ELSA-2022-9709

Описание

[5.4.17-2136.310.7]

• net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480880] {CVE-2022-2588}
• x86/spec_ctrl: limit IBRS_FW to retpoline only (Ankur Arora) [Orabug: 34450896]
• x86/bugs: display dynamic retbleed state (Ankur Arora) [Orabug: 34450896]
• x86/bugs: remove incorrect __init/__ro_after_init annotations (Ankur Arora) [Orabug: 34455621]

[5.4.17-2136.310.6]

• SUNRPC: Fix READ_PLUS crasher (Chuck Lever)
• Revert 'hwmon: Make chip parameter for with_info API mandatory' (Greg Kroah-Hartman) [Orabug: 34423806]
• ext4: make variable 'count' signed (Ding Xiang)
• faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf)

[5.4.17-2136.310.5]

• arm64: proton-pack: provide vulnerability file value for RETBleed (James Morse) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: emulate: do not adjust size of fastop and setcc subroutines (Paolo Bonzini) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Disable RRSBA behavior (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/exec: Disable RET on kexec (Konrad Rzeszutek Wilk) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: do not enable IBPB-on-entry when IBPB is not supported (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Add Cannon lake to RETBleed affected CPU list (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/cpu/amd: Enumerate BTC_NO (Andrew Cooper) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/common: Stamp out the stepping madness (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: VMX: Prevent RSB underflow before vmenter (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Fill RSB on vmexit for IBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: VMX: Fix IBRS handling after vmexit (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: VMX: Convert launched argument to flags (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM: VMX: Flatten __vmx_vcpu_run() (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM/VMX: Use TEST %REG,%REG instead of CMP /u03/ksharma/errata_processing/work/el7uek6/db_7uek6.ELSA-2022-9709,%REG in vmenter.S (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Remove x86_spec_ctrl_mask (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Fix SPEC_CTRL write on SMT state change (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Fix firmware entry SPEC_CTRL handling (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/cpu/amd: Add Spectral Chicken (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add entry UNRET validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• kbuild/objtool: Add objtool-vmlinux.o pass (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Do IBPB fallback check only once (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Add retbleed=ibpb (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/xen: Rename SYS* entry points (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Update Retpoline validation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• intel_idle: Disable IBRS during long idle (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Report Intel retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Optimize SPEC_CTRL MSR writes (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/entry: Add kernel IBRS implementation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Enable STIBP for JMP2RET (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Add AMD retbleed= boot parameter (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bugs: Report AMD retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Add magic AMD return-thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/vmlinux: Use INT3 instead of NOP for linker fill bytes (Kees Cook) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/realmode: build with __DISABLE_EXPORTS (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Use return-thunk in asm code (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/sev: Avoid using __x86_return_thunk (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/kvm: Fix SETcc emulation for return thunks (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/bpf: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/ftrace: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86,objtool: Create .return_sites (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/mm: elide references to .discard.* from .return_sites (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Undo return-thunk damage (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/retpoline: Use -mfunction-return (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/retpoline: Swizzle retpoline thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/alternative: Support not-feature (Juergen Gross) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/retpoline: Cleanup some #ifdefery (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/features: Move RETPOLINE flags to word 11 (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• crypto: x86/poly1305 - Fixup SLS (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• kvm/emulate: Fix SETcc emulation function offsets with SLS (Borislav Petkov) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Add straight-line-speculation mitigation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Prepare inline-asm for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86: Prepare asm files for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/lib/atomic64_386_32: Rename things (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add straight-line-speculation validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Classify symbols (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Create reloc sections implicitly (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add elf_create_reloc() helper (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rework the elf_rebuild_reloc_section() logic (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Handle per arch retpoline naming (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Correctly handle retpoline thunk calls (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Support retpoline jump detection for vmlinux.o (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add 'alt_group' struct (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Clean up elf_write() condition (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add support for relocations without addends (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rename rela to reloc (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: optimize add_dead_ends for split sections (Sami Tolvanen) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Move the IRET hack into the arch decoder (Miroslav Benes) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rename elf_read() to elf_open_read() (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Constify 'struct elf *' parameters (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize !vmlinux.o again (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Better handle IRET (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• x86/unwind_hints: define unwind_hint_save, unwind_hint_restore (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add abstraction for destination offsets (Raphael Gault) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Fix off-by-one in symbol_by_offset() (Julien Thierry) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_rela_by_dest_range() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize read_sections() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_symbol_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rename find_containing_func() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_symbol_*() and read_symbols() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_section_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_section_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add a statistics mode (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Optimize find_symbol_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rename func_for_each_insn_all() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Rename func_for_each_insn() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Introduce validate_return() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Improve call destination function detection (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Fix clang switch table edge case (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add relocation check for alternative sections (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}
• objtool: Add is_static_jump() helper (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}

[5.4.17-2136.310.4]

• lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg) [Orabug: 34400675] {CVE-2022-21505}
• bnxt_en: Use page frag RX buffers for better software GRO performance (Jakub Kicinski) [Orabug: 34083551]
• bnxt_en: enable interrupt sampling on 5750X for DIM (Andy Gospodarek) [Orabug: 34083551]
• bnxt_en: Add event handler for PAUSE Storm event (Somnath Kotur) [Orabug: 34083551]
• bnxt_en: reject indirect blk offload when hw-tc-offload is off (Sriharsha Basavapatna) [Orabug: 34083551]
• bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (Edwin Peer) [Orabug: 34083551]
• bnxt_en: Fix error recovery regression (Michael Chan) [Orabug: 34083551]
• bnxt_en: Fix possible unintended driver initiated error recovery (Michael Chan) [Orabug: 34083551]
• bnxt: count discards due to memory allocation errors (Jakub Kicinski) [Orabug: 34083551]
• bnxt: count packets discarded because of netpoll (Jakub Kicinski) [Orabug: 34083551]
• ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364337]
• ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364337]
• net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371884]

[5.4.17-2136.310.3]

• RDS/IB: Fix RDS IB SRQ implementation and tune it (Hans Westgaard Ry) [Orabug: 31899472]
• RDS/IB: Introduce bit_flag routines with memory-barrier for bit flags (Hans Westgaard Ry) [Orabug: 31899472]
• xfs: don't fail unwritten extent conversion on writeback due to edquot (Darrick J. Wong) [Orabug: 33786167]
• mm/page_alloc: reuse tail struct pages for compound devmaps (Joao Martins) [Orabug: 34314763]
• mm/sparse-vmemmap: improve memory savings for compound devmaps (Joao Martins) [Orabug: 34314763]
• mm/sparse-vmemmap: refactor core of vmemmap_populate_basepages() to helper (Joao Martins) [Orabug: 34314763]
• mm/sparse-vmemmap: add a pgmap argument to section activation (Joao Martins) [Orabug: 34314763]
• memory-failure: fetch compound_head after pgmap_pfn_valid() (Joao Martins) [Orabug: 34314763]
• device-dax: compound devmap support (Joao Martins) [Orabug: 34314763]
• device-dax: factor out page mapping initialization (Joao Martins) [Orabug: 34314763]
• device-dax: ensure dev_dax->pgmap is valid for dynamic devices (Joao Martins) [Orabug: 34314763]
• device-dax: use struct_size() (Joao Martins) [Orabug: 34314763]
• device-dax: use ALIGN() for determining pgoff (Joao Martins) [Orabug: 34314763]
• mm/memremap: add ZONE_DEVICE support for compound pages (Joao Martins) [Orabug: 34314763]
• mm/page_alloc: refactor memmap_init_zone_device() page init (Joao Martins) [Orabug: 34314763]
• mm/page_alloc: split prep_compound_page into head and tail subparts (Joao Martins) [Orabug: 34314763]
• RDMA/umem: batch page unpin in __ib_umem_release() (Joao Martins) [Orabug: 34314763]
• mm/gup: add a range variant of unpin_user_pages_dirty_lock() (Joao Martins) [Orabug: 34314763]
• KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}
• KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}
• KVM: Add infrastructure and macro to mark VM as bugged (Sean Christopherson) [Orabug: 34323859] {CVE-2022-2153}
• rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 34330922]
• x86/boot/compressed/64: Disable 5-level page tables on AMD (Boris Ostrovsky) [Orabug: 34366382]

[5.4.17-2136.310.2]

• LTS tag: v5.4.199 (Sherry Yang)
• x86/speculation/mmio: Print SMT warning (Josh Poimboeuf)
• x86/cpu: Add another Alder Lake CPU to the Intel family (Gayatri Kammela)
• cpu/speculation: Add prototype for cpu_show_srbds() (Guenter Roeck)
• LTS tag: v5.4.198 (Sherry Yang)
• tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (Eric Dumazet)
• mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami)
• md/raid0: Ignore RAID0 layout if the second zone has only one device (Pascal Hambourg)
• powerpc/32: Fix overread/overwrite of thread_struct via ptrace (Michael Ellerman)
• Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (Mathias Nyman)
• ixgbe: fix unexpected VLAN Rx in promisc mode on VF (Olivier Matz)
• ixgbe: fix bcast packets Rx on VF after promisc removal (Olivier Matz)
• nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (Martin Faltesek)
• nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek)
• mmc: block: Fix CQE recovery reset success (Adrian Hunter)
• ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (Sergey Shtylyov)
• cifs: return errors during session setup during reconnects (Shyam Prasad N)
• ALSA: hda/conexant - Fix loopback issue with CX20632 (huangwenhui)
• scripts/gdb: change kernel config dumping method (Kuan-Ying Lee)
• vringh: Fix loop descriptors check in the indirect cases (Xie Yongji)
• nodemask: Fix return values to be unsigned (Kees Cook)
• cifs: version operations for smb20 unneeded when legacy support disabled (Steve French)
• s390/gmap: voluntarily schedule during key setting (Christian Borntraeger)
• nbd: fix io hung while disconnecting device (Yu Kuai)
• nbd: fix race between nbd_alloc_config() and module removal (Yu Kuai)
• nbd: call genl_unregister_family() first in nbd_cleanup() (Yu Kuai)
• x86/cpu: Elide KCSAN for cpu_has() and friends (Peter Zijlstra)
• modpost: fix undefined behavior of is_arm_mapping_symbol() (Masahiro Yamada)
• drm/radeon: fix a possible null pointer dereference (Gong Yuanjun)
• ceph: allow ceph.dir.rctime xattr to be updatable (Venky Shankar)
• Revert 'net: af_key: add check for pfkey_broadcast in function pfkey_process' (Michal Kubecek)
• scsi: myrb: Fix up null pointer access on myrb_cleanup() (Hannes Reinecke)
• md: protect md_unregister_thread from reentrancy (Guoqing Jiang)
• watchdog: wdat_wdt: Stop watchdog when rebooting the system (Liu Xinpeng)
• kernfs: Separate kernfs_pr_cont_buf and rename_lock. (Hao Luo)
• serial: msm_serial: disable interrupts in __msm_console_write() (John Ogness)
• staging: rtl8712: fix uninit-value in r871xu_drv_init() (Wang Cheng)
• staging: rtl8712: fix uninit-value in usb_read8() and friends (Wang Cheng)
• clocksource/drivers/sp804: Avoid error on multiple instances (Andre Przywara)
• extcon: Modify extcon device to be created after driver data is set (bumwoo lee)
• misc: rtsx: set NULL intfdata when probe fails (Shuah Khan)
• usb: dwc2: gadget: don't reset gadget's driver->bus (Marek Szyprowski)
• USB: hcd-pci: Fully suspend across freeze/thaw cycle (Evan Green)
• drivers: usb: host: Fix deadlock in oxu_bus_suspend() (Duoming Zhou)
• drivers: tty: serial: Fix deadlock in sa1100_set_termios() (Duoming Zhou)
• USB: host: isp116x: check return value after calling platform_get_resource() (Zhen Ni)
• drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (Duoming Zhou)
• drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (Duoming Zhou)
• tty: Fix a possible resource leak in icom_probe (Huang Guobin)
• tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (Zheyu Ma)
• lkdtm/usercopy: Expand size of 'out of frame' object (Kees Cook)
• iio: st_sensors: Add a local lock for protecting odr (Miquel Raynal)
• iio: dummy: iio_simple_dummy: check the return value of kstrdup() (Xiaoke Wang)
• drm: imx: fix compiler warning with gcc-12 (Linus Torvalds)
• net: altera: Fix refcount leak in altera_tse_mdio_create (Miaoqian Lin)
• ip_gre: test csum_start instead of transport header (Willem de Bruijn)
• net/mlx5: fs, fail conflicting actions (Mark Bloch)
• net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud)
• net: ipv6: unexport __init-annotated seg6_hmac_init() (Masahiro Yamada)
• net: xfrm: unexport __init-annotated xfrm4_protocol_init() (Masahiro Yamada)
• net: mdio: unexport __init-annotated mdio_bus_init() (Masahiro Yamada)
• SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (Chuck Lever)
• net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman)
• net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list (Miaoqian Lin)
• bpf, arm64: Clear prog->jited_len along prog->jited (Eric Dumazet)
• af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima)
• xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada)
• netfilter: nf_tables: memleak flow rule from commit path (Pablo Neira Ayuso)
• ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (Miaoqian Lin)
• netfilter: nat: really support inet nat without l3 address (Florian Westphal)
• xprtrdma: treat all calls not a bcall when bc_serv is NULL (Kinglong Mee)
• video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (Yang Yingliang)
• NFSv4: Don't hold the layoutget locks across multiple RPC calls (Trond Myklebust)
• dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (Radhey Shyam Pandey)
• m68knommu: fix undefined reference to _init_sp' (Greg Ungerer)
• m68knommu: set ZERO_PAGE() to the allocated zeroed page (Greg Ungerer)
• i2c: cadence: Increase timeout per message if necessary (Lucas Tanure)
• f2fs: remove WARN_ON in f2fs_is_valid_blkaddr (Dongliang Mu)
• tracing: Avoid adding tracer option before update_tracer_options (Mark-PK Tsai)
• tracing: Fix sleeping function called from invalid context on RT kernel (Jun Miao)
• mips: cpc: Fix refcount leak in mips_cpc_default_phys_base (Gong Yuanjun)
• perf c2c: Fix sorting in percent_rmt_hitm_cmp() (Leo Yan)
• tipc: check attribute length for bearer name (Hoang Le)
• afs: Fix infinite loop found by xfstest generic/676 (David Howells)
• tcp: tcp_rtx_synack() can be called from process context (Eric Dumazet)
• net: sched: add barrier to fix packet stuck problem for lockless qdisc (Guoju Fang)
• net/mlx5e: Update netdev features after changing XDP state (Maxim Mikityanskiy)
• net/mlx5: Don't use already freed action pointer (Leon Romanovsky)
• nfp: only report pause frame configuration for physical device (Yu Xiao)
• ubi: ubi_create_volume: Fix use-after-free when volume creation failed (Zhihao Cheng)
• jffs2: fix memory leak in jffs2_do_fill_super (Baokun Li)
• modpost: fix removing numeric suffixes (Alexander Lobakin)
• net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (Miaoqian Lin)
• net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (Dan Carpenter)
• net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (Vincent Ray)
• s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (Jann Horn)
• clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski)
• ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (Shengjiu Wang)
• watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (Miaoqian Lin)
• driver core: fix deadlock in __device_attach (Zhang Wensheng)
• driver: base: fix UAF when driver_attach failed (Schspa Shi)
• bus: ti-sysc: Fix warnings for unbind for serial (Tony Lindgren)
• firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (Miaoqian Lin)
• serial: stm32-usart: Correct CSIZE, bits, and parity (Ilpo Jarvinen)
• serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (Ilpo Jarvinen)
• serial: sifive: Sanitize CSIZE and c_iflag (Ilpo Jarvinen)
• serial: sh-sci: Don't allow CS5-6 (Ilpo Jarvinen)
• serial: txx9: Don't allow CS5-6 (Ilpo Jarvinen)
• serial: rda-uart: Don't allow CS5-6 (Ilpo Jarvinen)
• serial: digicolor-usart: Don't allow CS5-6 (Ilpo Jarvinen)
• serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (Ilpo Jarvinen)
• serial: meson: acquire port->lock in startup() (John Ogness)
• rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang)
• clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland)
• soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin)
• coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli)
• serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki)
• phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold)
• rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski)
• iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng)
• iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng)
• iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin)
• firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong)
• usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun)
• rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski)
• pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig)
• staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET)
• usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin)
• USB: storage: karma: fix rio_karma_init return (Lin Ma)
• usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche)
• usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua)
• tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun)
• tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin)
• tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang)
• iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici)
• staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel)
• pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap)
• md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai)
• block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara)
• bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara)
• bfq: Get rid of __bio_blkcg() usage (Jan Kara)
• bfq: Remove pointless bfq_init_rq() calls (Jan Kara)
• bfq: Drop pointless unlock-lock pair (Jan Kara)
• bfq: Avoid merging queues with different parents (Jan Kara)
• MIPS: IP27: Remove incorrect cpu_has_fpu' override (Maciej W. Rozycki)
• RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang)
• Kconfig: add config option for asm goto w/ outputs (Nick Desaulniers)
• phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold)
• blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo)
• dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen)
• docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa)
• ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann)
• phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold)
• arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T)
• gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
• tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
• serial: pch: don't overwrite xmit->buf[0] by x_char (Jiri Slaby)
• carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong)
• ASoC: rt5514: Fix event generation for 'DSP Voice Wake Up' control (Mark Brown)
• rtl818x: Prevent using not initialized queues (Alexander Wetzel)
• hugetlb: fix huge_pmd_unshare address update (Mike Kravetz)
• nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin)
• iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong)
• um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch)
• um: chan_user: Fix winch_tramp() return value (Johannes Berg)
• mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau)
• irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov)
• irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar)
• RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro)
• Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson)
• media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne)
• media: coda: Fix reported H264 profile (Nicolas Dufresne)
• mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami)
• md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong)
• md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong)
• drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris)
• drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong)
• drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach)
• drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie)
• scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam)
• scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong)
• ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel)
• dlm: fix missing lkb refcount handling (Alexander Aring)
• dlm: fix plock invalid read (Alexander Aring)
• mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto)
• PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold)
• PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold)
• PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas)
• tracing: Fix potential double free in create_var_ref() (Keita Suzuki)
• ACPI: property: Release subnode properties with data nodes (Sakari Ailus)
• ext4: avoid cycles in directory h-tree (Jan Kara)
• ext4: verify dir block before splitting it (Jan Kara)
• ext4: fix bug_on in ext4_writepages (Ye Bin)
• ext4: fix warning in ext4_handle_inode_extension (Ye Bin)
• ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin)
• netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso)
• bfq: Track whether bfq_group is still online (Jan Kara)
• bfq: Update cgroup information before merging bio (Jan Kara)
• bfq: Split shared queues on move between cgroups (Jan Kara)
• efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg)
• fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages (Zhihao Cheng)
• iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach)
• wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg)
• f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu)
• f2fs: don't need inode lock for system hidden quota (Jaegeuk Kim)
• f2fs: fix deadloop in foreground GC (Chao Yu)
• f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu)
• f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu)
• f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu)
• perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing)
• perf c2c: Use stdio interface if slang is not supported (Leo Yan)
• iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel)
• dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay)
• video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin)
• NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust)
• NFS: Don't report errors from nfs_pageio_complete() more than once (Trond Myklebust)
• NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust)
• NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust)
• i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor)
• i2c: at91: use dma safe buffers (Michael Walle)
• iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu)
• f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel)
• Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov)
• RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller)
• mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo)
• mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang)
• powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin)
• macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap)
• powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain)
• powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman)
• Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin)
• crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior)
• tty: fix deadlock caused by calling printk() under tty_port->lock (Qi Zheng)
• PCI: imx6: Fix PERST# start-up sequence (Francesco Dolcini)
• ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() (Waiman Long)
• proc: fix dentry/inode overinstantiating under /proc//net (Alexey Dobriyan)
• powerpc/4xx/cpm: Fix return value of __setup() handler (Randy Dunlap)
• powerpc/idle: Fix return value of __setup() handler (Randy Dunlap)
• powerpc/8xx: export 'cpm_setbrg' for modules (Randy Dunlap)
• dax: fix cache flush on PMD-mapped pages (Muchun Song)
• drivers/base/node.c: fix compaction sysfs file leak (Miaohe Lin)
• pinctrl: mvebu: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski)
• nvdimm: Allow overwrite in the presence of disabled dimms (Dan Williams)
• firmware: arm_scmi: Fix list protocols enumeration in the base protocol (Cristian Marussi)
• scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() (Gustavo A. R. Silva)
• mfd: ipaq-micro: Fix error check return value of platform_get_irq() (Lv Ruyi)
• powerpc/fadump: fix PT_LOAD segment for boot memory area (Hari Bathini)
• arm: mediatek: select arch timer for mt7629 (Chuanhong Guo)
• crypto: marvell/cesa - ECB does not IV (Corentin Labbe)
• misc: ocxl: fix possible double free in ocxl_file_register_afu (Hangyu Hua)
• ARM: dts: bcm2835-rpi-b: Fix GPIO line names (Stefan Wahren)
• ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (Phil Elwell)
• ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (Phil Elwell)
• ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (Phil Elwell)
• can: xilinx_can: mark bit timing constants as const (Marc Kleine-Budde)
• KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (Sean Christopherson)
• PCI: rockchip: Fix find_first_zero_bit() limit (Dan Carpenter)
• PCI: cadence: Fix find_first_zero_bit() limit (Dan Carpenter)
• soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (Miaoqian Lin)
• soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (Miaoqian Lin)
• ARM: dts: suniv: F1C100: fix watchdog compatible (Andre Przywara)
• arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (Shawn Lin)
• net/smc: postpone sk_refcnt increment in connect() (liuyacan)
• rxrpc: Fix decision on when to generate an IDLE ACK (David Howells)
• rxrpc: Don't let ack.previousPacket regress (David Howells)
• rxrpc: Fix overlapping ACK accounting (David Howells)
• rxrpc: Don't try to resend the request if we're receiving the reply (David Howells)
• rxrpc: Fix listen() setting the bar too high for the prealloc rings (David Howells)
• NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (Duoming Zhou)
• ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (Yang Yingliang)
• thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (Zheng Yongjun)
• drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (Hangyu Hua)
• drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (Miaoqian Lin)
• ext4: reject the 'commit' option on ext2 filesystems (Eric Biggers)
• media: ov7670: remove ov7670_power_off from ov7670_remove (Dongliang Mu)
• sctp: read sk->sk_bound_dev_if once in sctp_rcv() (Eric Dumazet)
• m68k: math-emu: Fix dependencies of math emulation support (Geert Uytterhoeven)
• Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (Ying Hsu)
• media: vsp1: Fix offset calculation for plane cropping (Michael Rodin)
• media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (Pavel Skripkin)
• media: exynos4-is: Change clk_disable to clk_disable_unprepare (Miaoqian Lin)
• media: st-delta: Fix PM disable depth imbalance in delta_probe (Miaoqian Lin)
• media: aspeed: Fix an error handling path in aspeed_video_probe() (Christophe JAILLET)
• scripts/faddr2line: Fix overlapping text section failures (Josh Poimboeuf)
• regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (Miaoqian Lin)
• ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (Miaoqian Lin)
• ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (Miaoqian Lin)
• perf/amd/ibs: Use interrupt regs ip for stack unwinding (Ravi Bangoria)
• Revert 'cpufreq: Fix possible race in cpufreq online error path' (Viresh Kumar)
• iomap: iomap_write_failed fix (Andreas Gruenbacher)
• media: uvcvideo: Fix missing check to determine if element is found in list (Xiaomeng Tong)
• drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (Dan Carpenter)
• drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (Jessica Zhang)
• drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (Jessica Zhang)
• regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (Zev Weiss)
• x86/mm: Cleanup the control_va_addr_alignment() __setup handler (Randy Dunlap)
• irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski)
• irqchip/exiu: Fix acknowledgment of edge triggered interrupts (Daniel Thompson)
• x86: Fix return value of __setup handlers (Randy Dunlap)
• virtio_blk: fix the discard_granularity and discard_alignment queue limits (Christoph Hellwig)
• drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (Yang Yingliang)
• drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (Lv Ruyi)
• drm/msm/hdmi: check return value after calling platform_get_resource_byname() (Yang Yingliang)
• drm/msm/dsi: fix error checks and return values for DSI xmit functions (Dmitry Baryshkov)
• drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (Vinod Polimera)
• perf tools: Add missing headers needed by util/data.h (Yang Jihong)
• ASoC: rk3328: fix disabling mclk on pclk probe failure (Nicolas Frattaroli)
• x86/speculation: Add missing prototype for unpriv_ebpf_notify() (Josh Poimboeuf)
• x86/pm: Fix false positive kmemleak report in msr_build_context() (Matthieu Baerts)
• scsi: ufs: core: Exclude UECxx from SFR dump list (Kiwoong Kim)
• of: overlay: do not break notify on NOTIFY_{OK|STOP} (Nuno Sa)
• fsnotify: fix wrong lockdep annotations (Amir Goldstein)
• inotify: show inotify mask flags in proc fdinfo (Amir Goldstein)
• ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (Dan Carpenter)
• cpufreq: Fix possible race in cpufreq online error path (Schspa Shi)
• spi: img-spfi: Fix pm_runtime_get_sync() error checking (Zheng Yongjun)
• sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (Chengming Zhou)
• drm/bridge: Fix error handling in analogix_dp_probe (Miaoqian Lin)
• HID: elan: Fix potential double free in elan_input_configured (Miaoqian Lin)
• HID: hid-led: fix maximum brightness for Dream Cheeky (Jonathan Teh)
• drbd: fix duplicate array initializer (Arnd Bergmann)
• efi: Add missing prototype for efi_capsule_setup_info (Jan Kiszka)
• NFC: NULL out the dev->rfkill to prevent UAF (Lin Ma)
• spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (Miaoqian Lin)
• drm: mali-dp: potential dereference of null pointer (Jiasheng Jiang)
• drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (Zhou Qingyang)
• nl80211: show SSID for P2P_GO interfaces (Johannes Berg)
• bpf: Fix excessive memory allocation in stack_map_alloc() (Yuntao Wang)
• drm/vc4: txp: Force alpha to be 0xff if it's disabled (Maxime Ripard)
• drm/vc4: txp: Don't set TXP_VSTART_AT_EOF (Maxime Ripard)
• drm/mediatek: Fix mtk_cec_mask() (Miles Chen)
• x86/delay: Fix the wrong asm constraint in delay_loop() (Ammar Faizi)
• ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (Miaoqian Lin)
• ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (Miaoqian Lin)
• drm/bridge: adv7511: clean up CEC adapter when probe fails (Lucas Stach)
• drm/edid: fix invalid EDID extension block filtering (Jani Nikula)
• ath9k: fix ar9003_get_eepmisc (Wenli Looi)
• drm: fix EDID struct for old ARM OABI format (Linus Torvalds)
• RDMA/hfi1: Prevent panic when SDMA is disabled (Douglas Miller)
• powerpc/iommu: Add missing of_node_put in iommu_init_early_dart (Peng Wu)
• macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled (Finn Thain)
• powerpc/powernv: fix missing of_node_put in uv_init() (Lv Ruyi)
• powerpc/xics: fix refcount leak in icp_opal_init() (Lv Ruyi)
• tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Vasily Averin)
• PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (Yicong Yang)
• ARM: hisi: Add missing of_node_put after of_find_compatible_node (Peng Wu)
• ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (Krzysztof Kozlowski)
• ARM: versatile: Add missing of_node_put in dcscb_init (Peng Wu)
• fat: add ratelimit to fat*_ent_bread() (OGAWA Hirofumi)
• powerpc/fadump: Fix fadump to work with a different endian capture kernel (Hari Bathini)
• ARM: OMAP1: clock: Fix UART rate reporting algorithm (Janusz Krzysztofik)
• fs: jfs: fix possible NULL pointer dereference in dbFree() (Zixuan Fu)
• PM / devfreq: rk3399_dmc: Disable edev on remove() (Brian Norris)
• ARM: dts: ox820: align interrupt controller node name with dtschema (Krzysztof Kozlowski)
• IB/rdmavt: add missing locks in rvt_ruc_loopback (Niels Dossche)
• selftests/bpf: fix btf_dump/btf_dump due to recent clang change (Yonghong Song)
• eth: tg3: silence the GCC 12 array-bounds warning (Jakub Kicinski)
• rxrpc: Return an error to sendmsg if call failed (David Howells)
• hwmon: Make chip parameter for with_info API mandatory (Guenter Roeck)
• ASoC: max98357a: remove dependency on GPIOLIB (Pierre-Louis Bossart)
• media: exynos4-is: Fix compile warning (Kwanghoon Son)
• net: phy: micrel: Allow probing without .driver_data (Fabio Estevam)
• nbd: Fix hung on disconnect request if socket is closed before (Xie Yongji)
• ASoC: rt5645: Fix errorenous cleanup order (Lin Ma)
• nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (Smith, Kyle Miller (Nimble Kernel))
• openrisc: start CPU timer early in boot (Jason A. Donenfeld)
• media: cec-adap.c: fix is_configuring state (Hans Verkuil)
• media: coda: limit frame interval enumeration to supported encoder frame sizes (Philipp Zabel)
• rtlwifi: Use pr_warn instead of WARN_ONCE (Dongliang Mu)
• ipmi: Fix pr_fmt to avoid compilation issues (Corey Minyard)
• ipmi:ssif: Check for NULL msg when handling events and messages (Corey Minyard)
• ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (Mario Limonciello)
• dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (Mikulas Patocka)
• spi: stm32-qspi: Fix wait_cmd timeout in APM mode (Patrice Chotard)
• s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES (Heiko Carstens)
• ASoC: tscs454: Add endianness flag in snd_soc_component_driver (Charles Keepax)
• HID: bigben: fix slab-out-of-bounds Write in bigben_probe (Dongliang Mu)
• drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (Alice Wong)
• mlxsw: spectrum_dcb: Do not warn about priority changes (Petr Machata)
• ASoC: dapm: Don't fold register value changes into notifications (Mark Brown)
• net/mlx5: fs, delete the FTE when there are no rules attached to it (Mark Bloch)
• ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL (jianghaoran)
• drm: msm: fix error check return value of irq_of_parse_and_map() (Lv Ruyi)
• arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (Alexandru Elisei)
• drm/amd/pm: fix the compile warning (Evan Quan)
• drm/plane: Move range check for format_count earlier (Steven Price)
• scsi: megaraid: Fix error check return value of register_chrdev() (Lv Ruyi)
• mmc: jz4740: Apply DMA engine limits to maximum segment size (Aidan MacDonald)
• md/bitmap: don't set sb values if can't pass sanity check (Heming Zhao)
• media: cx25821: Fix the warning when removing the module (Zheyu Ma)
• media: pci: cx23885: Fix the error handling in cx23885_initdev() (Zheyu Ma)
• media: venus: hfi: avoid null dereference in deinit (Luca Weiss)
• ath9k: fix QCA9561 PA bias level (Thibaut VAReNE)
• drm/amd/pm: fix double free in si_parse_power_table() (Keita Suzuki)
• tools/power turbostat: fix ICX DRAM power numbers (Len Brown)
• spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (Biju Das)
• ALSA: jack: Access input_dev under mutex (Amadeusz Siawinski)
• drm/komeda: return early if drm_universal_plane_init() fails. (Liviu Dudau)
• ACPICA: Avoid cache flush inside virtual machines (Kirill A. Shutemov)
• fbcon: Consistently protect deferred_takeover with console_lock() (Daniel Vetter)
• ipv6: fix locking issues with loops over idev->addr_list (Niels Dossche)
• ipw2x00: Fix potential NULL dereference in libipw_xmit() (Haowen Bai)
• b43: Fix assigning negative value to unsigned variable (Haowen Bai)
• b43legacy: Fix assigning negative value to unsigned variable (Haowen Bai)
• mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (Niels Dossche)
• drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (Liu Zixian)
• btrfs: repair super block num_devices automatically (Qu Wenruo)
• btrfs: add '0x' prefix for unsupported optional features (Qu Wenruo)
• ptrace: Reimplement PTRACE_KILL by always sending SIGKILL (Eric W. Biederman)
• ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP (Eric W. Biederman)
• ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP (Eric W. Biederman)
• perf/x86/intel: Fix event constraints for ICL (Kan Liang)
• usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I)
• USB: new quirk for Dell Gen 2 devices (Monish Kumar R)
• USB: serial: option: add Quectel BG95 modem (Carl Yin)
• ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (Marios Levogiannis)
• binfmt_flat: do not stop relocating GOT entries prematurely on riscv (Niklas Cassel)
• LTS tag: v5.4.197 (Sherry Yang)
• bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes (Liu Jian)
• NFSD: Fix possible sleep during nfsd4_release_lockowner() (Chuck Lever)
• NFS: Memory allocation failures are not server fatal errors (Trond Myklebust)
• docs: submitting-patches: Fix crossref to 'The canonical patch format' (Akira Yokosawa)
• tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Xiu Jianfeng)
• tpm: Fix buffer access in tpm2_get_tpm_pt() (Stefan Mahnke-Hartmann)
• HID: multitouch: Add support for Google Whiskers Touchpad (Marek Maslanka)
• raid5: introduce MD_BROKEN (Mariusz Tkaczyk)
• dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti)
• dm stats: add cond_resched when looping over entries (Mikulas Patocka)
• dm crypt: make printing of the key constant-time (Mikulas Patocka)
• dm integrity: fix error code in dm_integrity_ctr() (Dan Carpenter)
• zsmalloc: fix races between asynchronous zspage free and page migration (Sultan Alsawaf)
• crypto: ecrdsa - Fix incorrect use of vli_cmp (Vitaly Chikunov)
• netfilter: conntrack: re-fetch conntrack after insertion (Florian Westphal)
• exec: Force single empty string when argv is empty (Kees Cook)
• drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (Gustavo A. R. Silva)
• cfg80211: set custom regdomain after wiphy registration (Miri Korenblit)
• i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (Mika Westerberg)
• net: ftgmac100: Disable hardware checksum on AST2600 (Joel Stanley)
• net: af_key: check encryption module availability consistency (Thomas Bartschies)
• pinctrl: sunxi: fix f1c100s uart2 function (IotaHydrae)
• ACPI: sysfs: Fix BERT error region memory mapping (Lorenzo Pieralisi)
• ACPI: sysfs: Make sparse happy about address space in use (Andy Shevchenko)
• media: vim2m: initialize the media device earlier (Hans Verkuil)
• media: vim2m: Register video device after setting up internals (Sakari Ailus)
• secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau)
• tcp: change source port randomizarion at connect() time (Eric Dumazet)
• Input: goodix - fix spurious key release events (Dmitry Mastykin)
• staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov (Oracle))
• x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Thomas Gleixner)

[5.4.17-2136.310.1]

• intel_idle: Fix max_cstate for processor models without C-state tables (Chen Yu) [Orabug: 34081688]
• intel_idle: add core C6 optimization for SPR (Artem Bityutskiy) [Orabug: 34081688]
• intel_idle: add 'preferred_cstates' module argument (Artem Bityutskiy) [Orabug: 34081688]
• intel_idle: add SPR support (Artem Bityutskiy) [Orabug: 34081688]
• intel_idle: Adjust the SKX C6 parameters if PC6 is disabled (Chen Yu) [Orabug: 34081688]
• intel_idle: Clean up kerneldoc comments for multiple functions (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Add __initdata annotations to init time variables (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Relocate definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Clean up definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Simplify LAPIC timer reliability checks (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Introduce 'states_off' module parameter (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Introduce 'use_acpi' module parameter (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Clean up irtl_2_usec() (Rafael J. Wysocki) [Orabug: 34081688]
• Documentation: admin-guide: PM: Add intel_idle document (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Move 3 functions closer to their callers (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Annotate initialization code and data structures (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Move and clean up intel_idle_cpuidle_devices_uninit() (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Rearrange intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Fold intel_idle_probe() into intel_idle_init() (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Eliminate __setup_broadcast_timer() (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Add module parameter to prevent ACPI _CST from being used (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Allow ACPI _CST to be used for selected known processors (Rafael J. Wysocki) [Orabug: 34081688]
• cpuidle: Allow idle states to be disabled by default (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 34081688]
• intel_idle: Refactor intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688]
• cpuidle: Drop disabled field from struct cpuidle_state (Thomas Tai) [Orabug: 34081688]
• cpuidle: Consolidate disabled state checks (Rafael J. Wysocki) [Orabug: 34081688]
• Revert 'intel_idle: Use ACPI _CST for processor models without C-state tables' (Thomas Tai) [Orabug: 34081688]