 33495661] - cpuidle: remove unused function: call_cpuidle() (John Donnelly) [Orabug: 33495661] - cifs: remove unused label (John Donnelly) [Orabug: 33495661] - block: remove unused out: label (John Donnelly) [Orabug: 33495661] - Bluetooth: hci_uart: check for missing tty operations (Vladis Dronov) [Orabug: 30244627] {CVE-2019-10207} {CVE-2019-10207} - Bluetooth: hci_uart: Add basic support for Intel Lightning Peak devices (Loic Poulain) [Orabug: 30244627] {CVE-2019-10207} - Bluetooth: hci_uart: Add new line discipline enhancements (Ilya Faenson) [Orabug: 30244627] {CVE-2019-10207} - Bluetooth: hci_uart: Support operational speed during setup (Frederic Danis) [Orabug: 30244627] {CVE-2019-10207} [4.1.12-124.56.2] - btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek) [Orabug: 31864610] {CVE-2019-19813} - btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo) [Orabug: 31864610] {CVE-2019-19813} - net: create skb_gso_validate_mac_len() (Daniel Axtens) [Orabug: 28094432] {CVE-2018-1000026} - bnx2x: disable GSO where gso_size is too big for hardware (Daniel Axtens) [Orabug: 28094432] {CVE-2018-1000026} - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33014035] {CVE-2021-3564} {CVE-2021-3564} - l2tp: Avoid schedule while atomic in exit_net (Ridge Kennedy) [Orabug: 33360013] - l2tp: remove skb_dst_set() from l2tp_xmit_skb() (Xin Long) [Orabug: 33360013] - dtrace: remove unused variables (John Donnelly) [Orabug: 33387203] - scsi: treat lun as 64-bit in scsi_report_lun_scan() error message (Henry Willard) [Orabug: 33387203] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2018-1000026 CVE-2019-10207 CVE-2019-19813 CVE-2021-3564 Oracle Linux 7 [2.4.6-97.0.3.1] - mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26690 Oracle Linux 8 httpd [2.4.37-39.0.2.1] - mod_session: save one apr_strtok() [Orabug: 33338149][CVE-2021-26690] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-26690 Oracle Linux 8 olcne [1.3.2-2] - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 - Update proxyv2 image to select iptables legacy or latest based on host operating system - Fix major.minor k8s version istio [1.10.4-3] - Updated iptables-switch for OL8 and OL7 logic [1.10.4-2] - Bump release, addresses the following envoy CVEs, CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 [1.10.4-1] - Added Oracle specific files for 1.10.4-1 istio [1.9.8-3] - Updated iptables-switch for OL8 and OL7 logic [1.9.8-2] - Bump release, addresses the following envoy CVEs, CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 [1.9.8-1] - Added Oracle specific files for 1.9.8-1 kubernetes [1.20.11-4] - Fix major.minor version [1.20.11-3] - Updated iptables-switch for OL8 and OL7 logic [1.20.11-2] - Bump release for CVE fix, addresses CVE-2021-25741 [1.20.11-1] - Added Oracle specific build files for Kubernetes IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-32777 CVE-2021-32780 CVE-2021-32781 CVE-2021-32779 CVE-2021-25741 CVE-2021-32778 Oracle Linux 8 [0.10.10-4.0.1] - Replace HAM-logo.png with a generic one [0.10.10-4] - Fixed unfencing in - Resolves: rhbz#bz1991654 [0.10.10-3] - Added add/remove syntax for command - Resolves: rhbz#1992668 [0.10.10-2] - Fixed create resources with depth operation attribute - Resolves: rhbz#1998454 [0.10.10-1] - Rebased to latest upstream sources (see CHANGELOG.md) - Updated pcs-web-ui - Resolves: rhbz#1885293 rhbz#1847102 rhbz#1935594 [0.10.9-1] - Rebased to latest upstream sources (see CHANGELOG.md) - Resolves: rhbz#1432097 rhbz#1847102 rhbz#1935594 rhbz#1984901 [0.10.8-4] - Rebased to latest upstream sources (see CHANGELOG.md) - Resolves: rhbz#1759995 rhbz#1872378 rhbz#1935594 [0.10.8-3] - Rebased to latest upstream sources (see CHANGELOG.md) - Gating changes - Resolves: rhbz#1678273 rhbz#1690419 rhbz#1750240 rhbz#1759995 rhbz#1872378 rhbz#1909901 rhbz#1935594 [0.10.8-2] - Rebased to latest upstream sources (see CHANGELOG.md) - Updated pcs-web-ui - Resolves: rhbz#1285269 rhbz#1290830 rhbz#1720221 rhbz#1841019 rhbz#1854238 rhbz#1882291 rhbz#1885302 rhbz#1886342 rhbz#1896458 rhbz#1922996 rhbz#1927384 rhbz#1927394 rhbz#1930886 rhbz#1935594 LOW Copyright 2021 Oracle, Inc. CVE-2020-11023 CVE-2020-7656 Oracle Linux 8 [4.1.1-98] - storage-mon: new resource agent Resolves: rhbz#1509319 [4.1.1-97] - podman: fix possible race during container creation Resolves: rhbz#1972743 [4.1.1-96] - LVM-activate: fix drop-in check to avoid re-creating drop-in Resolves: rhbz#1972035 [4.1.1-95] - lvmlockd: remove cmirrord support, as cmirrord is incompatible w/lvmlockd Resolves: rhbz#1969968 [4.1.1-94] - gcp-vpc-move-vip: add retry logic Resolves: rhbz#1957765 [4.1.1-93] - db2: add PRIMARY/REMOTE_CATCHUP_PENDING/CONNECTED status to promote-check - pgsqlms: new resource agent - python-pygments: fix CVE-2021-27291 and CVE-2021-20270 Resolves: rhbz#1872754, rhbz#1934651, rhbz#1935422, rhbz#1943464 [4.1.1-91] - ethmonitor: fix vlan regex - iface-vlan: make vlan parameter not unique - nfsserver: error-check unmount - VirtualDomain: fix pid status regex - podman: return NOT_RUNNING when monitor cmd fails - awsvip: dont partially match similar IPs during - aws agents: dont spam log files - aws-vpc-move-ip: add ENI lookup Resolves: rhbz#1891883, rhbz#1902045, rhbz#1924363, rhbz#1932863 Resolves: rhbz#1920698, rhbz#1939992, rhbz#1940094, rhbz#1939281 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-20270 CVE-2021-27291 Oracle Linux 8 [2.28-164.0.1] - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutex_spin_count tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> - add Ampere emag to tunable cpu list (Patrick McGehearty) - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile - Both should test - if (stream->_flags & _IO_USER_LOCK) == 0) - _IO_lock_lock (*stream->_lock); - OraBug: 28481550. Reviewed-by: Qing Zhao <qing.zhao@oracle.com> [2.28-164] - librt: fix NULL pointer dereference (#1966472). [2.28-163] - CVE-2021-33574: Deep copy pthread attribute in mq_notify (#1966472) [2.28-162] - CVE-2021-35942: wordexp: handle overflow in positional parameter number (#1979127) [2.28-161] - Improve POWER10 performance with POWER9 fallbacks (#1956357) [2.28-160] - Backport POWER10 optimized rawmemchr for ppc64le (#1956357) [2.28-159] - Backport additional ifunc optimizations for ppc64le (#1956357) [2.28-158] - Rebuild with new binutils (#1946518) [2.28-157] - Consistently SXID_ERASE tunables in sxid binaries (#1934155) [2.28-156] - Backport ifunc optimizations for glibc for ppc64le (#1918719) [2.28-155] - CVE-2021-27645: nscd: Fix double free in netgroupcache (#1927877) [2.28-154] - Add IPPROTO_ETHERNET, IPPROTO_MPTCP, and INADDR_ALLSNOOPERS_GROUP defines (#1930302) [2.28-153] - Support SEM_STAT_ANY via semctl. Return EINVAL for unknown commands to semctl, msgctl, and shmctl. (#1912670) [2.28-152] - Update syscall-names.list to 5.7, 5.8, 5.9, 5.10 and 5.11. (#1871386) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-33574 CVE-2021-27645 CVE-2021-35942 Oracle Linux 8 [1:1.1.1k-4] - Fixes bugs in s390x AES code. - Uses the first detected address family if IPv6 is not available - Reverts the changes in https://github.com/openssl/openssl/pull/13305 as it introduces a regression if server has a DSA key pair, the handshake fails when the protocol is not explicitly set to TLS 1.2. However, if the patch is reverted, it has an effect on the 'ssl_reject_handshake' feature in nginx. Although, this feature will continue to work, TLS 1.3 protocol becomes unavailable/disabled. This is already known - https://trac.nginx.org/nginx/ticket/2071#comment:1 As per https://github.com/openssl/openssl/issues/16075#issuecomment-879939938, nginx could early callback instead of servername callback. - Resolves: rhbz#1978214 - Related: rhbz#1934534 [1:1.1.1k-3] - Cleansup the peer point formats on renegotiation - Resolves rhbz#1965362 [1:1.1.1k-2] - Fixes FIPS_selftest to work in FIPS mode. Resolves: rhbz#1940085 - Using safe primes for FIPS DH self-test [1.1.1k-1] - Update to version 1.1.1k [1.1.1g-16] - Use AI_ADDRCONFIG only when explicit host name is given - Allow only curves defined in RFC 8446 in TLS 1.3 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-23840 CVE-2021-23841 Oracle Linux 7 [3.6.8-18.0.5] - Remove the 'getfile' feature of pydoc [Orabug: 33182027][CVE-2021-3426] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3426 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.301.1.2] - Revert 'net/rds: Allocate pages on HCA NUMA nodeid' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Use the same vector for send & receive' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Get rid of tasklets' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Put more CPU cores to work' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Make workers use the designated CPU' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/mlx5: Add new verb 'ib_get_vector_irqn'' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Add 'preferred_cpu' option to 'rds_rdma.ko'' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Follow the observed CQ CPU affinity' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Throttle check for CQ CPU affinity' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Bring tasklets back for better latency' (Gerd Rausch) [Orabug: 33561324] - Revert 'xfs: Lower CIL flush limit for large logs' (Catherine Hoang) [Orabug: 33585639] - Revert 'xfs: Throttle commits on delayed background CIL push' (Catherine Hoang) [Orabug: 33585639] [5.4.17-2136.301.1.1] - xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33542385] [5.4.17-2136.301.1] - net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33440594] - net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33440594] - net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33440594] - net/rds: Add 'preferred_cpu' option to 'rds_rdma.ko' (Gerd Rausch) [Orabug: 33440594] - net/mlx5: Add new verb 'ib_get_vector_irqn' (Gerd Rausch) [Orabug: 33440594] - net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33440594] - net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33440594] - net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33440594] - net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33440594] - net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33440594] - net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33440594] - net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33440594] - xen-blkfront: sanitize the removal state machine (Christoph Hellwig) [Orabug: 33392832] - xen/blkfront: fix ring info addressing (Juergen Gross) [Orabug: 33392832] - xen/blkfront: limit allocated memory size to actual use case (Juergen Gross) [Orabug: 33392832] - xfs: Throttle commits on delayed background CIL push (Dave Chinner) [Orabug: 29710712] - xfs: Lower CIL flush limit for large logs (Dave Chinner) [Orabug: 29710712] - sctp: account stream padding length for reconf chunk (Eiichi Tsukata) [Orabug: 32397993] - rds/ib: handle rds uncongested notifications in worker (Manjunath Patil) [Orabug: 33467788] [5.4.17-2136.301.0] - LTS tag: v5.4.143 (Jack Vogel) - netfilter: nft_exthdr: fix endianness of tcp option cast (Sergey Marinkevich) - fs: warn about impending deprecation of mandatory locks (Jeff Layton) - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim (Johannes Weiner) - mm, memcg: avoid stale protection values when cgroup is above protection (Yafang Shao) - ASoC: intel: atom: Fix breakage for PCM buffer address setup (Takashi Iwai) - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (Marcin Bachry) - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (NeilBrown) - ipack: tpci200: fix memory leak in the tpci200_register (Dongliang Mu) - ipack: tpci200: fix many double free issues in tpci200_pci_probe (Dongliang Mu) - slimbus: ngd: reset dma setup during runtime pm (Srinivas Kandagatla) - slimbus: messaging: check for valid transaction id (Srinivas Kandagatla) - slimbus: messaging: start transaction ids from 1 instead of zero (Srinivas Kandagatla) - tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (Steven Rostedt (VMware)) - ALSA: hda - fix the 'Capture Switch' value change notifications (Jaroslav Kysela) - mmc: dw_mmc: Fix hang on data CRC error (Vincent Whitchurch) - ovl: add splice file read write helper (Murphy Zhou) - iavf: Fix ping is lost after untrusted VF had tried to change MAC (Sylwester Dziedziuch) - i40e: Fix ATR queue selection (Arkadiusz Kubalewski) - ovs: clear skb->tstamp in forwarding path (kaixi.fan) - net: mdio-mux: Handle -EPROBE_DEFER correctly (Saravana Kannan) - net: mdio-mux: Don't ignore memory allocation errors (Saravana Kannan) - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (Dinghao Liu) - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO (Jason Wang) - virtio-net: support XDP when not more queues (Xuan Zhuo) - vrf: Reset skb conntrack connection on VRF rcv (Lahav Schlesinger) - bnxt_en: Add missing DMA memory barriers (Michael Chan) - ptp_pch: Restore dependency on PCI (Andy Shevchenko) - net: 6pack: fix slab-out-of-bounds in decode_data (Pavel Skripkin) - bnxt: disable napi before canceling DIM (Jakub Kicinski) - bnxt: don't lock the tx queue from napi poll (Jakub Kicinski) - bpf: Clear zext_dst of dead insns (Ilya Leoshkevich) - vhost: Fix the calculation in vhost_overflow() (Xie Yongji) - virtio: Protect vqs list access (Parav Pandit) - dccp: add do-while-0 stubs for dccp_pr_debug macros (Randy Dunlap) - cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant (Marek Behun) - iommu: Check if group is NULL before remove device (Frank Wunderlich) - Bluetooth: hidp: use correct wait queue when removing ctrl_wait (Ole Bjorn Midtbo) - drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X (Bing Guo) - net: usb: lan78xx: don't modify phy_device state concurrently (Ivan T. Ivanov) - ARM: dts: nomadik: Fix up interrupt controller node names (Sudeep Holla) - scsi: core: Fix capacity set to zero after offlinining device (lijinlin) - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO (Sreekanth Reddy) - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (Ye Bin) - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() (Harshvardhan Jha) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (Peter Ujfalusi) - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218 (Dave Gerlach) - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (Yu Kuai) - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (Adrian Larumbe) - USB: core: Avoid WARNings for 0-length descriptor requests (Alan Stern) - media: drivers/media/usb: fix memory leak in zr364xx_probe (Pavel Skripkin) - media: zr364xx: fix memory leaks in probe() (Dan Carpenter) - media: zr364xx: propagate errors from zr364xx_start_readpipe() (Evgeny Novikov) - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (Andreas Persson) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (Jouni Malinen) - ath: Modify ath_key_delete() to not need full key entry (Jouni Malinen) - ath: Export ath_hw_keysetmac() (Jouni Malinen) - ath9k: Clear key cache explicitly on disabling hardware (Jouni Malinen) - ath: Use safer key clearing with key cache entries (Jouni Malinen) - x86/fpu: Make init_fpstate correct with optimized XSAVE (Thomas Gleixner) - ext4: fix EXT4_MAX_LOGICAL_BLOCK macro (Ritesh Harjani) - LTS tag: v5.4.142 (Jack Vogel) {CVE-2021-3653} {CVE-2021-3656} - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) (Maxim Levitsky) - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Maxim Levitsky) - vmlinux.lds.h: Handle clang's module.{c,d}tor sections (Nathan Chancellor) - ceph: take snap_empty_lock atomically with snaprealm refcount change (Jeff Layton) - ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm (Jeff Layton) - ceph: add some lockdep assertions around snaprealm handling (Jeff Layton) - KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation (Sean Christopherson) - PCI/MSI: Protect msi_desc::masked for multi-MSI (Thomas Gleixner) - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (Thomas Gleixner) - PCI/MSI: Correct misleading comments (Thomas Gleixner) - PCI/MSI: Do not set invalid bits in MSI mask (Thomas Gleixner) - PCI/MSI: Enforce MSI[X] entry updates to be visible (Thomas Gleixner) - PCI/MSI: Enforce that MSI-X table entry is masked for update (Thomas Gleixner) - PCI/MSI: Mask all unused MSI-X entries (Thomas Gleixner) - PCI/MSI: Enable and mask MSI-X early (Thomas Gleixner) - genirq/timings: Prevent potential array overflow in __irq_timings_store() (Ben Dai) - genirq/msi: Ensure deactivation on teardown (Bixuan Cui) - x86/resctrl: Fix default monitoring groups reporting (Babu Moger) - x86/ioapic: Force affinity setup before startup (Thomas Gleixner) - x86/msi: Force affinity setup before startup (Thomas Gleixner) - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP (Thomas Gleixner) - x86/tools: Fix objdump version check again (Randy Dunlap) - powerpc/kprobes: Fix kprobe Oops happens in booke (Pu Lehui) - nbd: Aovid double completion of a request (Xie Yongji) - vsock/virtio: avoid potential deadlock when vsock device remove (Longpeng(Mike)) - xen/events: Fix race in set_evtchn_to_irq (Maximilian Heyne) - net: igmp: increase size of mr_ifc_count (Eric Dumazet) - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets (Neal Cardwell) - net: linkwatch: fix failure to restore device state across suspend/resume (Willy Tarreau) - net: bridge: fix memleak in br_add_if() (Yang Yingliang) - net: dsa: sja1105: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: dsa: lantiq: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: igmp: fix data-race in igmp_ifc_timer_expire() (Eric Dumazet) - net: Fix memory leak in ieee802154_raw_deliver (Takeshi Misawa) - net: dsa: microchip: Fix ksz_read64() (Ben Hutchings) - drm/meson: fix colour distortion from HDR set during vendor u-boot (Christian Hewitt) - net/mlx5: Fix return value from tracer initialization (Aya Levin) - psample: Add a fwd declaration for skbuff (Roi Dayan) - iavf: Set RSS LUT and key in reset handle path (Md Fahad Iqbal Polash) - net: sched: act_mirred: Reset ct info when mirror/redirect skb (Hangbin Liu) - ppp: Fix generating ifname when empty IFLA_IFNAME is specified (Pali Rohar) - net: phy: micrel: Fix link detection on ksz87xx switch' (Ben Hutchings) - platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (Hans de Goede) - platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED (Florian Eckert) - net: dsa: mt7530: add the missing RxUnicast MIB counter (DENG Qingfang) - ASoC: cs42l42: Fix LRCLK frame start edge (Richard Fitzgerald) - netfilter: nf_conntrack_bridge: Fix memory leak when error (Yajun Deng) - ASoC: cs42l42: Remove duplicate control for WNF filter frequency (Richard Fitzgerald) - ASoC: cs42l42: Fix inversion of ADC Notch Switch control (Richard Fitzgerald) - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J (Richard Fitzgerald) - ASoC: cs42l42: Correct definition of ADC Volume control (Richard Fitzgerald) - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl (Dongliang Mu) - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (Dongliang Mu) - libnvdimm/region: Fix label activation vs errors (Dan Williams) - ACPI: NFIT: Fix support for virtual SPA ranges (Dan Williams) - ceph: reduce contention in ceph_check_delayed_caps() (Luis Henriques) - i2c: dev: zero out array used for i2c reads from userspace (Greg Kroah-Hartman) - ASoC: intel: atom: Fix reference to PCM buffer address (Takashi Iwai) - ASoC: xilinx: Fix reference to PCM buffer address (Takashi Iwai) - iio: adc: Fix incorrect exit of for-loop (Colin Ian King) - iio: humidity: hdc100x: Add margin to the conversion time (Chris Lesiak) - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (Uwe Kleine-Konig) - LTS tag: v5.4.141 (Jack Vogel) - btrfs: don't flush from btrfs_delayed_inode_reserve_metadata (Nikolay Borisov) - btrfs: export and rename qgroup_reserve_meta (Nikolay Borisov) - btrfs: qgroup: don't commit transaction when we already hold the handle (Qu Wenruo) - net: xilinx_emaclite: Do not print real IOMEM pointer (YueHaibing) - btrfs: fix lockdep splat when enabling and disabling qgroups (Filipe Manana) - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (Qu Wenruo) - btrfs: transaction: Cleanup unused TRANS_STATE_BLOCKED (Qu Wenruo) - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (Qu Wenruo) - btrfs: qgroup: allow to unreserve range without releasing other ranges (Qu Wenruo) - btrfs: make btrfs_qgroup_reserve_data take btrfs_inode (Nikolay Borisov) - btrfs: make qgroup_free_reserved_data take btrfs_inode (Nikolay Borisov) - ovl: prevent private clone if bind mount is not allowed (Miklos Szeredi) - ppp: Fix generating ppp unit id when ifname is not specified (Pali Rohar) - ALSA: hda: Add quirk for ASUS Flow x13 (Luke D Jones) - USB:ehci:fix Kunpeng920 ehci hardware problem (Longfang Liu) - usb: dwc3: gadget: Avoid runtime resume if disabling pullup (Wesley Cheng) - usb: dwc3: gadget: Disable gadget IRQ during pullup disable (Wesley Cheng) - usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (Wesley Cheng) - usb: dwc3: gadget: Prevent EP queuing while stopping transfers (Wesley Cheng) - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (Wesley Cheng) - usb: dwc3: gadget: Allow runtime suspend if UDC unbinded (Wesley Cheng) - usb: dwc3: Stop active transfers before halting the controller (Wesley Cheng) - tracing: Reject string operand in the histogram expression (Masami Hiramatsu) - media: v4l2-mem2mem: always consider OUTPUT queue during poll (Alexandre Courbot) - tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag (Sumit Garg) - KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB (Sean Christopherson) - staging/bcm2835-codec: Do not update crop from S_FMT after res change (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-camera: Add support for H264 levels 4.1 and 4.2 (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Pass corrupt frame flag. (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Set the colourspace appropriately for RGB formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Fix support for levels 4.1 and 4.2 (Dave Stevenson) [Orabug: 33294426] - staging: vcsm-cma: Fix memory leak from not detaching dmabuf (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-camera: Add support for DMABUFs (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add VC-1 support. (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Implement additional g_selection calls for decode (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add support for pixel aspect ratio (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Correct logging of size_t to %zu (Dave Stevenson) [Orabug: 33294426] - bcm2835-isp: Allow formats with different colour spaces. (David Plowman) [Orabug: 33294426] - staging:bcm2835-camera: Fix the cherry-pick of AWB Greyworld (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: ISP: Add colour denoise control (Naushir Patuck) [Orabug: 33294426] - staging/bcm2835-isp: Log the number of excess supported formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-isp: Add the unpacked (16bpp) raw formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Log the number of excess supported formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add the unpacked (16bpp) raw formats (Dave Stevenson) [Orabug: 33294426] - staging/vc04_services: Add additional unpacked raw formats (Dave Stevenson) [Orabug: 33294426] - staging/mmal-vchiq: Fix incorrect static vchiq_instance. (Dave Stevenson) [Orabug: 33294426] - staging/vc04-services/codec: Fix logical precedence issue (Dave Stevenson) [Orabug: 33294426] - staging: vchiq: Fix bulk transfers on 64-bit builds (Phil Elwell) [Orabug: 33294426] - vc-sm-cma: fixed kbuild problem (gesangtome) [Orabug: 33294426] - staging: vchiq: Fix bulk userdata handling (Phil Elwell) [Orabug: 33294426] - staging/vc04_services/codec: Clear last buf dequeued flag on START (Dave Stevenson) [Orabug: 33294426] - staging/vc04_services/codec: Add support for CID MPEG_HEADER_MODE (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Ensure OUTPUT timestamps are always forwarded (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: ISP: Add a more complex ISP processing component (Naushir Patuck) [Orabug: 33294426] - staging: vc04_services: Add a V4L2 M2M codec driver (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Use vc-sm-cma to support zero copy (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Add monochrome image formats (Dave Stevenson) [Orabug: 33294426] - staging: vchiq-mmal: Add support for 14bit Bayer (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: Add new vc-sm-cma driver (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835-camera: Replace deprecated V4L2_PIX_FMT_BGR32 (Dave Stevenson) [Orabug: 33294426] - vchiq_2835_arm: Implement a DMA pool for small bulk transfers (#2699) (detule) [Orabug: 33294426] - staging: vchiq_arm: children inherit DMA config (Phil Elwell) [Orabug: 33294426] - staging: vchiq_arm: Clean up 40-bit DMA support (Phil Elwell) [Orabug: 33294426] - staging:vc04_services: bcm2835-camera: Request headers with I-frame (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: mmal-vchiq: Update parameters list (Dave Stevenson) [Orabug: 33294426] - staging: vchiq: Load bcm2835_isp driver from vchiq (Naushir Patuck) [Orabug: 33294426] - staging: vchiq_arm: Give vchiq children DT nodes (Phil Elwell) [Orabug: 33294426] - staging: vchiq: Use the old dma controller for OF config on platform devices (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Set up dma ranges on child devices (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Register bcm2835-codec as a platform driver (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Register vcsm-cma as a platform driver (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835-camera: Add greyworld AWB mode (Dave Stevenson) [Orabug: 33294426] - v4l2: Add a Greyworld AWB mode. (Dave Stevenson) [Orabug: 33294426] - Add HDMI1 facility to the driver. (James Hughes) [Orabug: 33294426] - vchiq: Add 36-bit address support (Phil Elwell) [Orabug: 33294426] - staging: mmal-vchiq: Fix memory leak in error path (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Free the event context for control ports (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Update mmal_parameters.h with recently defined params (Dave Stevenson) [Orabug: 33294426] - staging: mmal_vchiq: Add in the Bayer encoding formats (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Fix client_component for 64 bit kernel (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: Support sending data to MMAL ports (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Add support for event callbacks. (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Avoid use of bool in structures (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835: fix vchiq_mmal dependencies (Arnd Bergmann) [Orabug: 33294426] - staging: mmal-vchiq: Fix memory leak for vchiq_instance (Seung-Woo Kim) [Orabug: 33294426] - staging: vchiq: Fix list_for_each exit tests (Dan Carpenter) [Orabug: 33294426] - staging: vchiq: Fix an uninitialized variable (Dan Carpenter) [Orabug: 33294426] - staging: vchiq: fix __user annotations (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat await_completion (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat bulk transfer (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat dequeue_message (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat create_service (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: rework compat handling (Arnd Bergmann) [Orabug: 33294426] - staging: vc04_services: Use fallthrough pseudo-keyword (Gustavo A. R. Silva) [Orabug: 33294426] - staging: vchiq: Fix refcounting bug in buffer_from_host() (Dan Carpenter) [Orabug: 33294426] - staging: vc04_services: vchiq-mmal: Fixed tab styling issue in mmal-vchiq.c (Anmol Karn) [Orabug: 33294426] - Staging: vc04_services: Fix unsigned int warnings (Baidyanath Kundu) [Orabug: 33294426] - staging: vchiq: Move vchiq.h into include directory (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move defines into core header (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Use vchiq.h as the main header file for services (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move conditional barrier definition into vchiq_core.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of vchi (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Move vchi_queue_kernel_message() into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_bulk_queue_transmit() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_bulk_queue_receive() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move definitions only used by core into core header (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Make vchiq_add_service() local (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of unnecessary definitions in vchiq_if.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Don't include vchiq_core.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchiq_instance forward declaration (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Unify fourcc definition mechanisms (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Rework vchi_msg_hold() to match vchiq_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Pass vchiq's message when holding a message (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchi_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use struct vchiq_service_params (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Don't use a typedef for vchiq_callback (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchiq_shim's message callback (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Export vchiq_msg_queue_push (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Export vchiq_get_service_userdata() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Expose struct vchi_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of vchiq_util.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move message queue into struct vchiq_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Introduce vchiq_validate_params() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of effect less expression (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use vchiq's enum vchiq_reason (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use enum vchiq_bulk_mode instead of vchi's transmission flags (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of flags argument in vchi_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchi_cfg.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of unnecessary defines (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi_common: Get rid of all unused definitions (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_msg_dequeue() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: bcm2835-audio: Use vchi_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Unify struct shim_service and struct vchi_service_handle (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchi_instance_handle (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_msg_peek() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of all useless callback reasons (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: mmal-vchiq: Fix formatting errors in mmal_parameters.h (Naushir Patuck) [Orabug: 33294426] - staging: mmal-vchiq: If the VPU returns an error, don't negate it (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Always return the param size from param_get (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Fix client_component for 64 bit kernel (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Fixup vchiq-mmal include ordering (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Make a mmal_buf struct for passing parameters (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Make timeout a defined parameter (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Allocate and free components as required (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835: Break MMAL support out from camera (Jacopo Mondi) [Orabug: 33294426] - trivial: staging: vc04_services: replace bitshift with BIT macro (Garrit Franke) [Orabug: 33294426] - staging: vchiq: Get rid of VCHIQ_SERVICE_OPENEND callback reason (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: move vchiq_release_message() into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of C++ guards (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of not implemented function declarations (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchiq_status_to_vchi() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_service_set_option() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Merge vchi_msg_queue() into vchi_queue_kernel_message() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move copy callback handling into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_queue_user_message() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_service_destroy() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq_arm: cast with __force as needed (Mitchell Tasman) [Orabug: 33294426] - staging: vc04_services: Block comment alignment (John Oldman) [Orabug: 33294426] - staging: bcm2835-camera: insert emty line after declaration (Houssem KADI) [Orabug: 33294426] - staging: vc04_services: remove set but not used 'local_entity_uc' (Jason Yan) [Orabug: 33294426] - staging: bcm2835-camera: reduce indentation in ctrl_set_image_effect (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: reduce multiline statements (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: return early in mmal_setup_components (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Move video component setup in its own function (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Move encode component setup in its own function (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Simplify set_framerate_params (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Make struct indentation consistent (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Activate V4L2_EXPOSURE_METERING_MATRIX handling (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Drop PREVIEW_LAYER (Stefan Wahren) [Orabug: 33294426] - staging: vc04_services: interface: vchi: Correct long line comments and make them C89 style (R Veera Kumar) [Orabug: 33294426] - staging: vc04_services: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 33294426] - staging: bcm2835-camera: Use designators to init V4L2 controls (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Drop unused ignore_errors flag (Stefan Wahren) [Orabug: 33294426] - media: bcm2835-camera: rename VFL_TYPE_GRABBER to _VIDEO (Hans Verkuil) [Orabug: 33294426] - media: rename VFL_TYPE_GRABBER to _VIDEO (Hans Verkuil) [Orabug: 33294426] - staging: vc04_services: Fix wrong early return in next_service_by_instance() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: don't increment service refcount when it's not needed (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: use kref + RCU to reference count services (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: fix indentation alignment in a few places (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: remove unneeded parentheses (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: remove unused function (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: vchiq_arm: Get rid of unused defines (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_arm_vcresume()'s signature (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete vchiq_platform_check_suspend() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of USE_TYPE_SERVICE_NO_RESUME (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of the rest of suspend/resume state handling (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get of even more suspend/resume states (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of unused suspend/resume states (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete vc_suspend_complete completion (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_check_resume() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_arm_vcsuspend() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_on_remote_use_active() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_handle_timeout() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_videocore_wanted() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_suspend/resume() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_paused/resumed() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: get rid of vchiq_platform_use_suspend_timer() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete blocked_count in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: get rid of blocked_blocker completion in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of resume_blocker completion in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of resume_blocked in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Remove unused variables in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: remove header include path to vc04_services (Masahiro Yamada) [Orabug: 33294426] - staging/vc04_services/bcm2835-camera: distinct numeration and names for devices (Michael Kupfer) [Orabug: 33294426] - staging: vchiq: Have vchiq_dump_* functions return an error code (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Refactor indentation in vchiq_dump_* functions (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq_dump: Replace min with min_t (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Fix block comment format in vchiq_dump() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04: Fix Kconfig indentation (Krzysztof Kozlowski) [Orabug: 33294426] - staging: vchiq: Refactor indentation in vchiq_platform_conn_state_changed() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Have vchiu_queue_init() return 0 on success. (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_PLATFORM_STATE_T typedef with struct opaque_platform_state (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_INSTANCE_T typedef with struct vchiq_instance (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_SERVICE_HANDLE_T typedef with unsigned int (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename VCHIQ_REMOTE_USE_CALLBACK_T to vchiq_remote_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename VCHIQ_CALLBACK_T to vchiq_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename callback VCHIQ_USERDATA_TERM_T to vchiq_userdata_term (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_BULK_DIR_T enum typedef with enum vchiq_bulk_dir (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_CONNSTATE_T enum typedef with enum vchiq_connstate (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_SERVICE_OPTION_T enum typedef with enum vchiq_service_option (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_BULK_MODE_T enum typedef with enum vchiq_bulk_mode (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_STATUS_T enum typedef with enum vchiq_status (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename callback VCHI_CALLBACK_T to vchi_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHI_SERVICE_HANDLE_T typedef with struct vchi_service_handle (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHI_INSTANCE_T with struct vhci_instance_handle (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Remove enum typedefs in vchi (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Remove unused structs (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: fix warnings of Block comments use of * (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: fix warnings of scpace required between operator (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: fix check warnings of line over 80 characters (Jules Irenge) [Orabug: 33294426] - media: v4l2-core: correctly validate video and metadata ioctls (Vandana BN) [Orabug: 33294426] - staging: vc04_services: use DIV_ROUND_UP helper macro (Wambui Karuga) [Orabug: 33294426] - staging: vc04_services: place the AND operator at the end of the previous line (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: Avoid NULL comparison (Nachammai Karuppiah) [Orabug: 33294426] - staging: vchiq: don't print pointless kernel address (Matteo Croce) [Orabug: 33294426] - staging: bcm2835-audio: Need to judge the return value of vchi_msg_dequeue in audio_vchi_callback (zhengbin) [Orabug: 33294426] - staging: vc04_services: make use of devm_platform_ioremap_resource (Hariprasad Kelam) [Orabug: 33294426] - staging: vc04_services: Avoid typedef (Nachammai Karuppiah) [Orabug: 33294426] - net/mlx{4,5},rds_rdma: fix non-determinism when comp_vector is zero (Hakon Bugge) [Orabug: 33459335] - net/mlx{4,5}: Fix signed formal parameter (Hakon Bugge) [Orabug: 33459335] - net/mlx5: Initialize nvec based on 'num_possible_cpus()' (Gerd Rausch) [Orabug: 33451392] - drm/atomic-helper: reset vblank on crtc reset (Daniel Vetter) [Orabug: 33427369] - drm: Initialize struct drm_crtc_state.no_vblank from device settings (Thomas Zimmermann) [Orabug: 33427369] - uek-rpm: Remove unnecessary ld.so.conf.d file (Stephen Brennan) [Orabug: 33408515] - ocfs2: drop acl cache for directories too (Wengang Wang) [Orabug: 33407843] - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (Dan Carpenter) [Orabug: 33406845] {CVE-2021-3744} - locking/csd_lock: Make csdlock_debug=1 default (Stephen Brennan) [Orabug: 33403352] - uek-rpm: config: Enable CONFIG_CSD_LOCK_WAIT_DEBUG (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Remove unused 'idle' event (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Add more data to CSD lock debugging (Juergen Gross) [Orabug: 33403352] - smp: refactor queueing of single smp call (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Prepare more CSD lock debugging (Juergen Gross) [Orabug: 33403352] - locking/csd_lock: Add boot parameter for controlling CSD lock debugging (Juergen Gross) [Orabug: 33403352] - kernel/smp: Provide CSD lock timeout diagnostics (Paul E. McKenney) [Orabug: 33403352] - smp: Fix kABI breakage in __call_single_data (Stephen Brennan) [Orabug: 33403352] - smp: Add source and destination CPUs to __call_single_data (Paul E. McKenney) [Orabug: 33403352] - kvm: export per-vcpu exits to userspace (Dongli Zhang) [Orabug: 33387671] - RDMA/core/sa_query: Remove unused function (Hakon Bugge) [Orabug: 33408993] - video: fbdev: cirrusfb: check pixclock to avoid divide by zero (George Kennedy) [Orabug: 32176135] - bnx2x: Fix enabling network interfaces without VFs (Adrian Bunk) [Orabug: 33458877] - net/rds: 'no error' is no error (Gerd Rausch) [Orabug: 33252277] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-3656 CVE-2021-3744 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.301.1.2.el7] - Revert 'net/rds: Allocate pages on HCA NUMA nodeid' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Use the same vector for send & receive' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Get rid of tasklets' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Put more CPU cores to work' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Make workers use the designated CPU' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/mlx5: Add new verb 'ib_get_vector_irqn'' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Add 'preferred_cpu' option to 'rds_rdma.ko'' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Follow the observed CQ CPU affinity' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Throttle check for CQ CPU affinity' (Gerd Rausch) [Orabug: 33561324] - Revert 'net/rds: Bring tasklets back for better latency' (Gerd Rausch) [Orabug: 33561324] - Revert 'xfs: Lower CIL flush limit for large logs' (Catherine Hoang) [Orabug: 33585639] - Revert 'xfs: Throttle commits on delayed background CIL push' (Catherine Hoang) [Orabug: 33585639] [5.4.17-2136.301.1.1.el7] - xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33542385] [5.4.17-2136.301.1.el7] - net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33440594] - net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33440594] - net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33440594] - net/rds: Add 'preferred_cpu' option to 'rds_rdma.ko' (Gerd Rausch) [Orabug: 33440594] - net/mlx5: Add new verb 'ib_get_vector_irqn' (Gerd Rausch) [Orabug: 33440594] - net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33440594] - net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33440594] - net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33440594] - net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33440594] - net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33440594] - net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33440594] - net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33440594] - xen-blkfront: sanitize the removal state machine (Christoph Hellwig) [Orabug: 33392832] - xen/blkfront: fix ring info addressing (Juergen Gross) [Orabug: 33392832] - xen/blkfront: limit allocated memory size to actual use case (Juergen Gross) [Orabug: 33392832] - xfs: Throttle commits on delayed background CIL push (Dave Chinner) [Orabug: 29710712] - xfs: Lower CIL flush limit for large logs (Dave Chinner) [Orabug: 29710712] - sctp: account stream padding length for reconf chunk (Eiichi Tsukata) [Orabug: 32397993] - rds/ib: handle rds uncongested notifications in worker (Manjunath Patil) [Orabug: 33467788] [5.4.17-2136.301.0.el7] - LTS tag: v5.4.143 (Jack Vogel) - netfilter: nft_exthdr: fix endianness of tcp option cast (Sergey Marinkevich) - fs: warn about impending deprecation of mandatory locks (Jeff Layton) - mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim (Johannes Weiner) - mm, memcg: avoid stale protection values when cgroup is above protection (Yafang Shao) - ASoC: intel: atom: Fix breakage for PCM buffer address setup (Takashi Iwai) - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (Marcin Bachry) - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (NeilBrown) - ipack: tpci200: fix memory leak in the tpci200_register (Dongliang Mu) - ipack: tpci200: fix many double free issues in tpci200_pci_probe (Dongliang Mu) - slimbus: ngd: reset dma setup during runtime pm (Srinivas Kandagatla) - slimbus: messaging: check for valid transaction id (Srinivas Kandagatla) - slimbus: messaging: start transaction ids from 1 instead of zero (Srinivas Kandagatla) - tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (Steven Rostedt (VMware)) - ALSA: hda - fix the 'Capture Switch' value change notifications (Jaroslav Kysela) - mmc: dw_mmc: Fix hang on data CRC error (Vincent Whitchurch) - ovl: add splice file read write helper (Murphy Zhou) - iavf: Fix ping is lost after untrusted VF had tried to change MAC (Sylwester Dziedziuch) - i40e: Fix ATR queue selection (Arkadiusz Kubalewski) - ovs: clear skb->tstamp in forwarding path (kaixi.fan) - net: mdio-mux: Handle -EPROBE_DEFER correctly (Saravana Kannan) - net: mdio-mux: Don't ignore memory allocation errors (Saravana Kannan) - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (Dinghao Liu) - virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO (Jason Wang) - virtio-net: support XDP when not more queues (Xuan Zhuo) - vrf: Reset skb conntrack connection on VRF rcv (Lahav Schlesinger) - bnxt_en: Add missing DMA memory barriers (Michael Chan) - ptp_pch: Restore dependency on PCI (Andy Shevchenko) - net: 6pack: fix slab-out-of-bounds in decode_data (Pavel Skripkin) - bnxt: disable napi before canceling DIM (Jakub Kicinski) - bnxt: don't lock the tx queue from napi poll (Jakub Kicinski) - bpf: Clear zext_dst of dead insns (Ilya Leoshkevich) - vhost: Fix the calculation in vhost_overflow() (Xie Yongji) - virtio: Protect vqs list access (Parav Pandit) - dccp: add do-while-0 stubs for dccp_pr_debug macros (Randy Dunlap) - cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant (Marek Behun) - iommu: Check if group is NULL before remove device (Frank Wunderlich) - Bluetooth: hidp: use correct wait queue when removing ctrl_wait (Ole Bjorn Midtbo) - drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X (Bing Guo) - net: usb: lan78xx: don't modify phy_device state concurrently (Ivan T. Ivanov) - ARM: dts: nomadik: Fix up interrupt controller node names (Sudeep Holla) - scsi: core: Fix capacity set to zero after offlinining device (lijinlin) - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO (Sreekanth Reddy) - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (Ye Bin) - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() (Harshvardhan Jha) - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (Peter Ujfalusi) - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218 (Dave Gerlach) - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (Yu Kuai) - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (Adrian Larumbe) - USB: core: Avoid WARNings for 0-length descriptor requests (Alan Stern) - media: drivers/media/usb: fix memory leak in zr364xx_probe (Pavel Skripkin) - media: zr364xx: fix memory leaks in probe() (Dan Carpenter) - media: zr364xx: propagate errors from zr364xx_start_readpipe() (Evgeny Novikov) - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (Andreas Persson) - ath9k: Postpone key cache entry deletion for TXQ frames reference it (Jouni Malinen) - ath: Modify ath_key_delete() to not need full key entry (Jouni Malinen) - ath: Export ath_hw_keysetmac() (Jouni Malinen) - ath9k: Clear key cache explicitly on disabling hardware (Jouni Malinen) - ath: Use safer key clearing with key cache entries (Jouni Malinen) - x86/fpu: Make init_fpstate correct with optimized XSAVE (Thomas Gleixner) - ext4: fix EXT4_MAX_LOGICAL_BLOCK macro (Ritesh Harjani) - LTS tag: v5.4.142 (Jack Vogel) {CVE-2021-3653} {CVE-2021-3656} - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) (Maxim Levitsky) - vmlinux.lds.h: Handle clang's module.{c,d}tor sections (Nathan Chancellor) - ceph: take snap_empty_lock atomically with snaprealm refcount change (Jeff Layton) - ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm (Jeff Layton) - ceph: add some lockdep assertions around snaprealm handling (Jeff Layton) - KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation (Sean Christopherson) - PCI/MSI: Protect msi_desc::masked for multi-MSI (Thomas Gleixner) - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (Thomas Gleixner) - PCI/MSI: Correct misleading comments (Thomas Gleixner) - PCI/MSI: Do not set invalid bits in MSI mask (Thomas Gleixner) - PCI/MSI: Enforce MSI[X] entry updates to be visible (Thomas Gleixner) - PCI/MSI: Enforce that MSI-X table entry is masked for update (Thomas Gleixner) - PCI/MSI: Mask all unused MSI-X entries (Thomas Gleixner) - PCI/MSI: Enable and mask MSI-X early (Thomas Gleixner) - genirq/timings: Prevent potential array overflow in __irq_timings_store() (Ben Dai) - genirq/msi: Ensure deactivation on teardown (Bixuan Cui) - x86/resctrl: Fix default monitoring groups reporting (Babu Moger) - x86/ioapic: Force affinity setup before startup (Thomas Gleixner) - x86/msi: Force affinity setup before startup (Thomas Gleixner) - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP (Thomas Gleixner) - x86/tools: Fix objdump version check again (Randy Dunlap) - powerpc/kprobes: Fix kprobe Oops happens in booke (Pu Lehui) - nbd: Aovid double completion of a request (Xie Yongji) - vsock/virtio: avoid potential deadlock when vsock device remove (Longpeng(Mike)) - xen/events: Fix race in set_evtchn_to_irq (Maximilian Heyne) - net: igmp: increase size of mr_ifc_count (Eric Dumazet) - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets (Neal Cardwell) - net: linkwatch: fix failure to restore device state across suspend/resume (Willy Tarreau) - net: bridge: fix memleak in br_add_if() (Yang Yingliang) - net: dsa: sja1105: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: dsa: lantiq: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump (Vladimir Oltean) - net: igmp: fix data-race in igmp_ifc_timer_expire() (Eric Dumazet) - net: Fix memory leak in ieee802154_raw_deliver (Takeshi Misawa) - net: dsa: microchip: Fix ksz_read64() (Ben Hutchings) - drm/meson: fix colour distortion from HDR set during vendor u-boot (Christian Hewitt) - net/mlx5: Fix return value from tracer initialization (Aya Levin) - psample: Add a fwd declaration for skbuff (Roi Dayan) - iavf: Set RSS LUT and key in reset handle path (Md Fahad Iqbal Polash) - net: sched: act_mirred: Reset ct info when mirror/redirect skb (Hangbin Liu) - ppp: Fix generating ifname when empty IFLA_IFNAME is specified (Pali Rohar) - net: phy: micrel: Fix link detection on ksz87xx switch' (Ben Hutchings) - platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (Hans de Goede) - platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED (Florian Eckert) - net: dsa: mt7530: add the missing RxUnicast MIB counter (DENG Qingfang) - ASoC: cs42l42: Fix LRCLK frame start edge (Richard Fitzgerald) - netfilter: nf_conntrack_bridge: Fix memory leak when error (Yajun Deng) - ASoC: cs42l42: Remove duplicate control for WNF filter frequency (Richard Fitzgerald) - ASoC: cs42l42: Fix inversion of ADC Notch Switch control (Richard Fitzgerald) - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J (Richard Fitzgerald) - ASoC: cs42l42: Correct definition of ADC Volume control (Richard Fitzgerald) - ieee802154: hwsim: fix GPF in hwsim_new_edge_nl (Dongliang Mu) - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (Dongliang Mu) - libnvdimm/region: Fix label activation vs errors (Dan Williams) - ACPI: NFIT: Fix support for virtual SPA ranges (Dan Williams) - ceph: reduce contention in ceph_check_delayed_caps() (Luis Henriques) - i2c: dev: zero out array used for i2c reads from userspace (Greg Kroah-Hartman) - ASoC: intel: atom: Fix reference to PCM buffer address (Takashi Iwai) - ASoC: xilinx: Fix reference to PCM buffer address (Takashi Iwai) - iio: adc: Fix incorrect exit of for-loop (Colin Ian King) - iio: humidity: hdc100x: Add margin to the conversion time (Chris Lesiak) - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (Uwe Kleine-Konig) - LTS tag: v5.4.141 (Jack Vogel) - btrfs: don't flush from btrfs_delayed_inode_reserve_metadata (Nikolay Borisov) - btrfs: export and rename qgroup_reserve_meta (Nikolay Borisov) - btrfs: qgroup: don't commit transaction when we already hold the handle (Qu Wenruo) - net: xilinx_emaclite: Do not print real IOMEM pointer (YueHaibing) - btrfs: fix lockdep splat when enabling and disabling qgroups (Filipe Manana) - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (Qu Wenruo) - btrfs: transaction: Cleanup unused TRANS_STATE_BLOCKED (Qu Wenruo) - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (Qu Wenruo) - btrfs: qgroup: allow to unreserve range without releasing other ranges (Qu Wenruo) - btrfs: make btrfs_qgroup_reserve_data take btrfs_inode (Nikolay Borisov) - btrfs: make qgroup_free_reserved_data take btrfs_inode (Nikolay Borisov) - ovl: prevent private clone if bind mount is not allowed (Miklos Szeredi) - ppp: Fix generating ppp unit id when ifname is not specified (Pali Rohar) - ALSA: hda: Add quirk for ASUS Flow x13 (Luke D Jones) - USB:ehci:fix Kunpeng920 ehci hardware problem (Longfang Liu) - usb: dwc3: gadget: Avoid runtime resume if disabling pullup (Wesley Cheng) - usb: dwc3: gadget: Disable gadget IRQ during pullup disable (Wesley Cheng) - usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (Wesley Cheng) - usb: dwc3: gadget: Prevent EP queuing while stopping transfers (Wesley Cheng) - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (Wesley Cheng) - usb: dwc3: gadget: Allow runtime suspend if UDC unbinded (Wesley Cheng) - usb: dwc3: Stop active transfers before halting the controller (Wesley Cheng) - tracing: Reject string operand in the histogram expression (Masami Hiramatsu) - media: v4l2-mem2mem: always consider OUTPUT queue during poll (Alexandre Courbot) - tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag (Sumit Garg) - KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB (Sean Christopherson) - staging/bcm2835-codec: Do not update crop from S_FMT after res change (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-camera: Add support for H264 levels 4.1 and 4.2 (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Pass corrupt frame flag. (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Set the colourspace appropriately for RGB formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Fix support for levels 4.1 and 4.2 (Dave Stevenson) [Orabug: 33294426] - staging: vcsm-cma: Fix memory leak from not detaching dmabuf (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-camera: Add support for DMABUFs (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add VC-1 support. (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Implement additional g_selection calls for decode (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add support for pixel aspect ratio (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Correct logging of size_t to %zu (Dave Stevenson) [Orabug: 33294426] - bcm2835-isp: Allow formats with different colour spaces. (David Plowman) [Orabug: 33294426] - staging:bcm2835-camera: Fix the cherry-pick of AWB Greyworld (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: ISP: Add colour denoise control (Naushir Patuck) [Orabug: 33294426] - staging/bcm2835-isp: Log the number of excess supported formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-isp: Add the unpacked (16bpp) raw formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Log the number of excess supported formats (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Add the unpacked (16bpp) raw formats (Dave Stevenson) [Orabug: 33294426] - staging/vc04_services: Add additional unpacked raw formats (Dave Stevenson) [Orabug: 33294426] - staging/mmal-vchiq: Fix incorrect static vchiq_instance. (Dave Stevenson) [Orabug: 33294426] - staging/vc04-services/codec: Fix logical precedence issue (Dave Stevenson) [Orabug: 33294426] - staging: vchiq: Fix bulk transfers on 64-bit builds (Phil Elwell) [Orabug: 33294426] - vc-sm-cma: fixed kbuild problem (gesangtome) [Orabug: 33294426] - staging: vchiq: Fix bulk userdata handling (Phil Elwell) [Orabug: 33294426] - staging/vc04_services/codec: Clear last buf dequeued flag on START (Dave Stevenson) [Orabug: 33294426] - staging/vc04_services/codec: Add support for CID MPEG_HEADER_MODE (Dave Stevenson) [Orabug: 33294426] - staging/bcm2835-codec: Ensure OUTPUT timestamps are always forwarded (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: ISP: Add a more complex ISP processing component (Naushir Patuck) [Orabug: 33294426] - staging: vc04_services: Add a V4L2 M2M codec driver (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Use vc-sm-cma to support zero copy (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Add monochrome image formats (Dave Stevenson) [Orabug: 33294426] - staging: vchiq-mmal: Add support for 14bit Bayer (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: Add new vc-sm-cma driver (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835-camera: Replace deprecated V4L2_PIX_FMT_BGR32 (Dave Stevenson) [Orabug: 33294426] - vchiq_2835_arm: Implement a DMA pool for small bulk transfers (#2699) (detule) [Orabug: 33294426] - staging: vchiq_arm: children inherit DMA config (Phil Elwell) [Orabug: 33294426] - staging: vchiq_arm: Clean up 40-bit DMA support (Phil Elwell) [Orabug: 33294426] - staging:vc04_services: bcm2835-camera: Request headers with I-frame (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: mmal-vchiq: Update parameters list (Dave Stevenson) [Orabug: 33294426] - staging: vchiq: Load bcm2835_isp driver from vchiq (Naushir Patuck) [Orabug: 33294426] - staging: vchiq_arm: Give vchiq children DT nodes (Phil Elwell) [Orabug: 33294426] - staging: vchiq: Use the old dma controller for OF config on platform devices (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Set up dma ranges on child devices (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Register bcm2835-codec as a platform driver (Dave Stevenson) [Orabug: 33294426] - staging: vchiq_arm: Register vcsm-cma as a platform driver (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835-camera: Add greyworld AWB mode (Dave Stevenson) [Orabug: 33294426] - v4l2: Add a Greyworld AWB mode. (Dave Stevenson) [Orabug: 33294426] - Add HDMI1 facility to the driver. (James Hughes) [Orabug: 33294426] - vchiq: Add 36-bit address support (Phil Elwell) [Orabug: 33294426] - staging: mmal-vchiq: Fix memory leak in error path (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Free the event context for control ports (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Update mmal_parameters.h with recently defined params (Dave Stevenson) [Orabug: 33294426] - staging: mmal_vchiq: Add in the Bayer encoding formats (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Fix client_component for 64 bit kernel (Dave Stevenson) [Orabug: 33294426] - staging: vc04_services: Support sending data to MMAL ports (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Add support for event callbacks. (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Avoid use of bool in structures (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835: fix vchiq_mmal dependencies (Arnd Bergmann) [Orabug: 33294426] - staging: mmal-vchiq: Fix memory leak for vchiq_instance (Seung-Woo Kim) [Orabug: 33294426] - staging: vchiq: Fix list_for_each exit tests (Dan Carpenter) [Orabug: 33294426] - staging: vchiq: Fix an uninitialized variable (Dan Carpenter) [Orabug: 33294426] - staging: vchiq: fix __user annotations (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat await_completion (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat bulk transfer (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat dequeue_message (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: convert compat create_service (Arnd Bergmann) [Orabug: 33294426] - staging: vchiq: rework compat handling (Arnd Bergmann) [Orabug: 33294426] - staging: vc04_services: Use fallthrough pseudo-keyword (Gustavo A. R. Silva) [Orabug: 33294426] - staging: vchiq: Fix refcounting bug in buffer_from_host() (Dan Carpenter) [Orabug: 33294426] - staging: vc04_services: vchiq-mmal: Fixed tab styling issue in mmal-vchiq.c (Anmol Karn) [Orabug: 33294426] - Staging: vc04_services: Fix unsigned int warnings (Baidyanath Kundu) [Orabug: 33294426] - staging: vchiq: Move vchiq.h into include directory (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move defines into core header (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Use vchiq.h as the main header file for services (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move conditional barrier definition into vchiq_core.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of vchi (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Move vchi_queue_kernel_message() into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_bulk_queue_transmit() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_bulk_queue_receive() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move definitions only used by core into core header (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Make vchiq_add_service() local (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of unnecessary definitions in vchiq_if.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Don't include vchiq_core.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchiq_instance forward declaration (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Unify fourcc definition mechanisms (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Rework vchi_msg_hold() to match vchiq_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Pass vchiq's message when holding a message (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchi_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use struct vchiq_service_params (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Don't use a typedef for vchiq_callback (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchiq_shim's message callback (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Export vchiq_msg_queue_push (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Export vchiq_get_service_userdata() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Expose struct vchi_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Get rid of vchiq_util.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move message queue into struct vchiq_service (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Introduce vchiq_validate_params() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of effect less expression (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use vchiq's enum vchiq_reason (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Use enum vchiq_bulk_mode instead of vchi's transmission flags (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of flags argument in vchi_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchi_cfg.h (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of unnecessary defines (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi_common: Get rid of all unused definitions (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_msg_dequeue() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: bcm2835-audio: Use vchi_msg_hold() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Unify struct shim_service and struct vchi_service_handle (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of struct vchi_instance_handle (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_msg_peek() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of all useless callback reasons (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: mmal-vchiq: Fix formatting errors in mmal_parameters.h (Naushir Patuck) [Orabug: 33294426] - staging: mmal-vchiq: If the VPU returns an error, don't negate it (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Always return the param size from param_get (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Fixup vchiq-mmal include ordering (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Make a mmal_buf struct for passing parameters (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Make timeout a defined parameter (Dave Stevenson) [Orabug: 33294426] - staging: mmal-vchiq: Allocate and free components as required (Dave Stevenson) [Orabug: 33294426] - staging: bcm2835: Break MMAL support out from camera (Jacopo Mondi) [Orabug: 33294426] - trivial: staging: vc04_services: replace bitshift with BIT macro (Garrit Franke) [Orabug: 33294426] - staging: vchiq: Get rid of VCHIQ_SERVICE_OPENEND callback reason (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: move vchiq_release_message() into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of C++ guards (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of not implemented function declarations (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchiq_status_to_vchi() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_service_set_option() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Merge vchi_msg_queue() into vchi_queue_kernel_message() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq: Move copy callback handling into vchiq (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_queue_user_message() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchi: Get rid of vchi_service_destroy() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vchiq_arm: cast with __force as needed (Mitchell Tasman) [Orabug: 33294426] - staging: vc04_services: Block comment alignment (John Oldman) [Orabug: 33294426] - staging: bcm2835-camera: insert emty line after declaration (Houssem KADI) [Orabug: 33294426] - staging: vc04_services: remove set but not used 'local_entity_uc' (Jason Yan) [Orabug: 33294426] - staging: bcm2835-camera: reduce indentation in ctrl_set_image_effect (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: reduce multiline statements (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: return early in mmal_setup_components (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Move video component setup in its own function (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Move encode component setup in its own function (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Simplify set_framerate_params (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Make struct indentation consistent (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Activate V4L2_EXPOSURE_METERING_MATRIX handling (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Drop PREVIEW_LAYER (Stefan Wahren) [Orabug: 33294426] - staging: vc04_services: interface: vchi: Correct long line comments and make them C89 style (R Veera Kumar) [Orabug: 33294426] - staging: vc04_services: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 33294426] - staging: bcm2835-camera: Use designators to init V4L2 controls (Stefan Wahren) [Orabug: 33294426] - staging: bcm2835-camera: Drop unused ignore_errors flag (Stefan Wahren) [Orabug: 33294426] - media: bcm2835-camera: rename VFL_TYPE_GRABBER to _VIDEO (Hans Verkuil) [Orabug: 33294426] - media: rename VFL_TYPE_GRABBER to _VIDEO (Hans Verkuil) [Orabug: 33294426] - staging: vc04_services: Fix wrong early return in next_service_by_instance() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: don't increment service refcount when it's not needed (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: use kref + RCU to reference count services (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: fix indentation alignment in a few places (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: remove unneeded parentheses (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: remove unused function (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: vchiq_arm: Get rid of unused defines (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_arm_vcresume()'s signature (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete vchiq_platform_check_suspend() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of USE_TYPE_SERVICE_NO_RESUME (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of the rest of suspend/resume state handling (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get of even more suspend/resume states (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of unused suspend/resume states (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete vc_suspend_complete completion (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_check_resume() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_arm_vcsuspend() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_on_remote_use_active() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_handle_timeout() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_videocore_wanted() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_suspend/resume() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of vchiq_platform_paused/resumed() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: get rid of vchiq_platform_use_suspend_timer() (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Delete blocked_count in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: get rid of blocked_blocker completion in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of resume_blocker completion in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Get rid of resume_blocked in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: Remove unused variables in struct vchiq_arm_state (Nicolas Saenz Julienne) [Orabug: 33294426] - staging: vc04_services: remove header include path to vc04_services (Masahiro Yamada) [Orabug: 33294426] - staging/vc04_services/bcm2835-camera: distinct numeration and names for devices (Michael Kupfer) [Orabug: 33294426] - staging: vchiq: Have vchiq_dump_* functions return an error code (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Refactor indentation in vchiq_dump_* functions (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq_dump: Replace min with min_t (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Fix block comment format in vchiq_dump() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04: Fix Kconfig indentation (Krzysztof Kozlowski) [Orabug: 33294426] - staging: vchiq: Refactor indentation in vchiq_platform_conn_state_changed() (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vchiq: Have vchiu_queue_init() return 0 on success. (Marcelo Diop-Gonzalez) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_PLATFORM_STATE_T typedef with struct opaque_platform_state (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_INSTANCE_T typedef with struct vchiq_instance (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_SERVICE_HANDLE_T typedef with unsigned int (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename VCHIQ_REMOTE_USE_CALLBACK_T to vchiq_remote_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename VCHIQ_CALLBACK_T to vchiq_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename callback VCHIQ_USERDATA_TERM_T to vchiq_userdata_term (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_BULK_DIR_T enum typedef with enum vchiq_bulk_dir (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_CONNSTATE_T enum typedef with enum vchiq_connstate (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_SERVICE_OPTION_T enum typedef with enum vchiq_service_option (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_BULK_MODE_T enum typedef with enum vchiq_bulk_mode (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHIQ_STATUS_T enum typedef with enum vchiq_status (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Rename callback VCHI_CALLBACK_T to vchi_callback (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHI_SERVICE_HANDLE_T typedef with struct vchi_service_handle (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Replace VCHI_INSTANCE_T with struct vhci_instance_handle (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Remove enum typedefs in vchi (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: Remove unused structs (Jamal Shareef) [Orabug: 33294426] - staging: vc04_services: fix warnings of Block comments use of * (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: fix warnings of scpace required between operator (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: fix check warnings of line over 80 characters (Jules Irenge) [Orabug: 33294426] - media: v4l2-core: correctly validate video and metadata ioctls (Vandana BN) [Orabug: 33294426] - staging: vc04_services: use DIV_ROUND_UP helper macro (Wambui Karuga) [Orabug: 33294426] - staging: vc04_services: place the AND operator at the end of the previous line (Jules Irenge) [Orabug: 33294426] - staging: vc04_services: Avoid NULL comparison (Nachammai Karuppiah) [Orabug: 33294426] - staging: vchiq: don't print pointless kernel address (Matteo Croce) [Orabug: 33294426] - staging: bcm2835-audio: Need to judge the return value of vchi_msg_dequeue in audio_vchi_callback (zhengbin) [Orabug: 33294426] - staging: vc04_services: make use of devm_platform_ioremap_resource (Hariprasad Kelam) [Orabug: 33294426] - staging: vc04_services: Avoid typedef (Nachammai Karuppiah) [Orabug: 33294426] - net/mlx{4,5},rds_rdma: fix non-determinism when comp_vector is zero (Hakon Bugge) [Orabug: 33459335] - net/mlx{4,5}: Fix signed formal parameter (Hakon Bugge) [Orabug: 33459335] - net/mlx5: Initialize nvec based on 'num_possible_cpus()' (Gerd Rausch) [Orabug: 33451392] - drm/atomic-helper: reset vblank on crtc reset (Daniel Vetter) [Orabug: 33427369] - drm: Initialize struct drm_crtc_state.no_vblank from device settings (Thomas Zimmermann) [Orabug: 33427369] - uek-rpm: Remove unnecessary ld.so.conf.d file (Stephen Brennan) [Orabug: 33408515] - ocfs2: drop acl cache for directories too (Wengang Wang) [Orabug: 33407843] - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd() (Dan Carpenter) [Orabug: 33406845] {CVE-2021-3744} - locking/csd_lock: Make csdlock_debug=1 default (Stephen Brennan) [Orabug: 33403352] - uek-rpm: config: Enable CONFIG_CSD_LOCK_WAIT_DEBUG (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Remove unused 'idle' event (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Add more data to CSD lock debugging (Juergen Gross) [Orabug: 33403352] - smp: refactor queueing of single smp call (Stephen Brennan) [Orabug: 33403352] - locking/csd_lock: Prepare more CSD lock debugging (Juergen Gross) [Orabug: 33403352] - locking/csd_lock: Add boot parameter for controlling CSD lock debugging (Juergen Gross) [Orabug: 33403352] - kernel/smp: Provide CSD lock timeout diagnostics (Paul E. McKenney) [Orabug: 33403352] - smp: Fix kABI breakage in __call_single_data (Stephen Brennan) [Orabug: 33403352] - smp: Add source and destination CPUs to __call_single_data (Paul E. McKenney) [Orabug: 33403352] - kvm: export per-vcpu exits to userspace (Dongli Zhang) [Orabug: 33387671] - RDMA/core/sa_query: Remove unused function (Hakon Bugge) [Orabug: 33408993] - video: fbdev: cirrusfb: check pixclock to avoid divide by zero (George Kennedy) [Orabug: 32176135] - bnx2x: Fix enabling network interfaces without VFs (Adrian Bunk) [Orabug: 33458877] - net/rds: 'no error' is no error (Gerd Rausch) [Orabug: 33252277] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3653 CVE-2021-3656 CVE-2021-3744 Oracle Linux 8 IMPORTANT Copyright 2021 Oracle, Inc. CVE-2020-15469 CVE-2020-27821 CVE-2021-20221 CVE-2021-3409 CVE-2020-27661 CVE-2021-20257 CVE-2021-3392 CVE-2021-3527 CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 Oracle Linux 7 [7.4p1-22.0.1_fips] - Change Epoch from 1 to 10 - Enable fips KDF POST [Orabug: 32461750] - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739] [7.4p1-22.0.1] - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895] [7.4p1-22 + 0.10.3-2] - avoid segfault in Kerberos cache cleanup (#1999263) - fix CVE-2021-41617 (#2008884) MODERATE Copyright 2021 Oracle, Inc. CVE-2021-41617 Oracle Linux 6 Oracle Linux 7 [4.1.12-124.58.2] - ovl: prevent private clone if bind mount is not allowed (Miklos Szeredi) [Orabug: 33560431] {CVE-2021-3732} [4.1.12-124.58.1] - sunrpc: move NO_CRKEY_TIMEOUT to the auth->au_flags (Scott Mayhew) [Orabug: 33443537] - xen/netfront: stop tx queues during live migration (Dongli Zhang) [Orabug: 33536410] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-3732 Oracle Linux 6 [3.44.0-7.0.2] - Fix CVE-2021-43527 [Orabug: 33627334] CRITICAL Copyright 2021 Oracle, Inc. CVE-2021-43527 Oracle Linux 7 [2.4.6-97.0.5.2] - scoreboard: fix null pointer deference [Orabug: 33561206][CVE-2021-34798] - fix ap_escape_quote logic [Orabug: 33617690][CVE-2021-39275] IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-34798 CVE-2021-39275 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.302.6.1] - rds/ib: Use both iova and key in free_mr socket call (aru kolappan) [Orabug:33667276] [5.4.17-2136.302.6] - Revert fs: align IOCB_* flags with RWF_* flags (Prasad Singamsetty) [Orabug: 33627551] [5.4.17-2136.302.5] - Revert drm: Initialize struct drm_crtc_state.no_vblank from device settings (Somasundaram Krishnasamy) [Orabug: 33611832] - Revert drm/atomic-helper: reset vblank on crtc reset (Somasundaram Krishnasamy) [Orabug: 33611832] - net/mlx5: E-Switch, Support flow source for local vport (Hamdan Igbaria) [Orabug: 29444833] - net/mlx5e: E-Switch, Specify flow_source for rule with no in_port (Jianbo Liu) [Orabug: 29444833] - net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring (Jianbo Liu) [Orabug: 29444833] - uek-rpm: configs: disable CONFIG_READ_ONLY_THP_FOR_FS (Todd Vierling) [Orabug: 33538583] - uek-rpm: Remove CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y and CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED=y for uek6/u3 (Sherry Yang) [Orabug: 33580598] - Stop the ad-hoc games with -Wno-maybe-initialized (Linus Torvalds) [Orabug: 33580598] - x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [Orabug: 33580824] - x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580824] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora) [Orabug: 33580824] - uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krishnasamy) [Orabug: 33596873] [5.4.17-2136.302.4] - KVM: nSVM: Copy vmcb12 nRIP field to vmcb02 (Maciej S. Szmigiero) [Orabug: 33590307] - KVM: nSVM: Log nRIP of L1 and L2 guest VMCB in nested VMRUN tracepoint (Maciej S. Szmigiero) [Orabug: 33590307] - KVM: nSVM: move nested vmrun tracepoint to enter_svm_guest_mode (Maxim Levitsky) [Orabug: 33590307] - x86/platform/uv: Add uv_hub_info_s to UEK KABI (John Donnelly) [Orabug: 33397019] - x86/platform/uv: Modify order of fields in uv_hub_info_s to avoid panic (Steve Wahl) [Orabug: 33397019] - arm64/bpf: remove 128MB limit for BPF JIT programs (Russell King) [Orabug: 33518795] - kernfs: dont create a negative dentry if inactive node exists (Ian Kent) [Orabug: 33548753] - kernfs: also call kernfs_set_rev() for positive dentry (Hou Tao) [Orabug: 33548753] - kernfs: dont call d_splice_alias() under kernfs node lock (Ian Kent) [Orabug: 33548753] - kernfs: use i_lock to protect concurrent inode updates (Ian Kent) [Orabug: 33548753] - kernfs: switch kernfs to use an rwsem (Ian Kent) [Orabug: 33548753] - kernfs: use VFS negative dentry caching (Ian Kent) [Orabug: 33548753] - kernfs: add a revision to identify directory node changes (Ian Kent) [Orabug: 33548753] - selftests: breakpoints: Fix a typo of function name (Masami Hiramatsu) [Orabug: 33577735] - Revert net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33590962] - Revert net/mlx5: Add new verb ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Add preferred_cpu option to rds_rdma.ko (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33590962] - Revert IB/mlx4: Implement backend callback for ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962] [5.4.17-2136.302.2] - x86, sched: Treat Intel SNC topology as default, COD as exception (Alison Schofield) [Orabug: 32921559] - x86/kernel: Convert to new CPU match macros (Thomas Gleixner) [Orabug: 32921559] - net/mlx5: Disable mr_cache for SFs (Mikhael Goikhman) [Orabug: 33523558] - xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33571340] - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() (Dexuan Cui) [Orabug: 33548142] - uek-rpm: Enable CONFIG_CPU_FREQ_GOV_SCHEDUTIL for x86_64 kernels (Dave Kleikamp) [Orabug: 33564971] [5.4.17-2136.302.1] - arm64: Kconfig: enable MADV_DOEXEC functionality (Anthony Yznaga) [Orabug: 33428617] - bpf: Fix integer overflow in prealloc_elems_and_freelist() (Tatsuhiko Yasumatsu) [Orabug: 33431722] {CVE-2021-41864} - xen/netfront: stop tx queues during live migration (Dongli Zhang) [Orabug: 33536399] - Revert xfs: Lower CIL flush limit for large logs (Catherine Hoang) [Orabug: 33536463] - Revert xfs: Throttle commits on delayed background CIL push (Catherine Hoang) [Orabug: 33536463] - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN (Dai Ngo) [Orabug: 33536966] - nfsd: handle repeated BIND_CONN_TO_SESSION (J. Bruce Fields) [Orabug: 33536966] - rds: ib: Fix bug when comp_vector is IB_CQ_FORCE_ZERO_CV (Hakon Bugge) [Orabug: 33538397] [5.4.17-2136.302.0] - LTS tag: v5.4.152 (Jack Vogel) - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. (Kate Hsuan) - silence nfscache allocation warnings with kvzalloc (Rik van Riel) - perf/x86: Reset destroy callback on event init failure (Anand K Mistry) - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] (Fares Mehanna) - KVM: do not shrink halt_poll_ns below grow_start (Sergey Senozhatsky) - tools/vm/page-types: remove dependency on opt_file for idle page tracking (Changbin Du) - scsi: ses: Retry failed Send/Receive Diagnostic commands (Wen Xiong) - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn (Shuah Khan) - selftests: be sure to make khdr before other targets (Li Zhijian) - usb: dwc2: check return value after calling platform_get_resource() (Yang Yingliang) - usb: testusb: Fix for showing the connection speed (Faizel K B) - scsi: sd: Free scsi_disk device via put_device() (Ming Lei) - ext2: fix sleeping in atomic bugs on error (Dan Carpenter) - sparc64: fix pci_iounmap() when CONFIG_PCI is not set (Linus Torvalds) - xen-netback: correct success/error reporting for the SKB-with-fraglist case (Jan Beulich) - net: mdio: introduce a shutdown method to mdio device drivers (Vladimir Oltean) - LTS tag: v5.4.151 (Jack Vogel) - HID: usbhid: free raw_report buffers in usbhid_stop (Anirudh Rayabharam) - netfilter: ipset: Fix oversized kvmalloc() calls (Jozsef Kadlecsik) - HID: betop: fix slab-out-of-bounds Write in betop_probe (F.A.Sulaiman) - usb: hso: remove the bailout parameter (Dongliang Mu) - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind (sumiyawang) - PCI: Fix pci_host_bridge struct device release/free handling (Rob Herring) - net: stmmac: dont attach interface until resume finishes (Leon Yu) - net: udp: annotate data race around udp_sk(sk)->corkflag (Eric Dumazet) - HID: u2fzero: ignore incomplete packets without data (Andrej Shadura) - ext4: fix potential infinite loop in ext4_dx_readdir() (yangerkun) - ext4: fix reserved space counter leakage (Jeffle Xu) - ext4: fix loff_t overflow in ext4_max_bitmap_size() (Ritesh Harjani) - ipack: ipoctal: fix module reference leak (Johan Hovold) - ipack: ipoctal: fix missing allocation-failure check (Johan Hovold) - ipack: ipoctal: fix tty-registration error handling (Johan Hovold) - ipack: ipoctal: fix tty registration race (Johan Hovold) - ipack: ipoctal: fix stack information leak (Johan Hovold) - debugfs: debugfs_create_file_size(): use IS_ERR to check for error (Nirmoy Das) - elf: dont use MAP_FIXED_NOREPLACE for elf interpreter mappings (Chen Jingwen) - perf/x86/intel: Update event constraints for ICX (Kan Liang) - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Eric Dumazet) - net: sched: flower: protect fl_walk() with rcu (Vlad Buslov) - net: hns3: do not allow call hns3_nic_net_open repeatedly (Jian Shen) - scsi: csiostor: Add module softdep on cxgb4 (Rahul Lakkireddy) - Revert block, bfq: honor already-setup queue merges (Jens Axboe) - selftests, bpf: test_lwt_ip_encap: Really disable rp_filter (Jiri Benc) - e100: fix buffer overrun in e100_get_regs (Jacob Keller) - e100: fix length calculation in e100_get_regs_len (Jacob Keller) - net: ipv4: Fix rtnexthop len when RTA_FLOW is present (Xiao Liang) - hwmon: (tmp421) fix rounding for negative values (Paul Fertser) - hwmon: (tmp421) report /PVLD condition as fault (Paul Fertser) - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (Xin Long) - mac80211-hwsim: fix late beacon hrtimer handling (Johannes Berg) - mac80211: mesh: fix potentially unaligned access (Johannes Berg) - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (Lorenzo Bianconi) - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (Chih-Kang Chang) - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Vadim Pasternak) - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 (Andrea Claudi) - drm/amd/display: Pass PCI deviceid into DC (Charlene Liu) - x86/kvmclock: Move this_cpu_pvti into kvmclock.h (Zelin Deng) - mac80211: fix use-after-free in CCMP/GCMP RX (Johannes Berg) - scsi: ufs: Fix illegal offset in UPIU event trace (Jonathan Hsu) - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - fs-verity: fix signed integer overflow with i_size near S64_MAX (Eric Biggers) - usb: cdns3: fix race condition before setting doorbell (Pawel Laszczak) - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (James Morse) - cpufreq: schedutil: Use kobject release() method to free sugov_tunables (Kevin Hao) - tty: Fix out-of-bound vmalloc access in imageblit (Igor Matheus Andrade Torrente) - LTS tag: v5.4.150 (Jack Vogel) - qnx4: work around gcc false positive warning bug (Linus Torvalds) - xen/balloon: fix balloon kthread freezing (Juergen Gross) - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (Pali Rohar) - thermal/drivers/int340x: Do not set a wrong tcc offset on resume (Antoine Tenart) - EDAC/synopsys: Fix wrong value type assignment for edac_mode (Sai Krishna Potthuri) - spi: Fix tegra20 build with CONFIG_PM=n (Linus Torvalds) - net: 6pack: Fix tx timeout and slot time (Guenter Roeck) - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile (Guenter Roeck) - arm64: Mark __stack_chk_guard as __ro_after_init (Dan Li) - parisc: Use absolute_pointer() to define PAGE0 (Helge Deller) - qnx4: avoid stringop-overread errors (Linus Torvalds) - sparc: avoid stringop-overread errors (Linus Torvalds) - net: i825xx: Use absolute_pointer for memcpy from fixed memory location (Guenter Roeck) - compiler.h: Introduce absolute_pointer macro (Guenter Roeck) - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (Li Jinlin) - sparc32: page align size in arch_dma_alloc (Andreas Larsson) - nvme-multipath: fix ANA state updates when a namespace is not present (Anton Eidelman) - xen/balloon: use a kernel thread instead a workqueue (Juergen Gross) - bpf: Add oversize check before call kvcalloc() (Bixuan Cui) - ipv6: delay fib6_sernum increase in fib6_add (zhang kai) - m68k: Double cast io functions to unsigned long (Guenter Roeck) - net: stmmac: allow CSR clock of 300MHz (Jesper Nilsson) - net: macb: fix use after free on rmmod (Tong Zhang) - blktrace: Fix uaf in blk_trace access after removing by sysfs (Zhihao Cheng) - md: fix a lock order reversal in md_alloc (Christoph Hellwig) - irqchip/gic-v3-its: Fix potential VPE leak on error (Kaige Fu) - irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build (Randy Dunlap) - scsi: lpfc: Use correct scnprintf() limit (Dan Carpenter) - scsi: qla2xxx: Restore initiator in dual mode (Dmitry Bogdanov) - cifs: fix a sign extension bug (Dan Carpenter) - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (Dan Carpenter) - fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (Jiapeng Chong) - fpga: machxo2-spi: Return an error on failure (Tom Rix) - tty: synclink_gt: rename a conflicting function name (Randy Dunlap) - tty: synclink_gt, drop unneeded forward declarations (Jiri Slaby) - scsi: iscsi: Adjust iface sysfs attr detection (Baokun Li) - net/mlx4_en: Dont allow aRFS for encapsulated packets (Aya Levin) - qed: rdma - dont wait for resources under hw error recovery flow (Shai Malin) - gpio: uniphier: Fix void functions to remove return value (Kunihiko Hayashi) - net/smc: add missing error check in smc_clc_prfx_set() (Karsten Graul) - bnxt_en: Fix TX timeout when TX ring size is set to the smallest (Michael Chan) - enetc: Fix illegal access when reading affinity_hint (Claudiu Manoil) - platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR() (Andy Shevchenko) - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation (David Howells) - net: hso: fix muxed tty registration (Johan Hovold) - serial: mvebu-uart: fix drivers tx_empty callback (Pali Rohar) - xhci: Set HCD flag to defer primary roothub registration (Kishon Vijay Abraham I) - btrfs: prevent __btrfs_dump_space_info() to underflow its free space (Qu Wenruo) - erofs: fix up erofs_lookup tracepoint (Gao Xiang) - mcb: fix error handling in mcb_alloc_bus() (Dan Carpenter) - USB: serial: option: add device id for Foxconn T99W265 (Slark Xiao) - USB: serial: option: remove duplicate USB device ID (Krzysztof Kozlowski) - USB: serial: option: add Telit LN920 compositions (Carlo Lobrano) - USB: serial: mos7840: remove duplicated 0xac24 device ID (Krzysztof Kozlowski) - usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (Julian Sikorski) - staging: greybus: uart: fix tty use after free (Johan Hovold) - binder: make sure fd closes complete (Todd Kjos) - USB: cdc-acm: fix minor-number release (Johan Hovold) - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (Uwe Brandt) - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (Ondrej Zary) - xen/x86: fix PV trap handling on secondary processors (Jan Beulich) - cifs: fix incorrect check for null pointer in header_assemble (Steve French) - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (Dan Carpenter) - usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (Minas Harutyunyan) - usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (Minas Harutyunyan) - usb: gadget: r8a66597: fix a loop in set_feature() (Dan Carpenter) - LTS tag: v5.4.149 (Jack Vogel) - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (Guenter Roeck) - rtc: rx8010: select REGMAP_I2C (Yu-Tung Chang) - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() (Li Jinlin) - pwm: stm32-lp: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - pwm: rockchip: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - pwm: img: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group (Nanyong Sun) - nilfs2: fix NULL pointer in nilfs_##name##_attr_release (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_device_group (Nanyong Sun) - btrfs: fix lockdep warning while mounting sprout fs (Anand Jain) - ceph: lockdep annotations for try_nonblocking_invalidate (Jeff Layton) - ceph: request Fw caps before updating the mtime in ceph_write_iter (Jeff Layton) - dmaengine: xilinx_dma: Set DMA mask for coherent APIs (Radhey Shyam Pandey) - dmaengine: ioat: depends on !UML (Johannes Berg) - dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (Zou Wei) - parisc: Move pci_dev_is_behind_card_dino to where it is used (Guenter Roeck) - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() (Thomas Gleixner) - thermal/core: Fix thermal_cooling_device_register() prototype (Arnd Bergmann) - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH (Lukas Bulwahn) - net: stmmac: reset Tx desc base address before restarting Tx (Jongsung Kim) - phy: avoid unnecessary link-up delay in polling mode (Petr Oros) - pwm: lpc32xx: Dont modify HW state in .probe() after the PWM chip was registered (Uwe Kleine-Konig) - profiling: fix shift-out-of-bounds bugs (Pavel Skripkin) - nilfs2: use refcount_dec_and_lock() to fix potential UAF (Zhen Lei) - prctl: allow to setup brk for et_dyn executables (Cyrill Gorcunov) - 9p/trans_virtio: Remove sysfs file on probe failure (Xie Yongji) - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() (Dan Carpenter) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ (Andy Shevchenko) - um: virtio_uml: fix memory leak on init failures (Johannes Berg) - staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (Nathan Chancellor) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (Marcelo Ricardo Leitner) - sctp: validate chunk size in __rcv_asconf_lookup (Marcelo Ricardo Leitner) - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (Alex Sverdlin) - ARM: 9079/1: ftrace: Add MODULE_PLTS support (Alex Sverdlin) - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (Alex Sverdlin) - ARM: 9077/1: PLT: Move struct plt_entries definition to header (Alex Sverdlin) - apparmor: remove duplicate macro list_entry_is_head() (Andy Shevchenko) - ARM: Qualify enabling of swiotlb_init() (Florian Fainelli) - s390/pci_mmio: fully validate the VMA before calling follow_pte() (David Hildenbrand) - console: consume APC, DM, DCS (nick black) - PCI/ACPI: Add Ampere Altra SOC MCFG quirk (Tuan Phan) - PCI: aardvark: Fix reporting CRS value (Pali Rohar) - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (Pali Rohar) - PCI: aardvark: Indicate error in val when config read fails (Pali Rohar) - PCI: pci-bridge-emul: Fix big-endian support (Grzegorz Jaszczyk) - LTS tag: v5.4.148 (Jack Vogel) - s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (Ilya Leoshkevich) - s390/bpf: Fix optimizing out zero-extensions (Ilya Leoshkevich) - net: renesas: sh_eth: Fix freeing wrong tx descriptor (Yoshihiro Shimoda) - ip_gre: validate csum_start only on pull (Willem de Bruijn) - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (Dinghao Liu) - fq_codel: reject silly quantum parameters (Eric Dumazet) - netfilter: socket: icmp6: fix use-after-scope (Benjamin Hesmans) - net: dsa: b53: Fix calculating number of switch ports (Rafal Milecki) - perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} (Li Huafei) - ARC: export clear_user_page() for modules (Randy Dunlap) - mtd: rawnand: cafe: Fix a resource leak in the error handling path of cafe_nand_probe() (Christophe JAILLET) - PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n (Andy Shevchenko) - KVM: arm64: Handle PSCI resets before userspace touches vCPU state (Oliver Upton) - mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set (Matthias Schiffer) - PCI: Fix pci_dev_str_match_path() alloc while atomic bug (Dan Carpenter) - mfd: axp20x: Update AXP288 volatile ranges (Hans de Goede) - NTB: perf: Fix an error code in perf_setup_inbuf() (Yang Li) - NTB: Fix an error code in ntb_msit_probe() (Yang Li) - ethtool: Fix an error code in cxgb2.c (Yang Li) - PCI: ibmphp: Fix double unmap of io_mem (Vishal Aslot) - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (Daniele Palmas) - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 (Ryoga Saito) - PCI: Add ACS quirks for Cavium multi-function devices (George Cherian) - tracing/probes: Reject events which have the same name of existing one (Masami Hiramatsu) - mfd: Dont use irq_create_mapping() to resolve a mapping (Marc Zyngier) - fuse: fix use after free in fuse_read_interrupt() (Miklos Szeredi) - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (Wasim Khan) - mfd: db8500-prcmu: Adjust map to reality (Linus Walleij) - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation (Miquel Raynal) - mm/memory_hotplug: use unsigned long for PFN in zone_for_pfn_range() (David Hildenbrand) - net: hns3: fix the timing issue of VF clearing interrupt sources (Jiaran Zhang) - net: hns3: disable mac in flr process (Yufeng Mo) - net: hns3: change affinity_mask to numa node range (Yufeng Mo) - net: hns3: pad the short tunnel frame before sending to hardware (Yufeng Mo) - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (Nicholas Piggin) - ibmvnic: check failover_pending in login response (Sukadev Bhattiprolu) - dt-bindings: arm: Fix Toradex compatible typo (David Heidelberg) - qed: Handle management FW error (Shai Malin) - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() (zhenggy) - net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup (Vladimir Oltean) - net/af_unix: fix a data-race in unix_dgram_poll (Eric Dumazet) - vhost_net: fix OoB on sendmsg() failure. (Paolo Abeni) - events: Reuse value read using READ_ONCE instead of re-reading it (Baptiste Lepers) - net/mlx5: Fix potential sleeping in atomic context (Maor Gottlieb) - net/mlx5: FWTrace, cancel work on alloc pd error flow (Saeed Mahameed) - perf machine: Initialize srcline string member in add_location struct (Michael Petlan) - tipc: increase timeout in tipc_sk_enqueue() (Hoang Le) - r6040: Restore MDIO clock frequency after MAC reset (Florian Fainelli) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core (Xiyu Yang) - ptp: dp83640: dont define PAGE0 (Randy Dunlap) - net-caif: avoid user-triggerable WARN_ON(1) (Eric Dumazet) - tipc: fix an use-after-free issue in tipc_recvmsg (Xin Long) - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (Mike Rapoport) - s390/sclp: fix Secure-IPL facility detection (Alexander Egorenkov) - drm/etnaviv: add missing MMU context put when reaping MMU mapping (Lucas Stach) - drm/etnaviv: reference MMU context when setting up hardware state (Lucas Stach) - drm/etnaviv: fix MMU context leak on GPU reset (Lucas Stach) - drm/etnaviv: exec and MMU state is lost when resetting the GPU (Lucas Stach) - drm/etnaviv: keep MMU context across runtime suspend/resume (Lucas Stach) - drm/etnaviv: stop abusing mmu_context as FE running marker (Lucas Stach) - drm/etnaviv: put submit prev MMU context when it exists (Lucas Stach) - drm/etnaviv: return context from etnaviv_iommu_context_get (Lucas Stach) - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (Ernst Sjostrand) - PCI: Add AMD GPU multi-function power dependencies (Evan Quan) - PM: base: power: dont try to use non-existing RTC for storing data (Juergen Gross) - arm64/sve: Use correct size when reinitialising SVE state (Mark Brown) - xen: reset legacy rtc flag for PV domU (Juergen Gross) - btrfs: fix upper limit for max_inline for page size 64K (Anand Jain) - drm/panfrost: Clamp lock region to Bifrost minimum (Alyssa Rosenzweig) - drm/panfrost: Use u64 for size in lock_region (Alyssa Rosenzweig) - drm/panfrost: Simplify lock_region calculation (Alyssa Rosenzweig) - drm/amdgpu: Fix BUG_ON assert (Andrey Grodzovsky) - drm/msi/mdp4: populate priv->kms in mdp4_kms_init (David Heidelberg) - net: dsa: lantiq_gswip: fix maximum frame length (Jan Hoffmann) - lib/test_stackinit: Fix static initializer test (Kees Cook) - platform/chrome: cros_ec_proto: Send command again when timeout occurs (Patryk Duda) - memcg: enable accounting for pids in nested pid namespaces (Vasily Averin) - mm,vmscan: fix divide by zero in get_scan_count (Rik van Riel) - mm/hugetlb: initialize hugetlb_usage in mm_init (Liu Zixian) - s390/pv: fix the forcing of the swiotlb (Halil Pasic) - cpufreq: powernv: Fix init_chip_info initialization in numa=off (Pratik R. Sampat) - scsi: qla2xxx: Sync queue idx with queue_pair_map idx (Saurav Kashyap) - scsi: qla2xxx: Changes to support kdump kernel (Saurav Kashyap) - scsi: BusLogic: Fix missing pr_cont() use (Maciej W. Rozycki) - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() (chenying) - parisc: fix crash with signals and alloca (Mikulas Patocka) - net: w5100: check return value after calling platform_get_resource() (Yang Yingliang) - fix array-index-out-of-bounds in taprio_change (Haimin Zhang) - net: fix NULL pointer reference in cipso_v4_doi_free - ath9k: fix sleeping in atomic context (Miaoqing Pan) - ath9k: fix OOB read ar9300_eeprom_restore_internal (Zekun Shen) - parport: remove non-zero check on count (Colin Ian King) - net/mlx5: DR, Enable QP retransmission (Yevgeny Kliteynik) - iwlwifi: mvm: fix access to BSS elements (Johannes Berg) - iwlwifi: mvm: avoid static queue number aliasing (Johannes Berg) - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (Zhang Qilong) - drm/amdkfd: Account for SH/SE count when setting up cu masks. (Sean Keely) - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (Xiaotan Luo) - ASoC: rockchip: i2s: Fix regmap_ops hang (Sugar Zhang) - usbip:vhci_hcd USB port can get stuck in the disabled state (Shuah Khan) - usbip: give back URBs for unsent unlink requests during cleanup (Anirudh Rayabharam) - usb: musb: musb_dsps: request_irq() after initializing musb (Nadezda Lutovinova) - Revert USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Mathias Nyman) - cifs: fix wrong release in sess_alloc_buffer() failed path (Ding Hui) - mmc: core: Return correct emmc response in case of ioctl error (Nishad Kamdar) - selftests/bpf: Enlarge select() timeout for test_maps (Li Zhijian) - mmc: rtsx_pci: Fix long reads when clock is prescaled (Thomas Hebb) - mmc: sdhci-of-arasan: Check return value of non-void funtions (Manish Narani) - of: Dont allow __of_attached_node_sysfs() without CONFIG_SYSFS (Marc Zyngier) - ASoC: Intel: Skylake: Fix passing loadable flag for module (Gustaw Lewandowski) - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (Cezary Rojewski) - btrfs: tree-log: check btrfs_lookup_data_extent return value (Marcos Paulo de Souza) - m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch (Arnd Bergmann) - drm/exynos: Always initialize mapping in exynos_drm_register_dma() (Nathan Chancellor) - lockd: lockd server-side shouldnt set fl_ops (J. Bruce Fields) - usb: chipidea: host: fix port index underflow and UBSAN complains (Li Jun) - gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) - staging: rts5208: Fix get_ms_information() heap buffer size (Kees Cook) - rpc: fix gss_svc_init cleanup on failure (J. Bruce Fields) - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD (Luke Hsiao) - serial: sh-sci: fix break handling for sysrq (Ulrich Hecht) - opp: Dont print an error if required-opps is missing (Rajendra Nayak) - Bluetooth: Fix handling of LE Enhanced Connection Complete (Luiz Augusto von Dentz) - nvme-tcp: dont check blk_mq_tag_to_rq when receiving pdu data (Sagi Grimberg) - arm64: dts: ls1046a: fix eeprom entries (Raag Jadav) - arm64: tegra: Fix compatible string for Tegra132 CPUs (Thierry Reding) - ARM: tegra: tamonten: Fix UART pad setting (Andreas Obergschwandtner) - mac80211: Fix monitor MTU limit so that A-MSDUs get through (Johan Almbladh) - drm/display: fix possible null-pointer dereference in dcn10_set_clock() (Tuo Li) - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (Tuo Li) - net/mlx5: Fix variable type to match 64bit (Eran Ben Elisha) - Bluetooth: avoid circular locks in sco_sock_connect (Desmond Cheong Zhi Xi) - Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) - selftests/bpf: Fix xdp_tx.c prog section name (Jussi Maki) - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (David Heidelberg) - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() (Nathan Chancellor) - arm64: dts: qcom: sdm660: use reg value for memory node (Vinod Koul) - ARM: dts: imx53-ppd: Fix ACHC entry (Sebastian Reichel) - media: tegra-cec: Handle errors of clk_prepare_enable() (Evgeny Novikov) - media: TDA1997x: fix tda1997x_query_dv_timings() return value (Krzysztof Halasa) - media: v4l2-dv-timings.c: fix wrong condition in two for-loops (Hans Verkuil) - media: imx258: Limit the max analogue gain to 480 (Umang Jain) - media: imx258: Rectify mismatch of VTS value (Laurent Pinchart) - ASoC: Intel: bytcr_rt5640: Move Platform Clock routes to the maps for the matching in-/output (Hans de Goede) - arm64: tegra: Fix Tegra194 PCIe EP compatible string (Vidya Sagar) - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() (Yufeng Mo) - workqueue: Fix possible memory leaks in wq_numa_init() (Zhen Lei) - Bluetooth: skip invalid hci_sync_conn_complete_evt (Desmond Cheong Zhi Xi) - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (Andy Shevchenko) - samples: bpf: Fix tracex7 error raised on the missing argument (Juhee Kang) - staging: ks7010: Fix the initialization of the sleep_status structure (Christophe JAILLET) - serial: 8250_pci: make setup_port() parameters explicitly unsigned (Greg Kroah-Hartman) - hvsi: dont panic on tty_register_driver failure (Jiri Slaby) - xtensa: ISS: dont panic in rs_init (Jiri Slaby) - serial: 8250: Define RX trigger levels for OxSemi 950 devices (Maciej W. Rozycki) - s390: make PCI mio support a machine flag (Niklas Schnelle) - s390/jump_label: print real address in a case of a jump label bug (Heiko Carstens) - flow_dissector: Fix out-of-bounds warnings (Gustavo A. R. Silva) - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() (Gustavo A. R. Silva) - video: fbdev: riva: Error out if pixclock equals zero (Zheyu Ma) - video: fbdev: kyro: Error out if pixclock equals zero (Zheyu Ma) - video: fbdev: asiliantfb: Error out if pixclock equals zero (Zheyu Ma) - bpf/tests: Do not PASS tests without actually testing the result (Johan Almbladh) - bpf/tests: Fix copy-and-paste error in double word test (Johan Almbladh) - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (Anson Jacob) - drm/amd/display: Fix timer_per_pixel unit error (Oliver Logush) - tty: serial: jsm: hold port lock when reporting modem line changes (Zheyu Ma) - staging: board: Fix uninitialized spinlock when attaching genpd (Geert Uytterhoeven) - usb: gadget: composite: Allow bMaxPower=0 if self-powered (Jack Pham) - USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (Evgeny Novikov) - usb: gadget: u_ether: fix a potential null pointer dereference (Maciej zenczykowski) - usb: host: fotg210: fix the actual_length of an iso packet (Kelly Devilliv) - usb: host: fotg210: fix the endpoints transactional opportunities calculation (Kelly Devilliv) - igc: Check if num of q_vectors is smaller than max before array access (Sasha Neftin) - drm: avoid blocking in drm_clients_infos rcu section (Desmond Cheong Zhi Xi) - Smack: Fix wrong semantics in smk_access_entry() (Tianjia Zhang) - netlink: Deal with ESRCH error in nlmsg_notify() (Yajun Deng) - video: fbdev: kyro: fix a DoS bug by restricting user input (Zheyu Ma) - ARM: dts: qcom: apq8064: correct clock names (David Heidelberg) - iavf: fix locking of critical sections (Stefan Assmann) - iavf: do not override the adapter state in the watchdog task (Stefan Assmann) - iio: dac: ad5624r: Fix incorrect handling of an optional regulator. (Jonathan Cameron) - tipc: keep the skb in rcv queue until the whole data is read (Xin Long) - PCI: Use pci_update_current_state() in pci_enable_device_flags() (Rafael J. Wysocki) - crypto: mxs-dcp - Use sg_mapping_iter to copy data (Sean Anderson) - media: dib8000: rewrite the init prbs logic (Mauro Carvalho Chehab) - ASoC: atmel: ATMEL drivers dont need HAS_DMA (Randy Dunlap) - drm/amdgpu: Fix amdgpu_ras_eeprom_init() (Luben Tuikov) - userfaultfd: prevent concurrent API initialization (Nadav Amit) - kbuild: Fix no symbols warning when CONFIG_TRIM_UNUSD_KSYMS=y (Masahiro Yamada) - MIPS: Malta: fix alignment of the devicetree buffer (Oleksij Rempel) - f2fs: fix to unmap pages from userspace process in punch_hole() (Chao Yu) - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() (Chao Yu) - f2fs: fix to account missing .skipped_gc_rwsem (Chao Yu) - KVM: PPC: Fix clearing never mapped TCEs in realmode (Alexey Kardashevskiy) - clk: at91: clk-generated: Limit the requested rate to our range (Codrin Ciubotariu) - clk: at91: clk-generated: pass the id of changeable parent at registration (Claudiu Beznea) - clk: at91: sam9x60: Dont use audio PLL (Codrin Ciubotariu) - fscache: Fix cookie key hashing (David Howells) - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (Hans de Goede) - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (Nicholas Piggin) - HID: i2c-hid: Fix Elan touchpad regression (Jim Broadus) - scsi: target: avoid per-loop XCOPY buffer allocations (David Disseldorp) - powerpc/config: Renable MTD_PHYSMAP_OF (Joel Stanley) - scsi: qedf: Fix error codes in qedf_alloc_global_queues() (Dan Carpenter) - scsi: qedi: Fix error codes in qedi_alloc_global_queues() (Dan Carpenter) - scsi: smartpqi: Fix an error code in pqi_get_raid_map() (Dan Carpenter) - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (Zhen Lei) - scsi: fdomain: Fix error return code in fdomain_probe() (Wei Li) - SUNRPC: Fix potential memory corruption (Trond Myklebust) - dma-debug: fix debugfs initialization order (Anthony Iliopoulos) - openrisc: dont printk() unconditionally (Randy Dunlap) - f2fs: reduce the scope of setting fsck tag when de->name_len is zero (Yangtao Li) - f2fs: show f2fs instance in printk_ratelimited (Chao Yu) - RDMA/efa: Remove double QP type assignment (Leon Romanovsky) - powerpc/stacktrace: Include linux/delay.h (Michal Suchanek) - vfio: Use config not menuconfig for VFIO_NOIOMMU (Jason Gunthorpe) - pinctrl: samsung: Fix pinctrl bank pin count (Jaehyoung Choi) - docs: Fix infiniband uverbs minor number (Leon Romanovsky) - RDMA/iwcm: Release resources if iw_cm module initialization fails (Leon Romanovsky) - IB/hfi1: Adjust pkey entry in index 0 (Mike Marciniszyn) - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (Christoph Hellwig) - f2fs: quota: fix potential deadlock (Chao Yu) - HID: input: do not report stylus battery state as full (Dmitry Torokhov) - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (Pali Rohar) - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (Pali Rohar) - PCI: aardvark: Fix checking for PIO status (Evan Wang) - PCI: xilinx-nwl: Enable the clock through CCF (Hyun Kwon) - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (Krzysztof Wilczynski) - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (Marek Behun) - PCI/portdrv: Enable Bandwidth Notification only if port supports it (Stuart Hayes) - ARM: 9105/1: atags_to_fdt: dont warn about stack size (David Heidelberg) - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs (Hans de Goede) - dmaengine: imx-sdma: remove duplicated sdma_load_context (Robin Gong) - Revert dmaengine: imx-sdma: refine to load context only once (Robin Gong) - media: rc-loopback: return number of emitters rather than error (Sean Young) - media: uvc: dont do DMA on stack (Mauro Carvalho Chehab) - VMCI: fix NULL pointer dereference when unmapping queue pair (Wang Hai) - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Arne Welzel) - power: supply: max17042: handle fails of reading status register (Krzysztof Kozlowski) - block: bfq: fix bfq_set_next_ioprio_data() (Damien Le Moal) - crypto: public_key: fix overflow during implicit conversion (zhenwei pi) - arm64: head: avoid over-mapping in map_memory (Mark Rutland) - soc: aspeed: p2a-ctrl: Fix boundary check for mmap (Iwona Winiarska) - soc: aspeed: lpc-ctrl: Fix boundary check for mmap (Iwona Winiarska) - soc: qcom: aoss: Fix the out of bound usage of cooling_devs (Manivannan Sadhasivam) - pinctrl: ingenic: Fix incorrect pull up/down info (Paul Cercueil) - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (Marc Zyngier) - tools/thermal/tmon: Add cross compiling support (Rolf Eike Beer) - 9p/xen: Fix end of loop tests for list_for_each_entry (Harshvardhan Jha) - xen: fix setting of max_pfn in shared_info (Juergen Gross) - powerpc/perf/hv-gpci: Fix counter value parsing (Kajol Jain) - PCI/MSI: Skip masking MSI-X on Xen PV (Marek Marczykowski-Gorecki) - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (Niklas Cassel) - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (Niklas Cassel) - btrfs: reset replace target device to allocation state on close (Desmond Cheong Zhi Xi) - btrfs: wake up async_delalloc_pages waiters after submit (Josef Bacik) - rtc: tps65910: Correct driver module alias (Dmitry Osipenko) - LTS tag: v5.4.147 (Jack Vogel) - Revert time: Handle negative seconds correctly in timespec64_to_ns() (Greg Kroah-Hartman) - Revert posix-cpu-timers: Force next expiration recalc after itimer reset (Greg Kroah-Hartman) - Revert block: nbd: add sanity check for first_minor (Greg Kroah-Hartman) - Revert Bluetooth: Move shutdown callback before flushing tx and rx queue (Sasha Levin) - LTS tag: v5.4.146 (Jack Vogel) - clk: kirkwood: Fix a clocking boot regression (Linus Walleij) - backlight: pwm_bl: Improve bootloader/kernel device handover (Daniel Thompson) - fbmem: dont allow too huge resolutions (Tetsuo Handa) - IMA: remove the dependency on CRYPTO_MD5 (THOBY Simon) - IMA: remove -Wmissing-prototypes warning (Austin Kim) - fuse: flush extending writes (Miklos Szeredi) - fuse: truncate pagecache on atomic_o_trunc (Miklos Szeredi) - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (Sean Christopherson) - KVM: x86: Update vCPUs hv_clock before back to guest when tsc_offset is adjusted (Zelin Deng) - KVM: s390: index kvm->arch.idle_mask by vcpu_idx (Halil Pasic) - x86/resctrl: Fix a maybe-uninitialized build warning treated as error (Babu Moger) - perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op (Kim Phillips) - tty: Fix data race between tiocsti() and flush_to_ldisc() (Nguyen Dinh Phi) - bpf: Fix pointer arithmetic mask tightening under state pruning (Daniel Borkmann) - bpf: verifier: Allocate idmap scratch in verifier env (Lorenz Bauer) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (Daniel Borkmann) - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Daniel Borkmann) - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (Eric Dumazet) - octeontx2-af: Fix loop in free and unmap counter (Subbaraya Sundeep) - net: qualcomm: fix QCA7000 checksum handling (Stefan Wahren) - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (Xiyu Yang) - ipv4: make exception cache less predictible (Eric Dumazet) - ipv6: make exception cache less predictible (Eric Dumazet) - brcmfmac: pcie: fix oops on failure to resume and reprobe (Ahmad Fatoum) - bcma: Fix memory leak for internally-handled cores (Zenghui Yu) - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (Dan Carpenter) - ASoC: wcd9335: Disable irq on slave ports in the remove function (Christophe JAILLET) - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (Christophe JAILLET) - ASoC: wcd9335: Fix a double irq free in the remove function (Christophe JAILLET) - tty: serial: fsl_lpuart: fix the wrong mapbase value (Andy Duan) - usb: bdc: Fix an error handling path in bdc_probe() when no suitable DMA config is available (Christophe JAILLET) - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (Evgeny Novikov) - i2c: mt65xx: fix IRQ check (Sergey Shtylyov) - CIFS: Fix a potencially linear read overflow (Len Baker) - bpf: Fix possible out of bound write in narrow load handling (Andrey Ignatov) - mmc: moxart: Fix issue with uninitialized dma_slave_config (Tony Lindgren) - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (Tony Lindgren) - ASoC: Intel: Skylake: Fix module resource and format selection (Cezary Rojewski) - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (Cezary Rojewski) - rsi: fix an error code in rsi_probe() (Dan Carpenter) - rsi: fix error code in rsi_load_9116_firmware() (Dan Carpenter) - i2c: s3c2410: fix IRQ check (Sergey Shtylyov) - i2c: iop3xx: fix deferred probing (Sergey Shtylyov) - Bluetooth: add timeout sanity check to hci_inquiry (Pavel Skripkin) - mm/swap: consider max pages in iomap_swapfile_add_extent (Xu Yu) - usb: gadget: mv_u3d: request_irq() after initializing UDC (Nadezda Lutovinova) - nfsd4: Fix forced-expiry locking (J. Bruce Fields) - lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) - mac80211: Fix insufficient headroom issue for AMSDU (Chih-Kang Chang) - usb: phy: tahvo: add IRQ check (Sergey Shtylyov) - usb: host: ohci-tmio: add IRQ check (Sergey Shtylyov) - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (Geert Uytterhoeven) - usb: phy: twl6030: add IRQ checks (Sergey Shtylyov) - usb: phy: fsl-usb: add IRQ check (Sergey Shtylyov) - usb: gadget: udc: at91: add IRQ check (Sergey Shtylyov) - drm/msm/dsi: Fix some reference counted resource leaks (Christophe JAILLET) - Bluetooth: fix repeated calls to sco_sock_kill (Desmond Cheong Zhi Xi) - counter: 104-quad-8: Return error when invalid mode during ceiling_write (William Breathitt Gray) - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (Krzysztof Kozlowski) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41864 Oracle Linux 7 Oracle Linux 8 [5.4.17-2136.302.6.1] - rds/ib: Use both iova and key in free_mr socket call (aru kolappan) [Orabug: 33667276] [5.4.17-2136.302.6] - Revert fs: align IOCB_* flags with RWF_* flags (Prasad Singamsetty) [Orabug: 33627551] [5.4.17-2136.302.5] - Revert drm: Initialize struct drm_crtc_state.no_vblank from device settings (Somasundaram Krishnasamy) [Orabug: 33611832] - Revert drm/atomic-helper: reset vblank on crtc reset (Somasundaram Krishnasamy) [Orabug: 33611832] - net/mlx5: E-Switch, Support flow source for local vport (Hamdan Igbaria) [Orabug: 29444833] - net/mlx5e: E-Switch, Specify flow_source for rule with no in_port (Jianbo Liu) [Orabug: 29444833] - net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring (Jianbo Liu) [Orabug: 29444833] - uek-rpm: configs: disable CONFIG_READ_ONLY_THP_FOR_FS (Todd Vierling) [Orabug: 33538583] - uek-rpm: Remove CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y and CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED=y for uek6/u3 (Sherry Yang) [Orabug: 33580598] - Stop the ad-hoc games with -Wno-maybe-initialized (Linus Torvalds) [Orabug: 33580598] - x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [Orabug: 33580824] - x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580824] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora) [Orabug: 33580824] - uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krishnasamy) [Orabug: 33596873] [5.4.17-2136.302.4] - KVM: nSVM: Copy vmcb12 nRIP field to vmcb02 (Maciej S. Szmigiero) [Orabug: 33590307] - KVM: nSVM: Log nRIP of L1 and L2 guest VMCB in nested VMRUN tracepoint (Maciej S. Szmigiero) [Orabug: 33590307] - KVM: nSVM: move nested vmrun tracepoint to enter_svm_guest_mode (Maxim Levitsky) [Orabug: 33590307] - x86/platform/uv: Add uv_hub_info_s to UEK KABI (John Donnelly) [Orabug: 33397019] - x86/platform/uv: Modify order of fields in uv_hub_info_s to avoid panic (Steve Wahl) [Orabug: 33397019] - arm64/bpf: remove 128MB limit for BPF JIT programs (Russell King) [Orabug: 33518795] - kernfs: dont create a negative dentry if inactive node exists (Ian Kent) [Orabug: 33548753] - kernfs: also call kernfs_set_rev() for positive dentry (Hou Tao) [Orabug: 33548753] - kernfs: dont call d_splice_alias() under kernfs node lock (Ian Kent) [Orabug: 33548753] - kernfs: use i_lock to protect concurrent inode updates (Ian Kent) [Orabug: 33548753] - kernfs: switch kernfs to use an rwsem (Ian Kent) [Orabug: 33548753] - kernfs: use VFS negative dentry caching (Ian Kent) [Orabug: 33548753] - kernfs: add a revision to identify directory node changes (Ian Kent) [Orabug: 33548753] - selftests: breakpoints: Fix a typo of function name (Masami Hiramatsu) [Orabug: 33577735] - Revert net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33590962] - Revert net/mlx5: Add new verb ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Add preferred_cpu option to rds_rdma.ko (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33590962] - Revert net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33590962] - Revert IB/mlx4: Implement backend callback for ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962] [5.4.17-2136.302.2] - x86, sched: Treat Intel SNC topology as default, COD as exception (Alison Schofield) [Orabug: 32921559] - x86/kernel: Convert to new CPU match macros (Thomas Gleixner) [Orabug: 32921559] - net/mlx5: Disable mr_cache for SFs (Mikhael Goikhman) [Orabug: 33523558] - xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33571340] - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() (Dexuan Cui) [Orabug: 33548142] - uek-rpm: Enable CONFIG_CPU_FREQ_GOV_SCHEDUTIL for x86_64 kernels (Dave Kleikamp) [Orabug: 33564971] [5.4.17-2136.302.1] - arm64: Kconfig: enable MADV_DOEXEC functionality (Anthony Yznaga) [Orabug: 33428617] - bpf: Fix integer overflow in prealloc_elems_and_freelist() (Tatsuhiko Yasumatsu) [Orabug: 33431722] {CVE-2021-41864} - xen/netfront: stop tx queues during live migration (Dongli Zhang) [Orabug: 33536399] - Revert xfs: Lower CIL flush limit for large logs (Catherine Hoang) [Orabug: 33536463] - Revert xfs: Throttle commits on delayed background CIL push (Catherine Hoang) [Orabug: 33536463] - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN (Dai Ngo) [Orabug: 33536966] - nfsd: handle repeated BIND_CONN_TO_SESSION (J. Bruce Fields) [Orabug: 33536966] - rds: ib: Fix bug when comp_vector is IB_CQ_FORCE_ZERO_CV (Hakon Bugge) [Orabug: 33538397] [5.4.17-2136.302.0] - LTS tag: v5.4.152 (Jack Vogel) - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. (Kate Hsuan) - silence nfscache allocation warnings with kvzalloc (Rik van Riel) - perf/x86: Reset destroy callback on event init failure (Anand K Mistry) - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] (Fares Mehanna) - KVM: do not shrink halt_poll_ns below grow_start (Sergey Senozhatsky) - tools/vm/page-types: remove dependency on opt_file for idle page tracking (Changbin Du) - scsi: ses: Retry failed Send/Receive Diagnostic commands (Wen Xiong) - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn (Shuah Khan) - selftests: be sure to make khdr before other targets (Li Zhijian) - usb: dwc2: check return value after calling platform_get_resource() (Yang Yingliang) - usb: testusb: Fix for showing the connection speed (Faizel K B) - scsi: sd: Free scsi_disk device via put_device() (Ming Lei) - ext2: fix sleeping in atomic bugs on error (Dan Carpenter) - sparc64: fix pci_iounmap() when CONFIG_PCI is not set (Linus Torvalds) - xen-netback: correct success/error reporting for the SKB-with-fraglist case (Jan Beulich) - net: mdio: introduce a shutdown method to mdio device drivers (Vladimir Oltean) - LTS tag: v5.4.151 (Jack Vogel) - HID: usbhid: free raw_report buffers in usbhid_stop (Anirudh Rayabharam) - netfilter: ipset: Fix oversized kvmalloc() calls (Jozsef Kadlecsik) - HID: betop: fix slab-out-of-bounds Write in betop_probe (F.A.Sulaiman) - usb: hso: remove the bailout parameter (Dongliang Mu) - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind (sumiyawang) - PCI: Fix pci_host_bridge struct device release/free handling (Rob Herring) - net: stmmac: dont attach interface until resume finishes (Leon Yu) - net: udp: annotate data race around udp_sk(sk)->corkflag (Eric Dumazet) - HID: u2fzero: ignore incomplete packets without data (Andrej Shadura) - ext4: fix potential infinite loop in ext4_dx_readdir() (yangerkun) - ext4: fix reserved space counter leakage (Jeffle Xu) - ext4: fix loff_t overflow in ext4_max_bitmap_size() (Ritesh Harjani) - ipack: ipoctal: fix module reference leak (Johan Hovold) - ipack: ipoctal: fix missing allocation-failure check (Johan Hovold) - ipack: ipoctal: fix tty-registration error handling (Johan Hovold) - ipack: ipoctal: fix tty registration race (Johan Hovold) - ipack: ipoctal: fix stack information leak (Johan Hovold) - debugfs: debugfs_create_file_size(): use IS_ERR to check for error (Nirmoy Das) - elf: dont use MAP_FIXED_NOREPLACE for elf interpreter mappings (Chen Jingwen) - perf/x86/intel: Update event constraints for ICX (Kan Liang) - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Eric Dumazet) - net: sched: flower: protect fl_walk() with rcu (Vlad Buslov) - net: hns3: do not allow call hns3_nic_net_open repeatedly (Jian Shen) - scsi: csiostor: Add module softdep on cxgb4 (Rahul Lakkireddy) - Revert block, bfq: honor already-setup queue merges (Jens Axboe) - selftests, bpf: test_lwt_ip_encap: Really disable rp_filter (Jiri Benc) - e100: fix buffer overrun in e100_get_regs (Jacob Keller) - e100: fix length calculation in e100_get_regs_len (Jacob Keller) - net: ipv4: Fix rtnexthop len when RTA_FLOW is present (Xiao Liang) - hwmon: (tmp421) fix rounding for negative values (Paul Fertser) - hwmon: (tmp421) report /PVLD condition as fault (Paul Fertser) - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (Xin Long) - mac80211-hwsim: fix late beacon hrtimer handling (Johannes Berg) - mac80211: mesh: fix potentially unaligned access (Johannes Berg) - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (Lorenzo Bianconi) - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (Chih-Kang Chang) - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Vadim Pasternak) - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 (Andrea Claudi) - drm/amd/display: Pass PCI deviceid into DC (Charlene Liu) - x86/kvmclock: Move this_cpu_pvti into kvmclock.h (Zelin Deng) - mac80211: fix use-after-free in CCMP/GCMP RX (Johannes Berg) - scsi: ufs: Fix illegal offset in UPIU event trace (Jonathan Hsu) - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) - fs-verity: fix signed integer overflow with i_size near S64_MAX (Eric Biggers) - usb: cdns3: fix race condition before setting doorbell (Pawel Laszczak) - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (James Morse) - cpufreq: schedutil: Use kobject release() method to free sugov_tunables (Kevin Hao) - tty: Fix out-of-bound vmalloc access in imageblit (Igor Matheus Andrade Torrente) - LTS tag: v5.4.150 (Jack Vogel) - qnx4: work around gcc false positive warning bug (Linus Torvalds) - xen/balloon: fix balloon kthread freezing (Juergen Gross) - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (Pali Rohar) - thermal/drivers/int340x: Do not set a wrong tcc offset on resume (Antoine Tenart) - EDAC/synopsys: Fix wrong value type assignment for edac_mode (Sai Krishna Potthuri) - spi: Fix tegra20 build with CONFIG_PM=n (Linus Torvalds) - net: 6pack: Fix tx timeout and slot time (Guenter Roeck) - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile (Guenter Roeck) - arm64: Mark __stack_chk_guard as __ro_after_init (Dan Li) - parisc: Use absolute_pointer() to define PAGE0 (Helge Deller) - qnx4: avoid stringop-overread errors (Linus Torvalds) - sparc: avoid stringop-overread errors (Linus Torvalds) - net: i825xx: Use absolute_pointer for memcpy from fixed memory location (Guenter Roeck) - compiler.h: Introduce absolute_pointer macro (Guenter Roeck) - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (Li Jinlin) - sparc32: page align size in arch_dma_alloc (Andreas Larsson) - nvme-multipath: fix ANA state updates when a namespace is not present (Anton Eidelman) - xen/balloon: use a kernel thread instead a workqueue (Juergen Gross) - bpf: Add oversize check before call kvcalloc() (Bixuan Cui) - ipv6: delay fib6_sernum increase in fib6_add (zhang kai) - m68k: Double cast io functions to unsigned long (Guenter Roeck) - net: stmmac: allow CSR clock of 300MHz (Jesper Nilsson) - net: macb: fix use after free on rmmod (Tong Zhang) - blktrace: Fix uaf in blk_trace access after removing by sysfs (Zhihao Cheng) - md: fix a lock order reversal in md_alloc (Christoph Hellwig) - irqchip/gic-v3-its: Fix potential VPE leak on error (Kaige Fu) - irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build (Randy Dunlap) - scsi: lpfc: Use correct scnprintf() limit (Dan Carpenter) - scsi: qla2xxx: Restore initiator in dual mode (Dmitry Bogdanov) - cifs: fix a sign extension bug (Dan Carpenter) - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (Dan Carpenter) - fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (Jiapeng Chong) - fpga: machxo2-spi: Return an error on failure (Tom Rix) - tty: synclink_gt: rename a conflicting function name (Randy Dunlap) - tty: synclink_gt, drop unneeded forward declarations (Jiri Slaby) - scsi: iscsi: Adjust iface sysfs attr detection (Baokun Li) - net/mlx4_en: Dont allow aRFS for encapsulated packets (Aya Levin) - qed: rdma - dont wait for resources under hw error recovery flow (Shai Malin) - gpio: uniphier: Fix void functions to remove return value (Kunihiko Hayashi) - net/smc: add missing error check in smc_clc_prfx_set() (Karsten Graul) - bnxt_en: Fix TX timeout when TX ring size is set to the smallest (Michael Chan) - enetc: Fix illegal access when reading affinity_hint (Claudiu Manoil) - platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR() (Andy Shevchenko) - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation (David Howells) - net: hso: fix muxed tty registration (Johan Hovold) - serial: mvebu-uart: fix drivers tx_empty callback (Pali Rohar) - xhci: Set HCD flag to defer primary roothub registration (Kishon Vijay Abraham I) - btrfs: prevent __btrfs_dump_space_info() to underflow its free space (Qu Wenruo) - erofs: fix up erofs_lookup tracepoint (Gao Xiang) - mcb: fix error handling in mcb_alloc_bus() (Dan Carpenter) - USB: serial: option: add device id for Foxconn T99W265 (Slark Xiao) - USB: serial: option: remove duplicate USB device ID (Krzysztof Kozlowski) - USB: serial: option: add Telit LN920 compositions (Carlo Lobrano) - USB: serial: mos7840: remove duplicated 0xac24 device ID (Krzysztof Kozlowski) - usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (Julian Sikorski) - staging: greybus: uart: fix tty use after free (Johan Hovold) - binder: make sure fd closes complete (Todd Kjos) - USB: cdc-acm: fix minor-number release (Johan Hovold) - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (Uwe Brandt) - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (Ondrej Zary) - xen/x86: fix PV trap handling on secondary processors (Jan Beulich) - cifs: fix incorrect check for null pointer in header_assemble (Steve French) - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (Dan Carpenter) - usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (Minas Harutyunyan) - usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (Minas Harutyunyan) - usb: gadget: r8a66597: fix a loop in set_feature() (Dan Carpenter) - LTS tag: v5.4.149 (Jack Vogel) - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (Guenter Roeck) - rtc: rx8010: select REGMAP_I2C (Yu-Tung Chang) - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() (Li Jinlin) - pwm: stm32-lp: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - pwm: rockchip: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - pwm: img: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group (Nanyong Sun) - nilfs2: fix NULL pointer in nilfs_##name##_attr_release (Nanyong Sun) - nilfs2: fix memory leak in nilfs_sysfs_create_device_group (Nanyong Sun) - btrfs: fix lockdep warning while mounting sprout fs (Anand Jain) - ceph: lockdep annotations for try_nonblocking_invalidate (Jeff Layton) - ceph: request Fw caps before updating the mtime in ceph_write_iter (Jeff Layton) - dmaengine: xilinx_dma: Set DMA mask for coherent APIs (Radhey Shyam Pandey) - dmaengine: ioat: depends on !UML (Johannes Berg) - dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (Zou Wei) - parisc: Move pci_dev_is_behind_card_dino to where it is used (Guenter Roeck) - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() (Thomas Gleixner) - thermal/core: Fix thermal_cooling_device_register() prototype (Arnd Bergmann) - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH (Lukas Bulwahn) - net: stmmac: reset Tx desc base address before restarting Tx (Jongsung Kim) - phy: avoid unnecessary link-up delay in polling mode (Petr Oros) - pwm: lpc32xx: Dont modify HW state in .probe() after the PWM chip was registered (Uwe Kleine-Konig) - profiling: fix shift-out-of-bounds bugs (Pavel Skripkin) - nilfs2: use refcount_dec_and_lock() to fix potential UAF (Zhen Lei) - prctl: allow to setup brk for et_dyn executables (Cyrill Gorcunov) - 9p/trans_virtio: Remove sysfs file on probe failure (Xie Yongji) - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() (Dan Carpenter) - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ (Andy Shevchenko) - um: virtio_uml: fix memory leak on init failures (Johannes Berg) - staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (Nathan Chancellor) - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (Marcelo Ricardo Leitner) - sctp: validate chunk size in __rcv_asconf_lookup (Marcelo Ricardo Leitner) - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (Alex Sverdlin) - ARM: 9079/1: ftrace: Add MODULE_PLTS support (Alex Sverdlin) - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (Alex Sverdlin) - ARM: 9077/1: PLT: Move struct plt_entries definition to header (Alex Sverdlin) - apparmor: remove duplicate macro list_entry_is_head() (Andy Shevchenko) - ARM: Qualify enabling of swiotlb_init() (Florian Fainelli) - s390/pci_mmio: fully validate the VMA before calling follow_pte() (David Hildenbrand) - console: consume APC, DM, DCS (nick black) - PCI/ACPI: Add Ampere Altra SOC MCFG quirk (Tuan Phan) - PCI: aardvark: Fix reporting CRS value (Pali Rohar) - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (Pali Rohar) - PCI: aardvark: Indicate error in val when config read fails (Pali Rohar) - PCI: pci-bridge-emul: Fix big-endian support (Grzegorz Jaszczyk) - LTS tag: v5.4.148 (Jack Vogel) - s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (Ilya Leoshkevich) - s390/bpf: Fix optimizing out zero-extensions (Ilya Leoshkevich) - net: renesas: sh_eth: Fix freeing wrong tx descriptor (Yoshihiro Shimoda) - ip_gre: validate csum_start only on pull (Willem de Bruijn) - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (Dinghao Liu) - fq_codel: reject silly quantum parameters (Eric Dumazet) - netfilter: socket: icmp6: fix use-after-scope (Benjamin Hesmans) - net: dsa: b53: Fix calculating number of switch ports (Rafal Milecki) - perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} (Li Huafei) - ARC: export clear_user_page() for modules (Randy Dunlap) - mtd: rawnand: cafe: Fix a resource leak in the error handling path of cafe_nand_probe() (Christophe JAILLET) - PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n (Andy Shevchenko) - KVM: arm64: Handle PSCI resets before userspace touches vCPU state (Oliver Upton) - mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set (Matthias Schiffer) - PCI: Fix pci_dev_str_match_path() alloc while atomic bug (Dan Carpenter) - mfd: axp20x: Update AXP288 volatile ranges (Hans de Goede) - NTB: perf: Fix an error code in perf_setup_inbuf() (Yang Li) - NTB: Fix an error code in ntb_msit_probe() (Yang Li) - ethtool: Fix an error code in cxgb2.c (Yang Li) - PCI: ibmphp: Fix double unmap of io_mem (Vishal Aslot) - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (Daniele Palmas) - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 (Ryoga Saito) - PCI: Add ACS quirks for Cavium multi-function devices (George Cherian) - tracing/probes: Reject events which have the same name of existing one (Masami Hiramatsu) - mfd: Dont use irq_create_mapping() to resolve a mapping (Marc Zyngier) - fuse: fix use after free in fuse_read_interrupt() (Miklos Szeredi) - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (Wasim Khan) - mfd: db8500-prcmu: Adjust map to reality (Linus Walleij) - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation (Miquel Raynal) - mm/memory_hotplug: use unsigned long for PFN in zone_for_pfn_range() (David Hildenbrand) - net: hns3: fix the timing issue of VF clearing interrupt sources (Jiaran Zhang) - net: hns3: disable mac in flr process (Yufeng Mo) - net: hns3: change affinity_mask to numa node range (Yufeng Mo) - net: hns3: pad the short tunnel frame before sending to hardware (Yufeng Mo) - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (Nicholas Piggin) - ibmvnic: check failover_pending in login response (Sukadev Bhattiprolu) - dt-bindings: arm: Fix Toradex compatible typo (David Heidelberg) - qed: Handle management FW error (Shai Malin) - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() (zhenggy) - net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup (Vladimir Oltean) - net/af_unix: fix a data-race in unix_dgram_poll (Eric Dumazet) - vhost_net: fix OoB on sendmsg() failure. (Paolo Abeni) - events: Reuse value read using READ_ONCE instead of re-reading it (Baptiste Lepers) - net/mlx5: Fix potential sleeping in atomic context (Maor Gottlieb) - net/mlx5: FWTrace, cancel work on alloc pd error flow (Saeed Mahameed) - perf machine: Initialize srcline string member in add_location struct (Michael Petlan) - tipc: increase timeout in tipc_sk_enqueue() (Hoang Le) - r6040: Restore MDIO clock frequency after MAC reset (Florian Fainelli) - net/l2tp: Fix reference count leak in l2tp_udp_recv_core (Xiyu Yang) - ptp: dp83640: dont define PAGE0 (Randy Dunlap) - net-caif: avoid user-triggerable WARN_ON(1) (Eric Dumazet) - tipc: fix an use-after-free issue in tipc_recvmsg (Xin Long) - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (Mike Rapoport) - s390/sclp: fix Secure-IPL facility detection (Alexander Egorenkov) - drm/etnaviv: add missing MMU context put when reaping MMU mapping (Lucas Stach) - drm/etnaviv: reference MMU context when setting up hardware state (Lucas Stach) - drm/etnaviv: fix MMU context leak on GPU reset (Lucas Stach) - drm/etnaviv: exec and MMU state is lost when resetting the GPU (Lucas Stach) - drm/etnaviv: keep MMU context across runtime suspend/resume (Lucas Stach) - drm/etnaviv: stop abusing mmu_context as FE running marker (Lucas Stach) - drm/etnaviv: put submit prev MMU context when it exists (Lucas Stach) - drm/etnaviv: return context from etnaviv_iommu_context_get (Lucas Stach) - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (Ernst Sjostrand) - PCI: Add AMD GPU multi-function power dependencies (Evan Quan) - PM: base: power: dont try to use non-existing RTC for storing data (Juergen Gross) - arm64/sve: Use correct size when reinitialising SVE state (Mark Brown) - xen: reset legacy rtc flag for PV domU (Juergen Gross) - btrfs: fix upper limit for max_inline for page size 64K (Anand Jain) - drm/panfrost: Clamp lock region to Bifrost minimum (Alyssa Rosenzweig) - drm/panfrost: Use u64 for size in lock_region (Alyssa Rosenzweig) - drm/panfrost: Simplify lock_region calculation (Alyssa Rosenzweig) - drm/amdgpu: Fix BUG_ON assert (Andrey Grodzovsky) - drm/msi/mdp4: populate priv->kms in mdp4_kms_init (David Heidelberg) - net: dsa: lantiq_gswip: fix maximum frame length (Jan Hoffmann) - lib/test_stackinit: Fix static initializer test (Kees Cook) - platform/chrome: cros_ec_proto: Send command again when timeout occurs (Patryk Duda) - memcg: enable accounting for pids in nested pid namespaces (Vasily Averin) - mm,vmscan: fix divide by zero in get_scan_count (Rik van Riel) - mm/hugetlb: initialize hugetlb_usage in mm_init (Liu Zixian) - s390/pv: fix the forcing of the swiotlb (Halil Pasic) - cpufreq: powernv: Fix init_chip_info initialization in numa=off (Pratik R. Sampat) - scsi: qla2xxx: Sync queue idx with queue_pair_map idx (Saurav Kashyap) - scsi: qla2xxx: Changes to support kdump kernel (Saurav Kashyap) - scsi: BusLogic: Fix missing pr_cont() use (Maciej W. Rozycki) - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() (chenying) - parisc: fix crash with signals and alloca (Mikulas Patocka) - net: w5100: check return value after calling platform_get_resource() (Yang Yingliang) - fix array-index-out-of-bounds in taprio_change (Haimin Zhang) - net: fix NULL pointer reference in cipso_v4_doi_free - ath9k: fix sleeping in atomic context (Miaoqing Pan) - ath9k: fix OOB read ar9300_eeprom_restore_internal (Zekun Shen) - parport: remove non-zero check on count (Colin Ian King) - net/mlx5: DR, Enable QP retransmission (Yevgeny Kliteynik) - iwlwifi: mvm: fix access to BSS elements (Johannes Berg) - iwlwifi: mvm: avoid static queue number aliasing (Johannes Berg) - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (Zhang Qilong) - drm/amdkfd: Account for SH/SE count when setting up cu masks. (Sean Keely) - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (Xiaotan Luo) - ASoC: rockchip: i2s: Fix regmap_ops hang (Sugar Zhang) - usbip:vhci_hcd USB port can get stuck in the disabled state (Shuah Khan) - usbip: give back URBs for unsent unlink requests during cleanup (Anirudh Rayabharam) - usb: musb: musb_dsps: request_irq() after initializing musb (Nadezda Lutovinova) - Revert USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Mathias Nyman) - cifs: fix wrong release in sess_alloc_buffer() failed path (Ding Hui) - mmc: core: Return correct emmc response in case of ioctl error (Nishad Kamdar) - selftests/bpf: Enlarge select() timeout for test_maps (Li Zhijian) - mmc: rtsx_pci: Fix long reads when clock is prescaled (Thomas Hebb) - mmc: sdhci-of-arasan: Check return value of non-void funtions (Manish Narani) - of: Dont allow __of_attached_node_sysfs() without CONFIG_SYSFS (Marc Zyngier) - ASoC: Intel: Skylake: Fix passing loadable flag for module (Gustaw Lewandowski) - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (Cezary Rojewski) - btrfs: tree-log: check btrfs_lookup_data_extent return value (Marcos Paulo de Souza) - m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch (Arnd Bergmann) - drm/exynos: Always initialize mapping in exynos_drm_register_dma() (Nathan Chancellor) - lockd: lockd server-side shouldnt set fl_ops (J. Bruce Fields) - usb: chipidea: host: fix port index underflow and UBSAN complains (Li Jun) - gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) - staging: rts5208: Fix get_ms_information() heap buffer size (Kees Cook) - rpc: fix gss_svc_init cleanup on failure (J. Bruce Fields) - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD (Luke Hsiao) - serial: sh-sci: fix break handling for sysrq (Ulrich Hecht) - opp: Dont print an error if required-opps is missing (Rajendra Nayak) - Bluetooth: Fix handling of LE Enhanced Connection Complete (Luiz Augusto von Dentz) - nvme-tcp: dont check blk_mq_tag_to_rq when receiving pdu data (Sagi Grimberg) - arm64: dts: ls1046a: fix eeprom entries (Raag Jadav) - arm64: tegra: Fix compatible string for Tegra132 CPUs (Thierry Reding) - ARM: tegra: tamonten: Fix UART pad setting (Andreas Obergschwandtner) - mac80211: Fix monitor MTU limit so that A-MSDUs get through (Johan Almbladh) - drm/display: fix possible null-pointer dereference in dcn10_set_clock() (Tuo Li) - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (Tuo Li) - net/mlx5: Fix variable type to match 64bit (Eran Ben Elisha) - Bluetooth: avoid circular locks in sco_sock_connect (Desmond Cheong Zhi Xi) - Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) - selftests/bpf: Fix xdp_tx.c prog section name (Jussi Maki) - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (David Heidelberg) - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() (Nathan Chancellor) - arm64: dts: qcom: sdm660: use reg value for memory node (Vinod Koul) - ARM: dts: imx53-ppd: Fix ACHC entry (Sebastian Reichel) - media: tegra-cec: Handle errors of clk_prepare_enable() (Evgeny Novikov) - media: TDA1997x: fix tda1997x_query_dv_timings() return value (Krzysztof Halasa) - media: v4l2-dv-timings.c: fix wrong condition in two for-loops (Hans Verkuil) - media: imx258: Limit the max analogue gain to 480 (Umang Jain) - media: imx258: Rectify mismatch of VTS value (Laurent Pinchart) - ASoC: Intel: bytcr_rt5640: Move Platform Clock routes to the maps for the matching in-/output (Hans de Goede) - arm64: tegra: Fix Tegra194 PCIe EP compatible string (Vidya Sagar) - bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() (Yufeng Mo) - workqueue: Fix possible memory leaks in wq_numa_init() (Zhen Lei) - Bluetooth: skip invalid hci_sync_conn_complete_evt (Desmond Cheong Zhi Xi) - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (Andy Shevchenko) - samples: bpf: Fix tracex7 error raised on the missing argument (Juhee Kang) - staging: ks7010: Fix the initialization of the sleep_status structure (Christophe JAILLET) - serial: 8250_pci: make setup_port() parameters explicitly unsigned (Greg Kroah-Hartman) - hvsi: dont panic on tty_register_driver failure (Jiri Slaby) - xtensa: ISS: dont panic in rs_init (Jiri Slaby) - serial: 8250: Define RX trigger levels for OxSemi 950 devices (Maciej W. Rozycki) - s390: make PCI mio support a machine flag (Niklas Schnelle) - s390/jump_label: print real address in a case of a jump label bug (Heiko Carstens) - flow_dissector: Fix out-of-bounds warnings (Gustavo A. R. Silva) - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() (Gustavo A. R. Silva) - video: fbdev: riva: Error out if pixclock equals zero (Zheyu Ma) - video: fbdev: kyro: Error out if pixclock equals zero (Zheyu Ma) - video: fbdev: asiliantfb: Error out if pixclock equals zero (Zheyu Ma) - bpf/tests: Do not PASS tests without actually testing the result (Johan Almbladh) - bpf/tests: Fix copy-and-paste error in double word test (Johan Almbladh) - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (Anson Jacob) - drm/amd/display: Fix timer_per_pixel unit error (Oliver Logush) - tty: serial: jsm: hold port lock when reporting modem line changes (Zheyu Ma) - staging: board: Fix uninitialized spinlock when attaching genpd (Geert Uytterhoeven) - usb: gadget: composite: Allow bMaxPower=0 if self-powered (Jack Pham) - USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (Evgeny Novikov) - usb: gadget: u_ether: fix a potential null pointer dereference (Maciej zenczykowski) - usb: host: fotg210: fix the actual_length of an iso packet (Kelly Devilliv) - usb: host: fotg210: fix the endpoints transactional opportunities calculation (Kelly Devilliv) - igc: Check if num of q_vectors is smaller than max before array access (Sasha Neftin) - drm: avoid blocking in drm_clients_infos rcu section (Desmond Cheong Zhi Xi) - Smack: Fix wrong semantics in smk_access_entry() (Tianjia Zhang) - netlink: Deal with ESRCH error in nlmsg_notify() (Yajun Deng) - video: fbdev: kyro: fix a DoS bug by restricting user input (Zheyu Ma) - ARM: dts: qcom: apq8064: correct clock names (David Heidelberg) - iavf: fix locking of critical sections (Stefan Assmann) - iavf: do not override the adapter state in the watchdog task (Stefan Assmann) - iio: dac: ad5624r: Fix incorrect handling of an optional regulator. (Jonathan Cameron) - tipc: keep the skb in rcv queue until the whole data is read (Xin Long) - PCI: Use pci_update_current_state() in pci_enable_device_flags() (Rafael J. Wysocki) - crypto: mxs-dcp - Use sg_mapping_iter to copy data (Sean Anderson) - media: dib8000: rewrite the init prbs logic (Mauro Carvalho Chehab) - ASoC: atmel: ATMEL drivers dont need HAS_DMA (Randy Dunlap) - drm/amdgpu: Fix amdgpu_ras_eeprom_init() (Luben Tuikov) - userfaultfd: prevent concurrent API initialization (Nadav Amit) - kbuild: Fix no symbols warning when CONFIG_TRIM_UNUSD_KSYMS=y (Masahiro Yamada) - MIPS: Malta: fix alignment of the devicetree buffer (Oleksij Rempel) - f2fs: fix to unmap pages from userspace process in punch_hole() (Chao Yu) - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() (Chao Yu) - f2fs: fix to account missing .skipped_gc_rwsem (Chao Yu) - KVM: PPC: Fix clearing never mapped TCEs in realmode (Alexey Kardashevskiy) - clk: at91: clk-generated: Limit the requested rate to our range (Codrin Ciubotariu) - clk: at91: clk-generated: pass the id of changeable parent at registration (Claudiu Beznea) - clk: at91: sam9x60: Dont use audio PLL (Codrin Ciubotariu) - fscache: Fix cookie key hashing (David Howells) - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (Hans de Goede) - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (Nicholas Piggin) - HID: i2c-hid: Fix Elan touchpad regression (Jim Broadus) - scsi: target: avoid per-loop XCOPY buffer allocations (David Disseldorp) - powerpc/config: Renable MTD_PHYSMAP_OF (Joel Stanley) - scsi: qedf: Fix error codes in qedf_alloc_global_queues() (Dan Carpenter) - scsi: qedi: Fix error codes in qedi_alloc_global_queues() (Dan Carpenter) - scsi: smartpqi: Fix an error code in pqi_get_raid_map() (Dan Carpenter) - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (Zhen Lei) - scsi: fdomain: Fix error return code in fdomain_probe() (Wei Li) - SUNRPC: Fix potential memory corruption (Trond Myklebust) - dma-debug: fix debugfs initialization order (Anthony Iliopoulos) - openrisc: dont printk() unconditionally (Randy Dunlap) - f2fs: reduce the scope of setting fsck tag when de->name_len is zero (Yangtao Li) - f2fs: show f2fs instance in printk_ratelimited (Chao Yu) - RDMA/efa: Remove double QP type assignment (Leon Romanovsky) - powerpc/stacktrace: Include linux/delay.h (Michal Suchanek) - vfio: Use config not menuconfig for VFIO_NOIOMMU (Jason Gunthorpe) - pinctrl: samsung: Fix pinctrl bank pin count (Jaehyoung Choi) - docs: Fix infiniband uverbs minor number (Leon Romanovsky) - RDMA/iwcm: Release resources if iw_cm module initialization fails (Leon Romanovsky) - IB/hfi1: Adjust pkey entry in index 0 (Mike Marciniszyn) - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (Christoph Hellwig) - f2fs: quota: fix potential deadlock (Chao Yu) - HID: input: do not report stylus battery state as full (Dmitry Torokhov) - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (Pali Rohar) - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (Pali Rohar) - PCI: aardvark: Fix checking for PIO status (Evan Wang) - PCI: xilinx-nwl: Enable the clock through CCF (Hyun Kwon) - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (Krzysztof Wilczynski) - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (Marek Behun) - PCI/portdrv: Enable Bandwidth Notification only if port supports it (Stuart Hayes) - ARM: 9105/1: atags_to_fdt: dont warn about stack size (David Heidelberg) - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs (Hans de Goede) - dmaengine: imx-sdma: remove duplicated sdma_load_context (Robin Gong) - Revert dmaengine: imx-sdma: refine to load context only once (Robin Gong) - media: rc-loopback: return number of emitters rather than error (Sean Young) - media: uvc: dont do DMA on stack (Mauro Carvalho Chehab) - VMCI: fix NULL pointer dereference when unmapping queue pair (Wang Hai) - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Arne Welzel) - power: supply: max17042: handle fails of reading status register (Krzysztof Kozlowski) - block: bfq: fix bfq_set_next_ioprio_data() (Damien Le Moal) - crypto: public_key: fix overflow during implicit conversion (zhenwei pi) - arm64: head: avoid over-mapping in map_memory (Mark Rutland) - soc: aspeed: p2a-ctrl: Fix boundary check for mmap (Iwona Winiarska) - soc: aspeed: lpc-ctrl: Fix boundary check for mmap (Iwona Winiarska) - soc: qcom: aoss: Fix the out of bound usage of cooling_devs (Manivannan Sadhasivam) - pinctrl: ingenic: Fix incorrect pull up/down info (Paul Cercueil) - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (Marc Zyngier) - tools/thermal/tmon: Add cross compiling support (Rolf Eike Beer) - 9p/xen: Fix end of loop tests for list_for_each_entry (Harshvardhan Jha) - xen: fix setting of max_pfn in shared_info (Juergen Gross) - powerpc/perf/hv-gpci: Fix counter value parsing (Kajol Jain) - PCI/MSI: Skip masking MSI-X on Xen PV (Marek Marczykowski-Gorecki) - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (Niklas Cassel) - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (Niklas Cassel) - btrfs: reset replace target device to allocation state on close (Desmond Cheong Zhi Xi) - btrfs: wake up async_delalloc_pages waiters after submit (Josef Bacik) - rtc: tps65910: Correct driver module alias (Dmitry Osipenko) - LTS tag: v5.4.147 (Jack Vogel) - Revert time: Handle negative seconds correctly in timespec64_to_ns() (Greg Kroah-Hartman) - Revert posix-cpu-timers: Force next expiration recalc after itimer reset (Greg Kroah-Hartman) - Revert block: nbd: add sanity check for first_minor (Greg Kroah-Hartman) - Revert Bluetooth: Move shutdown callback before flushing tx and rx queue (Sasha Levin) - LTS tag: v5.4.146 (Jack Vogel) - clk: kirkwood: Fix a clocking boot regression (Linus Walleij) - backlight: pwm_bl: Improve bootloader/kernel device handover (Daniel Thompson) - fbmem: dont allow too huge resolutions (Tetsuo Handa) - IMA: remove the dependency on CRYPTO_MD5 (THOBY Simon) - IMA: remove -Wmissing-prototypes warning (Austin Kim) - fuse: flush extending writes (Miklos Szeredi) - fuse: truncate pagecache on atomic_o_trunc (Miklos Szeredi) - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (Sean Christopherson) - KVM: x86: Update vCPUs hv_clock before back to guest when tsc_offset is adjusted (Zelin Deng) - KVM: s390: index kvm->arch.idle_mask by vcpu_idx (Halil Pasic) - x86/resctrl: Fix a maybe-uninitialized build warning treated as error (Babu Moger) - perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op (Kim Phillips) - tty: Fix data race between tiocsti() and flush_to_ldisc() (Nguyen Dinh Phi) - bpf: Fix pointer arithmetic mask tightening under state pruning (Daniel Borkmann) - bpf: verifier: Allocate idmap scratch in verifier env (Lorenz Bauer) - bpf: Fix leakage due to insufficient speculative store bypass mitigation (Daniel Borkmann) - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Daniel Borkmann) - ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (Eric Dumazet) - octeontx2-af: Fix loop in free and unmap counter (Subbaraya Sundeep) - net: qualcomm: fix QCA7000 checksum handling (Stefan Wahren) - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (Xiyu Yang) - ipv4: make exception cache less predictible (Eric Dumazet) - ipv6: make exception cache less predictible (Eric Dumazet) - brcmfmac: pcie: fix oops on failure to resume and reprobe (Ahmad Fatoum) - bcma: Fix memory leak for internally-handled cores (Zenghui Yu) - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (Dan Carpenter) - ASoC: wcd9335: Disable irq on slave ports in the remove function (Christophe JAILLET) - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (Christophe JAILLET) - ASoC: wcd9335: Fix a double irq free in the remove function (Christophe JAILLET) - tty: serial: fsl_lpuart: fix the wrong mapbase value (Andy Duan) - usb: bdc: Fix an error handling path in bdc_probe() when no suitable DMA config is available (Christophe JAILLET) - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (Evgeny Novikov) - i2c: mt65xx: fix IRQ check (Sergey Shtylyov) - CIFS: Fix a potencially linear read overflow (Len Baker) - bpf: Fix possible out of bound write in narrow load handling (Andrey Ignatov) - mmc: moxart: Fix issue with uninitialized dma_slave_config (Tony Lindgren) - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (Tony Lindgren) - ASoC: Intel: Skylake: Fix module resource and format selection (Cezary Rojewski) - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (Cezary Rojewski) - rsi: fix an error code in rsi_probe() (Dan Carpenter) - rsi: fix error code in rsi_load_9116_firmware() (Dan Carpenter) - i2c: s3c2410: fix IRQ check (Sergey Shtylyov) - i2c: iop3xx: fix deferred probing (Sergey Shtylyov) - Bluetooth: add timeout sanity check to hci_inquiry (Pavel Skripkin) - mm/swap: consider max pages in iomap_swapfile_add_extent (Xu Yu) - usb: gadget: mv_u3d: request_irq() after initializing UDC (Nadezda Lutovinova) - nfsd4: Fix forced-expiry locking (J. Bruce Fields) - lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) - mac80211: Fix insufficient headroom issue for AMSDU (Chih-Kang Chang) - usb: phy: tahvo: add IRQ check (Sergey Shtylyov) - usb: host: ohci-tmio: add IRQ check (Sergey Shtylyov) - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (Geert Uytterhoeven) - usb: phy: twl6030: add IRQ checks (Sergey Shtylyov) - usb: phy: fsl-usb: add IRQ check (Sergey Shtylyov) - usb: gadget: udc: at91: add IRQ check (Sergey Shtylyov) - drm/msm/dsi: Fix some reference counted resource leaks (Christophe JAILLET) - Bluetooth: fix repeated calls to sco_sock_kill (Desmond Cheong Zhi Xi) - counter: 104-quad-8: Return error when invalid mode during ceiling_write (William Breathitt Gray) - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (Krzysztof Kozlowski) IMPORTANT Copyright 2021 Oracle, Inc. CVE-2021-41864 Oracle Linux 8 [1:1.1.1k-5] - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz#2005400 MODERATE Copyright 2021 Oracle, Inc. CVE-2021-3712 Oracle Linux 7 IMPORTANT Copyright 2022 Oracle, Inc. CVE-2020-29129 CVE-2020-29130 CVE-2021-20257 CVE-2021-3594 CVE-2021-3592 CVE-2021-3593 CVE-2021-3595 CVE-2021-3930 CVE-2021-3682 CVE-2021-3713