android11-5.4
4640 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Gaosheng Cui
|
eb0f78e28c |
apparmor: fix a memleak in multi_transaction_new()
[ Upstream commit c73275cf6834787ca090317f1d20dbfa3b7f05aa ]
In multi_transaction_new(), the variable t is not freed or passed out
on the failure of copy_from_user(t->data, buf, size), which could lead
to a memleak.
Fix this bug by adding a put_multi_transaction(t) in the error path.
Fixes:
|
||
Xiu Jianfeng
|
8176538866 |
ima: Fix misuse of dereference of pointer in template_desc_init_fields()
[ Upstream commit 25369175ce84813dd99d6604e710dc2491f68523 ]
The input parameter @fields is type of struct ima_template_field ***, so
when allocates array memory for @fields, the size of element should be
sizeof(**field) instead of sizeof(*field).
Actually the original code would not cause any runtime error, but it's
better to make it logically right.
Fixes:
|
||
GUO Zihua
|
9b7c44885a |
integrity: Fix memory leakage in keyring allocation error path
[ Upstream commit 39419ef7af0916cc3620ecf1ed42d29659109bf3 ]
Key restriction is allocated in integrity_init_keyring(). However, if
keyring allocation failed, it is not freed, causing memory leaks.
Fixes:
|
||
|
GUO Zihua
|
38d48fd224 |
ima: Handle -ESTALE returned by ima_filter_rule_match()
[ Upstream commit c7423dbdbc9ecef7fff5239d144cad4b9887f4de ]
IMA relies on the blocking LSM policy notifier callback to update the
LSM based IMA policy rules.
When SELinux update its policies, IMA would be notified and starts
updating all its lsm rules one-by-one. During this time, -ESTALE would
be returned by ima_filter_rule_match() if it is called with a LSM rule
that has not yet been updated. In ima_match_rules(), -ESTALE is not
handled, and the LSM rule is considered a match, causing extra files
to be measured by IMA.
Fix it by re-initializing a temporary rule if -ESTALE is returned by
ima_filter_rule_match(). The origin rule in the rule list would be
updated by the LSM policy notifier callback.
Fixes:
|
||
Gustavo A. R. Silva
|
ecd0a6f81a |
ima: Fix fall-through warnings for Clang
[ Upstream commit 28073eb09c5aa29e879490edb88cfd3e7073821e ] In preparation to enable -Wimplicit-fallthrough for Clang, fix multiple warnings by explicitly adding multiple break statements instead of just letting the code fall through to the next case. Link: https://github.com/KSPP/linux/issues/115 Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Stable-dep-of: c7423dbdbc9e ("ima: Handle -ESTALE returned by ima_filter_rule_match()") Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Tyler Hicks
|
55e2430e43 |
ima: Rename internal filter rule functions
[ Upstream commit b8867eedcf76caef8ae6412da97cd9abfd092ff8 ]
Rename IMA's internal filter rule functions from security_filter_rule_*()
to ima_filter_rule_*(). This avoids polluting the security_* namespace,
which is typically reserved for general security subsystem
infrastructure.
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
[zohar@linux.ibm.com: reword using the term "filter", not "audit"]
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Stable-dep-of: c7423dbdbc9e ("ima: Handle -ESTALE returned by ima_filter_rule_match()")
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Michael Bestas
|
635c74d37d
|
Merge tag 'ASB-2022-12-05_11-5.4' of https://android.googlesource.com/kernel/common into android13-5.4-lahaina
https://source.android.com/docs/security/bulletin/2022-12-01 CVE-2022-23960 * tag 'ASB-2022-12-05_11-5.4' of https://android.googlesource.com/kernel/common: UPSTREAM: bpf: Ensure correct locking around vulnerable function find_vpid() UPSTREAM: HID: roccat: Fix use-after-free in roccat_read() ANDROID: arm64: mm: perform clean & invalidation in __dma_map_area UPSTREAM: mmc: hsq: Fix data stomping during mmc recovery UPSTREAM: pinctrl: sunxi: Fix name for A100 R_PIO BACKPORT: mmc: core: Fix UHS-I SD 1.8V workaround branch UPSTREAM: Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression UPSTREAM: wifi: mac80211_hwsim: set virtio device ready in probe() BACKPORT: f2fs: don't use casefolded comparison for "." and ".." UPSTREAM: Revert "mm/cma.c: remove redundant cma_mutex lock" UPSTREAM: usb: dwc3: Try usb-role-switch first in dwc3_drd_init BACKPORT: usb: typec: ucsi: Fix reuse of completion structure BACKPORT: tipc: fix incorrect order of state message data sanity check UPSTREAM: net: fix up skbs delta_truesize in UDP GRO frag_list UPSTREAM: cgroup-v1: Correct privileges check in release_agent writes UPSTREAM: mm: don't try to NUMA-migrate COW pages that have other uses UPSTREAM: usb: raw-gadget: fix handling of dual-direction-capable endpoints UPSTREAM: selinux: check return value of sel_make_avc_files UPSTREAM: usb: musb: select GENERIC_PHY instead of depending on it BACKPORT: driver core: Fix error return code in really_probe() UPSTREAM: fscrypt: fix derivation of SipHash keys on big endian CPUs BACKPORT: fscrypt: rename FS_KEY_DERIVATION_NONCE_SIZE UPSTREAM: socionext: account for napi_gro_receive never returning GRO_DROP UPSTREAM: net: socionext: netsec: fix xdp stats accounting BACKPORT: fs: align IOCB_* flags with RWF_* flags UPSTREAM: efi: capsule-loader: Fix use-after-free in efi_capsule_write BACKPORT: ARM: 9039/1: assembler: generalize byte swapping macro into rev_l BACKPORT: ARM: 9035/1: uncompress: Add be32tocpu macro UPSTREAM: drm/meson: Fix overflow implicit truncation warnings UPSTREAM: irqchip/tegra: Fix overflow implicit truncation warnings UPSTREAM: video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write ANDROID: GKI: db845c: Update symbols list and ABI Linux 5.4.219 wifi: mac80211: fix MBSSID parsing use-after-free wifi: mac80211: don't parse mbssid in assoc response mac80211: mlme: find auth challenge directly Revert "fs: check FMODE_LSEEK to control internal pipe splicing" Linux 5.4.218 Input: xpad - fix wireless 360 controller breaking after suspend Input: xpad - add supported devices as contributed on github wifi: cfg80211: update hidden BSSes to avoid WARN_ON wifi: mac80211_hwsim: avoid mac80211 warning on bad rate wifi: cfg80211: avoid nontransmitted BSS list corruption wifi: cfg80211: fix BSS refcounting bugs wifi: cfg80211: ensure length byte is present before access wifi: cfg80211/mac80211: reject bad MBSSID elements wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() random: use expired timer rather than wq for mixing fast pool random: avoid reading two cache lines on irq randomness random: restore O_NONBLOCK support USB: serial: qcserial: add new usb-id for Dell branded EM7455 scsi: stex: Properly zero out the passthrough command structure efi: Correct Macmini DMI match in uefi cert quirk ALSA: hda: Fix position reporting on Poulsbo random: clamp credited irq bits to maximum mixed ceph: don't truncate file in atomic_open nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure nilfs2: fix leak of nilfs_root in case of writer thread creation failure nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() rpmsg: qcom: glink: replace strncpy() with strscpy_pad() mmc: core: Terminate infinite loop in SD-UHS voltage switch mmc: core: Replace with already defined values for readability USB: serial: ftdi_sio: fix 300 bps rate for SIO usb: mon: make mmapped memory read only arch: um: Mark the stack non-executable to fix a binutils warning um: Cleanup compiler warning in arch/x86/um/tls_32.c um: Cleanup syscall_handler_t cast in syscalls_32.h net/ieee802154: fix uninit value bug in dgram_sendmsg scsi: qedf: Fix a UAF bug in __qedf_probe() ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property firmware: arm_scmi: Add SCMI PM driver remove routine fs: fix UAF/GPF bug in nilfs_mdt_destroy perf tools: Fixup get_current_dir_name() compilation mm: pagewalk: Fix race between unmap and page walker Linux 5.4.217 docs: update mediator information in CoC docs Makefile.extrawarn: Move -Wcast-function-type-strict to W=1 Revert "drm/amdgpu: use dirty framebuffer helper" xfs: remove unused variable 'done' xfs: fix uninitialized variable in xfs_attr3_leaf_inactive xfs: streamline xfs_attr3_leaf_inactive xfs: move incore structures out of xfs_da_format.h xfs: fix memory corruption during remote attr value buffer invalidation xfs: refactor remote attr value buffer invalidation xfs: fix IOCB_NOWAIT handling in xfs_file_dio_aio_read xfs: fix s_maxbytes computation on 32-bit kernels xfs: truncate should remove all blocks, not just to the end of the page cache xfs: introduce XFS_MAX_FILEOFF xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag x86/speculation: Add RSB VM Exit protections x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current x86/speculation: Disable RRSBA behavior x86/bugs: Add Cannon lake to RETBleed affected CPU list x86/cpu/amd: Enumerate BTC_NO x86/common: Stamp out the stepping madness x86/speculation: Fill RSB on vmexit for IBRS KVM: VMX: Fix IBRS handling after vmexit KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS KVM: VMX: Convert launched argument to flags KVM: VMX: Flatten __vmx_vcpu_run() KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S x86/speculation: Remove x86_spec_ctrl_mask x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit x86/speculation: Fix SPEC_CTRL write on SMT state change x86/speculation: Fix firmware entry SPEC_CTRL handling x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n x86/speculation: Change FILL_RETURN_BUFFER to work with objtool intel_idle: Disable IBRS during long idle x86/bugs: Report Intel retbleed vulnerability x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS x86/bugs: Optimize SPEC_CTRL MSR writes x86/entry: Add kernel IBRS implementation x86/entry: Remove skip_r11rcx x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value x86/bugs: Add AMD retbleed= boot parameter x86/bugs: Report AMD retbleed vulnerability x86/cpufeatures: Move RETPOLINE flags to word 11 x86/kvm/vmx: Make noinstr clean x86/cpu: Add a steppings field to struct x86_cpu_id x86/cpu: Add consistent CPU match macros x86/devicetable: Move x86 specific macro out of generic code Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" Revert "x86/speculation: Add RSB VM Exit protections" Linux 5.4.216 clk: iproc: Do not rely on node name for correct PLL setup clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks selftests: Fix the if conditions of in test_extra_filter() nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices nvme: add new line after variable declatation usbnet: Fix memory leak in usbnet_disconnect() Input: melfas_mip4 - fix return value check in mip4_probe() Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" soc: sunxi: sram: Fix debugfs info for A64 SRAM C soc: sunxi: sram: Fix probe function ordering issues soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() soc: sunxi: sram: Prevent the driver from being unbound soc: sunxi: sram: Actually claim SRAM regions ARM: dts: am33xx: Fix MMCHS0 dma properties ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver media: dvb_vb2: fix possible out of bound access mm: fix madivse_pageout mishandling on non-LRU page mm/migrate_device.c: flush TLB while holding PTL mm: prevent page_frag_alloc() from corrupting the memory mm/page_alloc: fix race condition between build_all_zonelists and page allocation mmc: moxart: fix 4-bit bus width and remove 8-bit bus width libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 Revert "net: mvpp2: debugfs: fix memory leak when using debugfs_lookup()" ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() ARM: dts: integrator: Tag PCI host with device_type clk: ingenic-tcu: Properly enable registers before accessing timers net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 uas: ignore UAS for Thinkplus chips usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS uas: add no-uas quirk for Hiksemi usb_disk Linux 5.4.215 ext4: make directory inode spreading reflect flexbg size xfs: fix use-after-free when aborting corrupt attr inactivation xfs: fix an ABBA deadlock in xfs_rename xfs: don't commit sunit/swidth updates to disk if that would cause repair failures xfs: split the sunit parameter update into two parts xfs: refactor agfl length computation function xfs: use bitops interface for buf log item AIL flag check xfs: stabilize insert range start boundary to avoid COW writeback race xfs: fix some memory leaks in log recovery xfs: always log corruption errors xfs: constify the buffer pointer arguments to error functions xfs: convert EIO to EFSCORRUPTED when log contents are invalid xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename() xfs: attach dquots and reserve quota blocks during unwritten conversion xfs: range check ri_cnt when recovering log items xfs: add missing assert in xfs_fsmap_owner_from_rmap xfs: slightly tweak an assert in xfs_fs_map_blocks xfs: replace -EIO with -EFSCORRUPTED for corrupt metadata ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 workqueue: don't skip lockdep work dependency in cancel_work_sync() drm/rockchip: Fix return type of cdn_dp_connector_mode_valid drm/amd/display: Limit user regamma to a valid value drm/amdgpu: use dirty framebuffer helper Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region cifs: always initialize struct msghdr smb_msg completely usb: xhci-mtk: fix issue of out-of-bounds array access s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting serial: Create uart_xmit_advance() net: sched: fix possible refcount leak in tc_new_tfilter() net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD perf kcore_copy: Do not check /proc/modules is unchanged perf jit: Include program header in ELF files can: gs_usb: gs_can_open(): fix race dev->can.state condition netfilter: ebtables: fix memory leak when blob is malformed net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs net/sched: taprio: avoid disabling offload when it was never enabled of: mdio: Add of_node_put() when breaking out of for_each_xx i40e: Fix set max_tx_rate when it is lower than 1 Mbps i40e: Fix VF set max MTU size iavf: Fix set max MTU size with port VLAN and jumbo frames iavf: Fix bad page state MIPS: Loongson32: Fix PHY-mode being left unspecified MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko net: team: Unsync device addresses on ndo_stop ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header iavf: Fix cached head and tail value for iavf_get_tx_pending netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() netfilter: nf_conntrack_irc: Tighten matching on DCC message netfilter: nf_conntrack_sip: fix ct_sip_walk_headers arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob mm/slub: fix to return errno if kmalloc() fails efi: libstub: check Shim mode using MokSBStateRT ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop ALSA: hda/realtek: Add quirk for ASUS GA503R laptop ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack ALSA: hda/realtek: Re-arrange quirk table entries ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 ALSA: hda: add Intel 5 Series / 3400 PCI DID ALSA: hda/tegra: set depop delay for tegra USB: serial: option: add Quectel RM520N USB: serial: option: add Quectel BG95 0x0203 composition USB: core: Fix RST error in hub.c Revert "usb: gadget: udc-xilinx: replace memcpy with memcpy_toio" Revert "usb: add quirks for Lenovo OneLink+ Dock" usb: cdns3: fix issue with rearming ISO OUT endpoint usb: gadget: udc-xilinx: replace memcpy with memcpy_toio usb: add quirks for Lenovo OneLink+ Dock tty: serial: atmel: Preserve previous USART mode if RS485 disabled serial: atmel: remove redundant assignment in rs485_config tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data wifi: mac80211: Fix UAF in ieee80211_scan_rx() usb: xhci-mtk: relax TT periodic bandwidth allocation usb: xhci-mtk: allow multiple Start-Split in a microframe usb: xhci-mtk: add some schedule error number usb: xhci-mtk: add a function to (un)load bandwidth info usb: xhci-mtk: use @sch_tt to check whether need do TT schedule usb: xhci-mtk: add only one extra CS for FS/LS INTR usb: xhci-mtk: get the microframe boundary for ESIT usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() usb: dwc3: gadget: Refactor pullup() usb: dwc3: gadget: Prevent repeat pullup() usb: dwc3: Issue core soft reset before enabling run/stop usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind ALSA: hda/sigmatel: Fix unused variable warning for beep power change cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write mksysmap: Fix the mismatch of 'L0' symbols in System.map MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping() afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked net: usb: qmi_wwan: add Quectel RM520N ALSA: hda/tegra: Align BDL entry to 4KB boundary ALSA: hda/sigmatel: Keep power up while beep is enabled rxrpc: Fix calc of resend age rxrpc: Fix local destruction being repeated regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() ASoC: nau8824: Fix semaphore unbalance at error paths iomap: iomap that extends beyond EOF should be marked dirty MAINTAINERS: add Chandan as xfs maintainer for 5.4.y cifs: don't send down the destination address to sendmsg for a SOCK_STREAM cifs: revalidate mapping when doing direct writes tracing: hold caller_addr to hardirq_{enable,disable}_ip task_stack, x86/cea: Force-inline stack helpers ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC parisc: ccio-dma: Add missing iounmap in error path in ccio_probe() drm/meson: Fix OSD1 RGB to YCbCr coefficient drm/meson: Correct OSD1 global alpha value gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 of: fdt: fix off-by-one error in unflatten_dt_nodes() Revert "USB: core: Prevent nested device-reset calls" Revert "io_uring: disable polling pollfree files" Revert "netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y" Revert "sched/deadline: Fix priority inheritance with multiple scheduling classes" Revert "kernel/sched: Remove dl_boosted flag comment" Revert "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse" Revert "fs: check FMODE_LSEEK to control internal pipe splicing" Linux 5.4.214 tracefs: Only clobber mode/uid/gid on remount if asked soc: fsl: select FSL_GUTS driver for DPIO net: dp83822: disable rx error interrupt mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes perf/arm_pmu_platform: fix tests for platform_get_irq() failure nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() Input: iforce - add support for Boeder Force Feedback Wheel ieee802154: cc2520: add rc code in cc2520_tx() tg3: Disable tg3 device on system reboot to avoid triggering AER hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo drm/msm/rd: Fix FIFO-full deadlock Linux 5.4.213 MIPS: loongson32: ls1c: Fix hang during startup x86/nospec: Fix i386 RSB stuffing sch_sfb: Also store skb len before calling child enqueue tcp: fix early ETIMEDOUT after spurious non-SACK RTO nvme-tcp: fix UAF when detecting digest errors RDMA/mlx5: Set local port to one when accessing counters ipv6: sr: fix out-of-bounds read when setting HMAC data. RDMA/siw: Pass a pointer to virt_to_page() i40e: Fix kernel crash during module removal tipc: fix shift wrapping bug in map_get() sch_sfb: Don't assume the skb is still around after enqueueing to child afs: Use the operation issue time instead of the reply time for callbacks rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() netfilter: nf_conntrack_irc: Fix forged IP logic netfilter: br_netfilter: Drop dst references before setting. RDMA/hns: Fix supported page size soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs RDMA/cma: Fix arguments order in net device validation regulator: core: Clean up on enable failure ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node smb3: missing inode locks in punch hole cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree cgroup: Optimize single thread migration scsi: lpfc: Add missing destroy_workqueue() in error path scsi: mpt3sas: Fix use-after-free warning nvmet: fix a use-after-free debugfs: add debugfs_lookup_and_remove() kprobes: Prohibit probes in gate area ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() ALSA: aloop: Fix random zeros in capture data when using jiffies timer ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() drm/radeon: add a force flush to delay work when radeon drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. drm/gem: Fix GEM handle release errors scsi: megaraid_sas: Fix double kfree() USB: serial: ch341: fix disabled rx timer on older devices USB: serial: ch341: fix lost character on LCR updates usb: dwc3: disable USB core PHY management usb: dwc3: fix PHY disable sequence btrfs: harden identification of a stale device drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk ALSA: seq: Fix data-race at module auto-loading ALSA: seq: oss: Fix data-race for max_midi_devs access net: mac802154: Fix a condition in the receive path ip: fix triggering of 'icmp redirect' wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected driver core: Don't probe devices after bus_type.match() probe deferral usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS USB: core: Prevent nested device-reset calls s390: fix nospec table alignments s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages usb-storage: Add ignore-residue quirk for NXP PN7462AU USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) usb: dwc2: fix wrong order of phy_power_on and phy_init usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode USB: serial: option: add Quectel EM060K modem USB: serial: option: add support for OPPO R11 diag port USB: serial: cp210x: add Decagon UCA device id xhci: Add grace period after xHC start to prevent premature runtime suspend. thunderbolt: Use the actual buffer in tb_async_error() gpio: pca953x: Add mutex_lock for regcache sync in PM hwmon: (gpio-fan) Fix array out of bounds access clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate Input: rk805-pwrkey - fix module autoloading clk: core: Fix runtime PM sequence in clk_core_unprepare() Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup binder: fix UAF of ref->proc caused by race condition USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id misc: fastrpc: fix memory corruption on open misc: fastrpc: fix memory corruption on probe iio: adc: mcp3911: use correct formula for AD conversion Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete vt: Clear selection before changing the font powerpc: align syscall table for ppc32 staging: rtl8712: fix use after free bugs serial: fsl_lpuart: RS485 RTS polariy is inverse net/smc: Remove redundant refcount increase Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" tcp: annotate data-race around challenge_timestamp sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb kcm: fix strp_init() order and cleanup ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler net: sched: tbf: don't call qdisc_put() while holding tree lock Revert "xhci: turn off port power in shutdown" wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() ieee802154/adf7242: defer destroy_workqueue call iio: adc: mcp3911: make use of the sign bit platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg drm/msm/dsi: fix the inconsistent indenting net: dp83822: disable false carrier interrupt Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" fs: only do a memory barrier for the first set_buffer_uptodate() net: mvpp2: debugfs: fix memory leak when using debugfs_lookup() wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() efi: capsule-loader: Fix use-after-free in efi_capsule_write Linux 5.4.212 net: neigh: don't call kfree_skb() under spin_lock_irqsave() net/af_packet: check len when min_header_len equals to 0 io_uring: disable polling pollfree files kprobes: don't call disarm_kprobe() for disabled kprobes lib/vdso: Mark do_hres() and do_coarse() as __always_inline lib/vdso: Let do_coarse() return 0 to simplify the callsite btrfs: tree-checker: check for overlapping extent items netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y drm/amd/display: Fix pixel clock programming s390/hypfs: avoid error message under KVM neigh: fix possible DoS due to net iface start/stop loop drm/amd/display: clear optc underflow before turn off odm clock drm/amd/display: Avoid MPC infinite loop btrfs: unify lookup return value when dir entry is missing btrfs: do not pin logs too early during renames btrfs: introduce btrfs_lookup_match_dir mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse bpf: Don't redirect packets with invalid pkt_len ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead fbdev: fb_pm2fb: Avoid potential divide by zero error HID: hidraw: fix memory leak in hidraw_release() media: pvrusb2: fix memory leak in pvr_probe udmabuf: Set the DMA mask for the udmabuf device (v2) HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report Bluetooth: L2CAP: Fix build errors in some archs kbuild: Fix include path in scripts/Makefile.modpost x86/bugs: Add "unknown" reporting for MMIO Stale Data s390/mm: do not trigger write fault when vma does not allow VM_WRITE mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU md: call __md_stop_writes in md_stop mm/hugetlb: fix hugetlb not supporting softdirty tracking ACPI: processor: Remove freq Qos request for all CPUs s390: fix double free of GS and RI CBs on fork() failure asm-generic: sections: refactor memory_intersects loop: Check for overflow while configuring loop x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry btrfs: check if root is readonly while setting security xattr btrfs: add info when mount fails due to stale replace target btrfs: replace: drop assert for suspended replace btrfs: fix silent failure when deleting root reference ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter net: Fix a data-race around sysctl_somaxconn. net: Fix a data-race around netdev_budget_usecs. net: Fix a data-race around netdev_budget. net: Fix a data-race around sysctl_net_busy_read. net: Fix a data-race around sysctl_net_busy_poll. net: Fix a data-race around sysctl_tstamp_allow_data. ratelimit: Fix data-races in ___ratelimit(). net: Fix data-races around netdev_tstamp_prequeue. net: Fix data-races around weight_p and dev_weight_[rt]x_bias. netfilter: nft_tunnel: restrict it to netdev family netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families netfilter: nft_payload: do not truncate csum_offset and csum_type netfilter: nft_payload: report ERANGE for too long offset and length bnxt_en: fix NQ resource accounting during vf creation on 57500 chips netfilter: ebtables: reject blobs that don't provide all entry points net: ipvtap - add __init/__exit annotations to module init/exit funcs bonding: 802.3ad: fix no transmission of LACPDUs net: moxa: get rid of asymmetry in DMA mapping/unmapping net/mlx5e: Properly disable vlan strip on non-UL reps rose: check NULL rose_loopback_neigh->loopback SUNRPC: RPC level errors should set task->tk_rpc_status af_key: Do not call xfrm_probe_algs in parallel xfrm: fix refcount leak in __xfrm_policy_check() kernel/sched: Remove dl_boosted flag comment sched/deadline: Fix priority inheritance with multiple scheduling classes sched/deadline: Fix stale throttling on de-/boosted tasks sched/deadline: Unthrottle PI boosted threads while enqueuing pinctrl: amd: Don't save/restore interrupt status and wake status bits Revert "selftests/bpf: Fix test_align verifier log patterns" Revert "selftests/bpf: Fix "dubious pointer arithmetic" test" usb: cdns3: Fix issue for clear halt endpoint kernel/sys_ni: add compat entry for fadvise64_64 parisc: Fix exception handler for fldw and fstw instructions audit: fix potential double free on error path from fsnotify_add_inode_mark Revert "USB: HCD: Fix URB giveback issue in tasklet function" Linux 5.4.211 btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() btrfs: only write the sectors in the vertical stripe which has data stripes can: j1939: j1939_session_destroy(): fix memory leak of skbs can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() tracing/probes: Have kprobes and uprobes use $COMM too MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 video: fbdev: i740fb: Check the argument of i740_calc_vclk() powerpc/64: Init jump labels before parse_early_param() smb3: check xattr value length earlier f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() ALSA: timer: Use deferred fasync helper ALSA: core: Add async signal helpers powerpc/32: Don't always pass -mcpu=powerpc to the compiler watchdog: export lockup_detector_reconfigure RISC-V: Add fast call path of crash_kexec() riscv: mmap with PROT_WRITE but no PROT_READ is invalid mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start vfio: Clear the caps->buf to NULL after free tty: serial: Fix refcount leak bug in ucc_uart.c lib/list_debug.c: Detect uninitialized lists ext4: avoid resizing to a partial cluster size ext4: avoid remove directory when directory is corrupted drivers:md:fix a potential use-after-free bug nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed selftests/kprobe: Do not test for GRP/ without event failures um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups PCI/ACPI: Guard ARM64-specific mcfg_quirks cxl: Fix a memory leak in an error handling path gadgetfs: ep_io - wait until IRQ finishes scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input clk: qcom: ipq8074: dont disable gcc_sleep_clk_src vboxguest: Do not use devm for irq usb: renesas: Fix refcount leak bug usb: host: ohci-ppc-of: Fix refcount leak bug drm/meson: Fix overflow implicit truncation warnings irqchip/tegra: Fix overflow implicit truncation warnings usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info usb: cdns3 fix use-after-free at workaround 2 PCI: Add ACS quirk for Broadcom BCM5750x NICs drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() locking/atomic: Make test_and_*_bit() ordered on failure gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file igb: Add lock to avoid data race fec: Fix timer capture timing in `fec_ptp_enable_pps()` i40e: Fix to stop tx_timeout recovery if GLOBR fails ice: Ignore EEXIST when setting promisc mode net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry net: moxa: pass pdev instead of ndev to DMA functions net: dsa: mv88e6060: prevent crash on an unused port powerpc/pci: Fix get_phb_number() locking netfilter: nf_tables: really skip inactive sets when allocating name clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks iavf: Fix adminq error handling nios2: add force_successful_syscall_return() nios2: restarts apply only to the first sigframe we build... nios2: fix syscall restart checks nios2: traced syscall does need to check the syscall number nios2: don't leave NULLs in sys_call_table[] nios2: page fault et.al. are *not* restartable syscalls... tee: add overflow check in register_shm_helper() dpaa2-eth: trace the allocated address instead of page struct atm: idt77252: fix use-after-free bugs caused by tst_timer xen/xenbus: fix return type in xenbus_file_read() nfp: ethtool: fix the display error of `ethtool -m DEVNAME` NTB: ntb_tool: uninitialized heap data in tool_fn_write() tools build: Switch to new openssl API for test-libcrypto tools/vm/slabinfo: use alphabetic order when two values are equal dt-bindings: arm: qcom: fix MSM8916 MTP compatibles vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() vsock: Fix memory leak in vsock_connect() plip: avoid rcu debug splat geneve: do not use RT_TOS for IPv6 flowlabel ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool pinctrl: sunxi: Add I/O bias setting for H6 R-PIO pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map net: bgmac: Fix a BUG triggered by wrong bytes_compl devlink: Fix use-after-free after a failed reload SUNRPC: Reinitialise the backchannel request buffers before reuse sunrpc: fix expiry of auth creds can: mcp251x: Fix race condition on receive interrupt NFSv4/pnfs: Fix a use-after-free bug in open NFSv4.1: RECLAIM_COMPLETE must handle EACCES NFSv4: Fix races in the legacy idmapper upcall NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly NFSv4.1: Don't decrease the value of seq_nr_highest_sent Documentation: ACPI: EINJ: Fix obsolete example apparmor: Fix memleak in aa_simple_write_to_buffer() apparmor: fix reference count leak in aa_pivotroot() apparmor: fix overlapping attachment computation apparmor: fix aa_label_asxprint return check apparmor: Fix failed mount permission check error message apparmor: fix absroot causing audited secids to begin with = apparmor: fix quiet_denied for file rules can: ems_usb: fix clang's -Wunaligned-access warning tracing: Have filter accept "common_cpu" to be consistent btrfs: fix lost error handling when looking up extended ref on log replay mmc: pxamci: Fix an error handling path in pxamci_probe() mmc: pxamci: Fix another error handling path in pxamci_probe() ata: libata-eh: Add missing command name rds: add missing barrier to release_refill ALSA: info: Fix llseek return value when using callback net_sched: cls_route: disallow handle of 0 net/9p: Initialize the iounit field during fid creation Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" scsi: sg: Allow waiting for commands to complete on removed device tcp: fix over estimation in sk_forced_mem_schedule() KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq KVM: Add infrastructure and macro to mark VM as bugged btrfs: reject log replay if there is unsupported RO compat flag net_sched: cls_route: remove from list when handle is 0 iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails timekeeping: contribute wall clock to rng on time change ACPI: CPPC: Do not prevent CPPC from working in the future dm writecache: set a default MAX_WRITEBACK_JOBS dm thin: fix use-after-free crash in dm_sm_register_threshold_callback dm raid: fix address sanitizer warning in raid_status dm raid: fix address sanitizer warning in raid_resume intel_th: pci: Add Meteor Lake-P support intel_th: pci: Add Raptor Lake-S PCH support intel_th: pci: Add Raptor Lake-S CPU support ext4: correct the misjudgment in ext4_iget_extra_inode ext4: correct max_inline_xattr_value_size computing ext4: fix extent status tree race in writeback error recovery path ext4: update s_overhead_clusters in the superblock during an on-line resize ext4: fix use-after-free in ext4_xattr_set_entry ext4: make sure ext4_append() always allocates new block ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h btrfs: reset block group chunk force if we have to wait tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification spmi: trace: fix stack-out-of-bound access in SPMI tracing functions x86/olpc: fix 'logical not is only applied to the left hand side' scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection scsi: qla2xxx: Turn off multi-queue for 8G adapters scsi: qla2xxx: Fix discovery issues in FC-AL topology scsi: zfcp: Fix missing auto port scan and thus missing target ports video: fbdev: s3fb: Check the size of screen before memset_io() video: fbdev: arkfb: Check the size of screen before memset_io() video: fbdev: vt8623fb: Check the size of screen before memset_io() tools/thermal: Fix possible path truncations video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() x86/numa: Use cpumask_available instead of hardcoded NULL check scripts/faddr2line: Fix vmlinux detection on arm64 genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO powerpc/pci: Fix PHB numbering when using opal-phbid kprobes: Forbid probing on trampoline and BPF code areas perf symbol: Fail to read phdr workaround powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address powerpc/xive: Fix refcount leak in xive_get_max_prio powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32 video: fbdev: sis: fix typos in SiS_GetModeID() video: fbdev: amba-clcd: Fix refcount leak bugs watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() ASoC: audio-graph-card: Add of_node_put() in fail path fuse: Remove the control interface for virtio-fs ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() s390/zcore: fix race when reading from hardware system area iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop mfd: max77620: Fix refcount leak in max77620_initialise_fps mfd: t7l66xb: Drop platform disable callback kfifo: fix kfifo_to_user() return type rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge iommu/exynos: Handle failed IOMMU device registration properly tty: n_gsm: fix missing corner cases in gsmld_poll() tty: n_gsm: fix DM command tty: n_gsm: fix wrong T1 retry count handling vfio/ccw: Do not change FSM state in subchannel event remoteproc: qcom: wcnss: Fix handling of IRQs tty: n_gsm: fix race condition in gsmld_write() tty: n_gsm: fix packet re-transmission without open control channel tty: n_gsm: fix non flow control frames during mux flow off profiling: fix shift too large makes kernel panic ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe ASoC: codecs: da7210: add check for i2c_add_driver ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe opp: Fix error check in dev_pm_opp_attach_genpd() jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted ext4: recover csum seed of tmp_inode after migrating to extents jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() null_blk: fix ida error handling in null_add_dev() RDMA/rxe: Fix error unwind in rxe_create_qp() mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region platform/olpc: Fix uninitialized data in debugfs write USB: serial: fix tty-port initialized comments PCI: tegra194: Fix link up retry sequence PCI: tegra194: Fix Root Port interrupt handling HID: alps: Declare U1_UNICORN_LEGACY support mmc: cavium-thunderx: Add of_node_put() when breaking out of loop mmc: cavium-octeon: Add of_node_put() when breaking out of loop gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() RDMA/hfi1: fix potential memory leak in setup_base_ctxt() RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event RDMA/hns: Fix incorrect clearing of interrupt status register usb: gadget: udc: amd5536 depends on HAS_DMA scsi: smartpqi: Fix DMA direction for RAID requests mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R memstick/ms_block: Fix a memory leak memstick/ms_block: Fix some incorrect memory allocation mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback intel_th: msu: Fix vmalloced buffers intel_th: msu-sink: Potential dereference of null pointer intel_th: Fix a resource leak in an error handling path soundwire: bus_type: fix remove and shutdown support clk: qcom: camcc-sdm845: Fix topology around titan_top power domain clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks clk: qcom: ipq8074: fix NSS port frequency tables usb: host: xhci: use snprintf() in xhci_decode_trb() clk: qcom: clk-krait: unlock spin after mux completion driver core: fix potential deadlock in __driver_attach misc: rtsx: Fix an error handling path in rtsx_pci_probe() clk: mediatek: reset: Fix written reset bit offset usb: xhci: tegra: Fix error check usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe fpga: altera-pr-ip: fix unsigned comparison with less than zero mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path mtd: partitions: Fix refcount leak in parse_redboot_of mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release HID: cp2112: prevent a buffer overflow in cp2112_xfer() mtd: rawnand: meson: Fix a potential double free issue mtd: maps: Fix refcount leak in ap_flash_init mtd: maps: Fix refcount leak in of_flash_probe_versatile clk: renesas: r9a06g032: Fix UART clkgrp bitsel dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock net: rose: fix netdev reference changes netdevsim: Avoid allocation warnings triggered from user space iavf: Fix max_rate limiting crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS wifi: libertas: Fix possible refcount leak in if_usb_probe() wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` i2c: mux-gpmux: Add of_node_put() when breaking out of loop i2c: cadence: Support PEC for SMBus block read Bluetooth: hci_intel: Add check for platform_driver_register can: pch_can: pch_can_error(): initialize errc before using it can: error: specify the values of data[5..7] of CAN error frames can: usb_8dev: do not report txerr and rxerr during bus-off can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off can: sun4i_can: do not report txerr and rxerr during bus-off can: hi311x: do not report txerr and rxerr during bus-off can: sja1000: do not report txerr and rxerr during bus-off can: rcar_can: do not report txerr and rxerr during bus-off can: pch_can: do not report txerr and rxerr during bus-off selftests/bpf: fix a test for snprintf() overflow wifi: p54: add missing parentheses in p54_flush() wifi: p54: Fix an error handling path in p54spi_probe() wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() fs: check FMODE_LSEEK to control internal pipe splicing selftests: timers: clocksource-switch: fix passing errors from child selftests: timers: valid-adjtimex: build fix for newer toolchains libbpf: Fix the name of a reused map tcp: make retransmitted SKB fit into the send window drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed. mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq drm/msm/mdp5: Fix global state lock backoff drm: bridge: sii8620: fix possible off-by-one drm/mediatek: dpi: Only enable dpi after the bridge is enabled drm/mediatek: dpi: Remove output format of YUV drm/rockchip: Fix an error handling path rockchip_dp_probe() drm/rockchip: vop: Don't crash for invalid duplicate_state() crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE drm/vc4: dsi: Correct DSI divider calculations drm/vc4: plane: Fix margin calculations for the right/bottom edges drm/vc4: plane: Remove subpixel positioning check media: hdpvr: fix error value returns in hdpvr_read drm/mcde: Fix refcount leak in mcde_dsi_bind drm: bridge: adv7511: Add check for mipi_dsi_driver_register wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() ath9k: fix use-after-free in ath9k_hif_usb_rx_cb media: tw686x: Register the irq at the end of probe i2c: Fix a potential use after free drm: adv7511: override i2c address of cec before accessing it drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() drm/mipi-dbi: align max_chunk to 2 in spi_transfer wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() ath10k: do not enforce interrupt trigger type dm: return early from dm_pr_call() if DM device is suspended thermal/tools/tmon: Include pthread and time headers in tmon.h nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() regulator: of: Fix refcount leak bug in of_get_regulation_constraints() blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created erofs: avoid consecutive detection for Highmem memory arm64: dts: mt7622: fix BPI-R64 WPS button bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() ARM: dts: qcom: pm8841: add required thermal-sensor-cells soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register cpufreq: zynq: Fix refcount leak in zynq_get_revision ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init ARM: OMAP2+: Fix refcount leak in omapdss_init_of ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg soc: fsl: guts: machine variable might be unset ARM: dts: ast2600-evb: fix board compatible ARM: dts: ast2500-evb: fix board compatible x86/pmem: Fix platform-device leak in error path ARM: bcm: Fix refcount leak in bcm_kona_smc_init meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init ARM: findbit: fix overflowing offset spi: spi-rspi: Fix PIO fallback on RZ platforms selinux: Add boundary check in put_entry() PM: hibernate: defer device probing when resuming from hibernation ARM: shmobile: rcar-gen2: Increase refcount for new reference arm64: dts: allwinner: a64: orangepi-win: Fix LED node name arm64: dts: qcom: ipq8074: fix NAND node name ACPI: LPSS: Fix missing check in register_device_clock() ACPI: PM: save NVS memory for Lenovo G40-45 ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks ARM: OMAP2+: display: Fix refcount leak bug spi: synquacer: Add missing clk_disable_unprepare() ARM: dts: imx6ul: fix qspi node compatible ARM: dts: imx6ul: fix lcdif node compatible ARM: dts: imx6ul: fix csi node compatible ARM: dts: imx6ul: change operating-points to uint32-matrix ARM: dts: imx6ul: add missing properties for sram wait: Fix __wait_event_hrtimeout for RT/DL tasks genirq: Don't return error on missing optional irq_request_resources() ext2: Add more validity checks for inode counts arm64: fix oops in concurrently setting insn_emulation sysctls arm64: Do not forget syscall when starting a new thread. x86: Handle idle=nomwait cmdline properly for x86_idle epoll: autoremove wakers even more aggressively netfilter: nf_tables: fix null deref due to zeroed list head netfilter: nf_tables: do not allow RULE_ID to refer to another chain netfilter: nf_tables: do not allow SET_ID to refer to another table arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC USB: HCD: Fix URB giveback issue in tasklet function coresight: Clear the connection field properly MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK powerpc/powernv: Avoid crashing if rng is NULL powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E powerpc/fsl-pci: Fix Class Code of PCIe Root Port PCI: Add defines for normal and subtractive PCI bridges ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() md-raid10: fix KASAN warning serial: mvebu-uart: uart2 error bits clearing fuse: limit nsec iio: light: isl29028: Fix the warning in isl29028_remove() drm/amdgpu: Check BO's requested pinning domains against its preferred_domains drm/nouveau: fix another off-by-one in nvbios_addr drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode parisc: Fix device names in /proc/iomem ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() usbnet: Fix linkwatch use-after-free on disconnect fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters thermal: sysfs: Fix cooling_device_stats_setup() error code path fs: Add missing umask strip in vfs_tmpfile vfs: Check the truncate maximum size in inode_newsize_ok() tty: vt: initialize unicode screen buffer ALSA: hda/realtek: Add quirk for another Asus K42JZ model ALSA: hda/cirrus - support for iMac 12,1 model ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model mm/mremap: hold the rmap lock in write mode when moving page table entries. KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case HID: wacom: Don't register pad_input for touch switch HID: wacom: Only report rotation for art pen add barriers to buffer_uptodate and set_buffer_uptodate wifi: mac80211_hwsim: use 32-bit skb cookie wifi: mac80211_hwsim: add back erroneously removed cast wifi: mac80211_hwsim: fix race condition in pending packet igc: Remove _I_PHY_ID checking ALSA: bcd2000: Fix a UAF bug on the error path of probing scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments Makefile: link with -z noexecstack --no-warn-rwx-segments Conflicts: Documentation/devicetree/bindings/arm/qcom.yaml Documentation/devicetree/bindings~HEAD arch/x86/boot/compressed/Makefile drivers/mmc/core/sd.c drivers/rpmsg/qcom_glink_native.c drivers/usb/dwc3/core.c drivers/usb/dwc3/gadget.c drivers/usb/typec/ucsi/ucsi.c net/core/dev.c net/netfilter/nf_conntrack_irc.c Change-Id: I796398110bc61fa6a8bb94f7ef41b9209683dbf7 |
||
Greg Kroah-Hartman
|
d3df1dbcb2 |
Merge branch 'android11-5.4' into branch 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Greg Kroah-Hartman
|
4338018da7 |
Merge tag 'android11-5.4.219_r00' into android11-5.4
This is the merge of the upstream LTS release of 5.4.219 into the android11-5.4 branch. It contains the following commits: |
||
Christian Göttsche
|
2119237920 |
UPSTREAM: selinux: check return value of sel_make_avc_files
sel_make_avc_files() might fail and return a negative errno value on
memory allocation failures. Re-add the check of the return value,
dropped in 66f8e2f03c02 ("selinux: sidtab reverse lookup hash table").
Reported by clang-analyzer:
security/selinux/selinuxfs.c:2129:2: warning: Value stored to
'ret' is never read [deadcode.DeadStores]
ret = sel_make_avc_files(dentry);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
Bug: 254441685
Fixes: 66f8e2f03c02 ("selinux: sidtab reverse lookup hash table")
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
[PM: description line wrapping, added proper commit ref]
Signed-off-by: Paul Moore <paul@paul-moore.com>
(cherry picked from commit bcb62828e3e8c813b6613db6eb7fd9657db248fc)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: Id75241f6c1c3b501bda6160cee9be1a9c3b83fd3
|
||
|
Greg Kroah-Hartman
|
0bd6dcc07a |
This is the 5.4.224 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmNtLZoACgkQONu9yGCS aT5VuQ/8CBRf5xVvPfDAGCXjoksCQWaVvSp4bs8UBRO7OM2bbzLOXgNR/aTXBYXS MmrHn/9vCy1EM/+MvsCF9BB7SBu5DN28/X18H/KvhNBXdSggYYSYiaHDsaU8YS89 PKCQouG9q5qNzMbiVx9ullBUQXNov3PMFs6La0AbRjiSuDnaQhwbhliZmbMWo+Wx YdxqT0PNrPdZsXA4aP6DZP1tHQ7rKt7BFZdDE2UhmMCkrycw3f4bm5nLyOIJgkCq JcnJu7mPbhGxwTVqBEBPH31cH+vC4TxMuRIgm7gmuTcIp883C2rhzYMfNK2aP8j6 5VdG+WZmlqkWJ7ipPGaMgT2el/+40Fy/TlAg+kdUQ7MDT9aLZM9ecv+q7o+qV8qn RxbkqBEUh3byJyx5hR6fmP+6QxF3x7X89QyAmQJ6+2thDhZtrZdM4cGk8AbK534u Pfv0Biu59u1rBHAcY2gFwtUMhPYQYK65liefeQoBFgc83ZQbPYOs3pk3gjPmOyy5 ce2JeyRIqWU9qN3/pxCDO8gVD7uUtMC/ut5fM2IPoatoGBmvpg0iFZLa+TF0PdVe U7+v6uakW86sWYzHdNLMXIaghzO3i04BVokOKoFHjP8WQeOaYBk5uUOP/qWS+Dke cSOhayYj7UALVAQww34mAWlPFN6l5sfW2GszN9a2GcfT1sLphDY= =bOv2 -----END PGP SIGNATURE----- Merge 5.4.224 into android11-5.4-lts Changes in 5.4.224 RDMA/cma: Use output interface for net_dev check IB/hfi1: Correctly move list in sc_disable() NFSv4.1: Handle RECLAIM_COMPLETE trunking errors NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot nfs4: Fix kmemleak when allocate slot failed net: dsa: Fix possible memory leaks in dsa_loop_init() RDMA/core: Fix null-ptr-deref in ib_core_cleanup() RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() net: fec: fix improper use of NETDEV_TX_BUSY ata: pata_legacy: fix pdc20230_set_piomode() net: sched: Fix use after free in red_enqueue() net: tun: fix bugs for oversize packet when napi frags enabled netfilter: nf_tables: release flow rule object from commit path ipvs: use explicitly signed chars ipvs: fix WARNING in __ip_vs_cleanup_batch() ipvs: fix WARNING in ip_vs_app_net_cleanup() rose: Fix NULL pointer dereference in rose_send_frame() mISDN: fix possible memory leak in mISDN_register_device() isdn: mISDN: netjet: fix wrong check of device registration btrfs: fix inode list leak during backref walking at resolve_indirect_refs() btrfs: fix inode list leak during backref walking at find_parent_nodes() btrfs: fix ulist leaks in error paths of qgroup self tests Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() net: mdio: fix undefined behavior in bit shift for __mdiobus_register net, neigh: Fix null-ptr-deref in neigh_table_clear() ipv6: fix WARNING in ip6_route_net_exit_late() media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE media: dvb-frontends/drxk: initialize err to 0 media: meson: vdec: fix possible refcount leak in vdec_probe() scsi: core: Restrict legal sdev_state transitions via sysfs HID: saitek: add madcatz variant of MMO7 mouse device ID i2c: xiic: Add platform module alias xfs: don't fail verifier on empty attr3 leaf block xfs: use ordered buffers to initialize dquot buffers during quotacheck xfs: gut error handling in xfs_trans_unreserve_and_mod_sb() xfs: group quota should return EDQUOT when prj quota enabled xfs: don't fail unwritten extent conversion on writeback due to edquot xfs: Add the missed xfs_perag_put() for xfs_ifree_cluster() Bluetooth: L2CAP: Fix attempting to access uninitialized memory block, bfq: protect 'bfqd->queued' by 'bfqd->lock' tcp/udp: Fix memory leak in ipv6_renew_options(). memcg: enable accounting of ipc resources binder: fix UAF of alloc->vma in race with munmap() btrfs: fix type of parameter generation in btrfs_get_dentry tcp/udp: Make early_demux back namespacified. kprobe: reverse kp->flags when arm_kprobe failed tools/nolibc/string: Fix memcmp() implementation tracing/histogram: Update document for KEYS_MAX size capabilities: fix potential memleak on error path from vfs_getxattr_alloc() fuse: add file_modified() to fallocate efi: random: reduce seed size to 32 bytes perf/x86/intel: Fix pebs event constraints for ICL perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[] ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices parisc: Make 8250_gsc driver dependend on CONFIG_PARISC parisc: Export iosapic_serial_irq() symbol for serial port driver parisc: Avoid printing the hardware path twice ext4: fix warning in 'ext4_da_release_space' ext4: fix BUG_ON() when directory entry has invalid rec_len KVM: x86: Mask off reserved bits in CPUID.8000001AH KVM: x86: Mask off reserved bits in CPUID.80000008H KVM: x86: emulator: em_sysexit should update ctxt->mode KVM: x86: emulator: introduce emulator_recalc_and_set_mode KVM: x86: emulator: update the emulation mode after CR0 write mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times drm/rockchip: dsi: Force synchronous probe drm/i915/sdvo: Filter out invalid outputs more sensibly drm/i915/sdvo: Setup DDC fully before output init wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() ipc: remove memcg accounting for sops objects in do_semtimedop() Linux 5.4.224 Change-Id: I4620eca3873c24ff6e810a762a0977bae99dcaeb Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Gaosheng Cui
|
0c3e6288da |
capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
commit 8cf0a1bc12870d148ae830a4ba88cfdf0e879cee upstream.
In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to
complete the memory allocation of tmpbuf, if we have completed
the memory allocation of tmpbuf, but failed to call handler->get(...),
there will be a memleak in below logic:
|-- ret = (int)vfs_getxattr_alloc(mnt_userns, ...)
| /* ^^^ alloc for tmpbuf */
|-- value = krealloc(*xattr_value, error + 1, flags)
| /* ^^^ alloc memory */
|-- error = handler->get(handler, ...)
| /* error! */
|-- *xattr_value = value
| /* xattr_value is &tmpbuf (memory leak!) */
So we will try to free(tmpbuf) after vfs_getxattr_alloc() fails to fix it.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Michael Bestas
|
9c70abfc5e
|
Merge tag 'ASB-2022-11-01_11-5.4' of https://android.googlesource.com/kernel/common into android13-5.4-lahaina
https://source.android.com/docs/security/bulletin/2022-11-01 * tag 'ASB-2022-11-01_11-5.4' of https://android.googlesource.com/kernel/common: UPSTREAM: mm/mremap: hold the rmap lock in write mode when moving page table entries. FROMLIST: binder: fix UAF of alloc->vma in race with munmap() UPSTREAM: mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() UPSTREAM: mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() UPSTREAM: af_key: Do not call xfrm_probe_algs in parallel UPSTREAM: wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() UPSTREAM: wifi: cfg80211/mac80211: reject bad MBSSID elements UPSTREAM: wifi: cfg80211: ensure length byte is present before access UPSTREAM: wifi: cfg80211: fix BSS refcounting bugs UPSTREAM: wifi: cfg80211: avoid nontransmitted BSS list corruption UPSTREAM: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate UPSTREAM: wifi: cfg80211: update hidden BSSes to avoid WARN_ON UPSTREAM: mac80211: mlme: find auth challenge directly UPSTREAM: wifi: mac80211: don't parse mbssid in assoc response UPSTREAM: wifi: mac80211: fix MBSSID parsing use-after-free ANDROID: Drop explicit 'CONFIG_INIT_STACK_ALL_ZERO=y' from gki_defconfig UPSTREAM: hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero UPSTREAM: hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO UPSTREAM: hardening: Clarify Kconfig text for auto-var-init ANDROID: GKI: Update FCNT KMI symbol list ANDROID: Fix kenelci build-break for !CONFIG_PERF_EVENTS BACKPORT: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report ANDROID: ABI: Update allowed list for QCOM UPSTREAM: wifi: mac80211_hwsim: use 32-bit skb cookie UPSTREAM: wifi: mac80211_hwsim: add back erroneously removed cast UPSTREAM: wifi: mac80211_hwsim: fix race condition in pending packet ANDROID: incfs: Add check for ATTR_KILL_SUID and ATTR_MODE in incfs_setattr Linux 5.4.210 x86/speculation: Add LFENCE to RSB fill sequence x86/speculation: Add RSB VM Exit protections macintosh/adb: fix oob read in do_adb_query() function media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls selftests: KVM: Handle compiler optimizations in ucall KVM: Don't null dereference ops->destroy selftests/bpf: Fix "dubious pointer arithmetic" test selftests/bpf: Fix test_align verifier log patterns bpf: Test_verifier, #70 error message updates for 32-bit right shift selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() ACPI: APEI: Better fix to avoid spamming the console with old error logs ACPI: video: Shortening quirk list by identifying Clevo by board_name only ACPI: video: Force backlight native for some TongFang devices thermal: Fix NULL pointer dereferences in of_thermal_ functions ANDROID: GKI: db845c: Update symbols list and ABI Linux 5.4.209 scsi: core: Fix race between handling STS_RESOURCE and completion mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. ARM: crypto: comment out gcc warning that breaks clang builds sctp: leave the err path free in sctp_stream_init to sctp_stream_free sfc: disable softirqs for ptp TX perf symbol: Correct address for bss symbols virtio-net: fix the race between refill work and close netfilter: nf_queue: do not allow packet truncation below transport header offset sctp: fix sleep in atomic context bug in timer handlers i40e: Fix interface init with MSI interrupts (no MSI-X) tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. Documentation: fix sctp_wmem in ip-sysctl.rst tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. tcp: Fix a data-race around sysctl_tcp_autocorking. tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. tcp: Fix a data-race around sysctl_tcp_min_tso_segs. net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() igmp: Fix data-races around sysctl_igmp_qrv. ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr net: ping6: Fix memleak in ipv6_renew_options(). tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. scsi: ufs: host: Hold reference returned by of_parse_phandle() ice: do not setup vlan for loopback VSI ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) tcp: Fix a data-race around sysctl_tcp_nometrics_save. tcp: Fix a data-race around sysctl_tcp_frto. tcp: Fix a data-race around sysctl_tcp_adv_win_scale. tcp: Fix a data-race around sysctl_tcp_app_win. tcp: Fix data-races around sysctl_tcp_dsack. s390/archrandom: prevent CPACF trng invocations in interrupt context ntfs: fix use-after-free in ntfs_ucsncmp() Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put ANDROID: restore some removed refcount functions ANDROID: add tty_schedule_flip() back to the kernel Linux 5.4.208 x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm() net: usb: ax88179_178a needs FLAG_SEND_ZLP tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() tty: drop tty_schedule_flip() tty: the rest, stop using tty_schedule_flip() tty: drivers/tty/, stop using tty_schedule_flip() Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks Bluetooth: SCO: Fix sco_send_frame returning skb->len Bluetooth: Fix passing NULL to PTR_ERR Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg Bluetooth: Add bt_skb_sendmmsg helper Bluetooth: Add bt_skb_sendmsg helper ALSA: memalloc: Align buffer allocations in page size bitfield.h: Fix "type of reg too small for mask" test x86/mce: Deduplicate exception handling mmap locking API: initial implementation as rwsem wrappers x86/uaccess: Implement macros for CMPXCHG on user addresses x86: get rid of small constant size cases in raw_copy_{to,from}_user() locking/refcount: Consolidate implementations of refcount_t locking/refcount: Consolidate REFCOUNT_{MAX,SATURATED} definitions locking/refcount: Move saturation warnings out of line locking/refcount: Improve performance of generic REFCOUNT_FULL code locking/refcount: Move the bulk of the REFCOUNT_FULL implementation into the <linux/refcount.h> header locking/refcount: Remove unused refcount_*_checked() variants locking/refcount: Ensure integer operands are treated as signed locking/refcount: Define constants for saturation and max refcount values ima: remove the IMA_TEMPLATE Kconfig option dlm: fix pending remove if msg allocation fails bpf: Make sure mac_header was set before using it mm/mempolicy: fix uninit-value in mpol_rebind_policy() spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers tcp: Fix data-races around sysctl_tcp_max_reordering. tcp: Fix a data-race around sysctl_tcp_rfc1337. tcp: Fix a data-race around sysctl_tcp_stdurg. tcp: Fix a data-race around sysctl_tcp_retrans_collapse. tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. tcp: Fix data-races around sysctl_tcp_recovery. tcp: Fix a data-race around sysctl_tcp_early_retrans. tcp: Fix data-races around sysctl knobs related to SYN option. udp: Fix a data-race around sysctl_udp_l3mdev_accept. ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. be2net: Fix buffer overflow in be_get_module_eeprom gpio: pca953x: only use single read/write for No AI mode ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero i40e: Fix erroneous adapter reinitialization during recovery process iavf: Fix handling of dummy receive descriptors tcp: Fix data-races around sysctl_tcp_fastopen. tcp: Fix data-races around sysctl_max_syn_backlog. tcp: Fix a data-race around sysctl_tcp_tw_reuse. tcp: Fix a data-race around sysctl_tcp_notsent_lowat. tcp: Fix data-races around some timeout sysctl knobs. tcp: Fix data-races around sysctl_tcp_reordering. tcp: Fix data-races around sysctl_tcp_syncookies. igmp: Fix a data-race around sysctl_igmp_max_memberships. igmp: Fix data-races around sysctl_igmp_llm_reports. net/tls: Fix race in TLS device down flow net: stmmac: fix dma queue left shift overflow issue i2c: cadence: Change large transfer count reset logic to be unconditional tcp: Fix a data-race around sysctl_tcp_probe_interval. tcp: Fix a data-race around sysctl_tcp_probe_threshold. tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. tcp: Fix data-races around sysctl_tcp_min_snd_mss. tcp: Fix data-races around sysctl_tcp_base_mss. tcp: Fix data-races around sysctl_tcp_mtu_probing. tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. ip: Fix a data-race around sysctl_fwmark_reflect. ip: Fix data-races around sysctl_ip_nonlocal_bind. ip: Fix data-races around sysctl_ip_fwd_use_pmtu. ip: Fix data-races around sysctl_ip_no_pmtu_disc. igc: Reinstate IGC_REMOVED logic and implement it properly perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() pinctrl: ralink: Check for null return of devm_kcalloc power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() serial: mvebu-uart: correctly report configured baudrate value PCI: hv: Fix interrupt mapping for multi-MSI PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI PCI: hv: Fix multi-MSI to allow more than one MSI vector xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE lockdown: Fix kexec lockdown bypass with ima policy mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication riscv: add as-options for modules with assembly compontents pinctrl: stm32: fix optional IRQ support to gpios Revert "cgroup: Use separate src/dst nodes when preloading css_sets for migration" Linux 5.4.207 can: m_can: m_can_tx_handler(): fix use after free of skb serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle serial: stm32: Clear prev values before setting RTS delays serial: 8250: fix return error code in serial8250_request_std_resource() tty: serial: samsung_tty: set dma burst_size to 1 usb: dwc3: gadget: Fix event pending check usb: typec: add missing uevent when partner support PD USB: serial: ftdi_sio: add Belimo device ids signal handling: don't use BUG_ON() for debugging ARM: dts: stm32: use the correct clock source for CEC on stm32mp151 soc: ixp4xx/npe: Fix unused match warning x86: Clear .brk area at early boot irqchip: or1k-pic: Undefine mask_ack for level triggered hardware ASoC: madera: Fix event generation for rate controls ASoC: madera: Fix event generation for OUT1 demux ASoC: cs47l15: Fix event generation for low power mux control ASoC: wm5110: Fix DRE control ASoC: ops: Fix off by one in range control validation net: sfp: fix memory leak in sfp_probe() nvme: fix regression when disconnect a recovering ctrl NFC: nxp-nci: don't print header length mismatch on i2c error net: tipc: fix possible refcount leak in tipc_sk_create() platform/x86: hp-wmi: Ignore Sanitization Mode event cpufreq: pmac32-cpufreq: Fix refcount leak bug netfilter: br_netfilter: do not skip all hooks with 0 priority virtio_mmio: Restore guest page size on resume virtio_mmio: Add missing PM calls to freeze/restore mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE sfc: fix kernel panic when creating VF seg6: bpf: fix skb checksum in bpf_push_seg6_encap() seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors seg6: fix skb checksum evaluation in SRH encapsulation/insertion sfc: fix use after free when disabling sriov net: ftgmac100: Hold reference returned by of_get_child_by_name() ipv4: Fix data-races around sysctl_ip_dynaddr. raw: Fix a data-race around sysctl_raw_l3mdev_accept. icmp: Fix a data-race around sysctl_icmp_ratemask. icmp: Fix a data-race around sysctl_icmp_ratelimit. drm/i915/gt: Serialize TLB invalidates with GT resets ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero ARM: dts: at91: sama5d2: Fix typo in i2s1 node ipv4: Fix a data-race around sysctl_fib_sync_mem. icmp: Fix data-races around sysctl. cipso: Fix data-races around sysctl. net: Fix data-races around sysctl_mem. inetpeer: Fix data-races around sysctl. net: stmmac: dwc-qos: Disable split header for Tegra194 ASoC: sgtl5000: Fix noise on shutdown/remove ima: Fix a potential integer overflow in ima_appraise_measurement drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() ARM: 9210/1: Mark the FDT_FIXED sections as shareable ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count ext4: fix race condition between ext4_write and ext4_convert_inline_data sched/rt: Disable RT_RUNTIME_SHARE by default Revert "evm: Fix memleak in init_desc" nilfs2: fix incorrect masking of permission flags for symlinks drm/panfrost: Fix shrinker list corruption by madvise IOCTL cgroup: Use separate src/dst nodes when preloading css_sets for migration wifi: mac80211: fix queue selection for mesh/OCB interfaces ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction ARM: 9213/1: Print message about disabled Spectre workarounds only once ip: fix dflt addr selection for connected nexthop net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer tracing/histograms: Fix memory leak problem xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model ALSA: hda - Add fixup for Dell Latitidue E5430 Linux 5.4.206 Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" Linux 5.4.205 dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly dmaengine: pl330: Fix lockdep warning about non-static key ida: don't use BUG_ON() for debugging dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo misc: rtsx_usb: set return value in rsp_buf alloc err path misc: rtsx_usb: use separate command and response buffers misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer dmaengine: imx-sdma: Allow imx8m for imx7 FW revs i2c: cadence: Unregister the clk notifier in error path selftests: forwarding: fix error message in learning_test selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT ibmvnic: Properly dispose of all skbs during a failover. ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt ARM: at91: pm: use proper compatible for sama5d2's rtc pinctrl: sunxi: sunxi_pconf_set: use correct offset pinctrl: sunxi: a83t: Fix NAND function name for some pins ARM: meson: Fix refcount leak in meson_smp_prepare_cpus xfs: remove incorrect ASSERT in xfs_rename can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info powerpc/powernv: delay rng platform device creation until later in boot video: of_display_timing.h: include errno.h fbcon: Prevent that screen size is smaller than font size fbcon: Disallow setting font bigger than screen size fbmem: Check virtual screen sizes in fb_set_var() fbdev: fbmem: Fix logo center image dx issue iommu/vt-d: Fix PCI bus rescan device hot add net: rose: fix UAF bug caused by rose_t0timer_expiry usbnet: fix memory leak in error case can: gs_usb: gs_usb_open/close(): fix memory leak can: grcan: grcan_probe(): remove extra of_node_get() can: bcm: use call_rcu() instead of costly synchronize_rcu() mm/slub: add missing TID updates on slab deactivation esp: limit skb_page_frag_refill use to a single page Linux 5.4.204 clocksource/drivers/ixp4xx: remove EXPORT_SYMBOL_GPL from ixp4xx_timer_setup() net: usb: qmi_wwan: add Telit 0x1070 composition net: usb: qmi_wwan: add Telit 0x1060 composition xen/arm: Fix race in RB-tree based P2M accounting xen/blkfront: force data bouncing when backend is untrusted xen/netfront: force data bouncing when backend is untrusted xen/netfront: fix leaking data in shared pages xen/blkfront: fix leaking data in shared pages selftests/rseq: Change type of rseq_offset to ptrdiff_t selftests/rseq: x86-32: use %gs segment selector for accessing rseq thread area selftests/rseq: x86-64: use %fs segment selector for accessing rseq thread area selftests/rseq: Fix: work-around asm goto compiler bugs selftests/rseq: Remove arm/mips asm goto compiler work-around selftests/rseq: Fix warnings about #if checks of undefined tokens selftests/rseq: Fix ppc32 offsets by using long rather than off_t selftests/rseq: Fix ppc32 missing instruction selection "u" and "x" for load/store selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big endian selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35 selftests/rseq: Introduce thread pointer getters selftests/rseq: Introduce rseq_get_abi() helper selftests/rseq: Remove volatile from __rseq_abi selftests/rseq: Remove useless assignment to cpu variable selftests/rseq: introduce own copy of rseq uapi header selftests/rseq: remove ARRAY_SIZE define from individual tests rseq/selftests,x86_64: Add rseq_offset_deref_addv() ipv6/sit: fix ipip6_tunnel_get_prl return value sit: use min net: dsa: bcm_sf2: force pause link settings hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails xen/gntdev: Avoid blocking in unmap_grant_pages() net: tun: avoid disabling NAPI twice NFC: nxp-nci: Don't issue a zero length i2c_master_read() nfc: nfcmrvl: Fix irq_of_parse_and_map() return value net: bonding: fix use-after-free after 802.3ad slave unbind net: bonding: fix possible NULL deref in rlb code net/sched: act_api: Notify user space if any actions were flushed before error netfilter: nft_dynset: restore set element counter when failing to update s390: remove unneeded 'select BUILD_BIN2C' PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events caif_virtio: fix race between virtio_device_ready() and ndo_open() net: ipv6: unexport __init-annotated seg6_hmac_net_init() usbnet: fix memory allocation in helpers linux/dim: Fix divide by 0 in RDMA DIM RDMA/qedr: Fix reporting QP timeout attribute net: tun: stop NAPI when detaching queues net: tun: unlink NAPI from device on destruction selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test virtio-net: fix race between ndo_open() and virtio_device_ready() net: usb: ax88179_178a: Fix packet receiving net: rose: fix UAF bugs caused by timer handler SUNRPC: Fix READ_PLUS crasher s390/archrandom: simplify back to earlier design and initialize earlier dm raid: fix KASAN warning in raid5_add_disks dm raid: fix accesses beyond end of raid member array powerpc/bpf: Fix use of user_pt_regs in uapi powerpc/prom_init: Fix kernel config grep nvdimm: Fix badblocks clear off-by-one error ipv6: take care of disable_policy when restoring routes Linux 5.4.203 crypto: arm/ghash-ce - define fpu before fpu registers are referenced crypto: arm - use Kconfig based compiler checks for crypto opcodes ARM: 9029/1: Make iwmmxt.S support Clang's integrated assembler ARM: OMAP2+: drop unnecessary adrl ARM: 8929/1: use APSR_nzcv instead of r15 as mrc operand ARM: 8933/1: replace Sun/Solaris style flag on section directive crypto: arm/sha512-neon - avoid ADRL pseudo instruction crypto: arm/sha256-neon - avoid ADRL pseudo instruction ARM: 8971/1: replace the sole use of a symbol with its definition ARM: 8990/1: use VFP assembler mnemonics in register load/store macros ARM: 8989/1: use .fpu assembler directives instead of assembler arguments net: mscc: ocelot: allow unregistered IP multicast flooding kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] powerpc/ftrace: Remove ftrace init tramp once kernel init is complete drm: remove drm_fb_helper_modinit Linux 5.4.202 powerpc/pseries: wire up rng during setup_arch() kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) random: update comment from copy_to_user() -> copy_to_iter() modpost: fix section mismatch check for exported init/exit sections ARM: cns3xxx: Fix refcount leak in cns3xxx_init ARM: Fix refcount leak in axxia_boot_secondary soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe ARM: exynos: Fix refcount leak in exynos_map_pmu ARM: dts: imx6qdl: correct PU regulator ramp delay powerpc/powernv: wire up rng during setup_arch powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address powerpc: Enable execve syscall exit tracepoint parisc: Enable ARCH_HAS_STRICT_MODULE_RWX xtensa: Fix refcount leak bug in time.c xtensa: xtfpga: Fix refcount leak bug in setup iio: adc: axp288: Override TS pin bias current for some models iio: adc: stm32: fix maximum clock rate for stm32mp15x iio: trigger: sysfs: fix use-after-free on remove iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() iio: accel: mma8452: ignore the return value of reset operation iio:accel:mxc4005: rearrange iio trigger get and register iio:accel:bma180: rearrange iio trigger get and register iio:chemical:ccs811: rearrange iio trigger get and register usb: chipidea: udc: check request status before setting device address xhci: turn off port power in shutdown iio: adc: vf610: fix conversion mode sysfs node name s390/cpumf: Handle events cycles and instructions identical gpio: winbond: Fix error code in winbond_gpio_get() Revert "net/tls: fix tls_sk_proto_close executed repeatedly" virtio_net: fix xdp_rxq_info bug after suspend/resume igb: Make DMA faster when CPU is active on the PCIe link regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips ice: ethtool: advertise 1000M speeds properly afs: Fix dynamic root getattr MIPS: Remove repetitive increase irq_err_count x86/xen: Remove undefined behavior in setup_features() udmabuf: add back sanity check net/tls: fix tls_sk_proto_close executed repeatedly erspan: do not assume transport header is always set drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers phy: aquantia: Fix AN when higher speeds than 1G are not advertised bpf: Fix request_sock leak in sk lookup helpers USB: serial: option: add Quectel RM500K module support USB: serial: option: add Quectel EM05-G modem USB: serial: option: add Telit LE910Cx 0x1250 composition random: quiet urandom warning ratelimit suppression message dm mirror log: clear log bits up to BITS_PER_LONG boundary dm era: commit metadata in postsuspend after worker stops ata: libata: add qc->flags in ata_qc_complete_template tracepoint mtd: rawnand: gpmi: Fix setting busy timeout setting mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing net: openvswitch: fix parsing of nw_proto for IPv6 fragments ALSA: hda/realtek: Add quirk for Clevo PD70PNT ALSA: hda/realtek - ALC897 headset MIC no sound ALSA: hda/conexant: Fix missing beep setup ALSA: hda/via: Fix missing beep setup random: schedule mix_interrupt_randomness() less often vt: drop old FONT ioctls Linux 5.4.201 Revert "hwmon: Make chip parameter for with_info API mandatory" arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer tcp: drop the hash_32() part from the index calculation tcp: increase source port perturb table to 2^16 tcp: dynamically allocate the perturb table used by source ports tcp: add small random increments to the source port tcp: use different parts of the port_offset for index and offset tcp: add some entropy in __inet_hash_connect() usb: gadget: u_ether: fix regression in setting fixed MAC address dm: remove special-casing of bio-based immutable singleton target on NVMe s390/mm: use non-quiescing sske for KVM switch to keyed guest UPSTREAM: ext4: verify dir block before splitting it UPSTREAM: ext4: fix use-after-free in ext4_rename_dir_prepare BACKPORT: ext4: Only advertise encrypted_casefold when encryption and unicode are enabled BACKPORT: ext4: fix no-key deletion for encrypt+casefold BACKPORT: ext4: optimize match for casefolded encrypted dirs BACKPORT: ext4: handle casefolding with encryption Revert "ANDROID: ext4: Handle casefolding with encryption" Revert "ANDROID: ext4: Optimize match for casefolded encrypted dirs" ANDROID: cpu/hotplug: avoid breaking Android ABI by fusing cpuhp steps ANDROID: change function signatures for some random functions. Revert "mailbox: forward the hrtimer if not queued and under a lock" Revert "drm: fix EDID struct for old ARM OABI format" Revert "ALSA: jack: Access input_dev under mutex" Linux 5.4.200 powerpc/mm: Switch obsolete dssall to .long riscv: Less inefficient gcc tishift helpers (and export their symbols) RISC-V: fix barrier() use in <vdso/processor.h> arm64: kprobes: Use BRK instead of single-step when executing instructions out-of-line net: openvswitch: fix leak of nested actions net: openvswitch: fix misuse of the cached connection on tuple changes net/sched: act_police: more accurate MTU policing virtio-pci: Remove wrong address verification in vp_del_vqs() ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8 ext4: add reserved GDT blocks check ext4: make variable "count" signed ext4: fix bug_on ext4_mb_use_inode_pa dm mirror log: round up region bitmap size to BITS_PER_LONG serial: 8250: Store to lsr_save_flags after lsr read usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe usb: dwc2: Fix memory leak in dwc2_hcd_init USB: serial: io_ti: add Agilent E5805A support USB: serial: option: add support for Cinterion MV31 with new baseline comedi: vmk80xx: fix expression for tx buffer size i2c: designware: Use standard optional ref clock implementation irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions irqchip/gic/realview: Fix refcount leak in realview_gic_of_init faddr2line: Fix overlapping text section failures, the sequel certs/blacklist_hashes.c: fix const confusion in certs blacklist arm64: ftrace: fix branch range checks net: bgmac: Fix an erroneous kfree() in bgmac_remove() mlxsw: spectrum_cnt: Reorder counter pools misc: atmel-ssc: Fix IRQ check in ssc_probe tty: goldfish: Fix free_irq() on remove i40e: Fix call trace in setup_tx_descriptors i40e: Fix calculating the number of queue pairs i40e: Fix adding ADQ filter to TC0 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE random: credit cpu and bootloader seeds by default net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed ALSA: hda/realtek - Add HW8326 support scsi: pmcraid: Fix missing resource cleanup in error case scsi: ipr: Fix missing/incorrect resource cleanup in error case scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology scsi: vmw_pvscsi: Expand vcpuHint to 16 bits ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put() ASoC: es8328: Fix event generation for deemphasis control ASoC: wm8962: Fix suspend while playing music ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() ASoC: cs42l56: Correct typo in minimum level for SX volume controls ASoC: cs42l52: Correct TLV for Bypass Volume ASoC: cs53l30: Correct number of volume levels on SX controls ASoC: cs35l36: Update digital volume TLV ASoC: cs42l52: Fix TLV scales for mixer controls dma-debug: make things less spammy under memory pressure ASoC: nau8822: Add operation for internal PLL off and on powerpc/kasan: Silence KASAN warnings in __get_wchan() random: account for arch randomness in bits random: mark bootloader randomness code as __init random: avoid checking crng_ready() twice in random_init() crypto: drbg - make reseeding from get_random_bytes() synchronous crypto: drbg - always try to free Jitter RNG instance crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() crypto: drbg - prepare for more fine-grained tracking of seeding state crypto: drbg - always seeded with SP800-90B compliant noise source Revert "random: use static branch for crng_ready()" random: check for signals after page of pool writes random: wire up fops->splice_{read,write}_iter() random: convert to using fops->write_iter() random: convert to using fops->read_iter() random: unify batched entropy implementations random: move randomize_page() into mm where it belongs random: move initialization functions out of hot pages random: make consistent use of buf and len random: use proper return types on get_random_{int,long}_wait() random: remove extern from functions in header random: use static branch for crng_ready() random: credit architectural init the exact amount random: handle latent entropy and command line from random_init() random: use proper jiffies comparison macro random: remove ratelimiting for in-kernel unseeded randomness random: move initialization out of reseeding hot path random: avoid initializing twice in credit race random: use symbolic constants for crng_init states siphash: use one source of truth for siphash permutations random: help compiler out with fast_mix() by using simpler arguments random: do not use input pool from hard IRQs random: order timer entropy functions below interrupt functions random: do not pretend to handle premature next security model random: use first 128 bits of input as fast init random: do not use batches when !crng_ready() random: insist on random_get_entropy() existing in order to simplify xtensa: use fallback for random_get_entropy() instead of zero sparc: use fallback for random_get_entropy() instead of zero um: use fallback for random_get_entropy() instead of zero x86/tsc: Use fallback for random_get_entropy() instead of zero nios2: use fallback for random_get_entropy() instead of zero arm: use fallback for random_get_entropy() instead of zero mips: use fallback for random_get_entropy() instead of just c0 random m68k: use fallback for random_get_entropy() instead of zero timekeeping: Add raw clock fallback for random_get_entropy() powerpc: define get_cycles macro for arch-override alpha: define get_cycles macro for arch-override parisc: define get_cycles macro for arch-override s390: define get_cycles macro for arch-override ia64: define get_cycles macro for arch-override init: call time_init() before rand_initialize() random: fix sysctl documentation nits random: document crng_fast_key_erasure() destination possibility random: make random_get_entropy() return an unsigned long random: allow partial reads if later user copies fail random: check for signals every PAGE_SIZE chunk of /dev/[u]random random: check for signal_pending() outside of need_resched() check random: do not allow user to keep crng key around on stack random: do not split fast init input in add_hwgenerator_randomness() random: mix build-time latent entropy into pool at init random: re-add removed comment about get_random_{u32,u64} reseeding random: treat bootloader trust toggle the same way as cpu trust toggle random: skip fast_init if hwrng provides large chunk of entropy random: check for signal and try earlier when generating entropy random: reseed more often immediately after booting random: make consistent usage of crng_ready() random: use SipHash as interrupt entropy accumulator random: replace custom notifier chain with standard one random: don't let 644 read-only sysctls be written to random: give sysctl_random_min_urandom_seed a more sensible value random: do crng pre-init loading in worker rather than irq random: unify cycles_t and jiffies usage and types random: cleanup UUID handling random: only wake up writers after zap if threshold was passed random: round-robin registers as ulong, not u32 random: clear fast pool, crng, and batches in cpuhp bring up random: pull add_hwgenerator_randomness() declaration into random.h random: check for crng_init == 0 in add_device_randomness() random: unify early init crng load accounting random: do not take pool spinlock at boot random: defer fast pool mixing to worker random: rewrite header introductory comment random: group sysctl functions random: group userspace read/write functions random: group entropy collection functions random: group entropy extraction functions random: group crng functions random: group initialization wait functions random: remove whitespace and reorder includes random: remove useless header comment random: introduce drain_entropy() helper to declutter crng_reseed() random: deobfuscate irq u32/u64 contributions random: add proper SPDX header random: remove unused tracepoints random: remove ifdef'd out interrupt bench random: tie batched entropy generation to base_crng generation random: fix locking for crng_init in crng_reseed() random: zero buffer after reading entropy from userspace random: remove outdated INT_MAX >> 6 check in urandom_read() random: make more consistent use of integer types random: use hash function for crng_slow_load() random: use simpler fast key erasure flow on per-cpu keys random: absorb fast pool into input pool after fast load random: do not xor RDRAND when writing into /dev/random random: ensure early RDSEED goes through mixer on init random: inline leaves of rand_initialize() random: get rid of secondary crngs random: use RDSEED instead of RDRAND in entropy extraction random: fix locking in crng_fast_load() random: remove batched entropy locking random: remove use_input_pool parameter from crng_reseed() random: make credit_entropy_bits() always safe random: always wake up entropy writers after extraction random: use linear min-entropy accumulation crediting random: simplify entropy debiting random: use computational hash for entropy extraction random: only call crng_finalize_init() for primary_crng random: access primary_pool directly rather than through pointer random: continually use hwgenerator randomness random: simplify arithmetic function flow in account() random: selectively clang-format where it makes sense random: access input_pool_data directly rather than through pointer random: cleanup fractional entropy shift constants random: prepend remaining pool constants with POOL_ random: de-duplicate INPUT_POOL constants random: remove unused OUTPUT_POOL constants random: rather than entropy_store abstraction, use global random: remove unused extract_entropy() reserved argument random: remove incomplete last_data logic random: cleanup integer types random: cleanup poolinfo abstraction random: fix typo in comments random: don't reset crng_init_cnt on urandom_read() random: avoid superfluous call to RDRAND in CRNG extraction random: early initialization of ChaCha constants random: initialize ChaCha20 constants with correct endianness random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs random: harmonize "crng init done" messages random: mix bootloader randomness into pool random: do not re-init if crng_reseed completes before primary init random: do not sign extend bytes for rotation when mixing random: use BLAKE2s instead of SHA1 in extraction random: remove unused irq_flags argument from add_interrupt_randomness() random: document add_hwgenerator_randomness() with other input functions crypto: blake2s - adjust include guard naming crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h> MAINTAINERS: co-maintain random.c random: remove dead code left over from blocking pool random: avoid arch_get_random_seed_long() when collecting IRQ randomness random: add arch_get_random_*long_early() powerpc: Use bool in archrandom.h linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check linux/random.h: Use false with bool linux/random.h: Remove arch_has_random, arch_has_random_seed s390: Remove arch_has_random, arch_has_random_seed powerpc: Remove arch_has_random, arch_has_random_seed x86: Remove arch_has_random, arch_has_random_seed random: avoid warnings for !CONFIG_NUMA builds random: split primary/secondary crng init paths random: remove some dead code of poolinfo random: fix typo in add_timer_randomness() random: Add and use pr_fmt() random: convert to ENTROPY_BITS for better code readability random: remove unnecessary unlikely() random: remove kernel.random.read_wakeup_threshold random: delete code to pull data into pools random: remove the blocking pool random: make /dev/random be almost like /dev/urandom random: ignore GRND_RANDOM in getentropy(2) random: add GRND_INSECURE to return best-effort non-cryptographic bytes random: Add a urandom_read_nowait() for random APIs that don't warn random: Don't wake crng_init_wait when crng_init == 1 random: don't forget compat_ioctl on urandom compat_ioctl: remove /dev/random commands lib/crypto: sha1: re-roll loops to reduce code size lib/crypto: blake2s: move hmac construction into wireguard crypto: blake2s - generic C library implementation and selftest nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION bpf: Fix incorrect memory charge cost calculation in stack_map_alloc() 9p: missing chunk of "fs/9p: Don't update file type when updating file attributes" Revert "ext4: fix use-after-free in ext4_rename_dir_prepare" Revert "ext4: verify dir block before splitting it" Linux 5.4.199 x86/speculation/mmio: Print SMT warning KVM: x86/speculation: Disable Fill buffer clear within guests x86/speculation/mmio: Reuse SRBDS mitigation for SBDS x86/speculation/srbds: Update SRBDS mitigation selection x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data x86/speculation/mmio: Enable CPU Fill buffer clearing on idle x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data x86/speculation: Add a common function for MD_CLEAR mitigation update x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug Documentation: Add documentation for Processor MMIO Stale Data x86/cpu: Add another Alder Lake CPU to the Intel family x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family x86/cpu: Add Jasper Lake to Intel family cpu/speculation: Add prototype for cpu_show_srbds() Linux 5.4.198 tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N md/raid0: Ignore RAID0 layout if the second zone has only one device powerpc/32: Fix overread/overwrite of thread_struct via ptrace Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag ixgbe: fix unexpected VLAN Rx in promisc mode on VF ixgbe: fix bcast packets Rx on VF after promisc removal nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION mmc: block: Fix CQE recovery reset success ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files cifs: return errors during session setup during reconnects ALSA: hda/conexant - Fix loopback issue with CX20632 scripts/gdb: change kernel config dumping method vringh: Fix loop descriptors check in the indirect cases nodemask: Fix return values to be unsigned cifs: version operations for smb20 unneeded when legacy support disabled s390/gmap: voluntarily schedule during key setting nbd: fix io hung while disconnecting device nbd: fix race between nbd_alloc_config() and module removal nbd: call genl_unregister_family() first in nbd_cleanup() x86/cpu: Elide KCSAN for cpu_has() and friends modpost: fix undefined behavior of is_arm_mapping_symbol() drm/radeon: fix a possible null pointer dereference ceph: allow ceph.dir.rctime xattr to be updatable Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process" scsi: myrb: Fix up null pointer access on myrb_cleanup() md: protect md_unregister_thread from reentrancy watchdog: wdat_wdt: Stop watchdog when rebooting the system kernfs: Separate kernfs_pr_cont_buf and rename_lock. serial: msm_serial: disable interrupts in __msm_console_write() staging: rtl8712: fix uninit-value in r871xu_drv_init() staging: rtl8712: fix uninit-value in usb_read8() and friends clocksource/drivers/sp804: Avoid error on multiple instances extcon: Modify extcon device to be created after driver data is set misc: rtsx: set NULL intfdata when probe fails usb: dwc2: gadget: don't reset gadget's driver->bus USB: hcd-pci: Fully suspend across freeze/thaw cycle drivers: usb: host: Fix deadlock in oxu_bus_suspend() drivers: tty: serial: Fix deadlock in sa1100_set_termios() USB: host: isp116x: check return value after calling platform_get_resource() drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() tty: Fix a possible resource leak in icom_probe tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() lkdtm/usercopy: Expand size of "out of frame" object iio: st_sensors: Add a local lock for protecting odr iio: dummy: iio_simple_dummy: check the return value of kstrdup() drm: imx: fix compiler warning with gcc-12 net: altera: Fix refcount leak in altera_tse_mdio_create ip_gre: test csum_start instead of transport header net/mlx5: fs, fail conflicting actions net/mlx5: Rearm the FW tracer after each tracer event net: ipv6: unexport __init-annotated seg6_hmac_init() net: xfrm: unexport __init-annotated xfrm4_protocol_init() net: mdio: unexport __init-annotated mdio_bus_init() SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list bpf, arm64: Clear prog->jited_len along prog->jited af_unix: Fix a data-race in unix_dgram_peer_wake_me(). xen: unexport __init-annotated xen_xlate_map_ballooned_pages() netfilter: nf_tables: memleak flow rule from commit path ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe netfilter: nat: really support inet nat without l3 address xprtrdma: treat all calls not a bcall when bc_serv is NULL video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() NFSv4: Don't hold the layoutget locks across multiple RPC calls dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type m68knommu: fix undefined reference to `_init_sp' m68knommu: set ZERO_PAGE() to the allocated zeroed page i2c: cadence: Increase timeout per message if necessary f2fs: remove WARN_ON in f2fs_is_valid_blkaddr tracing: Avoid adding tracer option before update_tracer_options tracing: Fix sleeping function called from invalid context on RT kernel mips: cpc: Fix refcount leak in mips_cpc_default_phys_base perf c2c: Fix sorting in percent_rmt_hitm_cmp() tipc: check attribute length for bearer name afs: Fix infinite loop found by xfstest generic/676 tcp: tcp_rtx_synack() can be called from process context net: sched: add barrier to fix packet stuck problem for lockless qdisc net/mlx5e: Update netdev features after changing XDP state net/mlx5: Don't use already freed action pointer nfp: only report pause frame configuration for physical device ubi: ubi_create_volume: Fix use-after-free when volume creation failed jffs2: fix memory leak in jffs2_do_fill_super modpost: fix removing numeric suffixes net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog s390/crypto: fix scatterwalk_unmap() callers in AES-GCM clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe driver core: fix deadlock in __device_attach driver: base: fix UAF when driver_attach failed bus: ti-sysc: Fix warnings for unbind for serial firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle serial: stm32-usart: Correct CSIZE, bits, and parity serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 serial: sifive: Sanitize CSIZE and c_iflag serial: sh-sci: Don't allow CS5-6 serial: txx9: Don't allow CS5-6 serial: rda-uart: Don't allow CS5-6 serial: digicolor-usart: Don't allow CS5-6 serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 serial: meson: acquire port->lock in startup() rtc: mt6397: check return value after calling platform_get_resource() clocksource/drivers/riscv: Events are stopped during CPU suspend soc: rockchip: Fix refcount leak in rockchip_grf_init coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier serial: sifive: Report actual baud base rather than fixed 115200 phy: qcom-qmp: fix pipe-clock imbalance on power-on failure rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails iio: adc: sc27xx: Fine tune the scale calibration values iio: adc: sc27xx: fix read big scale voltage not right iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check firmware: stratix10-svc: fix a missing check on list iterator usb: dwc3: pci: Fix pm_runtime_get_sync() error checking rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value pwm: lp3943: Fix duty calculation in case period was clamped staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() usb: musb: Fix missing of_node_put() in omap2430_probe USB: storage: karma: fix rio_karma_init return usb: usbip: add missing device lock on tweak configuration cmd usb: usbip: fix a refcount leak in stub_probe() tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe tty: goldfish: Use tty_port_destroy() to destroy port iio: adc: ad7124: Remove shift from scan_type staging: greybus: codecs: fix type confusion of list iterator variable pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards md: bcache: check the return value of kzalloc() in detached_dev_do_request() block: fix bio_clone_blkg_association() to associate with proper blkcg_gq bfq: Make sure bfqg for which we are queueing requests is online bfq: Get rid of __bio_blkcg() usage bfq: Remove pointless bfq_init_rq() calls bfq: Drop pointless unlock-lock pair bfq: Avoid merging queues with different parents MIPS: IP27: Remove incorrect `cpu_has_fpu' override RDMA/rxe: Generate a completion for unsupported/invalid opcode Kconfig: add config option for asm goto w/ outputs phy: qcom-qmp: fix reset-controller leak on probe errors blk-iolatency: Fix inflight count imbalances and IO hangs on offline dt-bindings: gpio: altera: correct interrupt-cells docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 ARM: pxa: maybe fix gpio lookup tables phy: qcom-qmp: fix struct clk leak on probe errors arm64: dts: qcom: ipq8074: fix the sleep clock frequency gma500: fix an incorrect NULL check on list iterator tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator serial: pch: don't overwrite xmit->buf[0] by x_char carl9170: tx: fix an incorrect use of list iterator ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control rtl818x: Prevent using not initialized queues hugetlb: fix huge_pmd_unshare address update nodemask.h: fix compilation error with GCC12 iommu/msm: Fix an incorrect NULL check on list iterator um: Fix out-of-bounds read in LDT setup um: chan_user: Fix winch_tramp() return value mac80211: upgrade passive scan to active scan on DFS channels after beacon rx irqchip: irq-xtensa-mx: fix initial IRQ affinity irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x RDMA/hfi1: Fix potential integer multiplication overflow errors Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug media: coda: Add more H264 levels for CODA960 media: coda: Fix reported H264 profile mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write md: fix an incorrect NULL check in md_reload_sb md: fix an incorrect NULL check in does_sb_need_changing drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX drm/nouveau/clk: Fix an incorrect NULL check on list iterator drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled scsi: dc395x: Fix a missing check on list iterator ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock dlm: fix missing lkb refcount handling dlm: fix plock invalid read mm, compaction: fast_find_migrateblock() should return pfn in the target zone PCI: qcom: Fix unbalanced PHY init on probe errors PCI: qcom: Fix runtime PM imbalance on probe errors PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 tracing: Fix potential double free in create_var_ref() ACPI: property: Release subnode properties with data nodes ext4: avoid cycles in directory h-tree ext4: verify dir block before splitting it ext4: fix bug_on in ext4_writepages ext4: fix warning in ext4_handle_inode_extension ext4: fix use-after-free in ext4_rename_dir_prepare netfilter: nf_tables: disallow non-stateful expression in sets earlier bfq: Track whether bfq_group is still online bfq: Update cgroup information before merging bio bfq: Split shared queues on move between cgroups efi: Do not import certificates from UEFI Secure Boot for T2 Macs fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages iwlwifi: mvm: fix assert 1F04 upon reconfig wifi: mac80211: fix use-after-free in chanctx code f2fs: fix fallocate to use file_modified to update permissions consistently f2fs: don't need inode lock for system hidden quota f2fs: fix deadloop in foreground GC f2fs: fix to clear dirty inode in f2fs_evict_inode() f2fs: fix to do sanity check on block address in f2fs_do_zero_range() f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() perf jevents: Fix event syntax error caused by ExtSel perf c2c: Use stdio interface if slang is not supported iommu/amd: Increase timeout waiting for GA log enablement dmaengine: stm32-mdma: remove GISR1 register video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout NFS: Don't report errors from nfs_pageio_complete() more than once NFS: Do not report flush errors in nfs_write_end() NFS: Do not report EINTR/ERESTARTSYS as mapping errors i2c: at91: Initialize dma_buf in at91_twi_xfer() i2c: at91: use dma safe buffers iommu/mediatek: Add list_del in mtk_iommu_remove f2fs: fix dereference of stale list iterator after loop body Input: stmfts - do not leave device disabled in stmfts_input_open RDMA/hfi1: Prevent use of lock before it is initialized mailbox: forward the hrtimer if not queued and under a lock mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup macintosh: via-pmu and via-cuda need RTC_LIB powerpc/perf: Fix the threshold compare group constraint for power9 powerpc/64: Only WARN if __pa()/__va() called with bad addresses Input: sparcspkr - fix refcount leak in bbc_beep_probe crypto: cryptd - Protect per-CPU resource by disabling BH. tty: fix deadlock caused by calling printk() under tty_port->lock PCI: imx6: Fix PERST# start-up sequence ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() proc: fix dentry/inode overinstantiating under /proc/${pid}/net powerpc/4xx/cpm: Fix return value of __setup() handler powerpc/idle: Fix return value of __setup() handler powerpc/8xx: export 'cpm_setbrg' for modules dax: fix cache flush on PMD-mapped pages drivers/base/node.c: fix compaction sysfs file leak pinctrl: mvebu: Fix irq_of_parse_and_map() return value nvdimm: Allow overwrite in the presence of disabled dimms firmware: arm_scmi: Fix list protocols enumeration in the base protocol scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() mfd: ipaq-micro: Fix error check return value of platform_get_irq() powerpc/fadump: fix PT_LOAD segment for boot memory area arm: mediatek: select arch timer for mt7629 crypto: marvell/cesa - ECB does not IV misc: ocxl: fix possible double free in ocxl_file_register_afu ARM: dts: bcm2835-rpi-b: Fix GPIO line names ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT can: xilinx_can: mark bit timing constants as const KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry PCI: rockchip: Fix find_first_zero_bit() limit PCI: cadence: Fix find_first_zero_bit() limit soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc ARM: dts: suniv: F1C100: fix watchdog compatible arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 net/smc: postpone sk_refcnt increment in connect() rxrpc: Fix decision on when to generate an IDLE ACK rxrpc: Don't let ack.previousPacket regress rxrpc: Fix overlapping ACK accounting rxrpc: Don't try to resend the request if we're receiving the reply rxrpc: Fix listen() setting the bar too high for the prealloc rings NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init ext4: reject the 'commit' option on ext2 filesystems media: ov7670: remove ov7670_power_off from ov7670_remove sctp: read sk->sk_bound_dev_if once in sctp_rcv() m68k: math-emu: Fix dependencies of math emulation support Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout media: vsp1: Fix offset calculation for plane cropping media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init media: exynos4-is: Change clk_disable to clk_disable_unprepare media: st-delta: Fix PM disable depth imbalance in delta_probe media: aspeed: Fix an error handling path in aspeed_video_probe() scripts/faddr2line: Fix overlapping text section failures regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe perf/amd/ibs: Use interrupt regs ip for stack unwinding Revert "cpufreq: Fix possible race in cpufreq online error path" iomap: iomap_write_failed fix media: uvcvideo: Fix missing check to determine if element is found in list drm/msm: return an error pointer in msm_gem_prime_get_sg_table() drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET x86/mm: Cleanup the control_va_addr_alignment() __setup handler irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value irqchip/exiu: Fix acknowledgment of edge triggered interrupts x86: Fix return value of __setup handlers virtio_blk: fix the discard_granularity and discard_alignment queue limits drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() drm/msm/hdmi: check return value after calling platform_get_resource_byname() drm/msm/dsi: fix error checks and return values for DSI xmit functions drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume perf tools: Add missing headers needed by util/data.h ASoC: rk3328: fix disabling mclk on pclk probe failure x86/speculation: Add missing prototype for unpriv_ebpf_notify() x86/pm: Fix false positive kmemleak report in msr_build_context() scsi: ufs: core: Exclude UECxx from SFR dump list of: overlay: do not break notify on NOTIFY_{OK|STOP} fsnotify: fix wrong lockdep annotations inotify: show inotify mask flags in proc fdinfo ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix cpufreq: Fix possible race in cpufreq online error path spi: img-spfi: Fix pm_runtime_get_sync() error checking sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq drm/bridge: Fix error handling in analogix_dp_probe HID: elan: Fix potential double free in elan_input_configured HID: hid-led: fix maximum brightness for Dream Cheeky drbd: fix duplicate array initializer efi: Add missing prototype for efi_capsule_setup_info NFC: NULL out the dev->rfkill to prevent UAF spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout drm: mali-dp: potential dereference of null pointer drm/komeda: Fix an undefined behavior bug in komeda_plane_add() nl80211: show SSID for P2P_GO interfaces bpf: Fix excessive memory allocation in stack_map_alloc() drm/vc4: txp: Force alpha to be 0xff if it's disabled drm/vc4: txp: Don't set TXP_VSTART_AT_EOF drm/mediatek: Fix mtk_cec_mask() x86/delay: Fix the wrong asm constraint in delay_loop() ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe drm/bridge: adv7511: clean up CEC adapter when probe fails drm/edid: fix invalid EDID extension block filtering ath9k: fix ar9003_get_eepmisc drm: fix EDID struct for old ARM OABI format RDMA/hfi1: Prevent panic when SDMA is disabled powerpc/iommu: Add missing of_node_put in iommu_init_early_dart macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled powerpc/powernv: fix missing of_node_put in uv_init() powerpc/xics: fix refcount leak in icp_opal_init() tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() ARM: hisi: Add missing of_node_put after of_find_compatible_node ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM ARM: versatile: Add missing of_node_put in dcscb_init fat: add ratelimit to fat*_ent_bread() powerpc/fadump: Fix fadump to work with a different endian capture kernel ARM: OMAP1: clock: Fix UART rate reporting algorithm fs: jfs: fix possible NULL pointer dereference in dbFree() PM / devfreq: rk3399_dmc: Disable edev on remove() ARM: dts: ox820: align interrupt controller node name with dtschema IB/rdmavt: add missing locks in rvt_ruc_loopback selftests/bpf: fix btf_dump/btf_dump due to recent clang change eth: tg3: silence the GCC 12 array-bounds warning rxrpc: Return an error to sendmsg if call failed hwmon: Make chip parameter for with_info API mandatory ASoC: max98357a: remove dependency on GPIOLIB media: exynos4-is: Fix compile warning net: phy: micrel: Allow probing without .driver_data nbd: Fix hung on disconnect request if socket is closed before ASoC: rt5645: Fix errorenous cleanup order nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags openrisc: start CPU timer early in boot media: cec-adap.c: fix is_configuring state media: coda: limit frame interval enumeration to supported encoder frame sizes rtlwifi: Use pr_warn instead of WARN_ONCE ipmi: Fix pr_fmt to avoid compilation issues ipmi:ssif: Check for NULL msg when handling events and messages ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC spi: stm32-qspi: Fix wait_cmd timeout in APM mode s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES ASoC: tscs454: Add endianness flag in snd_soc_component_driver HID: bigben: fix slab-out-of-bounds Write in bigben_probe drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo mlxsw: spectrum_dcb: Do not warn about priority changes ASoC: dapm: Don't fold register value changes into notifications net/mlx5: fs, delete the FTE when there are no rules attached to it ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL drm: msm: fix error check return value of irq_of_parse_and_map() arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall drm/amd/pm: fix the compile warning drm/plane: Move range check for format_count earlier scsi: megaraid: Fix error check return value of register_chrdev() mmc: jz4740: Apply DMA engine limits to maximum segment size md/bitmap: don't set sb values if can't pass sanity check media: cx25821: Fix the warning when removing the module media: pci: cx23885: Fix the error handling in cx23885_initdev() media: venus: hfi: avoid null dereference in deinit ath9k: fix QCA9561 PA bias level drm/amd/pm: fix double free in si_parse_power_table() tools/power turbostat: fix ICX DRAM power numbers spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction ALSA: jack: Access input_dev under mutex drm/komeda: return early if drm_universal_plane_init() fails. ACPICA: Avoid cache flush inside virtual machines fbcon: Consistently protect deferred_takeover with console_lock() ipv6: fix locking issues with loops over idev->addr_list ipw2x00: Fix potential NULL dereference in libipw_xmit() b43: Fix assigning negative value to unsigned variable b43legacy: Fix assigning negative value to unsigned variable mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes btrfs: repair super block num_devices automatically btrfs: add "0x" prefix for unsupported optional features ptrace: Reimplement PTRACE_KILL by always sending SIGKILL ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP perf/x86/intel: Fix event constraints for ICL usb: core: hcd: Add support for deferring roothub registration USB: new quirk for Dell Gen 2 devices USB: serial: option: add Quectel BG95 modem ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS binfmt_flat: do not stop relocating GOT entries prematurely on riscv Conflicts: Documentation/devicetree/bindings/dma/allwinner,sun50i-a64-dma.yaml Documentation/devicetree/bindings~HEAD drivers/char/Kconfig drivers/mmc/core/block.c kernel/sysctl.c Change-Id: If11e1865055bfb94b3268960268c88c3dfc032c3 |
||
Kees Cook
|
0d4d3b41a5 |
UPSTREAM: hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero
Now that Clang's -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang option is no longer required, remove it from the command line. Clang 16 and later will warn when it is used, which will cause Kconfig to think it can't use -ftrivial-auto-var-init=zero at all. Check for whether it is required and only use it when so. Cc: Nathan Chancellor <nathan@kernel.org> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: linux-kbuild@vger.kernel.org Cc: llvm@lists.linux.dev Cc: stable@vger.kernel.org Fixes: f02003c860d9 ("hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO") Signed-off-by: Kees Cook <keescook@chromium.org> (cherry picked from commit 607e57c6c62c00965ae276902c166834ce73014a) Change-Id: I30ecd0e5226852b7d5ee12c44c346ac79051a671 Signed-off-by: Nathan Chancellor <nathan@kernel.org> |
||
|
Kees Cook
|
9267f98065 |
UPSTREAM: hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
Currently under Clang, CC_HAS_AUTO_VAR_INIT_ZERO requires an extra -enable flag compared to CC_HAS_AUTO_VAR_INIT_PATTERN. GCC 12[1] will not, and will happily ignore the Clang-specific flag. However, its presence on the command-line is both cumbersome and confusing. Due to GCC's tolerant behavior, though, we can continue to use a single Kconfig cc-option test for the feature on both compilers, but then drop the Clang-specific option in the Makefile. In other words, this patch does not change anything other than making the compiler command line shorter once GCC supports -ftrivial-auto-var-init=zero. [1] https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=a25e0b5e6ac8a77a71c229e0a7b744603365b0e9 Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: llvm@lists.linux.dev Fixes: dcb7c0b9461c ("hardening: Clarify Kconfig text for auto-var-init") Suggested-by: Will Deacon <will@kernel.org> Link: https://lore.kernel.org/lkml/20210914102837.6172-1-will@kernel.org/ Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Reviewed-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> (cherry picked from commit f02003c860d921171be4a27e2893766eb3bc6871) Change-Id: I572f9d1763dbc7b53f2ad0dc87ba074313f556eb Signed-off-by: Nathan Chancellor <nathan@kernel.org> |
||
|
Kees Cook
|
f086581010 |
UPSTREAM: hardening: Clarify Kconfig text for auto-var-init
Clarify the details around the automatic variable initialization modes available. Specifically this details the values used for pattern init and expands on the rationale for zero init safety. Additionally makes zero init the default when available. Cc: glider@google.com Cc: Nathan Chancellor <nathan@kernel.org> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: linux-security-module@vger.kernel.org Cc: clang-built-linux@googlegroups.com Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Gustavo A. R. Silva <gustavoars@kernel.org> (cherry picked from commit dcb7c0b9461c2a30f6616262736daac6f01ecb09) Change-Id: Id2a3b2b2953677e29e6deb931350b04091474b08 Signed-off-by: Nathan Chancellor <nathan@kernel.org> |
||
|
Greg Kroah-Hartman
|
4fa407bf37 |
This is the 5.4.218 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmNKSyYACgkQONu9yGCS aT7eFhAAxIHNQdbLULupIiyUaKLmbso5Wjmd/pCPBhkSERDEahmQ6rfd7R3200R4 Fk8kbvXAfTlYGSa8dnZqIIJbRdq3dcyq9YbUMqJRd+Jsep24e4YmUd/9oeNdL7t9 6j4EEEPUW0I5xlFST1nPjOCRKF8XMh7aqH8CJdaMyTqv5lrePb6qnDlaUBmwaZVG 3TzBZG7Kfopdj8jCKyOcDBCZ8sOL8sUUTN9cblL+keBdSojZsSBKzw8OFSBVUBJU WTZrRf2tieMaeZICNhREwqp6vPdHSmvj6XiFdrw6aePR9XczuR1oxBMVR5jvhZIS 00jAk17D6t8Xy7pX4NW+WkwZoaL+TsLlvNlvHfgdlAE6uBMYOfwiVzE9/E8rx3cP BK/xoUH/lAnWJ7sQOcdQj761pgo+lBZjottQx3KIhPqvaZK1LtADx6OmnGMtJI11 4yF0+w60p3H4LiXa0fgLEjXDlXX/v9P47UjMkog2xeMFpsx1/a1HYDpiC938+uAw 9o9YeNja/mGm2xYwNi28vjdTyNJAVo1g80qYG+ExIO6gbtCr2yBR1MxXlrxH8HEY Y2qKHte6ppFJ6p4BpivcIt+Ft6MT1BrMyPakF2QwMScUGWElO6qGFiWS/Y6UI0fh bjQLRjB2rRwpoMtyl3HoFPfbHIR0C6xFvAwcx7mZbF0xrK2lI7Y= =Cli8 -----END PGP SIGNATURE----- Merge 5.4.218 into android11-5.4-lts Changes in 5.4.218 mm: pagewalk: Fix race between unmap and page walker perf tools: Fixup get_current_dir_name() compilation fs: fix UAF/GPF bug in nilfs_mdt_destroy firmware: arm_scmi: Add SCMI PM driver remove routine dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer scsi: qedf: Fix a UAF bug in __qedf_probe() net/ieee802154: fix uninit value bug in dgram_sendmsg um: Cleanup syscall_handler_t cast in syscalls_32.h um: Cleanup compiler warning in arch/x86/um/tls_32.c arch: um: Mark the stack non-executable to fix a binutils warning usb: mon: make mmapped memory read only USB: serial: ftdi_sio: fix 300 bps rate for SIO mmc: core: Replace with already defined values for readability mmc: core: Terminate infinite loop in SD-UHS voltage switch rpmsg: qcom: glink: replace strncpy() with strscpy_pad() nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() nilfs2: fix leak of nilfs_root in case of writer thread creation failure nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure ceph: don't truncate file in atomic_open random: clamp credited irq bits to maximum mixed ALSA: hda: Fix position reporting on Poulsbo efi: Correct Macmini DMI match in uefi cert quirk scsi: stex: Properly zero out the passthrough command structure USB: serial: qcserial: add new usb-id for Dell branded EM7455 random: restore O_NONBLOCK support random: avoid reading two cache lines on irq randomness random: use expired timer rather than wq for mixing fast pool wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() wifi: cfg80211/mac80211: reject bad MBSSID elements wifi: cfg80211: ensure length byte is present before access wifi: cfg80211: fix BSS refcounting bugs wifi: cfg80211: avoid nontransmitted BSS list corruption wifi: mac80211_hwsim: avoid mac80211 warning on bad rate wifi: cfg80211: update hidden BSSes to avoid WARN_ON Input: xpad - add supported devices as contributed on github Input: xpad - fix wireless 360 controller breaking after suspend Linux 5.4.218 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I181935d163a9900b8e9e1201d3fde0c56b61dc58 |
||
Orlando Chamberlain
|
46b822a755 |
efi: Correct Macmini DMI match in uefi cert quirk
commit bab715bdaa9ebf28d99a6d1efb2704a30125e96d upstream. It turns out Apple doesn't capitalise the "mini" in "Macmini" in DMI, which is inconsistent with other model line names. Correct the capitalisation of Macmini in the quirk for skipping loading platform certs on T2 Macs. Currently users get: ------------[ cut here ]------------ [Firmware Bug]: Page fault caused by firmware at PA: 0xffffa30640054000 WARNING: CPU: 1 PID: 8 at arch/x86/platform/efi/quirks.c:735 efi_crash_gracefully_on_page_fault+0x55/0xe0 Modules linked in: CPU: 1 PID: 8 Comm: kworker/u12:0 Not tainted 5.18.14-arch1-2-t2 #1 4535eb3fc40fd08edab32a509fbf4c9bc52d111e Hardware name: Apple Inc. Macmini8,1/Mac-7BA5B2DFE22DDD8C, BIOS 1731.120.10.0.0 (iBridge: 19.16.15071.0.0,0) 04/24/2022 Workqueue: efi_rts_wq efi_call_rts ... ---[ end trace 0000000000000000 ]--- efi: Froze efi_rts_wq and disabled EFI Runtime Services integrity: Couldn't get size: 0x8000000000000015 integrity: MODSIGN: Couldn't get UEFI db list efi: EFI Runtime Services are disabled! integrity: Couldn't get size: 0x8000000000000015 integrity: Couldn't get UEFI dbx list Fixes: 155ca952c7ca ("efi: Do not import certificates from UEFI Secure Boot for T2 Macs") Cc: stable@vger.kernel.org Cc: Aditya Garg <gargaditya08@live.com> Tested-by: Samuel Jiang <chyishian.jiang@gmail.com> Signed-off-by: Orlando Chamberlain <redecorating@protonmail.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
05426a3d4f |
This is the 5.4.211 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMHPogACgkQONu9yGCS aT6GgQ//eILgoV9jHOdWFDlOqWz80zTFxPo2d1Fyd+jKbxI9Joj6raMfyhbNQA5z sNS6B21FTC1V9TkPwt3/TaghYZlBvYutcIUWVgxvKHM2m2QCyiS6Y7VgfnqTVU2J C6Ri0zabWf0X2eahdDAd0uOxhejSbewo+3Xfv2Y090kOWKxj5b1SjQoo7/OapBFi 8ZZ60qamP5/Qfs3rTiVNDYHqY+n1okYuOpEL78Zh/imGC71ZfyKVZgAe/WHHaXtQ KBug0mmr/9K2yMFYdXmuPdOZrS66A2sklsaw+WdXIboZKhAMF16KkkNvN2BExX5G Hf03MRfCAEFDndhGO16X07WDNIr/CQaEYLjAn6PE1cGnIncQMw2vyWMHGiNlOdLO JZiOcyVEW6cao7vLmQD/Rk6x44nOlm+ttzxMD2spHwAU4tSM7aM0SrAvM201R8Vc 6hs6m1+NQr9XNEiH+QT+A4+cbIeOd/b8hkQdjB/uvlS0HTUNu4SGNlL7s3nwuB8D a1chV1VbmYfIjSyY6ffr3hNrTHfHSZN2M5otK2iDmvYlTrrbOAu6sPXCWHKskKSf Dm43Le+NaZmBHSS36ejcQKGdNpZ35H7uQ89bzuo5/kisQ4fY4VnQSYFNgmnRAY+s nOvbrj7M4K+QvumYBT1efoMrMYgXRYQSQOc03Mq7AQYuJBrQv/4= =U/Z1 -----END PGP SIGNATURE----- Merge 5.4.211 into android11-5.4-lts Changes in 5.4.211 Makefile: link with -z noexecstack --no-warn-rwx-segments x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" ALSA: bcd2000: Fix a UAF bug on the error path of probing igc: Remove _I_PHY_ID checking wifi: mac80211_hwsim: fix race condition in pending packet wifi: mac80211_hwsim: add back erroneously removed cast wifi: mac80211_hwsim: use 32-bit skb cookie add barriers to buffer_uptodate and set_buffer_uptodate HID: wacom: Only report rotation for art pen HID: wacom: Don't register pad_input for touch switch KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP mm/mremap: hold the rmap lock in write mode when moving page table entries. ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model ALSA: hda/cirrus - support for iMac 12,1 model ALSA: hda/realtek: Add quirk for another Asus K42JZ model tty: vt: initialize unicode screen buffer vfs: Check the truncate maximum size in inode_newsize_ok() fs: Add missing umask strip in vfs_tmpfile thermal: sysfs: Fix cooling_device_stats_setup() error code path fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters usbnet: Fix linkwatch use-after-free on disconnect ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() parisc: Fix device names in /proc/iomem parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error drm/nouveau: fix another off-by-one in nvbios_addr drm/amdgpu: Check BO's requested pinning domains against its preferred_domains iio: light: isl29028: Fix the warning in isl29028_remove() fuse: limit nsec serial: mvebu-uart: uart2 error bits clearing md-raid10: fix KASAN warning ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() PCI: Add defines for normal and subtractive PCI bridges powerpc/fsl-pci: Fix Class Code of PCIe Root Port powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E powerpc/powernv: Avoid crashing if rng is NULL MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK coresight: Clear the connection field properly USB: HCD: Fix URB giveback issue in tasklet function ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC netfilter: nf_tables: do not allow SET_ID to refer to another table netfilter: nf_tables: do not allow RULE_ID to refer to another chain netfilter: nf_tables: fix null deref due to zeroed list head epoll: autoremove wakers even more aggressively x86: Handle idle=nomwait cmdline properly for x86_idle arm64: Do not forget syscall when starting a new thread. arm64: fix oops in concurrently setting insn_emulation sysctls ext2: Add more validity checks for inode counts genirq: Don't return error on missing optional irq_request_resources() wait: Fix __wait_event_hrtimeout for RT/DL tasks ARM: dts: imx6ul: add missing properties for sram ARM: dts: imx6ul: change operating-points to uint32-matrix ARM: dts: imx6ul: fix csi node compatible ARM: dts: imx6ul: fix lcdif node compatible ARM: dts: imx6ul: fix qspi node compatible spi: synquacer: Add missing clk_disable_unprepare() ARM: OMAP2+: display: Fix refcount leak bug ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks ACPI: PM: save NVS memory for Lenovo G40-45 ACPI: LPSS: Fix missing check in register_device_clock() arm64: dts: qcom: ipq8074: fix NAND node name arm64: dts: allwinner: a64: orangepi-win: Fix LED node name ARM: shmobile: rcar-gen2: Increase refcount for new reference PM: hibernate: defer device probing when resuming from hibernation selinux: Add boundary check in put_entry() spi: spi-rspi: Fix PIO fallback on RZ platforms ARM: findbit: fix overflowing offset meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init ARM: bcm: Fix refcount leak in bcm_kona_smc_init x86/pmem: Fix platform-device leak in error path ARM: dts: ast2500-evb: fix board compatible ARM: dts: ast2600-evb: fix board compatible soc: fsl: guts: machine variable might be unset ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg ARM: OMAP2+: Fix refcount leak in omapdss_init_of ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init cpufreq: zynq: Fix refcount leak in zynq_get_revision soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register ARM: dts: qcom: pm8841: add required thermal-sensor-cells bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() arm64: dts: mt7622: fix BPI-R64 WPS button erofs: avoid consecutive detection for Highmem memory blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created regulator: of: Fix refcount leak bug in of_get_regulation_constraints() nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() thermal/tools/tmon: Include pthread and time headers in tmon.h dm: return early from dm_pr_call() if DM device is suspended ath10k: do not enforce interrupt trigger type wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() drm/mipi-dbi: align max_chunk to 2 in spi_transfer drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function drm: adv7511: override i2c address of cec before accessing it i2c: Fix a potential use after free media: tw686x: Register the irq at the end of probe ath9k: fix use-after-free in ath9k_hif_usb_rx_cb wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() drm: bridge: adv7511: Add check for mipi_dsi_driver_register drm/mcde: Fix refcount leak in mcde_dsi_bind media: hdpvr: fix error value returns in hdpvr_read drm/vc4: plane: Remove subpixel positioning check drm/vc4: plane: Fix margin calculations for the right/bottom edges drm/vc4: dsi: Correct DSI divider calculations crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE drm/rockchip: vop: Don't crash for invalid duplicate_state() drm/rockchip: Fix an error handling path rockchip_dp_probe() drm/mediatek: dpi: Remove output format of YUV drm/mediatek: dpi: Only enable dpi after the bridge is enabled drm: bridge: sii8620: fix possible off-by-one drm/msm/mdp5: Fix global state lock backoff crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed. tcp: make retransmitted SKB fit into the send window libbpf: Fix the name of a reused map selftests: timers: valid-adjtimex: build fix for newer toolchains selftests: timers: clocksource-switch: fix passing errors from child fs: check FMODE_LSEEK to control internal pipe splicing wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() wifi: p54: Fix an error handling path in p54spi_probe() wifi: p54: add missing parentheses in p54_flush() selftests/bpf: fix a test for snprintf() overflow can: pch_can: do not report txerr and rxerr during bus-off can: rcar_can: do not report txerr and rxerr during bus-off can: sja1000: do not report txerr and rxerr during bus-off can: hi311x: do not report txerr and rxerr during bus-off can: sun4i_can: do not report txerr and rxerr during bus-off can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off can: usb_8dev: do not report txerr and rxerr during bus-off can: error: specify the values of data[5..7] of CAN error frames can: pch_can: pch_can_error(): initialize errc before using it Bluetooth: hci_intel: Add check for platform_driver_register i2c: cadence: Support PEC for SMBus block read i2c: mux-gpmux: Add of_node_put() when breaking out of loop wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue wifi: libertas: Fix possible refcount leak in if_usb_probe() net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of iavf: Fix max_rate limiting netdevsim: Avoid allocation warnings triggered from user space net: rose: fix netdev reference changes dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock clk: renesas: r9a06g032: Fix UART clkgrp bitsel mtd: maps: Fix refcount leak in of_flash_probe_versatile mtd: maps: Fix refcount leak in ap_flash_init mtd: rawnand: meson: Fix a potential double free issue HID: cp2112: prevent a buffer overflow in cp2112_xfer() mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release mtd: partitions: Fix refcount leak in parse_redboot_of mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path fpga: altera-pr-ip: fix unsigned comparison with less than zero usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe usb: xhci: tegra: Fix error check clk: mediatek: reset: Fix written reset bit offset misc: rtsx: Fix an error handling path in rtsx_pci_probe() driver core: fix potential deadlock in __driver_attach clk: qcom: clk-krait: unlock spin after mux completion usb: host: xhci: use snprintf() in xhci_decode_trb() clk: qcom: ipq8074: fix NSS port frequency tables clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks clk: qcom: camcc-sdm845: Fix topology around titan_top power domain soundwire: bus_type: fix remove and shutdown support intel_th: Fix a resource leak in an error handling path intel_th: msu-sink: Potential dereference of null pointer intel_th: msu: Fix vmalloced buffers staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch memstick/ms_block: Fix some incorrect memory allocation memstick/ms_block: Fix a memory leak mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R scsi: smartpqi: Fix DMA direction for RAID requests usb: gadget: udc: amd5536 depends on HAS_DMA RDMA/hns: Fix incorrect clearing of interrupt status register RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event RDMA/hfi1: fix potential memory leak in setup_base_ctxt() gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() mmc: cavium-octeon: Add of_node_put() when breaking out of loop mmc: cavium-thunderx: Add of_node_put() when breaking out of loop HID: alps: Declare U1_UNICORN_LEGACY support PCI: tegra194: Fix Root Port interrupt handling PCI: tegra194: Fix link up retry sequence USB: serial: fix tty-port initialized comments platform/olpc: Fix uninitialized data in debugfs write mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region RDMA/rxe: Fix error unwind in rxe_create_qp() null_blk: fix ida error handling in null_add_dev() jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() ext4: recover csum seed of tmp_inode after migrating to extents jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted opp: Fix error check in dev_pm_opp_attach_genpd() ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe ASoC: codecs: da7210: add check for i2c_add_driver ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV profiling: fix shift too large makes kernel panic tty: n_gsm: fix non flow control frames during mux flow off tty: n_gsm: fix packet re-transmission without open control channel tty: n_gsm: fix race condition in gsmld_write() remoteproc: qcom: wcnss: Fix handling of IRQs vfio/ccw: Do not change FSM state in subchannel event tty: n_gsm: fix wrong T1 retry count handling tty: n_gsm: fix DM command tty: n_gsm: fix missing corner cases in gsmld_poll() iommu/exynos: Handle failed IOMMU device registration properly rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge kfifo: fix kfifo_to_user() return type mfd: t7l66xb: Drop platform disable callback mfd: max77620: Fix refcount leak in max77620_initialise_fps iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop s390/zcore: fix race when reading from hardware system area ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() fuse: Remove the control interface for virtio-fs ASoC: audio-graph-card: Add of_node_put() in fail path watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() video: fbdev: amba-clcd: Fix refcount leak bugs video: fbdev: sis: fix typos in SiS_GetModeID() powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32 powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader powerpc/xive: Fix refcount leak in xive_get_max_prio powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address perf symbol: Fail to read phdr workaround kprobes: Forbid probing on trampoline and BPF code areas powerpc/pci: Fix PHB numbering when using opal-phbid genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO scripts/faddr2line: Fix vmlinux detection on arm64 x86/numa: Use cpumask_available instead of hardcoded NULL check video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() tools/thermal: Fix possible path truncations video: fbdev: vt8623fb: Check the size of screen before memset_io() video: fbdev: arkfb: Check the size of screen before memset_io() video: fbdev: s3fb: Check the size of screen before memset_io() scsi: zfcp: Fix missing auto port scan and thus missing target ports scsi: qla2xxx: Fix discovery issues in FC-AL topology scsi: qla2xxx: Turn off multi-queue for 8G adapters scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection x86/olpc: fix 'logical not is only applied to the left hand side' spmi: trace: fix stack-out-of-bound access in SPMI tracing functions kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH btrfs: reset block group chunk force if we have to wait ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h ext4: make sure ext4_append() always allocates new block ext4: fix use-after-free in ext4_xattr_set_entry ext4: update s_overhead_clusters in the superblock during an on-line resize ext4: fix extent status tree race in writeback error recovery path ext4: correct max_inline_xattr_value_size computing ext4: correct the misjudgment in ext4_iget_extra_inode intel_th: pci: Add Raptor Lake-S CPU support intel_th: pci: Add Raptor Lake-S PCH support intel_th: pci: Add Meteor Lake-P support dm raid: fix address sanitizer warning in raid_resume dm raid: fix address sanitizer warning in raid_status dm thin: fix use-after-free crash in dm_sm_register_threshold_callback dm writecache: set a default MAX_WRITEBACK_JOBS ACPI: CPPC: Do not prevent CPPC from working in the future timekeeping: contribute wall clock to rng on time change firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) net_sched: cls_route: remove from list when handle is 0 btrfs: reject log replay if there is unsupported RO compat flag KVM: Add infrastructure and macro to mark VM as bugged KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() tcp: fix over estimation in sk_forced_mem_schedule() scsi: sg: Allow waiting for commands to complete on removed device Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression net/9p: Initialize the iounit field during fid creation net_sched: cls_route: disallow handle of 0 ALSA: info: Fix llseek return value when using callback rds: add missing barrier to release_refill ata: libata-eh: Add missing command name mmc: pxamci: Fix another error handling path in pxamci_probe() mmc: pxamci: Fix an error handling path in pxamci_probe() btrfs: fix lost error handling when looking up extended ref on log replay tracing: Have filter accept "common_cpu" to be consistent can: ems_usb: fix clang's -Wunaligned-access warning apparmor: fix quiet_denied for file rules apparmor: fix absroot causing audited secids to begin with = apparmor: Fix failed mount permission check error message apparmor: fix aa_label_asxprint return check apparmor: fix overlapping attachment computation apparmor: fix reference count leak in aa_pivotroot() apparmor: Fix memleak in aa_simple_write_to_buffer() Documentation: ACPI: EINJ: Fix obsolete example NFSv4.1: Don't decrease the value of seq_nr_highest_sent NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly NFSv4: Fix races in the legacy idmapper upcall NFSv4.1: RECLAIM_COMPLETE must handle EACCES NFSv4/pnfs: Fix a use-after-free bug in open can: mcp251x: Fix race condition on receive interrupt sunrpc: fix expiry of auth creds SUNRPC: Reinitialise the backchannel request buffers before reuse devlink: Fix use-after-free after a failed reload net: bgmac: Fix a BUG triggered by wrong bytes_compl pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed pinctrl: sunxi: Add I/O bias setting for H6 R-PIO ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool geneve: do not use RT_TOS for IPv6 flowlabel plip: avoid rcu debug splat vsock: Fix memory leak in vsock_connect() vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() dt-bindings: arm: qcom: fix MSM8916 MTP compatibles tools/vm/slabinfo: use alphabetic order when two values are equal tools build: Switch to new openssl API for test-libcrypto NTB: ntb_tool: uninitialized heap data in tool_fn_write() nfp: ethtool: fix the display error of `ethtool -m DEVNAME` xen/xenbus: fix return type in xenbus_file_read() atm: idt77252: fix use-after-free bugs caused by tst_timer dpaa2-eth: trace the allocated address instead of page struct tee: add overflow check in register_shm_helper() nios2: page fault et.al. are *not* restartable syscalls... nios2: don't leave NULLs in sys_call_table[] nios2: traced syscall does need to check the syscall number nios2: fix syscall restart checks nios2: restarts apply only to the first sigframe we build... nios2: add force_successful_syscall_return() iavf: Fix adminq error handling clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks netfilter: nf_tables: really skip inactive sets when allocating name powerpc/pci: Fix get_phb_number() locking net: dsa: mv88e6060: prevent crash on an unused port net: moxa: pass pdev instead of ndev to DMA functions net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry ice: Ignore EEXIST when setting promisc mode i40e: Fix to stop tx_timeout recovery if GLOBR fails fec: Fix timer capture timing in `fec_ptp_enable_pps()` igb: Add lock to avoid data race gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file locking/atomic: Make test_and_*_bit() ordered on failure drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() PCI: Add ACS quirk for Broadcom BCM5750x NICs usb: cdns3 fix use-after-free at workaround 2 usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info irqchip/tegra: Fix overflow implicit truncation warnings drm/meson: Fix overflow implicit truncation warnings usb: host: ohci-ppc-of: Fix refcount leak bug usb: renesas: Fix refcount leak bug vboxguest: Do not use devm for irq clk: qcom: ipq8074: dont disable gcc_sleep_clk_src scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input gadgetfs: ep_io - wait until IRQ finishes cxl: Fix a memory leak in an error handling path PCI/ACPI: Guard ARM64-specific mcfg_quirks um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups selftests/kprobe: Do not test for GRP/ without event failures dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown drivers:md:fix a potential use-after-free bug ext4: avoid remove directory when directory is corrupted ext4: avoid resizing to a partial cluster size lib/list_debug.c: Detect uninitialized lists tty: serial: Fix refcount leak bug in ucc_uart.c vfio: Clear the caps->buf to NULL after free mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start riscv: mmap with PROT_WRITE but no PROT_READ is invalid RISC-V: Add fast call path of crash_kexec() watchdog: export lockup_detector_reconfigure powerpc/32: Don't always pass -mcpu=powerpc to the compiler ALSA: core: Add async signal helpers ALSA: timer: Use deferred fasync helper f2fs: fix to avoid use f2fs_bug_on() in f2fs_new_node_page() smb3: check xattr value length earlier powerpc/64: Init jump labels before parse_early_param() video: fbdev: i740fb: Check the argument of i740_calc_vclk() MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 tracing/probes: Have kprobes and uprobes use $COMM too can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE with netdev_warn_once() can: j1939: j1939_session_destroy(): fix memory leak of skbs btrfs: only write the sectors in the vertical stripe which has data stripes btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() Linux 5.4.211 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I509fd58b7896bfeaa41497f558a2bfc079e46656 |
||
|
Xiu Jianfeng
|
7db182a2eb |
apparmor: Fix memleak in aa_simple_write_to_buffer()
commit 417ea9fe972d2654a268ad66e89c8fcae67017c3 upstream.
When copy_from_user failed, the memory is freed by kvfree. however the
management struct and data blob are allocated independently, so only
kvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to
fix this issue.
Fixes:
|
||
Xin Xiong
|
ef6fb6f0d0 |
apparmor: fix reference count leak in aa_pivotroot()
commit 11c3627ec6b56c1525013f336f41b79a983b4d46 upstream.
The aa_pivotroot() function has a reference counting bug in a specific
path. When aa_replace_current_label() returns on success, the function
forgets to decrement the reference count of “target”, which is
increased earlier by build_pivotroot(), causing a reference leak.
Fix it by decreasing the refcount of “target” in that path.
Fixes:
|
||
John Johansen
|
7f6092dc8f |
apparmor: fix overlapping attachment computation
commit 2504db207146543736e877241f3b3de005cbe056 upstream.
When finding the profile via patterned attachments, the longest left
match is being set to the static compile time value and not using the
runtime computed value.
Fix this by setting the candidate value to the greater of the
precomputed value or runtime computed value.
Fixes:
|
||
Tom Rix
|
98ab8dfa04 |
apparmor: fix aa_label_asxprint return check
commit 3e2a3a0830a2090e766d0d887d52c67de2a6f323 upstream.
Clang static analysis reports this issue
label.c:1802:3: warning: 2nd function call argument
is an uninitialized value
pr_info("%s", str);
^~~~~~~~~~~~~~~~~~
str is set from a successful call to aa_label_asxprint(&str, ...)
On failure a negative value is returned, not a -1. So change
the check.
Fixes:
|
||
|
John Johansen
|
1b4c44823a |
apparmor: Fix failed mount permission check error message
commit ec240b5905bbb09a03dccffee03062cf39e38dc2 upstream.
When the mount check fails due to a permission check failure instead
of explicitly at one of the subcomponent checks, AppArmor is reporting
a failure in the flags match. However this is not true and AppArmor
can not attribute the error at this point to any particular component,
and should only indicate the mount failed due to missing permissions.
Fixes:
|
||
|
John Johansen
|
825b0f6bb0 |
apparmor: fix absroot causing audited secids to begin with =
commit 511f7b5b835726e844a5fc7444c18e4b8672edfd upstream.
AppArmor is prefixing secids that are converted to secctx with the =
to indicate the secctx should only be parsed from an absolute root
POV. This allows catching errors where secctx are reparsed back into
internal labels.
Unfortunately because audit is using secid to secctx conversion this
means that subject and object labels can result in a very unfortunate
== that can break audit parsing.
eg. the subj==unconfined term in the below audit message
type=USER_LOGIN msg=audit(1639443365.233:160): pid=1633 uid=0 auid=1000
ses=3 subj==unconfined msg='op=login id=1000 exe="/usr/sbin/sshd"
hostname=192.168.122.1 addr=192.168.122.1 terminal=/dev/pts/1 res=success'
Fix this by switch the prepending of = to a _. This still works as a
special character to flag this case without breaking audit. Also move
this check behind debug as it should not be needed during normal
operqation.
Fixes:
|
||
|
John Johansen
|
dd78c35a27 |
apparmor: fix quiet_denied for file rules
commit 68ff8540cc9e4ab557065b3f635c1ff4c96e1f1c upstream.
Global quieting of denied AppArmor generated file events is not
handled correctly. Unfortunately the is checking if quieting of all
audit events is set instead of just denied events.
Fixes:
|
||
|
Xiu Jianfeng
|
90bdf50ae7 |
selinux: Add boundary check in put_entry()
[ Upstream commit 15ec76fb29be31df2bccb30fc09875274cba2776 ] Just like next_entry(), boundary check is necessary to prevent memory out-of-bound access. Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Srinivasarao Pathipati
|
630e7df8c5 |
Merge android11-5.4.197+ (3970bc6) into msm-5.4
* refs/heads/tmp-3970bc6:
UPSTREAM: Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
FROMGIT: arm64: fix oops in concurrently setting insn_emulation sysctls
ANDROID: abi_gki_aarch64_qcom: Add vmemdup_user to qcom symbol list
ANDROID: GKI: update Sony KMI symbol list
UPSTREAM: mm: fix misplaced unlock_page in do_wp_page()
BACKPORT: mm: do_wp_page() simplification
UPSTREAM: mm/ksm: Remove reuse_ksm_page()
BACKPORT: ALSA: pcm: Fix races among concurrent prealloc proc writes
BACKPORT: ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
BACKPORT: ALSA: pcm: Fix races among concurrent read/write and buffer changes
ANDROID: Fix up abi issue with struct snd_pcm_runtime
BACKPORT: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
BACKPORT: nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs
Linux 5.4.197
bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
NFSD: Fix possible sleep during nfsd4_release_lockowner()
NFS: Memory allocation failures are not server fatal errors
docs: submitting-patches: Fix crossref to 'The canonical patch format'
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
tpm: Fix buffer access in tpm2_get_tpm_pt()
HID: multitouch: Add support for Google Whiskers Touchpad
raid5: introduce MD_BROKEN
dm verity: set DM_TARGET_IMMUTABLE feature flag
dm stats: add cond_resched when looping over entries
dm crypt: make printing of the key constant-time
dm integrity: fix error code in dm_integrity_ctr()
zsmalloc: fix races between asynchronous zspage free and page migration
crypto: ecrdsa - Fix incorrect use of vli_cmp
netfilter: conntrack: re-fetch conntrack after insertion
exec: Force single empty string when argv is empty
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
cfg80211: set custom regdomain after wiphy registration
assoc_array: Fix BUG_ON during garbage collect
drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
net: ftgmac100: Disable hardware checksum on AST2600
net: af_key: check encryption module availability consistency
pinctrl: sunxi: fix f1c100s uart2 function
ACPI: sysfs: Fix BERT error region memory mapping
ACPI: sysfs: Make sparse happy about address space in use
media: vim2m: initialize the media device earlier
media: vim2m: Register video device after setting up internals
secure_seq: use the 64 bits of the siphash for port offset calculation
tcp: change source port randomizarion at connect() time
Input: goodix - fix spurious key release events
staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
lockdown: also lock down previous kgdb use
Linux 5.4.196
afs: Fix afs_getattr() to refetch file status if callback break occurred
i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe()
x86/xen: Mark cpu_bringup_and_idle() as dead_end_function
x86/xen: fix booting 32-bit pv guest
Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk
firmware_loader: use kernel credentials when reading firmware
net: stmmac: disable Split Header (SPH) for Intel platforms
block: return ELEVATOR_DISCARD_MERGE if possible
Input: ili210x - fix reset timing
net: atlantic: verify hw_head_ lies within TX buffer ring
net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()
ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one()
selftests: add ping test with ping_group_range tuned
mac80211: fix rx reordering with non explicit / psmp ack policy
scsi: qla2xxx: Fix missed DMA unmap for aborted commands
perf bench numa: Address compiler error on s390
gpio: mvebu/pwm: Refuse requests with inverted polarity
gpio: gpio-vf610: do not touch other bits when set the target bit
net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
igb: skip phy status check where unavailable
ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
ARM: 9196/1: spectre-bhb: enable for Cortex-A15
net: af_key: add check for pfkey_broadcast in function pfkey_process
net/mlx5e: Properly block LRO when XDP is enabled
NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
net/qla3xxx: Fix a test in ql_reset_work()
clk: at91: generated: consider range when calculating best rate
ice: fix possible under reporting of ethtool Tx and Rx statistics
net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
net/sched: act_pedit: sanitize shift argument before usage
net: macb: Increment rx bd head after allocating skb and buffer
ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group
ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi
dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
KVM: x86/mmu: Update number of zapped pages even if page list is stable
PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
Fix double fget() in vhost_net_set_backend()
perf: Fix sys_perf_event_open() race against self
ALSA: wavefront: Proper check of get_user() error
SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
SUNRPC: Don't call connect() more than once on a TCP socket
SUNRPC: Prevent immediate close+reconnect
SUNRPC: Clean up scheduling of autoclose
mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch()
mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD
mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC
nilfs2: fix lockdep warnings during disk space reclamation
nilfs2: fix lockdep warnings in page operations for btree nodes
ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()
platform/chrome: cros_ec_debugfs: detach log reader wq from devm
drbd: remove usage of list iterator variable after loop
MIPS: lantiq: check the return value of kzalloc()
rtc: mc146818-lib: Fix the AltCentury for AMD platforms
nvme-multipath: fix hang when disk goes live over reconnect
ALSA: hda/realtek: Enable headset mic on Lenovo P360
crypto: x86/chacha20 - Avoid spurious jumps to other functions
crypto: stm32 - fix reference leak in stm32_crc_remove
Input: stmfts - fix reference leak in stmfts_input_open
Input: add bounds checking to input_set_capability()
um: Cleanup syscall_handler_t definition/cast, fix warning
rtc: fix use-after-free on device removal
x86/xen: Make the secondary CPU idle tasks reliable
x86/xen: Make the boot CPU idle task reliable
floppy: use a statically allocated error counter
ANDROID: fix up abi issue with struct snd_pcm_runtime
Linux 5.4.195
tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe()
ping: fix address binding wrt vrf
arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map
net: phy: Fix race condition on link status change
MIPS: fix build with gcc-12
drm/vmwgfx: Initialize drm_mode_fb_cmd2
cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
i40e: i40e_main: fix a missing check on list iterator
drm/nouveau/tegra: Stop using iommu_present()
serial: 8250_mtk: Fix register address for XON/XOFF character
serial: 8250_mtk: Fix UART_EFR register address
slimbus: qcom: Fix IRQ check in qcom_slim_probe
USB: serial: option: add Fibocom MA510 modem
USB: serial: option: add Fibocom L610 modem
USB: serial: qcserial: add support for Sierra Wireless EM7590
USB: serial: pl2303: add device id for HP LM930 Display
usb: typec: tcpci: Don't skip cleanup in .remove() on error
usb: cdc-wdm: fix reading stuck on device close
tty: n_gsm: fix mux activation issues in gsm_config()
tcp: resalt the secret every 10 seconds
net: emaclite: Don't advertise 1000BASE-T and do auto negotiation
s390: disable -Warray-bounds
ASoC: ops: Validate input values in snd_soc_put_volsw_range()
ASoC: max98090: Generate notifications on changes for custom control
ASoC: max98090: Reject invalid values in custom control put()
hwmon: (f71882fg) Fix negative temperature
gfs2: Fix filesystem block deallocation for short writes
net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending
net/sched: act_pedit: really ensure the skb is writable
s390/lcs: fix variable dereferenced before check
s390/ctcm: fix potential memory leak
s390/ctcm: fix variable dereferenced before check
hwmon: (ltq-cputemp) restrict it to SOC_XWAY
dim: initialize all struct fields
mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
netlink: do not reset transport header in netlink_recvmsg()
drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name()
ipv4: drop dst in multicast routing path
net: Fix features skip in for_each_netdev_feature()
mac80211: Reset MBSSID parameters upon connection
hwmon: (tmp401) Add OF device ID table
batman-adv: Don't skb_split skbuffs with frag_list
Linux 5.4.194
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
mm: fix missing cache flush for all tail pages of compound page
Bluetooth: Fix the creation of hdev->name
KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id
x86: kprobes: Prohibit probing on instruction which has emulate prefix
x86: xen: insn: Decode Xen and KVM emulate-prefix signature
x86: xen: kvm: Gather the definition of emulate prefixes
x86/asm: Allow to pass macros to __ASM_FORM()
KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
can: grcan: only use the NAPI poll budget for RX
can: grcan: grcan_probe(): fix broken system id check for errata workaround needs
nfp: bpf: silence bitwise vs. logical OR warning
drm/i915: Cast remain to unsigned long in eb_relocate_vma
drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version, environment} types
block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
MIPS: Use address-of operator on section symbols
ANDROID: GKI: update the abi .xml file
Revert "tcp: ensure to use the most recently sent skb when filling the rate sample"
Linux 5.4.193
mmc: rtsx: add 74 Clocks in power on flow
PCI: aardvark: Fix reading MSI interrupt number
PCI: aardvark: Clear all MSIs at setup
dm: interlock pending dm_io and dm_wait_for_bios_completion
dm: fix mempool NULL pointer race when completing IO
tcp: make sure treq->af_specific is initialized
ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock
ALSA: pcm: Fix races among concurrent prealloc proc writes
ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls
ALSA: pcm: Fix races among concurrent read/write and buffer changes
ALSA: pcm: Fix races among concurrent hw_params and hw_free calls
mm: fix unexpected zeroed page mapping with zram swap
block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
net: ipv6: ensure we call ipv6_mc_down() at most once
KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
NFSv4: Don't invalidate inode attributes on delegation return
drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
btrfs: always log symlinks in full mode
smsc911x: allow using IRQ0
bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational
net: emaclite: Add error handling for of_address_to_resource()
net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux()
net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init()
RDMA/siw: Fix a condition race issue in MPA request processing
ASoC: dmaengine: Restore NULL prepare_slave_config() callback
hwmon: (adt7470) Fix warning on module removal
NFC: netlink: fix sleep in atomic bug when firmware download timeout
nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs
nfc: replace improper check device_is_registered() in netlink related functions
can: grcan: use ofdev->dev when allocating DMA memory
can: grcan: grcan_close(): fix deadlock
s390/dasd: Fix read inconsistency for ESE DASD devices
s390/dasd: Fix read for ESE with blksize < 4k
s390/dasd: prevent double format of tracks for ESE devices
s390/dasd: fix data corruption for ESE devices
ASoC: meson: Fix event generation for G12A tohdmi mux
ASoC: wm8958: Fix change notifications for DSP controls
ASoC: da7219: Fix change notifications for tone generator frequency
genirq: Synchronize interrupt thread startup
ACPICA: Always create namespace nodes using acpi_ns_create_node()
firewire: core: extend card->lock in fw_core_handle_bus_reset
firewire: remove check of list iterator against head past the loop body
firewire: fix potential uaf in outbound_phy_packet_callback()
Revert "SUNRPC: attempt AF_LOCAL connect on setup"
gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
parisc: Merge model and model name into one line in /proc/cpuinfo
MIPS: Fix CP0 counter erratum detection for R4k CPUs
Linux 5.4.192
mm, hugetlb: allow for "high" userspace addresses
hugetlbfs: get unmapped area below TASK_UNMAPPED_BASE for hugetlbfs
tty: n_gsm: fix incorrect UA handling
tty: n_gsm: fix wrong command frame length field encoding
tty: n_gsm: fix wrong command retry handling
tty: n_gsm: fix missing explicit ldisc flush
tty: n_gsm: fix insufficient txframe size
netfilter: nft_socket: only do sk lookups when indev is available
tty: n_gsm: fix malformed counter for out of frame data
tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
x86/cpu: Load microcode during restore_processor_state()
net: ethernet: stmmac: fix write to sgmii_adapter_base
drivers: net: hippi: Fix deadlock in rr_close()
cifs: destage any unwritten data to the server before calling copychunk_write
x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
ASoC: wm8731: Disable the regulator when probing fails
tcp: fix F-RTO may not work correctly when receiving DSACK
ixgbe: ensure IPsec VF<->PF compatibility
bnx2x: fix napi API usage sequence
tls: Skip tls_append_frag on zero copy size
drm/amd/display: Fix memory leak in dcn21_clock_source_create
net: dsa: lantiq_gswip: Don't set GSWIP_MII_CFG_RMII_CLK
net: bcmgenet: hide status block before TX timestamping
clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource()
bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create()
tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
ip_gre: Make o_seqno start from 0 in native mode
net/smc: sync err code when tcp connection was refused
net: hns3: add validity check for message data length
cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe
pinctrl: pistachio: fix use of irq_of_parse_and_map()
arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
ARM: dts: imx6ull-colibri: fix vqmmc regulator
sctp: check asoc strreset_chunk in sctp_generate_reconf_event
tcp: ensure to use the most recently sent skb when filling the rate sample
tcp: md5: incorrect tcp_header_len for incoming connections
bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook
mtd: rawnand: Fix return value check of wait_for_completion_timeout
ipvs: correctly print the memory size of ip_vs_conn_tab
ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
ARM: dts: am3517-evm: Fix misc pinmuxing
ARM: dts: Fix mmc order for omap3-gta04
phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe
phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe
ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek
phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
ARM: OMAP2+: Fix refcount leak in omap_gic_of_init
phy: samsung: exynos5250-sata: fix missing device put in probe error paths
phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue
USB: Fix xhci event ring dequeue pointer ERDP update issue
mtd: rawnand: fix ecc parameters for mt7622
arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards
arm64: dts: meson: remove CPU opps below 1GHz for G12B boards
video: fbdev: udlfb: properly check endpoint type
hex2bin: fix access beyond string end
hex2bin: make the function hex_to_bin constant-time
arch_topology: Do not set llc_sibling if llc_id is invalid
serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
serial: 8250: Also set sticky MCR bits in console restoration
serial: imx: fix overrun interrupts in DMA mode
usb: dwc3: gadget: Return proper request status
usb: dwc3: core: Fix tx/rx threshold settings
usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind()
usb: gadget: uvc: Fix crash when encoding data for usb request
usb: typec: ucsi: Fix role swapping
usb: misc: fix improper handling of refcount in uss720_probe()
iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
iio: dac: ad5446: Fix read_raw not returning set value
iio: dac: ad5592r: Fix the missing return value.
xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
xhci: stop polling roothubs after shutdown
USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
USB: quirks: add STRING quirk for VCOM device
USB: quirks: add a Realtek card reader
usb: mtu3: fix USB 3.0 dual-role-switch from device to host
lightnvm: disable the subsystem
hamradio: remove needs_free_netdev to avoid UAF
hamradio: defer 6pack kfree after unregister_netdev
floppy: disable FDRAWCMD by default
Conflicts:
drivers/usb/dwc3/gadget.c
include/linux/dma-mapping.h
include/linux/stmmac.h
mm/memory.c
Change-Id: I3bf49e11ae4aeaf1db353efbdfee950cd12de8cf
Signed-off-by: Srinivasarao Pathipati <quic_c_spathi@quicinc.com>
|
||
|
Greg Kroah-Hartman
|
b1e3be07f2 |
This is the 5.4.208 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLj+VAACgkQONu9yGCS
aT4kpQ//YdoyxUW1lOvPk9PIRm67ZADUXUwKKTTTO9hvOt886YkOaYghZj+nfTQ/
SKsEFCh+jKRSG2bvnwUBh/sTTBBwUZeMpvfZZl2polhQT6JhJbBOt9+P/5enXN1O
9grqt2i2QWA4+l52vnDAA7v5UD+td310GiyKmxiKqzAGaVte29kNLPwujZJM7J+Y
8PUMI9gGEI8skCtjz7VsSIdvqB+p4B67iNnrDRKubOVUlXdr9f8xKj02DbiQxcnR
TWc1+h7GIjD/Uibsne+pxAi90/V9A3RsNviZ7U3Igf3kCQ+HS7RH4hcSlU0v6GKy
HDQrr/BHhGtPFtVCR0HJLbHVYmp/J+7H8V7LFY2mTd0lfkT1q58NRfUuGgRmDETI
Ug3Dx8uxtUHgBPD1hsbyoSo0nYnleoCQZV+DFWTOF26nb1/85fyC+16U6uvagNw5
Cdpt8ZVW9/qD8WnxnOuP6yvqw4MFZ0pFyhdQxxsyZpBj2sp5gLz6wRKLgUJX3a8q
hrbWuR17cg+EA86EKZHxa5y4Wzv02FvljfTD60KvXqY67L4iPzrZWDV+ql9FVm/0
wEYTLCjfDgDG9iY1e7Ns8ajD6KsBGfs0zO0vUFU4/LmX+EsJzJhfJ3c3zJhwrnDA
ys2N1tvuSoef/4+JKhVfuxuGGl+mFdT+2yzKYCv3g16sX1OVcbA=
=UvEH
-----END PGP SIGNATURE-----
Merge 5.4.208 into android11-5.4-lts
Changes in 5.4.208
pinctrl: stm32: fix optional IRQ support to gpios
riscv: add as-options for modules with assembly compontents
mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
lockdown: Fix kexec lockdown bypass with ima policy
xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
PCI: hv: Fix multi-MSI to allow more than one MSI vector
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
PCI: hv: Fix interrupt mapping for multi-MSI
serial: mvebu-uart: correctly report configured baudrate value
xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()
power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
pinctrl: ralink: Check for null return of devm_kcalloc
perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
igc: Reinstate IGC_REMOVED logic and implement it properly
ip: Fix data-races around sysctl_ip_no_pmtu_disc.
ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
ip: Fix data-races around sysctl_ip_nonlocal_bind.
ip: Fix a data-race around sysctl_fwmark_reflect.
tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
tcp: Fix data-races around sysctl_tcp_mtu_probing.
tcp: Fix data-races around sysctl_tcp_base_mss.
tcp: Fix data-races around sysctl_tcp_min_snd_mss.
tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
tcp: Fix a data-race around sysctl_tcp_probe_threshold.
tcp: Fix a data-race around sysctl_tcp_probe_interval.
i2c: cadence: Change large transfer count reset logic to be unconditional
net: stmmac: fix dma queue left shift overflow issue
net/tls: Fix race in TLS device down flow
igmp: Fix data-races around sysctl_igmp_llm_reports.
igmp: Fix a data-race around sysctl_igmp_max_memberships.
tcp: Fix data-races around sysctl_tcp_syncookies.
tcp: Fix data-races around sysctl_tcp_reordering.
tcp: Fix data-races around some timeout sysctl knobs.
tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
tcp: Fix a data-race around sysctl_tcp_tw_reuse.
tcp: Fix data-races around sysctl_max_syn_backlog.
tcp: Fix data-races around sysctl_tcp_fastopen.
iavf: Fix handling of dummy receive descriptors
i40e: Fix erroneous adapter reinitialization during recovery process
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
gpio: pca953x: only use single read/write for No AI mode
be2net: Fix buffer overflow in be_get_module_eeprom
ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
udp: Fix a data-race around sysctl_udp_l3mdev_accept.
tcp: Fix data-races around sysctl knobs related to SYN option.
tcp: Fix a data-race around sysctl_tcp_early_retrans.
tcp: Fix data-races around sysctl_tcp_recovery.
tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
tcp: Fix a data-race around sysctl_tcp_stdurg.
tcp: Fix a data-race around sysctl_tcp_rfc1337.
tcp: Fix data-races around sysctl_tcp_max_reordering.
spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
bpf: Make sure mac_header was set before using it
dlm: fix pending remove if msg allocation fails
ima: remove the IMA_TEMPLATE Kconfig option
locking/refcount: Define constants for saturation and max refcount values
locking/refcount: Ensure integer operands are treated as signed
locking/refcount: Remove unused refcount_*_checked() variants
locking/refcount: Move the bulk of the REFCOUNT_FULL implementation into the <linux/refcount.h> header
locking/refcount: Improve performance of generic REFCOUNT_FULL code
locking/refcount: Move saturation warnings out of line
locking/refcount: Consolidate REFCOUNT_{MAX,SATURATED} definitions
locking/refcount: Consolidate implementations of refcount_t
x86: get rid of small constant size cases in raw_copy_{to,from}_user()
x86/uaccess: Implement macros for CMPXCHG on user addresses
mmap locking API: initial implementation as rwsem wrappers
x86/mce: Deduplicate exception handling
bitfield.h: Fix "type of reg too small for mask" test
ALSA: memalloc: Align buffer allocations in page size
Bluetooth: Add bt_skb_sendmsg helper
Bluetooth: Add bt_skb_sendmmsg helper
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
Bluetooth: Fix passing NULL to PTR_ERR
Bluetooth: SCO: Fix sco_send_frame returning skb->len
Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
tty: drivers/tty/, stop using tty_schedule_flip()
tty: the rest, stop using tty_schedule_flip()
tty: drop tty_schedule_flip()
tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
net: usb: ax88179_178a needs FLAG_SEND_ZLP
x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm()
Linux 5.4.208
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia53caf9bc847b0bb332a5b14972142d46ae5a740
|
||
|
GUO Zihua
|
3f71d0e292 |
ima: remove the IMA_TEMPLATE Kconfig option
[ Upstream commit 891163adf180bc369b2f11c9dfce6d2758d2a5bd ]
The original 'ima' measurement list template contains a hash, defined
as 20 bytes, and a null terminated pathname, limited to 255
characters. Other measurement list templates permit both larger hashes
and longer pathnames. When the "ima" template is configured as the
default, a new measurement list template (ima_template=) must be
specified before specifying a larger hash algorithm (ima_hash=) on the
boot command line.
To avoid this boot command line ordering issue, remove the legacy "ima"
template configuration option, allowing it to still be specified on the
boot command line.
The root cause of this issue is that during the processing of ima_hash,
we would try to check whether the hash algorithm is compatible with the
template. If the template is not set at the moment we do the check, we
check the algorithm against the configured default template. If the
default template is "ima", then we reject any hash algorithm other than
sha1 and md5.
For example, if the compiled default template is "ima", and the default
algorithm is sha1 (which is the current default). In the cmdline, we put
in "ima_hash=sha256 ima_template=ima-ng". The expected behavior would be
that ima starts with ima-ng as the template and sha256 as the hash
algorithm. However, during the processing of "ima_hash=",
"ima_template=" has not been processed yet, and hash_setup would check
the configured hash algorithm against the compiled default: ima, and
reject sha256. So at the end, the hash algorithm that is actually used
will be sha1.
With template "ima" removed from the configured default, we ensure that
the default tempalte would at least be "ima-ng" which allows for
basically any hash algorithm.
This change would not break the algorithm compatibility checks for IMA.
Fixes:
|
||
Eric Snowberg
|
ed3fea5506 |
lockdown: Fix kexec lockdown bypass with ima policy
commit 543ce63b664e2c2f9533d089a4664b559c3e6b5b upstream.
The lockdown LSM is primarily used in conjunction with UEFI Secure Boot.
This LSM may also be used on machines without UEFI. It can also be
enabled when UEFI Secure Boot is disabled. One of lockdown's features
is to prevent kexec from loading untrusted kernels. Lockdown can be
enabled through a bootparam or after the kernel has booted through
securityfs.
If IMA appraisal is used with the "ima_appraise=log" boot param,
lockdown can be defeated with kexec on any machine when Secure Boot is
disabled or unavailable. IMA prevents setting "ima_appraise=log" from
the boot param when Secure Boot is enabled, but this does not cover
cases where lockdown is used without Secure Boot.
To defeat lockdown, boot without Secure Boot and add ima_appraise=log to
the kernel command line; then:
$ echo "integrity" > /sys/kernel/security/lockdown
$ echo "appraise func=KEXEC_KERNEL_CHECK appraise_type=imasig" > \
/sys/kernel/security/ima/policy
$ kexec -ls unsigned-kernel
Add a call to verify ima appraisal is set to "enforce" whenever lockdown
is enabled. This fixes CVE-2022-21505.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
836d95bfdc |
This is the 5.4.207 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLZohoACgkQONu9yGCS aT4D3RAA1Je6ingEk1e/IMmfWhNu/0AOrULMbrNBdM/WDOlIQLNBchhMa81UXEh7 OJzt+NyBcuV4x5UdXj1fK3erJXA7tKM3s7BGY7OcXPDMpZjf9uOUV2Tg1Jw1jDbW TV7lnWv1YA7ze3eOx6qoR9sNPh4kYiW5DG2ivY8JMblKEz5EPCdvyPSSW+s8kmpg ZdyJ0pa3fnS0Di421DzJ+7R1U2t4C1eAz1FkngAyPM47GzwJoJxgcP4Q8syBmwGY qylUnrLTBMRtpngayaP15tQtYckGTbsnTUNCTjoW7BhbABkWysc2aVnCYZDLqBck C4XjEfBMLByICokuab0ewrzeVzvvHaY31hnhf33hYn6pgIoS5oy4T3mN7T8yEJz9 zsr+unBioZFiIOqiVgu5A2Rwn3+1x8qOmLZ/x35jqZQCmh0ndlmHUhkdjl3y/68S XWvP4zpYBAR7QlW3WsGtFeI9Kbeh6y2tH0J79N5CjctAZFAvUaZd3cSfh3Vck02/ 7Wo9vs5zV8ZvRkdRWEawkrfe/PUImnDmvkv56nTH79bI7qIlpOU6kS6gy0sDzdGl YRKv4+jwE9/hJAcWW5S/U3wbfZMxMA6wdt8QcWsn0pXs1WFUQgWeNuyO2HNodff3 jlp25lEi3C3NSUycmm9IjuG2241hPDYnhqeX0Q4B5ciPHCD4w3o= =KtMr -----END PGP SIGNATURE----- Merge 5.4.207 into android11-5.4-lts Changes in 5.4.207 ALSA: hda - Add fixup for Dell Latitidue E5430 ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue tracing/histograms: Fix memory leak problem net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer ip: fix dflt addr selection for connected nexthop ARM: 9213/1: Print message about disabled Spectre workarounds only once ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction wifi: mac80211: fix queue selection for mesh/OCB interfaces cgroup: Use separate src/dst nodes when preloading css_sets for migration drm/panfrost: Fix shrinker list corruption by madvise IOCTL nilfs2: fix incorrect masking of permission flags for symlinks Revert "evm: Fix memleak in init_desc" sched/rt: Disable RT_RUNTIME_SHARE by default ext4: fix race condition between ext4_write and ext4_convert_inline_data ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle ARM: 9210/1: Mark the FDT_FIXED sections as shareable drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() ima: Fix a potential integer overflow in ima_appraise_measurement ASoC: sgtl5000: Fix noise on shutdown/remove net: stmmac: dwc-qos: Disable split header for Tegra194 inetpeer: Fix data-races around sysctl. net: Fix data-races around sysctl_mem. cipso: Fix data-races around sysctl. icmp: Fix data-races around sysctl. ipv4: Fix a data-race around sysctl_fib_sync_mem. ARM: dts: at91: sama5d2: Fix typo in i2s1 node ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero drm/i915/gt: Serialize TLB invalidates with GT resets icmp: Fix a data-race around sysctl_icmp_ratelimit. icmp: Fix a data-race around sysctl_icmp_ratemask. raw: Fix a data-race around sysctl_raw_l3mdev_accept. ipv4: Fix data-races around sysctl_ip_dynaddr. net: ftgmac100: Hold reference returned by of_get_child_by_name() sfc: fix use after free when disabling sriov seg6: fix skb checksum evaluation in SRH encapsulation/insertion seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors seg6: bpf: fix skb checksum in bpf_push_seg6_encap() sfc: fix kernel panic when creating VF mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE virtio_mmio: Add missing PM calls to freeze/restore virtio_mmio: Restore guest page size on resume netfilter: br_netfilter: do not skip all hooks with 0 priority cpufreq: pmac32-cpufreq: Fix refcount leak bug platform/x86: hp-wmi: Ignore Sanitization Mode event net: tipc: fix possible refcount leak in tipc_sk_create() NFC: nxp-nci: don't print header length mismatch on i2c error nvme: fix regression when disconnect a recovering ctrl net: sfp: fix memory leak in sfp_probe() ASoC: ops: Fix off by one in range control validation ASoC: wm5110: Fix DRE control ASoC: cs47l15: Fix event generation for low power mux control ASoC: madera: Fix event generation for OUT1 demux ASoC: madera: Fix event generation for rate controls irqchip: or1k-pic: Undefine mask_ack for level triggered hardware x86: Clear .brk area at early boot soc: ixp4xx/npe: Fix unused match warning ARM: dts: stm32: use the correct clock source for CEC on stm32mp151 signal handling: don't use BUG_ON() for debugging USB: serial: ftdi_sio: add Belimo device ids usb: typec: add missing uevent when partner support PD usb: dwc3: gadget: Fix event pending check tty: serial: samsung_tty: set dma burst_size to 1 serial: 8250: fix return error code in serial8250_request_std_resource() serial: stm32: Clear prev values before setting RTS delays serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle can: m_can: m_can_tx_handler(): fix use after free of skb Linux 5.4.207 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ica75b787bd813b75db73739df2a831dbb4958668 |
||
Huaxin Lu
|
388f3df7c3 |
ima: Fix a potential integer overflow in ima_appraise_measurement
[ Upstream commit d2ee2cfc4aa85ff6a2a3b198a3a524ec54e3d999 ]
When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be
negative, which may cause the integer overflow problem.
Fixes:
|
||
|
Xiu Jianfeng
|
31e99fa969 |
Revert "evm: Fix memleak in init_desc"
commit 51dd64bb99e4478fc5280171acd8e1b529eadaf7 upstream.
This reverts commit ccf11dbaa07b328fa469415c362d33459c140a37.
Commit ccf11dbaa07b ("evm: Fix memleak in init_desc") said there is
memleak in init_desc. That may be incorrect, as we can see, tmp_tfm is
saved in one of the two global variables hmac_tfm or evm_tfm[hash_algo],
then if init_desc is called next time, there is no need to alloc tfm
again, so in the error path of kmalloc desc or crypto_shash_init(desc),
It is not a problem without freeing tmp_tfm.
And also that commit did not reset the global variable to NULL after
freeing tmp_tfm and this makes *tfm a dangling pointer which may cause a
UAF issue.
Reported-by: Guozihua (Scott) <guozihua@huawei.com>
Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
a778a36923 |
This is the 5.4.198 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmKos2QACgkQONu9yGCS
aT4QYQ//WQD/rHjO021lbo/z4eZbWUxjDiQNisJQY4MTCnIJgPYROJ6YLBLL2+of
VwDdZ0yQNpf3hBA3qgTZ8RgaBinVf+WNAk37Ap/3VFXTExxgyGCx7p/PG+Jx9Jk4
qd9YPHZCu8g9rQjJoex95fd8Fedu47tzBSd88MoAKiLz90JsNbYUZb+gqdRrLAYc
6krd7zm7T8Grk31xUWOl/tlUSxveuUuz6QQr5mwPmSyspz4gQXsBlrKSrNSWmk0o
qtqgqUCypvpKTF7RYiEoS3F8wy4XvWpGsET+W79SJ84inVx3EMsZKXB9GsWVZZgI
fm3eFjn10NcgA+lvc7TJpwKg0f5g8uHW/06FcfYwgBhbI+otCFDLQkkHtViN0wY2
gks3PLPsYJdAZTlwIvjNY0XY7wRqjS7Ta1pf+d1po1EndEFAyH76KJaIGCzdVKb4
OeSEy4Xw8HxmuCO+mrUtRVRqV3Y7x88GuJC359iDKYdDpc+Z21FcvaVcgrR5cy2V
A7ICKIfNyArgNmWnXQ6UBXqS1rDcoyfJe+0CYyRRdgDO/ON48Mx8FIW9YJrSrMeS
XEx6cw6VKZ7hE1G71us/ITOOeUlHO93V7Ju+oOcx9Fgew8TZ0mdNMliOFUFaNWPb
iAG+zZD0jwP5iyx0KFfOJyyuoovEtjBh9ZgVIF5BP3Ry1xRHuHY=
=oE7B
-----END PGP SIGNATURE-----
Merge 5.4.198 into android11-5.4-lts
Changes in 5.4.198
binfmt_flat: do not stop relocating GOT entries prematurely on riscv
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
USB: serial: option: add Quectel BG95 modem
USB: new quirk for Dell Gen 2 devices
usb: core: hcd: Add support for deferring roothub registration
perf/x86/intel: Fix event constraints for ICL
ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP
ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
btrfs: add "0x" prefix for unsupported optional features
btrfs: repair super block num_devices automatically
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
b43legacy: Fix assigning negative value to unsigned variable
b43: Fix assigning negative value to unsigned variable
ipw2x00: Fix potential NULL dereference in libipw_xmit()
ipv6: fix locking issues with loops over idev->addr_list
fbcon: Consistently protect deferred_takeover with console_lock()
ACPICA: Avoid cache flush inside virtual machines
drm/komeda: return early if drm_universal_plane_init() fails.
ALSA: jack: Access input_dev under mutex
spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction
tools/power turbostat: fix ICX DRAM power numbers
drm/amd/pm: fix double free in si_parse_power_table()
ath9k: fix QCA9561 PA bias level
media: venus: hfi: avoid null dereference in deinit
media: pci: cx23885: Fix the error handling in cx23885_initdev()
media: cx25821: Fix the warning when removing the module
md/bitmap: don't set sb values if can't pass sanity check
mmc: jz4740: Apply DMA engine limits to maximum segment size
scsi: megaraid: Fix error check return value of register_chrdev()
drm/plane: Move range check for format_count earlier
drm/amd/pm: fix the compile warning
arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
drm: msm: fix error check return value of irq_of_parse_and_map()
ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
net/mlx5: fs, delete the FTE when there are no rules attached to it
ASoC: dapm: Don't fold register value changes into notifications
mlxsw: spectrum_dcb: Do not warn about priority changes
drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
HID: bigben: fix slab-out-of-bounds Write in bigben_probe
ASoC: tscs454: Add endianness flag in snd_soc_component_driver
s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES
spi: stm32-qspi: Fix wait_cmd timeout in APM mode
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
ipmi:ssif: Check for NULL msg when handling events and messages
ipmi: Fix pr_fmt to avoid compilation issues
rtlwifi: Use pr_warn instead of WARN_ONCE
media: coda: limit frame interval enumeration to supported encoder frame sizes
media: cec-adap.c: fix is_configuring state
openrisc: start CPU timer early in boot
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
ASoC: rt5645: Fix errorenous cleanup order
nbd: Fix hung on disconnect request if socket is closed before
net: phy: micrel: Allow probing without .driver_data
media: exynos4-is: Fix compile warning
ASoC: max98357a: remove dependency on GPIOLIB
hwmon: Make chip parameter for with_info API mandatory
rxrpc: Return an error to sendmsg if call failed
eth: tg3: silence the GCC 12 array-bounds warning
selftests/bpf: fix btf_dump/btf_dump due to recent clang change
IB/rdmavt: add missing locks in rvt_ruc_loopback
ARM: dts: ox820: align interrupt controller node name with dtschema
PM / devfreq: rk3399_dmc: Disable edev on remove()
fs: jfs: fix possible NULL pointer dereference in dbFree()
ARM: OMAP1: clock: Fix UART rate reporting algorithm
powerpc/fadump: Fix fadump to work with a different endian capture kernel
fat: add ratelimit to fat*_ent_bread()
ARM: versatile: Add missing of_node_put in dcscb_init
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
ARM: hisi: Add missing of_node_put after of_find_compatible_node
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
powerpc/xics: fix refcount leak in icp_opal_init()
powerpc/powernv: fix missing of_node_put in uv_init()
macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
RDMA/hfi1: Prevent panic when SDMA is disabled
drm: fix EDID struct for old ARM OABI format
ath9k: fix ar9003_get_eepmisc
drm/edid: fix invalid EDID extension block filtering
drm/bridge: adv7511: clean up CEC adapter when probe fails
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
x86/delay: Fix the wrong asm constraint in delay_loop()
drm/mediatek: Fix mtk_cec_mask()
drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
drm/vc4: txp: Force alpha to be 0xff if it's disabled
bpf: Fix excessive memory allocation in stack_map_alloc()
nl80211: show SSID for P2P_GO interfaces
drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
drm: mali-dp: potential dereference of null pointer
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
NFC: NULL out the dev->rfkill to prevent UAF
efi: Add missing prototype for efi_capsule_setup_info
drbd: fix duplicate array initializer
HID: hid-led: fix maximum brightness for Dream Cheeky
HID: elan: Fix potential double free in elan_input_configured
drm/bridge: Fix error handling in analogix_dp_probe
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
spi: img-spfi: Fix pm_runtime_get_sync() error checking
cpufreq: Fix possible race in cpufreq online error path
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
inotify: show inotify mask flags in proc fdinfo
fsnotify: fix wrong lockdep annotations
of: overlay: do not break notify on NOTIFY_{OK|STOP}
scsi: ufs: core: Exclude UECxx from SFR dump list
x86/pm: Fix false positive kmemleak report in msr_build_context()
x86/speculation: Add missing prototype for unpriv_ebpf_notify()
ASoC: rk3328: fix disabling mclk on pclk probe failure
perf tools: Add missing headers needed by util/data.h
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
drm/msm/dsi: fix error checks and return values for DSI xmit functions
drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
virtio_blk: fix the discard_granularity and discard_alignment queue limits
x86: Fix return value of __setup handlers
irqchip/exiu: Fix acknowledgment of edge triggered interrupts
irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
x86/mm: Cleanup the control_va_addr_alignment() __setup handler
regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
media: uvcvideo: Fix missing check to determine if element is found in list
iomap: iomap_write_failed fix
Revert "cpufreq: Fix possible race in cpufreq online error path"
perf/amd/ibs: Use interrupt regs ip for stack unwinding
ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
scripts/faddr2line: Fix overlapping text section failures
media: aspeed: Fix an error handling path in aspeed_video_probe()
media: st-delta: Fix PM disable depth imbalance in delta_probe
media: exynos4-is: Change clk_disable to clk_disable_unprepare
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: vsp1: Fix offset calculation for plane cropping
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
m68k: math-emu: Fix dependencies of math emulation support
sctp: read sk->sk_bound_dev_if once in sctp_rcv()
media: ov7670: remove ov7670_power_off from ov7670_remove
ext4: reject the 'commit' option on ext2 filesystems
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
rxrpc: Fix listen() setting the bar too high for the prealloc rings
rxrpc: Don't try to resend the request if we're receiving the reply
rxrpc: Fix overlapping ACK accounting
rxrpc: Don't let ack.previousPacket regress
rxrpc: Fix decision on when to generate an IDLE ACK
net/smc: postpone sk_refcnt increment in connect()
arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
ARM: dts: suniv: F1C100: fix watchdog compatible
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
PCI: cadence: Fix find_first_zero_bit() limit
PCI: rockchip: Fix find_first_zero_bit() limit
KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry
can: xilinx_can: mark bit timing constants as const
ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
ARM: dts: bcm2835-rpi-b: Fix GPIO line names
misc: ocxl: fix possible double free in ocxl_file_register_afu
crypto: marvell/cesa - ECB does not IV
arm: mediatek: select arch timer for mt7629
powerpc/fadump: fix PT_LOAD segment for boot memory area
mfd: ipaq-micro: Fix error check return value of platform_get_irq()
scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
firmware: arm_scmi: Fix list protocols enumeration in the base protocol
nvdimm: Allow overwrite in the presence of disabled dimms
pinctrl: mvebu: Fix irq_of_parse_and_map() return value
drivers/base/node.c: fix compaction sysfs file leak
dax: fix cache flush on PMD-mapped pages
powerpc/8xx: export 'cpm_setbrg' for modules
powerpc/idle: Fix return value of __setup() handler
powerpc/4xx/cpm: Fix return value of __setup() handler
proc: fix dentry/inode overinstantiating under /proc/${pid}/net
ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
PCI: imx6: Fix PERST# start-up sequence
tty: fix deadlock caused by calling printk() under tty_port->lock
crypto: cryptd - Protect per-CPU resource by disabling BH.
Input: sparcspkr - fix refcount leak in bbc_beep_probe
powerpc/64: Only WARN if __pa()/__va() called with bad addresses
powerpc/perf: Fix the threshold compare group constraint for power9
macintosh: via-pmu and via-cuda need RTC_LIB
powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
mailbox: forward the hrtimer if not queued and under a lock
RDMA/hfi1: Prevent use of lock before it is initialized
Input: stmfts - do not leave device disabled in stmfts_input_open
f2fs: fix dereference of stale list iterator after loop body
iommu/mediatek: Add list_del in mtk_iommu_remove
i2c: at91: use dma safe buffers
i2c: at91: Initialize dma_buf in at91_twi_xfer()
NFS: Do not report EINTR/ERESTARTSYS as mapping errors
NFS: Do not report flush errors in nfs_write_end()
NFS: Don't report errors from nfs_pageio_complete() more than once
NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
dmaengine: stm32-mdma: remove GISR1 register
iommu/amd: Increase timeout waiting for GA log enablement
perf c2c: Use stdio interface if slang is not supported
perf jevents: Fix event syntax error caused by ExtSel
f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
f2fs: fix to clear dirty inode in f2fs_evict_inode()
f2fs: fix deadloop in foreground GC
f2fs: don't need inode lock for system hidden quota
f2fs: fix fallocate to use file_modified to update permissions consistently
wifi: mac80211: fix use-after-free in chanctx code
iwlwifi: mvm: fix assert 1F04 upon reconfig
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
efi: Do not import certificates from UEFI Secure Boot for T2 Macs
bfq: Split shared queues on move between cgroups
bfq: Update cgroup information before merging bio
bfq: Track whether bfq_group is still online
netfilter: nf_tables: disallow non-stateful expression in sets earlier
ext4: fix use-after-free in ext4_rename_dir_prepare
ext4: fix warning in ext4_handle_inode_extension
ext4: fix bug_on in ext4_writepages
ext4: verify dir block before splitting it
ext4: avoid cycles in directory h-tree
ACPI: property: Release subnode properties with data nodes
tracing: Fix potential double free in create_var_ref()
PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
PCI: qcom: Fix runtime PM imbalance on probe errors
PCI: qcom: Fix unbalanced PHY init on probe errors
mm, compaction: fast_find_migrateblock() should return pfn in the target zone
dlm: fix plock invalid read
dlm: fix missing lkb refcount handling
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
scsi: dc395x: Fix a missing check on list iterator
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
drm/nouveau/clk: Fix an incorrect NULL check on list iterator
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
md: fix an incorrect NULL check in does_sb_need_changing
md: fix an incorrect NULL check in md_reload_sb
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
media: coda: Fix reported H264 profile
media: coda: Add more H264 levels for CODA960
Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug
RDMA/hfi1: Fix potential integer multiplication overflow errors
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
irqchip: irq-xtensa-mx: fix initial IRQ affinity
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
um: chan_user: Fix winch_tramp() return value
um: Fix out-of-bounds read in LDT setup
iommu/msm: Fix an incorrect NULL check on list iterator
nodemask.h: fix compilation error with GCC12
hugetlb: fix huge_pmd_unshare address update
rtl818x: Prevent using not initialized queues
ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
carl9170: tx: fix an incorrect use of list iterator
serial: pch: don't overwrite xmit->buf[0] by x_char
tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
gma500: fix an incorrect NULL check on list iterator
arm64: dts: qcom: ipq8074: fix the sleep clock frequency
phy: qcom-qmp: fix struct clk leak on probe errors
ARM: pxa: maybe fix gpio lookup tables
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
dt-bindings: gpio: altera: correct interrupt-cells
blk-iolatency: Fix inflight count imbalances and IO hangs on offline
phy: qcom-qmp: fix reset-controller leak on probe errors
Kconfig: add config option for asm goto w/ outputs
RDMA/rxe: Generate a completion for unsupported/invalid opcode
MIPS: IP27: Remove incorrect `cpu_has_fpu' override
bfq: Avoid merging queues with different parents
bfq: Drop pointless unlock-lock pair
bfq: Remove pointless bfq_init_rq() calls
bfq: Get rid of __bio_blkcg() usage
bfq: Make sure bfqg for which we are queueing requests is online
block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
md: bcache: check the return value of kzalloc() in detached_dev_do_request()
pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
staging: greybus: codecs: fix type confusion of list iterator variable
iio: adc: ad7124: Remove shift from scan_type
tty: goldfish: Use tty_port_destroy() to destroy port
tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get
usb: usbip: fix a refcount leak in stub_probe()
usb: usbip: add missing device lock on tweak configuration cmd
USB: storage: karma: fix rio_karma_init return
usb: musb: Fix missing of_node_put() in omap2430_probe
staging: fieldbus: Fix the error handling path in anybuss_host_common_probe()
pwm: lp3943: Fix duty calculation in case period was clamped
rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
firmware: stratix10-svc: fix a missing check on list iterator
iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
iio: adc: sc27xx: fix read big scale voltage not right
iio: adc: sc27xx: Fine tune the scale calibration values
rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
serial: sifive: Report actual baud base rather than fixed 115200
coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
soc: rockchip: Fix refcount leak in rockchip_grf_init
clocksource/drivers/riscv: Events are stopped during CPU suspend
rtc: mt6397: check return value after calling platform_get_resource()
serial: meson: acquire port->lock in startup()
serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
serial: digicolor-usart: Don't allow CS5-6
serial: rda-uart: Don't allow CS5-6
serial: txx9: Don't allow CS5-6
serial: sh-sci: Don't allow CS5-6
serial: sifive: Sanitize CSIZE and c_iflag
serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
serial: stm32-usart: Correct CSIZE, bits, and parity
firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
bus: ti-sysc: Fix warnings for unbind for serial
driver: base: fix UAF when driver_attach failed
driver core: fix deadlock in __device_attach
watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
s390/crypto: fix scatterwalk_unmap() callers in AES-GCM
net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
modpost: fix removing numeric suffixes
jffs2: fix memory leak in jffs2_do_fill_super
ubi: ubi_create_volume: Fix use-after-free when volume creation failed
nfp: only report pause frame configuration for physical device
net/mlx5: Don't use already freed action pointer
net/mlx5e: Update netdev features after changing XDP state
net: sched: add barrier to fix packet stuck problem for lockless qdisc
tcp: tcp_rtx_synack() can be called from process context
afs: Fix infinite loop found by xfstest generic/676
tipc: check attribute length for bearer name
perf c2c: Fix sorting in percent_rmt_hitm_cmp()
mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
tracing: Fix sleeping function called from invalid context on RT kernel
tracing: Avoid adding tracer option before update_tracer_options
f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
i2c: cadence: Increase timeout per message if necessary
m68knommu: set ZERO_PAGE() to the allocated zeroed page
m68knommu: fix undefined reference to `_init_sp'
dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
NFSv4: Don't hold the layoutget locks across multiple RPC calls
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
xprtrdma: treat all calls not a bcall when bc_serv is NULL
netfilter: nat: really support inet nat without l3 address
ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
netfilter: nf_tables: memleak flow rule from commit path
xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
af_unix: Fix a data-race in unix_dgram_peer_wake_me().
bpf, arm64: Clear prog->jited_len along prog->jited
net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
net: mdio: unexport __init-annotated mdio_bus_init()
net: xfrm: unexport __init-annotated xfrm4_protocol_init()
net: ipv6: unexport __init-annotated seg6_hmac_init()
net/mlx5: Rearm the FW tracer after each tracer event
net/mlx5: fs, fail conflicting actions
ip_gre: test csum_start instead of transport header
net: altera: Fix refcount leak in altera_tse_mdio_create
drm: imx: fix compiler warning with gcc-12
iio: dummy: iio_simple_dummy: check the return value of kstrdup()
iio: st_sensors: Add a local lock for protecting odr
lkdtm/usercopy: Expand size of "out of frame" object
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
tty: Fix a possible resource leak in icom_probe
drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
USB: host: isp116x: check return value after calling platform_get_resource()
drivers: tty: serial: Fix deadlock in sa1100_set_termios()
drivers: usb: host: Fix deadlock in oxu_bus_suspend()
USB: hcd-pci: Fully suspend across freeze/thaw cycle
usb: dwc2: gadget: don't reset gadget's driver->bus
misc: rtsx: set NULL intfdata when probe fails
extcon: Modify extcon device to be created after driver data is set
clocksource/drivers/sp804: Avoid error on multiple instances
staging: rtl8712: fix uninit-value in usb_read8() and friends
staging: rtl8712: fix uninit-value in r871xu_drv_init()
serial: msm_serial: disable interrupts in __msm_console_write()
kernfs: Separate kernfs_pr_cont_buf and rename_lock.
watchdog: wdat_wdt: Stop watchdog when rebooting the system
md: protect md_unregister_thread from reentrancy
scsi: myrb: Fix up null pointer access on myrb_cleanup()
Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
ceph: allow ceph.dir.rctime xattr to be updatable
drm/radeon: fix a possible null pointer dereference
modpost: fix undefined behavior of is_arm_mapping_symbol()
x86/cpu: Elide KCSAN for cpu_has() and friends
nbd: call genl_unregister_family() first in nbd_cleanup()
nbd: fix race between nbd_alloc_config() and module removal
nbd: fix io hung while disconnecting device
s390/gmap: voluntarily schedule during key setting
cifs: version operations for smb20 unneeded when legacy support disabled
nodemask: Fix return values to be unsigned
vringh: Fix loop descriptors check in the indirect cases
scripts/gdb: change kernel config dumping method
ALSA: hda/conexant - Fix loopback issue with CX20632
cifs: return errors during session setup during reconnects
ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
mmc: block: Fix CQE recovery reset success
nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
ixgbe: fix bcast packets Rx on VF after promisc removal
ixgbe: fix unexpected VLAN Rx in promisc mode on VF
Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
powerpc/32: Fix overread/overwrite of thread_struct via ptrace
md/raid0: Ignore RAID0 layout if the second zone has only one device
mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
Linux 5.4.198
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I05615e33dbd0029f93c9724c9abc9cb9035122d2
|
||
Aditya Garg
|
b1cda6dd2c |
efi: Do not import certificates from UEFI Secure Boot for T2 Macs
commit 155ca952c7ca19aa32ecfb7373a32bbc2e1ec6eb upstream. On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certificates, a page fault occurs in Apple firmware code and EFI runtime services are disabled with the following logs: [Firmware Bug]: Page fault caused by firmware at PA: 0xffffb1edc0068000 WARNING: CPU: 3 PID: 104 at arch/x86/platform/efi/quirks.c:735 efi_crash_gracefully_on_page_fault+0x50/0xf0 (Removed some logs from here) Call Trace: <TASK> page_fault_oops+0x4f/0x2c0 ? search_bpf_extables+0x6b/0x80 ? search_module_extables+0x50/0x80 ? search_exception_tables+0x5b/0x60 kernelmode_fixup_or_oops+0x9e/0x110 __bad_area_nosemaphore+0x155/0x190 bad_area_nosemaphore+0x16/0x20 do_kern_addr_fault+0x8c/0xa0 exc_page_fault+0xd8/0x180 asm_exc_page_fault+0x1e/0x30 (Removed some logs from here) ? __efi_call+0x28/0x30 ? switch_mm+0x20/0x30 ? efi_call_rts+0x19a/0x8e0 ? process_one_work+0x222/0x3f0 ? worker_thread+0x4a/0x3d0 ? kthread+0x17a/0x1a0 ? process_one_work+0x3f0/0x3f0 ? set_kthread_struct+0x40/0x40 ? ret_from_fork+0x22/0x30 </TASK> ---[ end trace 1f82023595a5927f ]--- efi: Froze efi_rts_wq and disabled EFI Runtime Services integrity: Couldn't get size: 0x8000000000000015 integrity: MODSIGN: Couldn't get UEFI db list efi: EFI Runtime Services are disabled! integrity: Couldn't get size: 0x8000000000000015 integrity: Couldn't get UEFI dbx list integrity: Couldn't get size: 0x8000000000000015 integrity: Couldn't get mokx list integrity: Couldn't get size: 0x80000000 So we avoid reading these UEFI variables and thus prevent the crash. Cc: stable@vger.kernel.org Signed-off-by: Aditya Garg <gargaditya08@live.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Srinivasarao Pathipati
|
a965799388 |
Merge android11-5.4.191+ (375c2e2) into msm-5.4
* refs/heads/tmp-375c2e2:
Revert "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup"
Linux 5.4.191
Revert "net: micrel: fix KS8851_MLL Kconfig"
block/compat_ioctl: fix range check in BLKGETSIZE
staging: ion: Prevent incorrect reference counting behavour
spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller
jbd2: fix a potential race while discarding reserved buffers after an abort
ext4: force overhead calculation if the s_overhead_cluster makes no sense
ext4: fix overhead calculation to account for the reserved gdt blocks
ext4, doc: fix incorrect h_reserved size
ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
ext4: fix use-after-free in ext4_search_dir
ext4: fix symlink file size not match to file content
arm_pmu: Validate single/group leader events
ARC: entry: fix syscall_trace_exit argument
e1000e: Fix possible overflow in LTR decoding
ASoC: soc-dapm: fix two incorrect uses of list iterator
openvswitch: fix OOB access in reserve_sfa_size()
xtensa: fix a7 clobbering in coprocessor context load/store
xtensa: patch_text: Fixup last cpu should be master
powerpc/perf: Fix power9 event alternatives
drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage
KVM: PPC: Fix TCE handling for VFIO
drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare
drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised
dma: at_xdmac: fix a missing check on list iterator
ata: pata_marvell: Check the 'bmdma_addr' beforing reading
oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup
EDAC/synopsys: Read the error count from the correct register
stat: fix inconsistency between struct stat and struct compat_stat
scsi: qedi: Fix failed disconnect handling
net: macb: Restart tx only if queue pointer is lagging
drm/msm/mdp5: check the return of kzalloc()
dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info()
brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant
mt76: Fix undefined behavior due to shift overflowing the constant
cifs: Check the IOCB_DIRECT flag, not O_DIRECT
vxlan: fix error return code in vxlan_fdb_append
ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant
platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative
reset: tegra-bpmp: Restore Handle errors in BPMP response
ARM: vexpress/spc: Avoid negative array index when !SMP
selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets
netlink: reset network and mac headers in netlink_dump()
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
net/sched: cls_u32: fix possible leak in u32_init_knode()
net/packet: fix packet_sock xmit return value checking
net/smc: Fix sock leak when release after smc_shutdown()
rxrpc: Restore removed timer deletion
igc: Fix BUG: scheduling while atomic
igc: Fix infinite loop in release_swfw_sync
dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources
dmaengine: imx-sdma: Fix error checking in sdma_event_remap
ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component
ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek
ALSA: usb-audio: Clear MIDI port active flag after draining
tcp: Fix potential use-after-free due to double kfree()
net/sched: cls_u32: fix netns refcount changes in u32_change()
tcp: fix race condition when creating child sockets from syncookies
gfs2: assign rgrp glock before compute_bitstructs
can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path
tracing: Dump stacktrace trigger to the corresponding instance
mm: page_alloc: fix building error on -Werror=array-compare
etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead
Linux 5.4.190
ax25: Fix UAF bugs in ax25 timers
ax25: Fix NULL pointer dereferences in ax25 timers
ax25: fix NPD bug in ax25_disconnect
ax25: fix UAF bug in ax25_send_control()
ax25: Fix refcount leaks caused by ax25_cb_del()
ax25: fix UAF bugs of net_device caused by rebinding operation
ax25: fix reference count leaks of ax25_dev
ax25: add refcount in ax25_dev to avoid UAF bugs
dma-direct: avoid redundant memory sync for swiotlb
i2c: pasemi: Wait for write xfers to finish
smp: Fix offline cpu check in flush_smp_call_function_queue()
dm integrity: fix memory corruption when tag_size is less than digest size
ARM: davinci: da850-evm: Avoid NULL pointer dereference
tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
genirq/affinity: Consider that CPUs on nodes can be unbalanced
drm/amd/display: don't ignore alpha property on pre-multiplied mode
ipv6: fix panic when forwarding a pkt with no in6 dev
ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
ALSA: hda/realtek: Add quirk for Clevo PD50PNT
btrfs: mark resumed async balance as writing
btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
ath9k: Fix usage of driver-private space in tx_info
ath9k: Properly clear TX status area before reporting to mac80211
gcc-plugins: latent_entropy: use /dev/urandom
mm: kmemleak: take a full lowmem check in kmemleak_*_phys()
mm, page_alloc: fix build_zonerefs_node()
perf/imx_ddr: Fix undefined behavior due to shift overflowing the constant
drivers: net: slip: fix NPD bug in sl_tx_timeout()
scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
scsi: mvsas: Add PCI ID of RocketRaid 2640
powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit
drm/amd/display: Fix allocate_mst_payload assert on resume
net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
arm64: alternatives: mark patch_alternative() as `noinstr`
regulator: wm8994: Add an off-on delay for WM8994 variant
gpu: ipu-v3: Fix dev_dbg frequency output
ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
net: micrel: fix KS8851_MLL Kconfig
scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
scsi: target: tcmu: Fix possible page UAF
Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer
drm/amdkfd: Check for potential null return of kmalloc_array()
drm/amdkfd: Fix Incorrect VMIDs passed to HWS
drm/amd/display: Update VTEM Infopacket definition
drm/amd/display: fix audio format not updated after edid updated
drm/amd: Add USBC connector ID
cifs: potential buffer overflow in handling symlinks
nfc: nci: add flush_workqueue to prevent uaf
testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set
sctp: Initialize daddr on peeled off socket
net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init()
cfg80211: hold bss_lock while updating nontrans_list
net/sched: taprio: Check if socket flags are valid
net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link
net/sched: fix initialization order when updating chain 0 head
mlxsw: i2c: Fix initialization error flow
gpiolib: acpi: use correct format characters
veth: Ensure eth header is in skb's linear part
net/sched: flower: fix parsing of ethertype following VLAN header
memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe
ANDROID: GKI: fix crc issue with commit
|
||
|
Greg Kroah-Hartman
|
9eae8fc396 |
This is the 5.4.197 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmKdn9MACgkQONu9yGCS
aT4bpg//X6xA3rkYaTO2ymBqhqwvZ47OvS5M6dL4N5wTKhkuGk89Ij4XDI/z65lm
WeaRbVhvFbmnjm44lLvP8Ly5rHk/PTOVWqtGkbsFe05CStZb9VThJ9Eqrl2RfY1h
QswWZe1V3QquBCMaXVP85VjvsUmqxRz1Sq1XL7u3DE56LRzzjgBBFO6Iu3+tfI4X
6e1FOQec9nn2TRT3EQdYWy11EZawnoir5YF7wz1ao3epUu57xRLJogsaovA8Zu1l
xJPpss0wro+9aB1VSwrpSggDtYqDOnarKBst0Q2i43wSPOlcjy7DcqYpnn9JaTKf
zGchCQf/Zz0GrAuASqkwtc9ap3OhGNMv2x6RTtiH2MrKs8bH8/iQAhwwAvkgxQQg
yAUw7DxB4L069dOYXoQQw+jPH1YIsqY4k6w9KtmyjcA8S5FJh2jHuhOw5lWL9y4+
0Gz1LjoF59ZZZh49cNmKKuSmfFN3xO8CpWvz3qvd/2kjzus/dJXs7gq9+PS9uCC6
e6SccW9vp0RZ9yhSy59xHuyhEZQdeU2Wp5RGcyUEN0mXdXFGaj0asWouu2H/gm1y
coWZpcOlALk+uaP9+tYc+kLFCash98xhX10mNzb+nHODM/Mwxh+tzGbtOmQ8UuNX
KkUqXjGz3AXQZzxKOUePvq9mrAFkEkdIKZDOjdwQvoEq+iQg9Lc=
=JE5x
-----END PGP SIGNATURE-----
Merge 5.4.197 into android11-5.4-lts
Changes in 5.4.197
lockdown: also lock down previous kgdb use
x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
Input: goodix - fix spurious key release events
tcp: change source port randomizarion at connect() time
secure_seq: use the 64 bits of the siphash for port offset calculation
media: vim2m: Register video device after setting up internals
media: vim2m: initialize the media device earlier
ACPI: sysfs: Make sparse happy about address space in use
ACPI: sysfs: Fix BERT error region memory mapping
pinctrl: sunxi: fix f1c100s uart2 function
net: af_key: check encryption module availability consistency
net: ftgmac100: Disable hardware checksum on AST2600
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
assoc_array: Fix BUG_ON during garbage collect
cfg80211: set custom regdomain after wiphy registration
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
exec: Force single empty string when argv is empty
netfilter: conntrack: re-fetch conntrack after insertion
crypto: ecrdsa - Fix incorrect use of vli_cmp
zsmalloc: fix races between asynchronous zspage free and page migration
dm integrity: fix error code in dm_integrity_ctr()
dm crypt: make printing of the key constant-time
dm stats: add cond_resched when looping over entries
dm verity: set DM_TARGET_IMMUTABLE feature flag
raid5: introduce MD_BROKEN
HID: multitouch: Add support for Google Whiskers Touchpad
tpm: Fix buffer access in tpm2_get_tpm_pt()
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
docs: submitting-patches: Fix crossref to 'The canonical patch format'
NFS: Memory allocation failures are not server fatal errors
NFSD: Fix possible sleep during nfsd4_release_lockowner()
bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
Linux 5.4.197
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1b3af44df22d11027b65b96eaac53fe2c3b5db92
|
||
Daniel Thompson
|
8bb828229d |
lockdown: also lock down previous kgdb use
commit eadb2f47a3ced5c64b23b90fd2a3463f63726066 upstream. KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port (for example, via a hypervisor console, which some cloud vendors provide over the network) could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. Fix this by integrating lockdown into kdb's existing permissions mechanism. Unfortunately kgdb does not have any permissions mechanism (although it certainly could be added later) so, for now, kgdb is simply and brutally disabled by immediately exiting the gdb stub without taking any action. For lockdowns established early in the boot (e.g. the normal case) then this should be fine but on systems where kgdb has set breakpoints before the lockdown is enacted than "bad things" will happen. CVE: CVE-2022-21499 Co-developed-by: Stephen Brennan <stephen.s.brennan@oracle.com> Signed-off-by: Stephen Brennan <stephen.s.brennan@oracle.com> Reviewed-by: Douglas Anderson <dianders@chromium.org> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Srinivasarao Pathipati
|
f01f08906a |
Merge android11-5.4.180+ (598165f) into msm-5.4
* refs/heads/tmp-598165f:
Revert "arm: extend pfn_valid to take into account freed memory map alignment"
UPSTREAM: usb: gadget: clear related members when goto fail
UPSTREAM: usb: gadget: don't release an existing dev->buf
UPSTREAM: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
UPSTREAM: usb: gadget: rndis: prevent integer overflow in rndis_set_response()
UPSTREAM: fixup for "arm64 entry: Add macro for reading symbol address from the trampoline"
UPSTREAM: arm64: Use the clearbhb instruction in mitigations
UPSTREAM: KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
UPSTREAM: arm64: Mitigate spectre style branch history side channels
UPSTREAM: KVM: arm64: Add templates for BHB mitigation sequences
UPSTREAM: arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
UPSTREAM: arm64: Add percpu vectors for EL1
UPSTREAM: arm64: entry: Add macro for reading symbol addresses from the trampoline
UPSTREAM: arm64: entry: Add vectors that have the bhb mitigation sequences
UPSTREAM: arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
UPSTREAM: arm64: entry: Allow the trampoline text to occupy multiple pages
UPSTREAM: arm64: entry: Make the kpti trampoline's kpti sequence optional
UPSTREAM: arm64: entry: Move trampoline macros out of ifdef'd section
UPSTREAM: arm64: entry: Don't assume tramp_vectors is the start of the vectors
UPSTREAM: arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
UPSTREAM: arm64: entry: Move the trampoline data page before the text page
UPSTREAM: arm64: entry: Free up another register on kpti's tramp_exit path
UPSTREAM: arm64: entry: Make the trampoline cleanup optional
UPSTREAM: arm64: entry.S: Add ventry overflow sanity checks
UPSTREAM: arm64: Add Cortex-X2 CPU part definition
UPSTREAM: arm64: add ID_AA64ISAR2_EL1 sys register
UPSTREAM: arm64: Add Neoverse-N2, Cortex-A710 CPU part definition
UPSTREAM: arm64: Add part number for Arm Cortex-A77
UPSTREAM: sctp: fix the processing for INIT chunk
ANDROID: dm-bow: Protect Ranges fetched and erased from the RB tree
UPSTREAM: ARM: fix Thumb2 regression with Spectre BHB
UPSTREAM: ARM: Spectre-BHB: provide empty stub for non-config
UPSTREAM: ARM: fix build warning in proc-v7-bugs.c
UPSTREAM: ARM: Do not use NOCROSSREFS directive with ld.lld
UPSTREAM: ARM: fix co-processor register typo
UPSTREAM: ARM: fix build error when BPF_SYSCALL is disabled
UPSTREAM: ARM: include unprivileged BPF status in Spectre V2 reporting
UPSTREAM: ARM: Spectre-BHB workaround
UPSTREAM: ARM: use LOADADDR() to get load address of sections
UPSTREAM: ARM: early traps initialisation
UPSTREAM: ARM: report Spectre v2 status through sysfs
UPSTREAM: arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit()
UPSTREAM: arm/arm64: Provide a wrapper for SMCCC 1.1 calls
UPSTREAM: x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
UPSTREAM: x86/speculation: Warn about Spectre v2 LFENCE mitigation
UPSTREAM: x86/speculation: Update link to AMD speculation whitepaper
UPSTREAM: x86/speculation: Use generic retpoline by default on AMD
UPSTREAM: x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting
UPSTREAM: Documentation/hw-vuln: Update spectre doc
UPSTREAM: x86/speculation: Add eIBRS + Retpoline options
UPSTREAM: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
UPSTREAM: x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
UPSTREAM: x86/speculation: Merge one test in spectre_v2_user_select_mitigation()
UPSTREAM: bpf: Add kconfig knob for disabling unpriv bpf by default
UPSTREAM: mmc: block: fix read single on recovery logic
Linux 5.4.180
ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
perf: Fix list corruption in perf_cgroup_switch()
scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
hwmon: (dell-smm) Speed up setting of fan speed
seccomp: Invalidate seccomp mode to catch death failures
USB: serial: cp210x: add CPI Bulk Coin Recycler id
USB: serial: cp210x: add NCR Retail IO box id
USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
USB: serial: option: add ZTE MF286D modem
USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
usb: gadget: f_uac2: Define specific wTerminalType
usb: gadget: rndis: check size of RNDIS_MSG_SET command
USB: gadget: validate interface OS descriptor requests
usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition
usb: dwc3: gadget: Prevent core from processing stale TRBs
usb: ulpi: Call of_node_put correctly
usb: ulpi: Move of_node_put to ulpi_dev_release
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
n_tty: wake up poll(POLLRDNORM) on receiving data
vt_ioctl: add array_index_nospec to VT_ACTIVATE
vt_ioctl: fix array_index_nospec in vt_setactivate
net: amd-xgbe: disable interrupts during pci removal
tipc: rate limit warning for received illegal binding update
net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
veth: fix races around rq->rx_notify_masked
net: fix a memleak when uncloning an skb dst and its metadata
net: do not keep the dst cache when uncloning an skb dst and its metadata
nfp: flower: fix ida_idx not being released
ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
bonding: pair enable_port with slave_arr_updates
ixgbevf: Require large buffers for build_skb on 82599VF
misc: fastrpc: avoid double fput() on failed usercopy
usb: f_fs: Fix use-after-free for epfile
ARM: dts: imx6qdl-udoo: Properly describe the SD card detect
staging: fbtft: Fix error path in fbtft_driver_module_init()
ARM: dts: meson: Fix the UART compatible strings
perf probe: Fix ppc64 'perf probe add events failed' case
net: bridge: fix stale eth hdr pointer in br_dev_xmit
PM: s2idle: ACPI: Fix wakeup interrupts handling
ACPI/IORT: Check node revision for PMCG resources
nvme-tcp: fix bogus request completion when failing to send AER
ARM: socfpga: fix missing RESET_CONTROLLER
ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group
riscv: fix build with binutils 2.38
bpf: Add kconfig knob for disabling unpriv bpf by default
KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout()
usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
PM: hibernate: Remove register_nosave_region_late()
scsi: myrs: Fix crash in error case
scsi: qedf: Fix refcount issue when LOGO is received during TMF
scsi: target: iscsi: Make sure the np under each tpg is unique
net: sched: Clarify error message when qdisc kind is unknown
drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
NFSv4 expose nfs_parse_server_name function
NFSv4 remove zero number of fs_locations entries error check
NFSv4.1: Fix uninitialised variable in devicenotify
nfs: nfs4clinet: check the return value of kstrdup()
NFSv4 only print the label when its queried
nvme: Fix parsing of ANA log page
NFSD: Fix offset type in I/O trace points
NFSD: Clamp WRITE offsets
NFS: Fix initialisation of nfs_client cl_flags field
net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs
mmc: sdhci-of-esdhc: Check for error num after setting mask
ima: Do not print policy rule with inactive LSM labels
ima: Allow template selection with ima_template[_fmt]= after ima_hash=
ima: Remove ima_policy file before directory
integrity: check the return value of audit_log_start()
Linux 5.4.179
tipc: improve size validations for received domain records
moxart: fix potential use-after-free on remove path
Linux 5.4.178
cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
ext4: fix error handling in ext4_restore_inline_data()
EDAC/xgene: Fix deferred probing
EDAC/altera: Fix deferred probing
rtc: cmos: Evaluate century appropriate
selftests: futex: Use variable MAKE instead of make
nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
pinctrl: bcm2835: Fix a few error paths
ASoC: max9759: fix underflow in speaker_gain_control_put()
ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name
ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes
ASoC: fsl: Add missing error handling in pcm030_fabric_probe
drm/i915/overlay: Prevent divide by zero bugs in scaling
net: stmmac: ensure PTP time register reads are consistent
net: stmmac: dump gmac4 DMA registers correctly
net: macsec: Verify that send_sci is on when setting Tx sci explicitly
net: ieee802154: Return meaningful error codes from the netlink helpers
net: ieee802154: ca8210: Stop leaking skb's
net: ieee802154: mcr20a: Fix lifs/sifs periods
net: ieee802154: hwsim: Ensure proper channel selection at probe time
spi: meson-spicc: add IRQ check in meson_spicc_probe
spi: mediatek: Avoid NULL pointer crash in interrupt
spi: bcm-qspi: check for valid cs before applying chip select
iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
RDMA/mlx4: Don't continue event handler after memory allocation failure
RDMA/siw: Fix broken RDMA Read Fence/Resume logic.
IB/rdmavt: Validate remote_addr during loopback atomic tests
memcg: charge fs_context and legacy_fs_context
Revert "ASoC: mediatek: Check for error clk pointer"
block: bio-integrity: Advance seed correctly for larger interval sizes
mm/kmemleak: avoid scanning potential huge holes
drm/nouveau: fix off by one in BIOS boundary checking
btrfs: fix deadlock between quota disable and qgroup rescan worker
ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows
ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset)
ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks
ALSA: hda/realtek: Add quirk for ASUS GU603
ALSA: usb-audio: Simplify quirk entries with a macro
ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
audit: improve audit queue handling when "audit=1" on cmdline
Revert "net: fix information leakage in /proc/net/ptype"
Linux 5.4.177
af_packet: fix data-race in packet_setsockopt / packet_setsockopt
cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
net: sched: fix use-after-free in tc_new_tfilter()
net: amd-xgbe: Fix skb data length underflow
net: amd-xgbe: ensure to reset the tx_timer_active flag
ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
cgroup-v1: Require capabilities to set release_agent
psi: Fix uaf issue when psi trigger is destroyed while being polled
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
Linux 5.4.176
mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip()
block: Fix wrong offset in bio_truncate()
fsnotify: invalidate dcache before IN_DELETE event
dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
ipv4: remove sparse error in ip_neigh_gw4()
ipv4: tcp: send zero IPID in SYNACK messages
ipv4: raw: lock the socket in raw_bind()
net: hns3: handle empty unknown interrupt for VF
yam: fix a memory leak in yam_siocdevprivate()
drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
ibmvnic: don't spin in tasklet
ibmvnic: init ->running_cap_crqs early
hwmon: (lm90) Mark alert as broken for MAX6654
rxrpc: Adjust retransmission backoff
phylib: fix potential use-after-free
net: phy: broadcom: hook up soft_reset for BCM54616S
netfilter: conntrack: don't increment invalid counter on NF_REPEAT
NFS: Ensure the server has an up to date ctime before renaming
NFS: Ensure the server has an up to date ctime before hardlinking
ipv6: annotate accesses to fn->fn_sernum
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
drm/msm: Fix wrong size calculation
net-procfs: show net devices bound packet types
NFSv4: nfs_atomic_open() can race when looking up a non-regular file
NFSv4: Handle case where the lookup of a directory fails
hwmon: (lm90) Reduce maximum conversion rate for G781
ipv4: avoid using shared IP generator for connected sockets
ping: fix the sk_bound_dev_if match in ping_lookup
hwmon: (lm90) Mark alert as broken for MAX6680
hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
net: fix information leakage in /proc/net/ptype
ipv6_tunnel: Rate limit warning messages
scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
i40e: fix unsigned stat widths
i40e: Fix queues reservation for XDP
i40e: Fix issue when maximum queues is exceeded
i40e: Increase delay to 1 s after global EMP reset
powerpc/32: Fix boot failure with GCC latent entropy plugin
net: sfp: ignore disabled SFP node
ucsi_ccg: Check DEV_INT bit only when starting CCG4
usb: typec: tcpm: Do not disconnect while receiving VBUS off
USB: core: Fix hang in usb_kill_urb by adding memory barriers
usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
usb: common: ulpi: Fix crash in ulpi_match()
usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
tty: Add support for Brainboxes UC cards.
tty: n_gsm: fix SW flow control encoding/handling
serial: stm32: fix software flow control transfer
serial: 8250: of: Fix mapped region size when using reg-offset property
netfilter: nft_payload: do not update layer 4 checksum when mangling fragments
arm64: errata: Fix exec handling in erratum
|
||
|
Greg Kroah-Hartman
|
023cd1cf3f |
This is the 5.4.189 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJZYqcACgkQONu9yGCS
aT51cA/+PXr+24MJMwa0PyLuQO9YScRAu/4E8PtEkumpj5dA9FuWJCcuNwO9cmNp
YM6IdGGbHfW+JRsX3wLAothut1ID9hfl+Y2tpBFJacS7E5ezgzoiAF1ke8RsBxd/
s+sRwZqRfSVoVmwYGj9/SwXLzJJTdPwY/FwXUdsyxxkn8u99YmAURlNUZdv0+KWs
vmAvS6mj4M4GfazS9FfBhnUVMcxbDgY0/rNlek2rMQi1ValvrYeNBATjKMI/NrkR
/bRTplCezuDFDw82IqQfiqGQ71mMbpYFXxkbdXsJj3nhIJ1AimWRQhLRg/TqJOi4
0Hhx3cEk/5hs/22VBN9sIYIAbJr+z7Kr9gnhltAETPOrv0s9w9fnJARve5GlwSHV
yKBm3Pfq0+abAQ2urnsmiHFvMMzFaiNuWe98TOF0BHkJbwMSFQpgFtp0yWx2bgMf
Svx/rEXzd2Cx0h5X4dHAMykPqsJAek0qIb4MgOPAEpuZWLZ09xfXOeVc8lTbHG22
y/HfKE+4FMTw8tsAe/7E7xP+yjosPrAq8De2ymMo9NGDFxT8I9ro+gkqwMWwC+yi
trYDVFEX3NNIEG9D6Oh+eP2nY97U898wCI1GFU18J9zOPQsw4peHSS8xPW7vLbqy
zrzOxMKW+2khSwj/wFlSXRaj3pogP5/y4jaAXpMSse0Zb3Neu2U=
=p4tc
-----END PGP SIGNATURE-----
Merge 5.4.189 into android11-5.4-lts
Changes in 5.4.189
swiotlb: fix info leak with DMA_FROM_DEVICE
USB: serial: pl2303: add IBM device IDs
USB: serial: simple: add Nokia phone driver
netdevice: add the case if dev is NULL
HID: logitech-dj: add new lightspeed receiver id
xfrm: fix tunnel model fragmentation behavior
virtio_console: break out of buf poll on remove
ethernet: sun: Free the coherent when failing in probing
spi: Fix invalid sgs value
net:mcf8390: Use platform_get_irq() to get the interrupt
spi: Fix erroneous sgs value with min_t()
af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
net: dsa: microchip: add spi_device_id tables
iommu/iova: Improve 32-bit free space estimate
tpm: fix reference counting for struct tpm_chip
block: Add a helper to validate the block size
virtio-blk: Use blk_validate_block_size() to validate block size
USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
xhci: fix runtime PM imbalance in USB2 resume
xhci: make xhci_handshake timeout for xhci_reset() adjustable
xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
coresight: Fix TRCCONFIGR.QE sysfs interface
iio: afe: rescale: use s64 for temporary scale calculations
iio: inkern: apply consumer scale on IIO_VAL_INT cases
iio: inkern: apply consumer scale when no channel scale is available
iio: inkern: make a best effort on offset calculation
greybus: svc: fix an error handling bug in gb_svc_hello()
clk: uniphier: Fix fixed-rate initialization
ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
KEYS: fix length validation in keyctl_pkey_params_get_2()
Documentation: add link to stable release candidate tree
Documentation: update stable tree link
HID: intel-ish-hid: Use dma_alloc_coherent for firmware update
SUNRPC: avoid race between mod_timer() and del_timer_sync()
NFSD: prevent underflow in nfssvc_decode_writeargs()
NFSD: prevent integer overflow on 32 bit systems
f2fs: fix to unlock page correctly in error path of is_alive()
f2fs: quota: fix loop condition at f2fs_quota_sync()
f2fs: fix to do sanity check on .cp_pack_total_block_count
pinctrl: samsung: drop pin banks references on error paths
spi: mxic: Fix the transmit path
can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
jffs2: fix memory leak in jffs2_do_mount_fs
jffs2: fix memory leak in jffs2_scan_medium
mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
mm: invalidate hwpoison page cache page in fault path
mempolicy: mbind_range() set_policy() after vma_merge()
scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
qed: display VF trust config
qed: validate and restrict untrusted VFs vlan promisc mode
riscv: Fix fill_callchain return value
Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
ALSA: cs4236: fix an incorrect NULL check on list iterator
ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
mm,hwpoison: unmap poisoned page before invalidation
mm/kmemleak: reset tag when compare object pointer
drbd: fix potential silent data corruption
powerpc/kvm: Fix kvm_use_magic_page
udp: call udp_encap_enable for v6 sockets when enabling encap
ACPI: properties: Consistently return -ENOENT if there are no more references
drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
mailbox: tegra-hsp: Flush whole channel
block: don't merge across cgroup boundaries if blkcg is enabled
drm/edid: check basic audio support on CEA extension block
video: fbdev: sm712fb: Fix crash in smtcfb_read()
video: fbdev: atari: Atari 2 bpp (STe) palette bugfix
ARM: dts: at91: sama5d2: Fix PMERRLOC resource size
ARM: dts: exynos: fix UART3 pins configuration in Exynos5250
ARM: dts: exynos: add missing HDMI supplies on SMDK5250
ARM: dts: exynos: add missing HDMI supplies on SMDK5420
carl9170: fix missing bit-wise or operator for tx_params
thermal: int340x: Increase bitmap size
lib/raid6/test: fix multiple definition linking error
crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
crypto: rsa-pkcs1pad - restore signature length check
crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
DEC: Limit PMAX memory probing to R3k systems
media: davinci: vpif: fix unbalanced runtime PM get
xtensa: fix stop_machine_cpuslocked call in patch_text
xtensa: fix xtensa_wsr always writing 0
brcmfmac: firmware: Allocate space for default boardrev in nvram
brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
brcmfmac: pcie: Fix crashes due to early IRQs
PCI: pciehp: Clear cmd_busy bit in polling mode
regulator: qcom_smd: fix for_each_child.cocci warnings
crypto: authenc - Fix sleep in atomic context in decrypt_tail
crypto: mxs-dcp - Fix scatterlist processing
spi: tegra114: Add missing IRQ check in tegra_spi_probe
selftests/x86: Add validity check and allow field splitting
audit: log AUDIT_TIME_* records only from rules
crypto: ccree - don't attempt 0 len DMA mappings
spi: pxa2xx-pci: Balance reference count for PCI DMA device
hwmon: (pmbus) Add mutex to regulator ops
hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
block: don't delete queue kobject before its children
PM: hibernate: fix __setup handler error handling
PM: suspend: fix return value of __setup handler
hwrng: atmel - disable trng on failure path
crypto: vmx - add missing dependencies
clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init()
ACPI: APEI: fix return value of __setup handlers
crypto: ccp - ccp_dmaengine_unregister release dma channels
hwmon: (pmbus) Add Vin unit off handling
clocksource: acpi_pm: fix return value of __setup handler
sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
perf/core: Fix address filter parser for multiple filters
perf/x86/intel/pt: Fix address filter config for 32-bit kernel
f2fs: fix missing free nid in f2fs_handle_failed_inode
f2fs: fix to avoid potential deadlock
media: bttv: fix WARNING regression on tunerless devices
media: coda: Fix missing put_device() call in coda_get_vdoa_data
media: hantro: Fix overfill bottom register field name
media: aspeed: Correct value for h-total-pixels
video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
ARM: dts: qcom: ipq4019: fix sleep clock
soc: qcom: rpmpd: Check for null return of devm_kcalloc
soc: qcom: aoss: remove spurious IRQF_ONESHOT flags
arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc
soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe
ARM: dts: imx: Add missing LVDS decoder on M53Menlo
media: video/hdmi: handle short reads of hdmi info frame.
media: em28xx: initialize refcount before kref_get
media: usb: go7007: s2250-board: fix leak in probe()
uaccess: fix nios2 and microblaze get_user_8()
ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp()
ASoC: ti: davinci-i2s: Add check for clk_enable()
ALSA: spi: Add check for clk_enable()
arm64: dts: ns2: Fix spi-cpol and spi-cpha property
arm64: dts: broadcom: Fix sata nodename
printk: fix return value of printk.devkmsg __setup handler
ASoC: mxs-saif: Handle errors for clk_enable
ASoC: atmel_ssc_dai: Handle errors for clk_enable
ASoC: soc-compress: prevent the potentially use of null pointer
memory: emif: Add check for setup_interrupts
memory: emif: check the pointer temp in get_device_details()
ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly
media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED
ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
ASoC: wm8350: Handle error for wm8350_register_irq
ASoC: fsi: Add check for clk_enable
video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
ivtv: fix incorrect device_caps for ivtvfb
ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe
mmc: davinci_mmc: Handle error for clk_enable
ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe
drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev
drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe
ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
udmabuf: validate ubuf->pagecount
Bluetooth: hci_serdev: call init_rwsem() before p->open()
mtd: onenand: Check for error irq
mtd: rawnand: gpmi: fix controller timings setting
drm/edid: Don't clear formats if using deep color
drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()
ath9k_htc: fix uninit value bugs
KVM: PPC: Fix vmx/vsx mixup in mmio emulation
i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb
power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe
ray_cs: Check ioremap return value
powerpc/perf: Don't use perf_hw_context for trace IMC PMU
mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update
mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update
net: dsa: mv88e6xxx: Enable port policy support on 6097
PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge
power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init
HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
iommu/ipmmu-vmsa: Check for error num after setting mask
drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
IB/cma: Allow XRC INI QPs to set their local ACK timeout
dax: make sure inodes are flushed before destroy cache
iwlwifi: Fix -EIO error code that is never returned
iwlwifi: mvm: Fix an error code in iwl_mvm_up()
dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS
scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
scsi: pm8001: Fix abort all task initialization
drm/amd/display: Remove vupdate_int_entry definition
TOMOYO: fix __setup handlers return values
ext2: correct max file size computing
drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return
scsi: hisi_sas: Change permission of parameter prot_mask
drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt
bpf, arm64: Call build_prologue() first in first JIT pass
bpf, arm64: Feed byte-offset into bpf line info
libbpf: Skip forward declaration when counting duplicated type names
powerpc/Makefile: Don't pass -mcpu=powerpc64 when building 32-bit
KVM: x86: Fix emulation in writing cr8
KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor()
hv_balloon: rate-limit "Unhandled message" warning
i2c: xiic: Make bus names unique
power: supply: wm8350-power: Handle error for wm8350_register_irq
power: supply: wm8350-power: Add missing free in free_charger_irq
PCI: Reduce warnings on possible RW1C corruption
mips: DEC: honor CONFIG_MIPS_FP_SUPPORT=n
powerpc/sysdev: fix incorrect use to determine if list is empty
mfd: mc13xxx: Add check for mc13xxx_irq_request
selftests/bpf: Make test_lwt_ip_encap more stable and faster
powerpc: 8xx: fix a return value error in mpc8xx_pic_init
vxcan: enable local echo for sent CAN frames
MIPS: RB532: fix return value of __setup handler
mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init
RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
bpf, sockmap: Fix more uncharged while msg has more_data
bpf, sockmap: Fix double uncharge the mem of sk_msg
USB: storage: ums-realtek: fix error code in rts51x_read_mem()
Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt
af_netlink: Fix shift out of bounds in group mask calculation
i2c: mux: demux-pinctrl: do not deactivate a master that is not active
selftests/bpf/test_lirc_mode2.sh: Exit with proper code
tcp: ensure PMTU updates are processed during fastopen
openvswitch: always update flow key after nat
tipc: fix the timer expires after interval 100ms
mfd: asic3: Add missing iounmap() on error asic3_mfd_probe
mxser: fix xmit_buf leak in activate when LSR == 0xff
pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add()
misc: alcor_pci: Fix an error handling path
staging:iio:adc:ad7280a: Fix handing of device address bit reversing.
pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel
clk: qcom: ipq8074: Use floor ops for SDCC1 clock
phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure})
serial: 8250_mid: Balance reference count for PCI DMA device
serial: 8250: Fix race condition in RTS-after-send handling
iio: adc: Add check for devm_request_threaded_irq
NFS: Return valid errors from nfs2/3_decode_dirent()
dma-debug: fix return value of __setup handlers
clk: imx7d: Remove audio_mclk_root_clk
clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
clk: qcom: clk-rcg2: Update the frac table for pixel clock
remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region
clk: actions: Terminate clk_div_table with sentinel element
clk: loongson1: Terminate clk_div_table with sentinel element
clk: clps711x: Terminate clk_div_table with sentinel element
clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver
NFS: remove unneeded check in decode_devicenotify_args()
staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree
pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
pinctrl: mediatek: paris: Fix "argument" argument type for mtk_pinconf_get()
pinctrl: mediatek: paris: Fix pingroup pin config state readback
pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
tty: hvc: fix return value of __setup handler
kgdboc: fix return value of __setup handler
kgdbts: fix return value of __setup handler
firmware: google: Properly state IOMEM dependency
driver core: dd: fix return value of __setup handler
jfs: fix divide error in dbNextAG
netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error
clk: qcom: gcc-msm8994: Fix gpll4 width
clk: Initialize orphan req_rate
xen: fix is_xen_pmu()
net: phy: broadcom: Fix brcm_fet_config_init()
selftests: test_vxlan_under_vrf: Fix broken test case
qlcnic: dcb: default to returning -EOPNOTSUPP
net/x25: Fix null-ptr-deref caused by x25_disconnect
NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator
lib/test: use after free in register_test_dev_kmod()
LSM: general protection fault in legacy_parse_param
gcc-plugins/stackleak: Exactly match strings instead of prefixes
pinctrl: npcm: Fix broken references to chip->parent_device
block, bfq: don't move oom_bfqq
selinux: use correct type for context length
loop: use sysfs_emit() in the sysfs xxx show()
Fix incorrect type in assignment of ipv6 port for audit
irqchip/qcom-pdc: Fix broken locking
irqchip/nvic: Release nvic_base upon failure
bfq: fix use-after-free in bfq_dispatch_request
ACPICA: Avoid walking the ACPI Namespace if it is not there
lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3
Revert "Revert "block, bfq: honor already-setup queue merges""
ACPI/APEI: Limit printable size of BERT table data
PM: core: keep irq flags in device_pm_check_callbacks()
spi: tegra20: Use of_device_get_match_data()
ext4: don't BUG if someone dirty pages without asking ext4 first
ntfs: add sanity check on allocation size
video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
video: fbdev: w100fb: Reset global state
video: fbdev: cirrusfb: check pixclock to avoid divide by zero
video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit
ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960
ARM: dts: bcm2837: Add the missing L1/L2 cache information
ASoC: madera: Add dependencies on MFD
video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf()
video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf()
video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
ASoC: soc-core: skip zero num_dai component in searching dai name
media: cx88-mpeg: clear interrupt status register before streaming video
ARM: tegra: tamonten: Fix I2C3 pad setting
ARM: mmp: Fix failure to remove sram device
video: fbdev: sm712fb: Fix crash in smtcfb_write()
media: Revert "media: em28xx: add missing em28xx_close_extension"
media: hdpvr: initialize dev->worker at hdpvr_register_videodev
mmc: host: Return an error when ->enable_sdio_irq() ops is missing
ALSA: hda/realtek: Add alc256-samsung-headphone fixup
powerpc/lib/sstep: Fix 'sthcx' instruction
powerpc/lib/sstep: Fix build errors with newer binutils
powerpc: Fix build errors with newer binutils
scsi: qla2xxx: Fix stuck session in gpdb
scsi: qla2xxx: Fix wrong FDMI data for 64G adapter
scsi: qla2xxx: Fix warning for missing error code
scsi: qla2xxx: Fix device reconnect in loop topology
scsi: qla2xxx: Add devids and conditionals for 28xx
scsi: qla2xxx: Check for firmware dump already collected
scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
scsi: qla2xxx: Fix disk failure to rediscover
scsi: qla2xxx: Fix incorrect reporting of task management failure
scsi: qla2xxx: Fix hang due to session stuck
scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests
scsi: qla2xxx: Fix N2N inconsistent PLOGI
scsi: qla2xxx: Reduce false trigger to login
scsi: qla2xxx: Use correct feature type field during RFF_ID processing
KVM: Prevent module exit until all VMs are freed
KVM: x86: fix sending PV IPI
ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM
ubifs: rename_whiteout: Fix double free for whiteout_ui->data
ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
ubifs: rename_whiteout: correct old_dir size computing
XArray: Fix xas_create_range() when multi-order entry present
can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path
can: mcba_usb: properly check endpoint type
XArray: Update the LRU list in xas_split()
rtc: check if __rtc_read_time was successful
gfs2: Make sure FITRIM minlen is rounded up to fs block size
net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware
pinctrl: pinconf-generic: Print arguments for bias-pull-*
pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR()
pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs
ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
ARM: iop32x: offset IRQ numbers by 1
ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
powerpc/kasan: Fix early region not updated correctly
ASoC: soc-compress: Change the check for codec_dai
mm/mmap: return 1 from stack_guard_gap __setup() handler
mm/memcontrol: return 1 from cgroup.memory __setup() handler
mm/usercopy: return 1 from hardened_usercopy __setup() handler
bpf: Fix comment for helper bpf_current_task_under_cgroup()
dt-bindings: mtd: nand-controller: Fix the reg property description
dt-bindings: mtd: nand-controller: Fix a comment in the examples
dt-bindings: spi: mxic: The interrupt property is not mandatory
ubi: fastmap: Return error code if memory allocation fails in add_aeb()
ASoC: topology: Allow TLV control to be either read or write
ARM: dts: spear1340: Update serial node properties
ARM: dts: spear13xx: Update SPI dma properties
um: Fix uml_mconsole stop/go
openvswitch: Fixed nd target mask field in the flow dump.
KVM: x86/mmu: do compare-and-exchange of gPTE via the user address
KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated
ubifs: Rectify space amount budget for mkdir/tmpfile operations
rtc: wm8350: Handle error for wm8350_register_irq
riscv module: remove (NOLOAD)
ARM: 9187/1: JIVE: fix return value of __setup handler
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
drm: Add orientation quirk for GPD Win Max
ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
ptp: replace snprintf with sysfs_emit
powerpc: dts: t104xrdb: fix phy type for FMAN 4/5
bpf: Make dst_port field in struct bpf_sock 16-bit wide
scsi: mvsas: Replace snprintf() with sysfs_emit()
scsi: bfa: Replace snprintf() with sysfs_emit()
power: supply: axp20x_battery: properly report current when discharging
ipv6: make mc_forwarding atomic
powerpc: Set crashkernel offset to mid of RMA region
drm/amdgpu: Fix recursive locking warning
PCI: aardvark: Fix support for MSI interrupts
iommu/arm-smmu-v3: fix event handling soft lockup
usb: ehci: add pci device support for Aspeed platforms
PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
power: supply: axp288-charger: Set Vhold to 4.4V
ipv4: Invalidate neighbour for broadcast address upon address addition
dm ioctl: prevent potential spectre v1 gadget
drm/amdkfd: make CRAT table missing message informational only
scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
scsi: aha152x: Fix aha152x_setup() __setup handler return value
net/smc: correct settings of RMB window update limit
mips: ralink: fix a refcount leak in ill_acc_of_setup()
macvtap: advertise link netns via netlink
tuntap: add sanity checks about msg_controllen in sendmsg
bnxt_en: Eliminate unintended link toggle during FW reset
MIPS: fix fortify panic when copying asm exception handlers
scsi: libfc: Fix use after free in fc_exch_abts_resp()
usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm
xtensa: fix DTC warning unit_address_format
Bluetooth: Fix use after free in hci_send_acl
netlabel: fix out-of-bounds memory accesses
init/main.c: return 1 from handled __setup() functions
minix: fix bug when opening a file with O_DIRECT
clk: si5341: fix reported clk_rate when output divider is 2
w1: w1_therm: fixes w1_seq for ds28ea00 sensors
NFSv4: Protect the state recovery thread against direct reclaim
xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
clk: Enforce that disjoints limits are invalid
SUNRPC/call_alloc: async tasks mustn't block waiting for memory
NFS: swap IO handling is slightly different for O_DIRECT IO
NFS: swap-out must always use STABLE writes.
serial: samsung_tty: do not unlock port->lock for uart_write_wakeup()
virtio_console: eliminate anonymous module_init & module_exit
jfs: prevent NULL deref in diFree
SUNRPC: Fix socket waits for write buffer space
parisc: Fix CPU affinity for Lasi, WAX and Dino chips
parisc: Fix patch code locking and flushing
mm: fix race between MADV_FREE reclaim and blkdev direct IO read
KVM: arm64: Check arm64_get_bp_hardening_data() didn't return NULL
drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
Drivers: hv: vmbus: Fix potential crash on module unload
scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
net/tls: fix slab-out-of-bounds bug in decrypt_internal
net: ipv4: fix route with nexthop object delete warning
net: stmmac: Fix unset max_speed difference between DT and non-DT platforms
drm/imx: Fix memory leak in imx_pd_connector_get_modes
bnxt_en: reserve space inside receive page for skb_shared_info
IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
ipv6: Fix stats accounting in ip6_pkt_drop
net: openvswitch: don't send internal clone attribute to the userspace.
rxrpc: fix a race in rxrpc_exit_net()
qede: confirm skb is allocated before using
spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op()
bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
drbd: Fix five use after free bugs in get_initial_state
SUNRPC: Handle ENOMEM in call_transmit_status()
SUNRPC: Handle low memory situations in call_status()
perf tools: Fix perf's libperf_print callback
perf session: Remap buf if there is no space for event
Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
mmc: renesas_sdhi: don't overwrite TAP settings when HS400 tuning is complete
lz4: fix LZ4_decompress_safe_partial read out of bound
mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0)
mm/mempolicy: fix mpol_new leak in shared_policy_replace
x86/pm: Save the MSR validity status at context setup
x86/speculation: Restore speculation related MSRs during S3 resume
btrfs: fix qgroup reserve overflow the qgroup limit
arm64: patch_text: Fixup last cpu should be master
ata: sata_dwc_460ex: Fix crash due to OOB write
perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
irqchip/gic-v3: Fix GICR_CTLR.RWP polling
tools build: Filter out options and warnings not supported by clang
tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts
dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error"
mmc: mmci_sdmmc: Replace sg_dma_xxx macros
mmc: mmci: stm32: correctly check all elements of sg list
mm: don't skip swap entry even if zap_details specified
arm64: module: remove (NOLOAD) from linker script
mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning
drm/amdkfd: add missing void argument to function kgd2kfd_init
drm/amdkfd: Fix -Wstrict-prototypes from amdgpu_amdkfd_gfx_10_0_get_functions()
io_uring: fix fs->users overflow
cgroup: Use open-time credentials for process migraton perm checks
cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
cgroup: Use open-time cgroup namespace for process migration perm checks
selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644
selftests: cgroup: Test open-time credential usage for migration checks
selftests: cgroup: Test open-time cgroup namespace usage for migration checks
cpuidle: PSCI: Move the `has_lpi` check to the beginning of the function
ACPI: processor idle: Check for architectural support for LPI
Linux 5.4.189
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: If3564fc9b0854c215e077cf29dabd4d88de266eb
|
||
Casey Schaufler
|
c345724f2b |
Fix incorrect type in assignment of ipv6 port for audit
[ Upstream commit a5cd1ab7ab679d252a6d2f483eee7d45ebf2040c ] Remove inappropriate use of ntohs() and assign the port value directly. Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Christian Göttsche
|
799f22279e |
selinux: use correct type for context length
[ Upstream commit b97df7c098c531010e445da88d02b7bf7bf59ef6 ]
security_sid_to_context() expects a pointer to an u32 as the address
where to store the length of the computed context.
Reported by sparse:
security/selinux/xfrm.c:359:39: warning: incorrect type in arg 4
(different signedness)
security/selinux/xfrm.c:359:39: expected unsigned int
[usertype] *scontext_len
security/selinux/xfrm.c:359:39: got int *
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
[PM: wrapped commit description]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Casey Schaufler
|
ddcdda888e |
LSM: general protection fault in legacy_parse_param
[ Upstream commit ecff30575b5ad0eda149aadad247b7f75411fd47 ] The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular case Smack sees a mount option that it recognizes, and returns 0. A call to a BPF hook follows, which returns -ENOPARAM, which confuses the caller because Smack has processed its data. The SELinux hook incorrectly returns 1 on success. There was a time when this was correct, however the current expectation is that it return 0 on success. This is repaired. Reported-by: syzbot+d1e3b1d92d25abf97943@syzkaller.appspotmail.com Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: James Morris <jamorris@linux.microsoft.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Randy Dunlap
|
b689622cc4 |
TOMOYO: fix __setup handlers return values
[ Upstream commit 39844b7e3084baecef52d1498b5fa81afa2cefa9 ]
__setup() handlers should return 1 if the parameter is handled.
Returning 0 causes the entire string to be added to init's
environment strings (limited to 32 strings), unnecessarily polluting it.
Using the documented strings "TOMOYO_loader=string1" and
"TOMOYO_trigger=string2" causes an Unknown parameter message:
Unknown kernel command line parameters
"BOOT_IMAGE=/boot/bzImage-517rc5 TOMOYO_loader=string1 \
TOMOYO_trigger=string2", will be passed to user space.
and these strings are added to init's environment string space:
Run /sbin/init as init process
with arguments:
/sbin/init
with environment:
HOME=/
TERM=linux
BOOT_IMAGE=/boot/bzImage-517rc5
TOMOYO_loader=string1
TOMOYO_trigger=string2
With this change, these __setup handlers act as expected,
and init's environment is not polluted with these strings.
Fixes:
|
||
Eric Biggers
|
d312c0035e |
KEYS: fix length validation in keyctl_pkey_params_get_2()
commit c51abd96837f600d8fd940b6ab8e2da578575504 upstream.
In many cases, keyctl_pkey_params_get_2() is validating the user buffer
lengths against the wrong algorithm properties. Fix it to check against
the correct properties.
Probably this wasn't noticed before because for all asymmetric keys of
the "public_key" subtype, max_data_size == max_sig_size == max_enc_size
== max_dec_size. However, this isn't necessarily true for the
"asym_tpm" subtype (it should be, but it's not strictly validated). Of
course, future key types could have different values as well.
Fixes:
|
||
|
Greg Kroah-Hartman
|
20d2140d23 |
This is the 5.4.180 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmIM5agACgkQONu9yGCS aT7ADxAA0Q8+XC98nFxw1ylq+D3lF9CI9ozao0cWge9H2b8QWKYiitZsx1+BEvWg uuc7y9XebsU8fBgAv1l1ri/t4/PoXFmCi5i6ucTcnxTnaio68mASEejl+InRJB9W QS1dnfFzGkzCX880F+8d1lS9ckBPwTt1WEJiTlS6A4H7jS9ZJQEppHLVApEvkp21 Mo1wJnlhsKq+UzMzZuXTM9PWshhhgx8QD4lrXiuEMrAmpIOFuBJZDDJFGDf9xT3V Ft/7NqhCJ6kOzf6KZNlzOortXM52HSaYwhH2QQV5nIBOl0ROn9uPXXTR14T/lDnA u5AIcLvCHZCb9LVtYS34JxIXhJYVMfS/wXCF+pj+Ur76oxTjHz86ZIpvSOnCuQ92 Jx7v0qO53jDeStTwb7yAoSh4ILihSCLbU+dvoTnl5RF4GvU6bbVtjMHopVm+Awe1 ErFOM9eDqDkWT9/+JR7T4M1y+NlpU+B9tbzYDr0ElaOV/HKD+Ggaka8yB5IUl3HK zdzObE6+u/tjmPzEt3wxDQ2P9t8Q2bXQk10Vxf58vq/X2e7Yr2nqj6XLLoV9y+PU FvIchl9SIN5E/1A7+qkJx5W3u2BNDFicZBssMFozb96a91tV6NbWfDujpAhmvWsf 70i+DCciYs8EyYI4WC8mO0ehQL+6TDUNzFsvzJakngM2cMDpFCY= =8/vy -----END PGP SIGNATURE----- Merge 5.4.180 into android11-5.4-lts Changes in 5.4.180 integrity: check the return value of audit_log_start() ima: Remove ima_policy file before directory ima: Allow template selection with ima_template[_fmt]= after ima_hash= ima: Do not print policy rule with inactive LSM labels mmc: sdhci-of-esdhc: Check for error num after setting mask net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs NFS: Fix initialisation of nfs_client cl_flags field NFSD: Clamp WRITE offsets NFSD: Fix offset type in I/O trace points nvme: Fix parsing of ANA log page NFSv4 only print the label when its queried nfs: nfs4clinet: check the return value of kstrdup() NFSv4.1: Fix uninitialised variable in devicenotify NFSv4 remove zero number of fs_locations entries error check NFSv4 expose nfs_parse_server_name function drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer net: sched: Clarify error message when qdisc kind is unknown scsi: target: iscsi: Make sure the np under each tpg is unique scsi: qedf: Fix refcount issue when LOGO is received during TMF scsi: myrs: Fix crash in error case PM: hibernate: Remove register_nosave_region_late() usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout() KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER bpf: Add kconfig knob for disabling unpriv bpf by default riscv: fix build with binutils 2.38 ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group ARM: socfpga: fix missing RESET_CONTROLLER nvme-tcp: fix bogus request completion when failing to send AER ACPI/IORT: Check node revision for PMCG resources PM: s2idle: ACPI: Fix wakeup interrupts handling net: bridge: fix stale eth hdr pointer in br_dev_xmit perf probe: Fix ppc64 'perf probe add events failed' case ARM: dts: meson: Fix the UART compatible strings staging: fbtft: Fix error path in fbtft_driver_module_init() ARM: dts: imx6qdl-udoo: Properly describe the SD card detect usb: f_fs: Fix use-after-free for epfile misc: fastrpc: avoid double fput() on failed usercopy ixgbevf: Require large buffers for build_skb on 82599VF bonding: pair enable_port with slave_arr_updates ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path nfp: flower: fix ida_idx not being released net: do not keep the dst cache when uncloning an skb dst and its metadata net: fix a memleak when uncloning an skb dst and its metadata veth: fix races around rq->rx_notify_masked net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE tipc: rate limit warning for received illegal binding update net: amd-xgbe: disable interrupts during pci removal vt_ioctl: fix array_index_nospec in vt_setactivate vt_ioctl: add array_index_nospec to VT_ACTIVATE n_tty: wake up poll(POLLRDNORM) on receiving data eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup usb: ulpi: Move of_node_put to ulpi_dev_release usb: ulpi: Call of_node_put correctly usb: dwc3: gadget: Prevent core from processing stale TRBs usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition USB: gadget: validate interface OS descriptor requests usb: gadget: rndis: check size of RNDIS_MSG_SET command usb: gadget: f_uac2: Define specific wTerminalType USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 USB: serial: option: add ZTE MF286D modem USB: serial: ch341: add support for GW Instek USB2.0-Serial devices USB: serial: cp210x: add NCR Retail IO box id USB: serial: cp210x: add CPI Bulk Coin Recycler id seccomp: Invalidate seccomp mode to catch death failures hwmon: (dell-smm) Speed up setting of fan speed scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled perf: Fix list corruption in perf_cgroup_switch() ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE Linux 5.4.180 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I00a40753600ee33d1cd1a52c5f689b41d3a58dbb |
||
Stefan Berger
|
8a9511fd10 |
ima: Do not print policy rule with inactive LSM labels
commit 89677197ae709eb1ab3646952c44f6a171c9e74c upstream.
Before printing a policy rule scan for inactive LSM labels in the policy
rule. Inactive LSM labels are identified by args_p != NULL and
rule == NULL.
Fixes: 483ec26eed42 ("ima: ima/lsm policy rule loading logic bug fixes")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Cc: <stable@vger.kernel.org> # v5.6+
Acked-by: Christian Brauner <brauner@kernel.org>
[zohar@linux.ibm.com: Updated "Fixes" tag]
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Roberto Sassu
|
89e51f2ab8 |
ima: Allow template selection with ima_template[_fmt]= after ima_hash=
commit bb8e52e4906f148c2faf6656b5106cf7233e9301 upstream. Commit |
||
|
Stefan Berger
|
0939988b16 |
ima: Remove ima_policy file before directory
commit f7333b9572d0559e00352a926c92f29f061b4569 upstream.
The removal of ima_dir currently fails since ima_policy still exists, so
remove the ima_policy file before removing the directory.
Fixes:
|
||
Xiaoke Wang
|
ea58704f06 |
integrity: check the return value of audit_log_start()
commit 83230351c523b04ff8a029a4bdf97d881ecb96fc upstream.
audit_log_start() returns audit_buffer pointer on success or NULL on
error, so it is better to check the return value of it.
Fixes:
|
||
|
Srinivasarao Pathipati
|
16e939c6e4 |
Merge android11-5.4.161+ (b9d179c) into msm-5.4
* refs/heads/tmp-b9d179c:
UPSTREAM: driver core: Fix possible memory leak in device_link_add()
UPSTREAM: blk-mq: fix kernel panic during iterating over flush request
UPSTREAM: net: xfrm: fix memory leak in xfrm_user_rcv_msg
UPSTREAM: binder: fix the missing BR_FROZEN_REPLY in binder_return_strings
ANDROID: incremental-fs: fix mount_fs issue
UPSTREAM: vfs: fs_context: fix up param length parsing in legacy_parse_param
ANDROID: GKI: disable CONFIG_FORTIFY_SOURCE
Linux 5.4.161
erofs: fix unsafe pagevec reuse of hooked pclusters
erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
PCI: Add MSI masking quirk for Nvidia ION AHCI
PCI/MSI: Deal with devices lying about their MSI mask capability
PCI/MSI: Destroy sysfs before freeing entries
parisc/entry: fix trace test in syscall exit path
fortify: Explicitly disable Clang support
scsi: ufs: Fix tm request when non-fatal error happens
ext4: fix lazy initialization next schedule time computation in more granular unit
MIPS: Fix assembly error from MIPSr2 code used within MIPS_ISA_ARCH_LEVEL
scsi: ufs: Fix interrupt error message for shared interrupts
soc/tegra: pmc: Fix imbalanced clock disabling in error code path
Revert "net: sched: update default qdisc visibility after Tx queue cnt changes"
Revert "serial: core: Fix initializing and restoring termios speed"
Linux 5.4.160
selftests/bpf: Fix also no-alu32 strobemeta selftest
ath10k: fix invalid dma_addr_t token assignment
SUNRPC: Partial revert of commit 6f9f17287e78
PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
powerpc/powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module unload
s390/cio: make ccw_device_dma_* more robust
s390/tape: fix timer initialization in tape_std_assign()
s390/cio: check the subchannel validity for dev_busid
video: backlight: Drop maximum brightness override for brightness zero
mm, oom: do not trigger out_of_memory from the #PF
mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
powerpc/bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
powerpc/security: Add a helper to query stf_barrier type
powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
powerpc/bpf: Validate branch ranges
powerpc/lib: Add helper to check if offset is within conditional branch range
ovl: fix deadlock in splice write
9p/net: fix missing error check in p9_check_errors
net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
f2fs: should use GFP_NOFS for directory inodes
irqchip/sifive-plic: Fixup EOI failed when masked
parisc: Fix set_fixmap() on PA1.x CPUs
parisc: Fix backtrace to always include init funtion names
ARM: 9156/1: drop cc-option fallbacks for architecture selection
ARM: 9155/1: fix early early_iounmap()
selftests/net: udpgso_bench_rx: fix port argument
cxgb4: fix eeprom len when diagnostics not implemented
net/smc: fix sk_refcnt underflow on linkdown and fallback
vsock: prevent unnecessary refcnt inc for nonblocking connect
net: hns3: allow configure ETS bandwidth of all TCs
net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
llc: fix out-of-bound array index in llc_sk_dev_hash()
perf bpf: Add missing free to bpf_event__print_bpf_prog_info()
zram: off by one in read_block_state()
mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration()
bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
net: vlan: fix a UAF in vlan_dev_real_dev()
net: davinci_emac: Fix interrupt pacing disable
xen-pciback: Fix return in pm_ctrl_init()
i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()'
NFSv4: Fix a regression in nfs_set_open_stateid_locked()
scsi: qla2xxx: Turn off target reset during issue_lip
scsi: qla2xxx: Fix gnl list corruption
ar7: fix kernel builds for compiler test
watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
m68k: set a default value for MEMORY_RESERVE
signal/sh: Use force_sig(SIGKILL) instead of do_group_exit(SIGKILL)
dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
netfilter: nfnetlink_queue: fix OOB when mac header was cleared
soc: fsl: dpaa2-console: free buffer before returning from dpaa2_console_read
auxdisplay: ht16k33: Fix frame buffer device blanking
auxdisplay: ht16k33: Connect backlight to fbdev
auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string
dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro
mtd: core: don't remove debugfs directory if device is in use
mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
fs: orangefs: fix error return code of orangefs_revalidate_lookup()
NFS: Fix deadlocks in nfs_scan_commit_list()
opp: Fix return in _opp_add_static_v2()
PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on emulated bridge
PCI: aardvark: Don't spam about PIO Response Status
drm/plane-helper: fix uninitialized variable reference
pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
apparmor: fix error check
power: supply: bq27xxx: Fix kernel crash on IRQ handler register error
mips: cm: Convert to bitfield API to fix out-of-bounds access
powerpc/44x/fsp2: add missing of_node_put
HID: u2fzero: properly handle timeouts in usb_submit_urb
HID: u2fzero: clarify error check and length calculations
serial: xilinx_uartps: Fix race condition causing stuck TX
phy: qcom-qusb2: Fix a memory leak on probe
ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER
ASoC: cs42l42: Correct some register default values
ARM: dts: stm32: fix SAI sub nodes register range
staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC
RDMA/mlx4: Return missed an error if device doesn't support steering
scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
power: supply: rt5033_battery: Change voltage values to µV
usb: gadget: hid: fix error code in do_config()
serial: 8250_dw: Drop wrong use of ACPI_PTR()
video: fbdev: chipsfb: use memset_io() instead of memset()
clk: at91: check pmc node status before registering syscore ops
memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe
soc/tegra: Fix an error handling path in tegra_powergate_power_up()
arm: dts: omap3-gta04a4: accelerometer irq fix
ALSA: hda: Reduce udelay() at SKL+ position reporting
JFS: fix memleak in jfs_mount
MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT
scsi: dc395: Fix error case unwinding
ARM: dts: at91: tse850: the emac<->phy interface is rmii
arm64: dts: meson-g12a: Fix the pwm regulator supply properties
RDMA/bnxt_re: Fix query SRQ failure
ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY
arm64: dts: rockchip: Fix GPU register width for RK3328
ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
clk: mvebu: ap-cpu-clk: Fix a memory leak in error handling paths
RDMA/rxe: Fix wrong port_cap_flags
ibmvnic: Process crqs after enabling interrupts
ibmvnic: don't stop queue in xmit
udp6: allow SO_MARK ctrl msg to affect routing
selftests/bpf: Fix fclose/pclose mismatch in test_progs
crypto: pcrypt - Delay write to padata->info
net: phylink: avoid mvneta warning when setting pause parameters
net: amd-xgbe: Toggle PLL settings during rate change
drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
wcn36xx: add proper DMA memory barriers in rx path
libertas: Fix possible memory leak in probe and disconnect
libertas_tf: Fix possible memory leak in probe and disconnect
KVM: s390: Fix handle_sske page fault handling
samples/kretprobes: Fix return value if register_kretprobe() failed
tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
irq: mips: avoid nested irq_enter()
s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap()
libbpf: Fix BTF data layout checks and allow empty BTF
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
drm/msm: Fix potential NULL dereference in DPU SSPP
clocksource/drivers/timer-ti-dm: Select TIMER_OF
PM: hibernate: fix sparse warnings
nvme-rdma: fix error code in nvme_rdma_setup_ctrl
phy: micrel: ksz8041nl: do not use power down mode
mwifiex: Send DELBA requests according to spec
rsi: stop thread firstly in rsi_91x_init() error handling
mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
block: ataflop: fix breakage introduced at blk-mq refactoring
mmc: mxs-mmc: disable regulator on error and in the remove function
net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
drm/msm: uninitialized variable in msm_gem_import()
ath10k: fix max antenna gain unit
hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff
hwmon: Fix possible memleak in __hwmon_device_register()
net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
memstick: avoid out-of-range warning
mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured
b43: fix a lower bounds test
b43legacy: fix a lower bounds test
hwrng: mtk - Force runtime pm ops for sleep ops
crypto: qat - disregard spurious PFVF interrupts
crypto: qat - detect PFVF collision after ACK
media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable()
netfilter: nft_dynset: relax superfluous check on set updates
EDAC/amd64: Handle three rank interleaving mode
ath9k: Fix potential interrupt storm on queue reset
media: em28xx: Don't use ops->suspend if it is NULL
cpuidle: Fix kobject memory leaks in error paths
crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency
kprobes: Do not use local variable when creating debugfs file
media: cx23885: Fix snd_card_free call on null card pointer
media: tm6000: Avoid card name truncation
media: si470x: Avoid card name truncation
media: radio-wl1273: Avoid card name truncation
media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()'
media: TDA1997x: handle short reads of hdmi info frame.
media: dvb-usb: fix ununit-value in az6027_rc_query
media: cxd2880-spi: Fix a null pointer dereference on error handling path
media: em28xx: add missing em28xx_close_extension
drm/amdgpu: fix warning for overflow check
ath10k: Fix missing frame timestamp for beacon/probe-resp
net: dsa: rtl8366rb: Fix off-by-one bug
rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
crypto: caam - disable pkc for non-E SoCs
Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
wilc1000: fix possible memory leak in cfg_scan_result()
cgroup: Make rebind_subsystems() disable v2 controllers all at once
net: net_namespace: Fix undefined member in key_remove_domain()
virtio-gpu: fix possible memory allocation failure
drm/v3d: fix wait for TMU write combiner flush
rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
Bluetooth: fix init and cleanup of sco_conn.timeout_work
selftests/bpf: Fix strobemeta selftest regression
netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state
parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling
parisc/unwind: fix unwinder when CONFIG_64BIT is enabled
task_stack: Fix end_of_stack() for architectures with upwards-growing stack
parisc: fix warning in flush_tlb_all
x86/hyperv: Protect set_hv_tscchange_cb() against getting preempted
spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe()
btrfs: do not take the uuid_mutex in btrfs_rm_device
net: annotate data-race in neigh_output()
vrf: run conntrack only in context of lower/physdev for locally generated packets
ARM: 9136/1: ARMv7-M uses BE-8, not BE-32
gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE
ARM: clang: Do not rely on lr register for stacktrace
smackfs: use __GFP_NOFAIL for smk_cipso_doi()
iwlwifi: mvm: disable RX-diversity in powersave
selftests: kvm: fix mismatched fclose() after popen()
PM: hibernate: Get block device exclusively in swsusp_check()
nvme: drop scan_lock and always kick requeue list when removing namespaces
nvmet-tcp: fix use-after-free when a port is removed
nvmet: fix use-after-free when a port is removed
block: remove inaccurate requeue check
mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
tracing/cfi: Fix cmp_entries_* functions signature mismatch
workqueue: make sysfs of unbound kworker cpumask more clever
lib/xz: Validate the value before assigning it to an enum variable
lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression
memstick: r592: Fix a UAF bug when removing the driver
leaking_addresses: Always print a trailing newline
ACPI: battery: Accept charges over the design capacity as full
iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
tracefs: Have tracefs directories not set OTH permission bits by default
net-sysfs: try not to restart the syscall if it will fail eventually
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info
media: ipu3-imgu: imgu_fmt: Handle properly try
ACPICA: Avoid evaluating methods too early during system resume
ipmi: Disable some operations during a panic
media: rcar-csi2: Add checking to rcsi2_start_receiver()
brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK
media: mceusb: return without resubmitting URB in case of -EPROTO error.
media: imx: set a media_device bus_info string
media: s5p-mfc: Add checking to s5p_mfc_probe().
media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
media: uvcvideo: Set unique vdev name based in type
media: uvcvideo: Return -EIO for control errors
media: uvcvideo: Set capability in s_param
media: stm32: Potential NULL pointer dereference in dcmi_irq_thread()
media: netup_unidvb: handle interrupt properly according to the firmware
media: mt9p031: Fix corrupted frame after restarting stream
ath10k: high latency fixes for beacon buffer
mwifiex: Properly initialize private structure on interface type changes
mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
x86: Increase exception stack sizes
smackfs: Fix use-after-free in netlbl_catmap_walk()
net: sched: update default qdisc visibility after Tx queue cnt changes
locking/lockdep: Avoid RCU-induced noinstr fail
MIPS: lantiq: dma: reset correct number of channel
MIPS: lantiq: dma: add small delay after reset
platform/x86: wmi: do not fail if disabling fails
drm/panel-orientation-quirks: add Valve Steam Deck
Bluetooth: fix use-after-free error in lock_sock_nested()
Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
dma-buf: WARN on dmabuf release with pending attachments
USB: chipidea: fix interrupt deadlock
USB: iowarrior: fix control-message timeouts
USB: serial: keyspan: fix memleak on probe errors
iio: dac: ad5446: Fix ad5622_write() return value
pinctrl: core: fix possible memory leak in pinctrl_enable()
quota: correct error number in free_dqentry()
quota: check block number when reading the block in quota file
PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
PCI: aardvark: Fix return value of MSI domain .alloc() method
PCI: aardvark: Fix reporting Data Link Layer Link Active
PCI: aardvark: Do not unmask unused interrupts
PCI: aardvark: Fix checking for link up via LTSSM state
PCI: aardvark: Do not clear status bits of masked interrupts
PCI: pci-bridge-emul: Fix emulation of W1C bits
xen/balloon: add late_initcall_sync() for initial ballooning done
ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
ALSA: mixer: oss: Fix racy access to slots
serial: core: Fix initializing and restoring termios speed
powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found
can: j1939: j1939_can_recv(): ignore messages with invalid source address
can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use
power: supply: max17042_battery: use VFSOC for capacity when no rsns
power: supply: max17042_battery: Prevent int underflow in set_soc_threshold
signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
signal: Remove the bogus sigkill_pending in ptrace_stop
RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
rsi: Fix module dev_oper_mode parameter description
rsi: fix rate mask set leading to P2P failure
rsi: fix key enabled check causing unwanted encryption for vap_id > 0
rsi: fix occasional initialisation failure with BT coex
wcn36xx: handle connection loss indication
libata: fix checking of DMA state
mwifiex: Read a PCI register after writing the TX ring write pointer
wcn36xx: Fix HT40 capability for 2Ghz band
evm: mark evm_fixmode as __ro_after_init
rtl8187: fix control-message timeouts
PCI: Mark Atheros QCA6174 to avoid bus reset
ath10k: fix division by zero in send path
ath10k: fix control-message timeout
ath6kl: fix control-message timeout
ath6kl: fix division by zero in send path
mwifiex: fix division by zero in fw download path
EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property
regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled
hwmon: (pmbus/lm25066) Add offset coefficients
ia64: kprobes: Fix to pass correct trampoline address to the handler
btrfs: call btrfs_check_rw_degradable only if there is a missing device
btrfs: fix lost error handling when replaying directory deletes
btrfs: clear MISSING device status bit in btrfs_close_one_device
net/smc: Correct spelling mistake to TCPF_SYN_RECV
nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
vmxnet3: do not stop tx queues after netif_device_detach()
r8169: Add device 10ec:8162 to driver r8169
nvmet-tcp: fix header digest verification
drm: panel-orientation-quirks: Add quirk for GPD Win3
watchdog: Fix OMAP watchdog early handling
net: multicast: calculate csum of looped-back and forwarded packets
spi: spl022: fix Microwire full duplex mode
nvmet-tcp: fix a memory leak when releasing a queue
xen/netfront: stop tx queues during live migration
bpf: Prevent increasing bpf_jit_limit above max
bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
mmc: winbond: don't build on M68K
reset: socfpga: add empty driver allowing consumers to probe
ARM: dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
hyperv/vmbus: include linux/bitops.h
sfc: Don't use netif_info before net_device setup
cavium: Fix return values of the probe function
scsi: qla2xxx: Fix unmap of already freed sgl
scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
cavium: Return negative value when pci_alloc_irq_vectors() fails
x86/irq: Ensure PI wakeup handler is unregistered before module unload
x86/cpu: Fix migration safety with X86_BUG_NULL_SEL
x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c
fuse: fix page stealing
ALSA: timer: Unconditionally unlink slave instances, too
ALSA: timer: Fix use-after-free problem
ALSA: synth: missing check for possible NULL after the call to kstrdup
ALSA: usb-audio: Add registration quirk for JBL Quantum 400
ALSA: line6: fix control and interrupt message timeouts
ALSA: 6fire: fix control and bulk message timeouts
ALSA: ua101: fix division by zero at probe
ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
ALSA: hda/realtek: Add quirk for ASUS UX550VE
ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
ALSA: hda/realtek: Add quirk for Clevo PC70HS
media: v4l2-ioctl: Fix check_ext_ctrls
media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
media: ite-cir: IR receiver stop working after receive overflow
crypto: s5p-sss - Add error handling in s5p_aes_probe()
firmware/psci: fix application of sizeof to pointer
tpm: Check for integer overflow in tpm2_map_response_body()
parisc: Fix ptrace check on syscall return
mmc: dw_mmc: Dont wait for DRTO on Write RSP error
scsi: qla2xxx: Fix use after free in eh_abort path
scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
ocfs2: fix data corruption on truncate
libata: fix read log timeout value
Input: i8042 - Add quirk for Fujitsu Lifebook T725
Input: elantench - fix misreporting trackpoint coordinates
Input: iforce - fix control-message timeout
binder: use cred instead of task for getsecid
binder: use cred instead of task for selinux checks
binder: use euid from cred instead of using task
usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay
Linux 5.4.159
rsi: fix control-message timeout
media: staging/intel-ipu3: css: Fix wrong size comparison imgu_css_fw_init
staging: rtl8192u: fix control-message timeouts
staging: r8712u: fix control-message timeout
comedi: vmk80xx: fix bulk and interrupt message timeouts
comedi: vmk80xx: fix bulk-buffer overflow
comedi: vmk80xx: fix transfer-buffer overflows
comedi: ni_usb6501: fix NULL-deref in command paths
comedi: dt9812: fix DMA buffers on stack
isofs: Fix out of bound access for corrupted isofs image
printk/console: Allow to disable console output by using console="" or console=null
binder: don't detect sender/target during buffer cleanup
usb-storage: Add compatibility quirk flags for iODD 2531/2541
usb: musb: Balance list entry in musb_gadget_queue
usb: gadget: Mark USB_FSL_QE broken on 64-bit
usb: ehci: handshake CMD_RUN instead of STS_HALT
Revert "x86/kvm: fix vcpu-id indexed array sizes"
Linux 5.4.158
ARM: 9120/1: Revert "amba: make use of -1 IRQs warn"
Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
sfc: Fix reading non-legacy supported link modes
Revert "usb: core: hcd: Add support for deferring roothub registration"
Revert "xhci: Set HCD flag to defer primary roothub registration"
media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
net: ethernet: microchip: lan743x: Fix skb allocation failure
vrf: Revert "Reset skb conntrack connection..."
scsi: core: Put LLD module refcnt after SCSI device is released
Linux 5.4.157
perf script: Check session->header.env.arch before using it
KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
KVM: s390: clear kicked_mask before sleeping again
cfg80211: correct bridge/4addr mode check
net: use netif_is_bridge_port() to check for IFF_BRIDGE_PORT
sctp: add vtag check in sctp_sf_ootb
sctp: add vtag check in sctp_sf_do_8_5_1_E_sa
sctp: add vtag check in sctp_sf_violation
sctp: fix the processing for COOKIE_ECHO chunk
sctp: fix the processing for INIT_ACK chunk
sctp: use init_tag from inithdr for ABORT chunk
phy: phy_start_aneg: Add an unlocked version
phy: phy_ethtool_ksettings_get: Lock the phy for consistency
net/tls: Fix flipped sign in async_wait.err assignment
net: nxp: lpc_eth.c: avoid hang when bringing interface down
net: ethernet: microchip: lan743x: Fix dma allocation failure by using dma_set_mask_and_coherent
net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume fails
nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST
RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
net: Prevent infinite while loop in skb_tx_hash()
net: batman-adv: fix error handling
regmap: Fix possible double-free in regcache_rbtree_exit()
arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
RDMA/mlx5: Set user priority for DCT
nvme-tcp: fix data digest pointer calculation
nvmet-tcp: fix data digest pointer calculation
IB/hfi1: Fix abba locking issue with sc_disable()
IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
drm/ttm: fix memleak in ttm_transfered_destroy
net: lan78xx: fix division by zero in send path
cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit
mmc: sdhci: Map more voltage level to SDHCI_POWER_330
mmc: dw_mmc: exynos: fix the finding clock sample value
mmc: cqhci: clear HALT state after CQE enable
mmc: vub300: fix control-message timeouts
net/tls: Fix flipped sign in tls_err_abort() calls
Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
nfc: port100: fix using -ERRNO as command type mask
ata: sata_mv: Fix the error handling of mv_chip_id()
Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
usbnet: fix error return code in usbnet_probe()
usbnet: sanity check for maxpacket
ipv4: use siphash instead of Jenkins in fnhe_hashfun()
ipv6: use siphash in rt6_exception_hash()
powerpc/bpf: Fix BPF_MOD when imm == 1
ARM: 9141/1: only warn about XIP address when not compile testing
ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
ARM: 9134/1: remove duplicate memcpy() definition
ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
Linux 5.4.156
pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
tracing: Have all levels of checks prevent recursion
net: mdiobus: Fix memory leak in __mdiobus_register
scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
Input: snvs_pwrkey - add clk handling
ALSA: hda: avoid write to STATESTS if controller is in reset
platform/x86: intel_scu_ipc: Update timeout value in comment
isdn: mISDN: Fix sleeping function called from invalid context
ARM: dts: spear3xx: Fix gmac node
net: stmmac: add support for dwmac 3.40a
btrfs: deal with errors when checking if a dir entry exists during log replay
gcc-plugins/structleak: add makefile var for disabling structleak
selftests: netfilter: remove stray bash debug line
netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
isdn: cpai: check ctr->cnr to avoid array index out of bound
nfc: nci: fix the UAF of rf_conn_info object
mm, slub: fix potential memoryleak in kmem_cache_open()
mm, slub: fix mismatch between reconstructed freelist depth and cnt
powerpc/idle: Don't corrupt back chain when going idle
KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to guest
KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
powerpc64/idle: Fix SP offsets when saving GPRs
audit: fix possible null-pointer dereference in audit_filter_rules
ASoC: DAPM: Fix missing kctl change notifications
ALSA: hda/realtek: Add quirk for Clevo PC50HS
ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
vfs: check fd has read access in kernel_read_file_from_fd()
elfcore: correct reference to CONFIG_UML
ocfs2: mount fails with buffer overflow in strlen
ocfs2: fix data corruption after conversion from inline format
ceph: fix handling of "meta" errors
can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with error length
can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
can: peak_pci: peak_pci_remove(): fix UAF
can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification
can: rcar_can: fix suspend/resume
net: enetc: fix ethtool counter name for PM0_TERR
net: stmmac: Fix E2E delay mechanism
net: hns3: disable sriov before unload hclge layer
net: hns3: add limit ets dwrr bandwidth cannot be 0
net: hns3: reset DWRR of unused tc to zero
NIOS2: irqflags: rename a redefined register name
net: dsa: lantiq_gswip: fix register definition
lan78xx: select CRC32
netfilter: ipvs: make global sysctl readonly in non-init netns
ASoC: wm8960: Fix clock configuration on slave mode
dma-debug: fix sg checks in debug_dma_map_sg()
NFSD: Keep existing listeners on portlist error
xtensa: xtfpga: Try software restart before simulating CPU reset
xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
tee: optee: Fix missing devices unregister during optee_remove
net: switchdev: do not propagate bridge updates across bridges
parisc: math-emu: Fix fall-through warnings
Linux 5.4.155
ionic: don't remove netdev->dev_addr when syncing uc list
r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256
qed: Fix missing error code in qed_slowpath_start()
mqprio: Correct stats in mqprio_dump_class_stats().
acpi/arm64: fix next_platform_timer() section mismatch error
drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
drm/msm: Fix null pointer dereference on pointer edp
drm/panel: olimex-lcd-olinuxino: select CRC32
platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call
mlxsw: thermal: Fix out-of-bounds memory accesses
ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators()
pata_legacy: fix a couple uninitialized variable bugs
NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
nfc: fix error handling of nfc_proto_register()
ethernet: s2io: fix setting mac address during resume
net: encx24j600: check error in devm_regmap_init_encx24j600
net: stmmac: fix get_hw_feature() on old hardware
net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
net: korina: select CRC32
net: arc: select CRC32
gpio: pca953x: Improve bias setting
sctp: account stream padding length for reconf chunk
iio: dac: ti-dac5571: fix an error code in probe()
iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
iio: light: opt3001: Fixed timeout error when 0 lux
iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED
iio: adc128s052: Fix the error handling path of 'adc128_probe()'
iio: adc: aspeed: set driver data when adc probe.
powerpc/xive: Discard disabled interrupts in get_irqchip_state()
x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
EDAC/armada-xp: Fix output of uncorrectable error counter
virtio: write back F_VERSION_1 before validate
USB: serial: option: add prod. id for Quectel EG91
USB: serial: option: add Telit LE910Cx composition 0x1204
USB: serial: option: add Quectel EC200S-CN module support
USB: serial: qcserial: add EM9191 QDL support
Input: xpad - add support for another USB ID of Nacon GC-100
usb: musb: dsps: Fix the probe error path
efi: Change down_interruptible() in virt_efi_reset_system() to down_trylock()
efi/cper: use stack buffer for error record decoding
cb710: avoid NULL pointer subtraction
xhci: Enable trust tx length quirk for Fresco FL11 USB controller
xhci: Fix command ring pointer corruption while aborting a command
xhci: guard accesses to ep_state in xhci_endpoint_reset()
mei: me: add Ice Lake-N device id.
x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
watchdog: orion: use 0 for unset heartbeat
btrfs: check for error when looking up inode during dir entry replay
btrfs: deal with errors when adding inode reference during log replay
btrfs: deal with errors when replaying dir entry during log replay
btrfs: unlock newly allocated extent buffer after error
csky: Fixup regs.sr broken in ptrace
csky: don't let sigreturn play with priveleged bits of status register
s390: fix strrchr() implementation
nds32/ftrace: Fix Error: invalid operands (*UND* and *UND* sections) for `^'
ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
ALSA: hda/realtek - ALC236 headset MIC recording issue
ALSA: hda/realtek: Add quirk for Clevo X170KM-G
ALSA: hda/realtek: Complete partial device name to avoid ambiguity
ALSA: seq: Fix a potential UAF by wrong private_free call order
ALSA: usb-audio: Add quirk for VF0770
ovl: simplify file splice
Linux 5.4.154
sched: Always inline is_percpu_thread()
scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
scsi: ses: Fix unsigned comparison with less than zero
drm/amdgpu: fix gart.bo pin_count leak
net: sun: SUNVNET_COMMON should depend on INET
mac80211: check return value of rhashtable_init
net: prevent user from passing illegal stab size
m68k: Handle arrivals of multiple signals correctly
mac80211: Drop frames from invalid MAC address in ad-hoc mode
netfilter: nf_nat_masquerade: defer conntrack walk to work queue
netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
netfilter: ip6_tables: zero-initialize fragment offset
HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
ext4: correct the error path of ext4_write_inline_data_end()
net: phy: bcm7xxx: Fixed indirect MMD operations
UPSTREAM: ovl: simplify file splice
Linux 5.4.153
x86/Kconfig: Correct reference to MWINCHIP3D
x86/hpet: Use another crystalball to evaluate HPET usability
x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
RISC-V: Include clone3() on rv32
bpf, s390: Fix potential memory leak about jit_data
i2c: acpi: fix resource leak in reconfiguration device addition
net: prefer socket bound to interface when not in VRF
i40e: Fix freeing of uninitialized misc IRQ vector
i40e: fix endless loop under rtnl
gve: fix gve_get_stats()
rtnetlink: fix if_nlmsg_stats_size() under estimation
gve: Correct available tx qpl check
drm/nouveau/debugfs: fix file release memory leak
video: fbdev: gbefb: Only instantiate device when built for IP32
bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
netlink: annotate data races around nlk->bound
net: sfp: Fix typo in state machine debug string
net/sched: sch_taprio: properly cancel timer from taprio_destroy()
net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
ARM: imx6: disable the GIC CPU interface before calling stby-poweroff sequence
arm64: dts: ls1028a: add missing CAN nodes
arm64: dts: freescale: Fix SP805 clock-names
ptp_pch: Load module automatically if ID matches
powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
net_sched: fix NULL deref in fifo_set_limit()
phy: mdio: fix memory leak
bpf: Fix integer overflow in prealloc_elems_and_freelist()
bpf, arm: Fix register clobbering in div/mod implementation
xtensa: call irqchip_init only when CONFIG_USE_OF is selected
xtensa: use CONFIG_USE_OF instead of CONFIG_OF
xtensa: move XCHAL_KIO_* definitions to kmem_layout.h
arm64: dts: qcom: pm8150: use qcom,pm8998-pon binding
ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo
ARM: dts: imx: Add missing pinctrl-names for panel on M53Menlo
soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference
soc: qcom: socinfo: Fixed argument passed to platform_set_data()
bpf, mips: Validate conditional branch offsets
MIPS: BPF: Restore MIPS32 cBPF JIT
ARM: dts: qcom: apq8064: use compatible which contains chipid
ARM: dts: omap3430-sdp: Fix NAND device node
xen/balloon: fix cancelled balloon action
nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
ovl: fix missing negative dentry check in ovl_rename()
mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
xen/privcmd: fix error handling in mmap-resource processing
usb: typec: tcpm: handle SRC_STARTUP state if cc changes
USB: cdc-acm: fix break reporting
USB: cdc-acm: fix racy tty buffer accesses
Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
ANDROID: Different fix for KABI breakage in 5.4.151 in struct sock
Linux 5.4.152
libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
silence nfscache allocation warnings with kvzalloc
perf/x86: Reset destroy callback on event init failure
kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[]
KVM: do not shrink halt_poll_ns below grow_start
tools/vm/page-types: remove dependency on opt_file for idle page tracking
scsi: ses: Retry failed Send/Receive Diagnostic commands
selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn
selftests: be sure to make khdr before other targets
usb: dwc2: check return value after calling platform_get_resource()
usb: testusb: Fix for showing the connection speed
scsi: sd: Free scsi_disk device via put_device()
ext2: fix sleeping in atomic bugs on error
sparc64: fix pci_iounmap() when CONFIG_PCI is not set
xen-netback: correct success/error reporting for the SKB-with-fraglist case
net: mdio: introduce a shutdown method to mdio device drivers
ANDROID: Fix up KABI breakage in 5.4.151 in struct sock
Linux 5.4.151
HID: usbhid: free raw_report buffers in usbhid_stop
netfilter: ipset: Fix oversized kvmalloc() calls
HID: betop: fix slab-out-of-bounds Write in betop_probe
crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
usb: hso: remove the bailout parameter
usb: hso: fix error handling code of hso_create_net_device
hso: fix bailout in error case of probe
libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
PCI: Fix pci_host_bridge struct device release/free handling
net: stmmac: don't attach interface until resume finishes
net: udp: annotate data race around udp_sk(sk)->corkflag
HID: u2fzero: ignore incomplete packets without data
ext4: fix potential infinite loop in ext4_dx_readdir()
ext4: fix reserved space counter leakage
ext4: fix loff_t overflow in ext4_max_bitmap_size()
ipack: ipoctal: fix module reference leak
ipack: ipoctal: fix missing allocation-failure check
ipack: ipoctal: fix tty-registration error handling
ipack: ipoctal: fix tty registration race
ipack: ipoctal: fix stack information leak
debugfs: debugfs_create_file_size(): use IS_ERR to check for error
elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
perf/x86/intel: Update event constraints for ICX
af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
net: sched: flower: protect fl_walk() with rcu
net: hns3: do not allow call hns3_nic_net_open repeatedly
scsi: csiostor: Add module softdep on cxgb4
Revert "block, bfq: honor already-setup queue merges"
selftests, bpf: test_lwt_ip_encap: Really disable rp_filter
e100: fix buffer overrun in e100_get_regs
e100: fix length calculation in e100_get_regs_len
net: ipv4: Fix rtnexthop len when RTA_FLOW is present
hwmon: (tmp421) fix rounding for negative values
hwmon: (tmp421) report /PVLD condition as fault
sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
mac80211-hwsim: fix late beacon hrtimer handling
mac80211: mesh: fix potentially unaligned access
mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
drm/amd/display: Pass PCI deviceid into DC
x86/kvmclock: Move this_cpu_pvti into kvmclock.h
mac80211: fix use-after-free in CCMP/GCMP RX
scsi: ufs: Fix illegal offset in UPIU event trace
hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field
hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field
fs-verity: fix signed integer overflow with i_size near S64_MAX
usb: cdns3: fix race condition before setting doorbell
cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
cpufreq: schedutil: Use kobject release() method to free sugov_tunables
tty: Fix out-of-bound vmalloc access in imageblit
Revert "crypto: public_key: fix overflow during implicit conversion"
Linux 5.4.150
qnx4: work around gcc false positive warning bug
xen/balloon: fix balloon kthread freezing
arm64: dts: marvell: armada-37xx: Extend PCIe MEM space
thermal/drivers/int340x: Do not set a wrong tcc offset on resume
EDAC/synopsys: Fix wrong value type assignment for edac_mode
spi: Fix tegra20 build with CONFIG_PM=n
net: 6pack: Fix tx timeout and slot time
alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile
arm64: Mark __stack_chk_guard as __ro_after_init
parisc: Use absolute_pointer() to define PAGE0
qnx4: avoid stringop-overread errors
sparc: avoid stringop-overread errors
net: i825xx: Use absolute_pointer for memcpy from fixed memory location
compiler.h: Introduce absolute_pointer macro
blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
sparc32: page align size in arch_dma_alloc
nvme-multipath: fix ANA state updates when a namespace is not present
xen/balloon: use a kernel thread instead a workqueue
bpf: Add oversize check before call kvcalloc()
ipv6: delay fib6_sernum increase in fib6_add
m68k: Double cast io functions to unsigned long
net: stmmac: allow CSR clock of 300MHz
net: macb: fix use after free on rmmod
blktrace: Fix uaf in blk_trace access after removing by sysfs
md: fix a lock order reversal in md_alloc
irqchip/gic-v3-its: Fix potential VPE leak on error
irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build
scsi: lpfc: Use correct scnprintf() limit
scsi: qla2xxx: Restore initiator in dual mode
cifs: fix a sign extension bug
thermal/core: Potential buffer overflow in thermal_build_list_of_policies()
fpga: machxo2-spi: Fix missing error code in machxo2_write_complete()
fpga: machxo2-spi: Return an error on failure
tty: synclink_gt: rename a conflicting function name
tty: synclink_gt, drop unneeded forward declarations
scsi: iscsi: Adjust iface sysfs attr detection
net/mlx4_en: Don't allow aRFS for encapsulated packets
qed: rdma - don't wait for resources under hw error recovery flow
gpio: uniphier: Fix void functions to remove return value
net/smc: add missing error check in smc_clc_prfx_set()
bnxt_en: Fix TX timeout when TX ring size is set to the smallest
enetc: Fix illegal access when reading affinity_hint
platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR()
afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
net: hso: fix muxed tty registration
serial: mvebu-uart: fix driver's tx_empty callback
xhci: Set HCD flag to defer primary roothub registration
btrfs: prevent __btrfs_dump_space_info() to underflow its free space
erofs: fix up erofs_lookup tracepoint
mcb: fix error handling in mcb_alloc_bus()
USB: serial: option: add device id for Foxconn T99W265
USB: serial: option: remove duplicate USB device ID
USB: serial: option: add Telit LN920 compositions
USB: serial: mos7840: remove duplicated 0xac24 device ID
usb: core: hcd: Add support for deferring roothub registration
Re-enable UAS for LaCie Rugged USB3-FW with fk quirk
staging: greybus: uart: fix tty use after free
binder: make sure fd closes complete
USB: cdc-acm: fix minor-number release
USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
xen/x86: fix PV trap handling on secondary processors
cifs: fix incorrect check for null pointer in header_assemble
usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned()
usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
usb: gadget: r8a66597: fix a loop in set_feature()
ocfs2: drop acl cache for directories too
Linux 5.4.149
drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
rtc: rx8010: select REGMAP_I2C
blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
pwm: stm32-lp: Don't modify HW state in .remove() callback
pwm: rockchip: Don't modify HW state in .remove() callback
pwm: img: Don't modify HW state in .remove() callback
nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
nilfs2: fix NULL pointer in nilfs_##name##_attr_release
nilfs2: fix memory leak in nilfs_sysfs_create_device_group
btrfs: fix lockdep warning while mounting sprout fs
ceph: lockdep annotations for try_nonblocking_invalidate
ceph: request Fw caps before updating the mtime in ceph_write_iter
dmaengine: xilinx_dma: Set DMA mask for coherent APIs
dmaengine: ioat: depends on !UML
dmaengine: sprd: Add missing MODULE_DEVICE_TABLE
parisc: Move pci_dev_is_behind_card_dino to where it is used
drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
thermal/core: Fix thermal_cooling_device_register() prototype
Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH
net: stmmac: reset Tx desc base address before restarting Tx
phy: avoid unnecessary link-up delay in polling mode
pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was registered
profiling: fix shift-out-of-bounds bugs
nilfs2: use refcount_dec_and_lock() to fix potential UAF
prctl: allow to setup brk for et_dyn executables
9p/trans_virtio: Remove sysfs file on probe failure
thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
um: virtio_uml: fix memory leak on init failures
staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb()
sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
sctp: validate chunk size in __rcv_asconf_lookup
ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE
ARM: 9079/1: ftrace: Add MODULE_PLTS support
ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link()
ARM: 9077/1: PLT: Move struct plt_entries definition to header
apparmor: remove duplicate macro list_entry_is_head()
ARM: Qualify enabling of swiotlb_init()
s390/pci_mmio: fully validate the VMA before calling follow_pte()
console: consume APC, DM, DCS
KVM: remember position in kvm->vcpus array
PCI/ACPI: Add Ampere Altra SOC MCFG quirk
PCI: aardvark: Fix reporting CRS value
PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
PCI: aardvark: Indicate error in 'val' when config read fails
PCI: pci-bridge-emul: Fix big-endian support
Linux 5.4.148
s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant
s390/bpf: Fix optimizing out zero-extensions
net: renesas: sh_eth: Fix freeing wrong tx descriptor
ip_gre: validate csum_start only on pull
qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
fq_codel: reject silly quantum parameters
netfilter: socket: icmp6: fix use-after-scope
net: dsa: b53: Fix calculating number of switch ports
perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
ARC: export clear_user_page() for modules
mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()'
PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
KVM: arm64: Handle PSCI resets before userspace touches vCPU state
mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
PCI: Fix pci_dev_str_match_path() alloc while atomic bug
mfd: axp20x: Update AXP288 volatile ranges
NTB: perf: Fix an error code in perf_setup_inbuf()
NTB: Fix an error code in ntb_msit_probe()
ethtool: Fix an error code in cxgb2.c
PCI: ibmphp: Fix double unmap of io_mem
block, bfq: honor already-setup queue merges
net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
PCI: Add ACS quirks for Cavium multi-function devices
tracing/probes: Reject events which have the same name of existing one
mfd: Don't use irq_create_mapping() to resolve a mapping
fuse: fix use after free in fuse_read_interrupt()
PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
mfd: db8500-prcmu: Adjust map to reality
dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
net: hns3: fix the timing issue of VF clearing interrupt sources
net: hns3: disable mac in flr process
net: hns3: change affinity_mask to numa node range
net: hns3: pad the short tunnel frame before sending to hardware
KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers
ibmvnic: check failover_pending in login response
dt-bindings: arm: Fix Toradex compatible typo
qed: Handle management FW error
tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup
net/af_unix: fix a data-race in unix_dgram_poll
vhost_net: fix OoB on sendmsg() failure.
events: Reuse value read using READ_ONCE instead of re-reading it
net/mlx5: Fix potential sleeping in atomic context
net/mlx5: FWTrace, cancel work on alloc pd error flow
perf machine: Initialize srcline string member in add_location struct
tipc: increase timeout in tipc_sk_enqueue()
r6040: Restore MDIO clock frequency after MAC reset
net/l2tp: Fix reference count leak in l2tp_udp_recv_core
dccp: don't duplicate ccid when cloning dccp sock
ptp: dp83640: don't define PAGE0
net-caif: avoid user-triggerable WARN_ON(1)
tipc: fix an use-after-free issue in tipc_recvmsg
x86/mm: Fix kern_addr_valid() to cope with existing but not present entries
s390/sclp: fix Secure-IPL facility detection
drm/etnaviv: add missing MMU context put when reaping MMU mapping
drm/etnaviv: reference MMU context when setting up hardware state
drm/etnaviv: fix MMU context leak on GPU reset
drm/etnaviv: exec and MMU state is lost when resetting the GPU
drm/etnaviv: keep MMU context across runtime suspend/resume
drm/etnaviv: stop abusing mmu_context as FE running marker
drm/etnaviv: put submit prev MMU context when it exists
drm/etnaviv: return context from etnaviv_iommu_context_get
drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
PCI: Add AMD GPU multi-function power dependencies
PM: base: power: don't try to use non-existing RTC for storing data
arm64/sve: Use correct size when reinitialising SVE state
bnx2x: Fix enabling network interfaces without VFs
xen: reset legacy rtc flag for PV domU
btrfs: fix upper limit for max_inline for page size 64K
drm/panfrost: Clamp lock region to Bifrost minimum
drm/panfrost: Use u64 for size in lock_region
drm/panfrost: Simplify lock_region calculation
drm/amdgpu: Fix BUG_ON assert
drm/msi/mdp4: populate priv->kms in mdp4_kms_init
net: dsa: lantiq_gswip: fix maximum frame length
lib/test_stackinit: Fix static initializer test
platform/chrome: cros_ec_proto: Send command again when timeout occurs
memcg: enable accounting for pids in nested pid namespaces
mm,vmscan: fix divide by zero in get_scan_count
mm/hugetlb: initialize hugetlb_usage in mm_init
s390/pv: fix the forcing of the swiotlb
cpufreq: powernv: Fix init_chip_info initialization in numa=off
scsi: qla2xxx: Sync queue idx with queue_pair_map idx
scsi: qla2xxx: Changes to support kdump kernel
scsi: BusLogic: Fix missing pr_cont() use
ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
parisc: fix crash with signals and alloca
net: w5100: check return value after calling platform_get_resource()
fix array-index-out-of-bounds in taprio_change
net: fix NULL pointer reference in cipso_v4_doi_free
ath9k: fix sleeping in atomic context
ath9k: fix OOB read ar9300_eeprom_restore_internal
parport: remove non-zero check on count
net/mlx5: DR, Enable QP retransmission
iwlwifi: mvm: fix access to BSS elements
iwlwifi: mvm: avoid static queue number aliasing
iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
drm/amdkfd: Account for SH/SE count when setting up cu masks.
ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
ASoC: rockchip: i2s: Fix regmap_ops hang
usbip:vhci_hcd USB port can get stuck in the disabled state
usbip: give back URBs for unsent unlink requests during cleanup
usb: musb: musb_dsps: request_irq() after initializing musb
Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set"
cifs: fix wrong release in sess_alloc_buffer() failed path
mmc: core: Return correct emmc response in case of ioctl error
selftests/bpf: Enlarge select() timeout for test_maps
mmc: rtsx_pci: Fix long reads when clock is prescaled
mmc: sdhci-of-arasan: Check return value of non-void funtions
of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
ASoC: Intel: Skylake: Fix passing loadable flag for module
ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
btrfs: tree-log: check btrfs_lookup_data_extent return value
m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch
drm/exynos: Always initialize mapping in exynos_drm_register_dma()
lockd: lockd server-side shouldn't set fl_ops
usb: chipidea: host: fix port index underflow and UBSAN complains
gfs2: Don't call dlm after protocol is unmounted
staging: rts5208: Fix get_ms_information() heap buffer size
rpc: fix gss_svc_init cleanup on failure
tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
serial: sh-sci: fix break handling for sysrq
opp: Don't print an error if required-opps is missing
Bluetooth: Fix handling of LE Enhanced Connection Complete
nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
arm64: dts: ls1046a: fix eeprom entries
arm64: tegra: Fix compatible string for Tegra132 CPUs
ARM: tegra: tamonten: Fix UART pad setting
mac80211: Fix monitor MTU limit so that A-MSDUs get through
drm/display: fix possible null-pointer dereference in dcn10_set_clock()
gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port()
net/mlx5: Fix variable type to match 64bit
Bluetooth: avoid circular locks in sco_sock_connect
Bluetooth: schedule SCO timeouts with delayed_work
selftests/bpf: Fix xdp_tx.c prog section name
drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe()
arm64: dts: qcom: sdm660: use reg value for memory node
ARM: dts: imx53-ppd: Fix ACHC entry
media: tegra-cec: Handle errors of clk_prepare_enable()
media: TDA1997x: fix tda1997x_query_dv_timings() return value
media: v4l2-dv-timings.c: fix wrong condition in two for-loops
media: imx258: Limit the max analogue gain to 480
media: imx258: Rectify mismatch of VTS value
ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output
arm64: tegra: Fix Tegra194 PCIe EP compatible string
bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler()
workqueue: Fix possible memory leaks in wq_numa_init()
Bluetooth: skip invalid hci_sync_conn_complete_evt
ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
samples: bpf: Fix tracex7 error raised on the missing argument
staging: ks7010: Fix the initialization of the 'sleep_status' structure
serial: 8250_pci: make setup_port() parameters explicitly unsigned
hvsi: don't panic on tty_register_driver failure
xtensa: ISS: don't panic in rs_init
serial: 8250: Define RX trigger levels for OxSemi 950 devices
s390: make PCI mio support a machine flag
s390/jump_label: print real address in a case of a jump label bug
flow_dissector: Fix out-of-bounds warnings
ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
video: fbdev: riva: Error out if 'pixclock' equals zero
video: fbdev: kyro: Error out if 'pixclock' equals zero
video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
bpf/tests: Do not PASS tests without actually testing the result
bpf/tests: Fix copy-and-paste error in double word test
drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex
drm/amd/display: Fix timer_per_pixel unit error
tty: serial: jsm: hold port lock when reporting modem line changes
staging: board: Fix uninitialized spinlock when attaching genpd
usb: gadget: composite: Allow bMaxPower=0 if self-powered
USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
usb: gadget: u_ether: fix a potential null pointer dereference
usb: host: fotg210: fix the actual_length of an iso packet
usb: host: fotg210: fix the endpoint's transactional opportunities calculation
igc: Check if num of q_vectors is smaller than max before array access
drm: avoid blocking in drm_clients_info's rcu section
Smack: Fix wrong semantics in smk_access_entry()
netlink: Deal with ESRCH error in nlmsg_notify()
video: fbdev: kyro: fix a DoS bug by restricting user input
ARM: dts: qcom: apq8064: correct clock names
iavf: fix locking of critical sections
iavf: do not override the adapter state in the watchdog task
iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
tipc: keep the skb in rcv queue until the whole data is read
PCI: Use pci_update_current_state() in pci_enable_device_flags()
crypto: mxs-dcp - Use sg_mapping_iter to copy data
media: dib8000: rewrite the init prbs logic
ASoC: atmel: ATMEL drivers don't need HAS_DMA
drm/amdgpu: Fix amdgpu_ras_eeprom_init()
userfaultfd: prevent concurrent API initialization
kbuild: Fix 'no symbols' warning when CONFIG_TRIM_UNUSD_KSYMS=y
MIPS: Malta: fix alignment of the devicetree buffer
f2fs: fix to unmap pages from userspace process in punch_hole()
f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
f2fs: fix to account missing .skipped_gc_rwsem
KVM: PPC: Fix clearing never mapped TCEs in realmode
clk: at91: clk-generated: Limit the requested rate to our range
clk: at91: clk-generated: pass the id of changeable parent at registration
clk: at91: sam9x60: Don't use audio PLL
fscache: Fix cookie key hashing
platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call
KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live
HID: i2c-hid: Fix Elan touchpad regression
scsi: target: avoid per-loop XCOPY buffer allocations
powerpc/config: Renable MTD_PHYSMAP_OF
scsi: qedf: Fix error codes in qedf_alloc_global_queues()
scsi: qedi: Fix error codes in qedi_alloc_global_queues()
scsi: smartpqi: Fix an error code in pqi_get_raid_map()
pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
scsi: fdomain: Fix error return code in fdomain_probe()
SUNRPC: Fix potential memory corruption
dma-debug: fix debugfs initialization order
openrisc: don't printk() unconditionally
f2fs: reduce the scope of setting fsck tag when de->name_len is zero
f2fs: show f2fs instance in printk_ratelimited
RDMA/efa: Remove double QP type assignment
powerpc/stacktrace: Include linux/delay.h
vfio: Use config not menuconfig for VFIO_NOIOMMU
pinctrl: samsung: Fix pinctrl bank pin count
docs: Fix infiniband uverbs minor number
RDMA/iwcm: Release resources if iw_cm module initialization fails
IB/hfi1: Adjust pkey entry in index 0
scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
f2fs: quota: fix potential deadlock
HID: input: do not report stylus battery state as "full"
PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response
PCI: aardvark: Fix checking for PIO status
PCI: xilinx-nwl: Enable the clock through CCF
PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
PCI/portdrv: Enable Bandwidth Notification only if port supports it
ARM: 9105/1: atags_to_fdt: don't warn about stack size
libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
dmaengine: imx-sdma: remove duplicated sdma_load_context
Revert "dmaengine: imx-sdma: refine to load context only once"
media: rc-loopback: return number of emitters rather than error
media: uvc: don't do DMA on stack
VMCI: fix NULL pointer dereference when unmapping queue pair
dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
power: supply: max17042: handle fails of reading status register
block: bfq: fix bfq_set_next_ioprio_data()
crypto: public_key: fix overflow during implicit conversion
arm64: head: avoid over-mapping in map_memory
soc: aspeed: p2a-ctrl: Fix boundary check for mmap
soc: aspeed: lpc-ctrl: Fix boundary check for mmap
soc: qcom: aoss: Fix the out of bound usage of cooling_devs
pinctrl: ingenic: Fix incorrect pull up/down info
pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
tools/thermal/tmon: Add cross compiling support
9p/xen: Fix end of loop tests for list_for_each_entry
include/linux/list.h: add a macro to test if entry is pointing to the head
xen: fix setting of max_pfn in shared_info
powerpc/perf/hv-gpci: Fix counter value parsing
PCI/MSI: Skip masking MSI-X on Xen PV
blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
btrfs: reset replace target device to allocation state on close
btrfs: wake up async_delalloc_pages waiters after submit
rtc: tps65910: Correct driver module alias
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/arm/tegra.yaml
Documentation/devicetree/bindings/mtd/gpmc-nand.txt
Documentation/devicetree/bindings/regulator/samsung,s5m8767.txt
kernel/sched/cpufreq_schedutil.c
Change-Id: Id17c4366cdc6854cd23fba0f41d335b09fc6100e
Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com>
|
||
|
Greg Kroah-Hartman
|
b3174205cf |
This is the 5.4.174 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmHyVbEACgkQONu9yGCS aT6r6BAA13mGwb3g/n6W1539J2McTd3Wq7HhkvGnOQmJAHJKLzp51QYAXgLbRLCM gUOCPXh6o2gt3+lFrhFy0TE9F1VQY7Igyb2RziF9mdAcvEqcBXL11n6kZHGxx0TO rOpv/SoWMd/QrKC7Ytf5zgH+81dGYWr1L1Ge9g7KWmCev15zAvJQ4mQv6a8CQhCD pUZRBvFx8AGS6q/s9ZPZfvVBcHJDNF89/mkkWNzFgIOcXJh/01JdqNK635stUXu4 +hQYUpG2gj9X2i+e0bc2i95pql7M5OAdX3TBlMeiEjKkyXJuyWTCXSO332QLTeaP xF8Z6JQ0n4W4GI9AgQCWwOaDahtlh6rmpVj+iekeYOMMB6Y5zAoFOIu1DTBEwDK6 F+s5KGfV8t5zkWY6iFOUwHTsjeNc4qqX8B6Br3Yjo7HHBxiggNDD5k4IYe0wAvJL NzOTjdvVbG+qRmhGMQMOpLhDJaHVEJCaXCmv1G97AceaL/RcenUZkn3pQZbn5O7u iMFV620WB0tYyfsiWaQrC7HgVZRyoUYBcxuxdm/g8NqYAPM61HOBKQbyaG9jClyf dq+lnvipJzUmeTsrzkd0NON24HS53hYBZPQjxp7xuoFooBUQjd5iYJvPzeLUm2+g /PlDC4B48pZa3zm8z2amyxf7leaxZUqc2d/J8wSGM/lvaJ3BV7M= =eMMF -----END PGP SIGNATURE----- Merge 5.4.174 into android11-5.4-lts Changes in 5.4.174 HID: uhid: Fix worker destroying device without any protection HID: wacom: Reset expected and received contact counts at the same time HID: wacom: Ignore the confidence flag when a touch is removed HID: wacom: Avoid using stale array indicies to read contact count f2fs: fix to do sanity check in is_alive() nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 x86/gpu: Reserve stolen memory for first integrated Intel GPU tools/nolibc: x86-64: Fix startup code bug tools/nolibc: i386: fix initial stack alignment tools/nolibc: fix incorrect truncation of exit code rtc: cmos: take rtc_lock while reading from CMOS media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE media: flexcop-usb: fix control-message timeouts media: mceusb: fix control-message timeouts media: em28xx: fix control-message timeouts media: cpia2: fix control-message timeouts media: s2255: fix control-message timeouts media: dib0700: fix undefined behavior in tuner shutdown media: redrat3: fix control-message timeouts media: pvrusb2: fix control-message timeouts media: stk1160: fix control-message timeouts can: softing_cs: softingcs_probe(): fix memleak on registration failure lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller mm_zone: add function to check if managed dma zone exists mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode drm/rockchip: dsi: Hold pm-runtime across bind/unbind drm/rockchip: dsi: Reconfigure hardware on resume() drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure drm/panel: innolux-p079zca: Delete panel on attach() failure drm/rockchip: dsi: Fix unbalanced clock on probe error Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails clk: bcm-2835: Pick the closest clock rate clk: bcm-2835: Remove rounding up the dividers wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND wcn36xx: Release DMA channel descriptor allocations media: videobuf2: Fix the size printk format media: aspeed: fix mode-detect always time out at 2nd run media: em28xx: fix memory leak in em28xx_init_dev media: aspeed: Update signal status immediately to ensure sane hw state arm64: dts: meson-gxbb-wetek: fix HDMI in early boot arm64: dts: meson-gxbb-wetek: fix missing GPIO binding Bluetooth: stop proccessing malicious adv data tee: fix put order in teedev_close_context() media: dmxdev: fix UAF when dvb_register_device() fails crypto: qce - fix uaf on qce_ahash_register_one arm64: dts: ti: k3-j721e: correct cache-sets info tty: serial: atmel: Check return code of dmaengine_submit() tty: serial: atmel: Call dma_async_issue_pending() media: rcar-csi2: Correct the selection of hsfreqrange media: imx-pxp: Initialize the spinlock prior to using it media: si470x-i2c: fix possible memory leak in si470x_i2c_probe() media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()' netfilter: bridge: add support for pppoe filtering arm64: dts: qcom: msm8916: fix MMC controller aliases ACPI: EC: Rework flushing of EC work while suspended to idle drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() arm64: dts: ti: k3-j721e: Fix the L2 cache sets tty: serial: uartlite: allow 64 bit address serial: amba-pl011: do not request memory region twice floppy: Fix hang in watchdog when disk is ejected staging: rtl8192e: return error code from rtllib_softmac_init() staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib() Bluetooth: btmtksdio: fix resume failure media: dib8000: Fix a memleak in dib8000_init() media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() media: si2157: Fix "warm" tuner state detection sched/rt: Try to restart rt period timer when rt runtime exceeded rcu/exp: Mark current CPU as exp-QS in IPI loop second pass mwifiex: Fix possible ABBA deadlock xfrm: fix a small bug in xfrm_sa_len() crypto: stm32/cryp - fix xts and race condition in crypto_engine requests crypto: stm32/cryp - fix double pm exit crypto: stm32/cryp - fix lrw chaining mode ARM: dts: gemini: NAS4220-B: fis-index-block with 128 KiB sectors media: dw2102: Fix use after free media: msi001: fix possible null-ptr-deref in msi001_probe() media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes drm/msm/dpu: fix safe status debugfs file drm/bridge: ti-sn65dsi86: Set max register for regmap media: hantro: Fix probe func error path xfrm: interface with if_id 0 should return error xfrm: state and policy should fail if XFRMA_IF_ID 0 ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding usb: ftdi-elan: fix memory leak on device disconnect ARM: dts: armada-38x: Add generic compatible to UART nodes mmc: meson-mx-sdio: add IRQ check selinux: fix potential memleak in selinux_add_opt() bpftool: Enable line buffering for stdout x86/mce/inject: Avoid out-of-bounds write when setting flags ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt(). ppp: ensure minimum packet size in ppp_write() rocker: fix a sleeping in atomic bug staging: greybus: audio: Check null pointer fsl/fman: Check for null pointer after calling devm_ioremap Bluetooth: hci_bcm: Check for error irq HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init HID: hid-uclogic-params: Invalid parameter check in uclogic_params_get_str_desc HID: hid-uclogic-params: Invalid parameter check in uclogic_params_huion_init HID: hid-uclogic-params: Invalid parameter check in uclogic_params_frame_init_v1_buttonpad debugfs: lockdown: Allow reading debugfs files that are not world readable net/mlx5e: Don't block routes with nexthop objects in SW Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels" net/mlx5: Set command entry semaphore up once got index free spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe tpm: add request_locality before write TPM_INT_ENABLE can: softing: softing_startstop(): fix set but not used variable warning can: xilinx_can: xcan_probe(): check for error irq pcmcia: fix setting of kthread task states net: mcs7830: handle usb read errors properly ext4: avoid trim error on fs with small groups ALSA: jack: Add missing rwsem around snd_ctl_remove() calls ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls ALSA: hda: Add missing rwsem around snd_ctl_remove() calls RDMA/hns: Validate the pkey index clk: imx8mn: Fix imx8mn_clko1_sels powerpc/prom_init: Fix improper check of prom_getprop() ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA ALSA: oss: fix compile error when OSS_DEBUG is enabled char/mwave: Adjust io port register size binder: fix handling of error during copy iommu/io-pgtable-arm: Fix table descriptor paddr formatting scsi: ufs: Fix race conditions related to driver data PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() powerpc/powermac: Add additional missing lockdep_register_key() RDMA/core: Let ib_find_gid() continue search even after empty entry RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry ASoC: rt5663: Handle device_property_read_u32_array error codes clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell dmaengine: pxa/mmp: stop referencing config->slave_id iommu/iova: Fix race between FQ timeout and teardown phy: uniphier-usb3ss: fix unintended writing zeros to PHY register ASoC: mediatek: Check for error clk pointer ASoC: samsung: idma: Check of ioremap return value misc: lattice-ecp3-config: Fix task hung when firmware load failed mips: lantiq: add support for clk_set_parent() mips: bcm63xx: add support for clk_set_parent() RDMA/cxgb4: Set queue pair state when being queried of: base: Fix phandle argument length mismatch error message Bluetooth: Fix debugfs entry leak in hci_register_dev() fs: dlm: filter user dlm messages for kernel locks drm/lima: fix warning when CONFIG_DEBUG_SG=y & CONFIG_DMA_API_DEBUG=y ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR ARM: shmobile: rcar-gen2: Add missing of_node_put() batman-adv: allow netlink usage in unprivileged containers usb: gadget: f_fs: Use stream_open() for endpoint files drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L HID: apple: Do not reset quirks when the Fn key is not found media: b2c2: Add missing check in flexcop_pci_isr: EDAC/synopsys: Use the quirk for version instead of ddr version mlxsw: pci: Add shutdown method in PCI driver drm/bridge: megachips: Ensure both bridges are probed before registration gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use HSI: core: Fix return freed object in hsi_new_client mwifiex: Fix skb_over_panic in mwifiex_usb_recv() rsi: Fix use-after-free in rsi_rx_done_handler() rsi: Fix out-of-bounds read in rsi_read_pkt() usb: uhci: add aspeed ast2600 uhci support floppy: Add max size check for user space request x86/mm: Flush global TLB when switching to trampoline page-table media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() media: m920x: don't use stack on USB reads iwlwifi: mvm: synchronize with FW after multicast commands ath10k: Fix tx hanging net-sysfs: update the queue counts in the unregistration path net: phy: prefer 1000baseT over 1000baseKX gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock x86/mce: Mark mce_panic() noinstr x86/mce: Mark mce_end() noinstr x86/mce: Mark mce_read_aux() noinstr net: bonding: debug: avoid printing debug logs when bond is not notifying peers bpf: Do not WARN in bpf_warn_invalid_xdp_action() HID: quirks: Allow inverting the absolute X/Y values media: igorplugusb: receiver overflow should be reported media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO audit: ensure userspace is penalized the same as the kernel when under pressure arm64: dts: ls1028a-qds: move rtc node to the correct i2c bus arm64: tegra: Adjust length of CCPLEX cluster MMIO region cpufreq: Fix initialization of min and max frequency QoS requests usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream iwlwifi: fix leaks/bad data after failed firmware load iwlwifi: remove module loading failure message iwlwifi: mvm: Fix calculation of frame length um: registers: Rename function names to avoid conflicts and build problems jffs2: GC deadlock reading a page that is used in jffs2_write_begin() ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions ACPICA: Utilities: Avoid deleting the same object twice in a row ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() ACPICA: Fix wrong interpretation of PCC address ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 drm/amdgpu: fixup bad vram size on gmc v8 ACPI: battery: Add the ThinkPad "Not Charging" quirk btrfs: remove BUG_ON() in find_parent_nodes() btrfs: remove BUG_ON(!eie) in find_parent_nodes net: mdio: Demote probed message to debug print mac80211: allow non-standard VHT MCS-10/11 dm btree: add a defensive bounds check to insert_at() dm space map common: add bounds check to sm_ll_lookup_bitmap() net: phy: marvell: configure RGMII delays for 88E1118 net: gemini: allow any RGMII interface mode regulator: qcom_smd: Align probe function with rpmh-regulator serial: pl010: Drop CR register reset on set_termios serial: core: Keep mctrl register state and cached copy in sync random: do not throw away excess input to crng_fast_load parisc: Avoid calling faulthandler_disabled() twice powerpc/6xx: add missing of_node_put powerpc/powernv: add missing of_node_put powerpc/cell: add missing of_node_put powerpc/btext: add missing of_node_put powerpc/watchdog: Fix missed watchdog reset due to memory ordering race i2c: i801: Don't silently correct invalid transfer size powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING i2c: mpc: Correct I2C reset procedure clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB powerpc/powermac: Add missing lockdep_register_key() KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST w1: Misuse of get_user()/put_user() reported by sparse scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup ALSA: seq: Set upper limit of processed events powerpc: handle kdump appropriately with crash_kexec_post_notifiers option MIPS: OCTEON: add put_device() after of_find_device_by_node() i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters MIPS: Octeon: Fix build errors using clang scsi: sr: Don't use GFP_DMA ASoC: mediatek: mt8173: fix device_node leak power: bq25890: Enable continuous conversion for ADC at charging rpmsg: core: Clean up resources on announce_create failure. crypto: omap-aes - Fix broken pm_runtime_and_get() usage crypto: stm32/crc32 - Fix kernel BUG triggered in probe() crypto: caam - replace this_cpu_ptr with raw_cpu_ptr ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers fuse: Pass correct lend value to filemap_write_and_wait_range() serial: Fix incorrect rs485 polarity on uart open cputime, cpuacct: Include guest time in user time in cpuacct.stat tracing/kprobes: 'nmissed' not showed correctly for kretprobe iwlwifi: mvm: Increase the scan timeout guard to 30 seconds s390/mm: fix 2KB pgtable release race drm/etnaviv: limit submit sizes drm/nouveau/kms/nv04: use vzalloc for nv04_display drm/bridge: analogix_dp: Make PSR-exit block less PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space PCI: pci-bridge-emul: Correctly set PCIe capabilities PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device xfrm: fix policy lookup for ipv6 gre packets btrfs: fix deadlock between quota enable and other quota operations btrfs: check the root node for uptodate before returning it btrfs: respect the max size in the header when activating swap file ext4: make sure to reset inode lockdep class when quota enabling fails ext4: make sure quota gets properly shutdown on error ext4: set csum seed in tmp inode while migrating to extents ext4: Fix BUG_ON in ext4_bread when write quota data ext4: don't use the orphan list when migrating an inode drm/radeon: fix error handling in radeon_driver_open_kms of: base: Improve argument length mismatch error firmware: Update Kconfig help text for Google firmware media: rcar-csi2: Optimize the selection PHTW register Documentation: dmaengine: Correctly describe dmatest with channel unset Documentation: ACPI: Fix data node reference documentation Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization Documentation: fix firewire.rst ABI file path error scsi: core: Show SCMD_LAST in text form RDMA/hns: Modify the mapping attribute of doorbell to device RDMA/rxe: Fix a typo in opcode name dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK Revert "net/mlx5: Add retry mechanism to the command entry index allocation" powerpc/cell: Fix clang -Wimplicit-fallthrough warning powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses bpftool: Remove inclusion of utilities.mak from Makefiles ipv4: avoid quadratic behavior in netns dismantle net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries f2fs: fix to reserve space for IO align feature af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress clk: si5341: Fix clock HW provider cleanup net: axienet: limit minimum TX ring size net: axienet: fix number of TX ring slots for available check net: axienet: increase default TX ring size to 128 rtc: pxa: fix null pointer dereference inet: frags: annotate races around fqdir->dead and fqdir->high_thresh netns: add schedule point in ops_exit_list() xfrm: Don't accidentally set RTO_ONLINK in decode_session4() gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst() libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() perf script: Fix hex dump character output dmaengine: at_xdmac: Don't start transactions at tx_submit level dmaengine: at_xdmac: Print debug message after realeasing the lock dmaengine: at_xdmac: Fix concurrency over xfers_list dmaengine: at_xdmac: Fix lld view setting dmaengine: at_xdmac: Fix at_xdmac_lld struct definition arm64: dts: qcom: msm8996: drop not documented adreno properties net_sched: restore "mpu xxx" handling bcmgenet: add WOL IRQ check net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config() dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix property dt-bindings: display: meson-vpu: Add missing amlogic,canvas property scripts/dtc: dtx_diff: remove broken example from help text lib82596: Fix IRQ check in sni_82596_probe lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test mtd: nand: bbt: Fix corner case in bad block table handling Revert "ia64: kprobes: Use generic kretprobe trampoline handler" Linux 5.4.174 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia656821e4377afa7ca279a6ed92195989be831b3 |
||
Bernard Zhao
|
eb599bf3ba |
selinux: fix potential memleak in selinux_add_opt()
[ Upstream commit 2e08df3c7c4e4e74e3dd5104c100f0bf6288aaa8 ]
This patch try to fix potential memleak in error branch.
Fixes:
|
||
|
Greg Kroah-Hartman
|
ba4942c83d |
Merge tag 'android11-5.4.161_r00' into android11-5.4
This is the merge of the upstream LTS release of 5.4.1161 into the android11-5.4 branch. It contains the following commits: |
||
|
Greg Kroah-Hartman
|
7ada083540 |
This is the 5.4.170 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmHVgw8ACgkQONu9yGCS aT71vhAAgVauEQ0nyXBUsH7vqKS6tYdcjoOor8FdNYSfoZ7iY6MptIdtHMVA0MxZ 793CRZDc7cyNtNVhGIomSzLPI4Nb/U5g57xfGrIQZ9Yzv1vcDsC8iEU1GLELWVAO 1gX6oyVJMXQb4JrbGGdP3QPqLPa6ekZ07c3/Dt2p32e+yqm3JvrcaDqklR7qSzBi Nx6VWp2ZxbvDqmzhzzVX+wWoB1darxp1I08ZgPMqsAbn78MelxrOxp8asNVuJQip KusrhdA4xSrXHfzYj1oxSAWctA0mlHJVie+/x+DPDKDP7/zIop+58fEbSEPLcDHA d+19gkNuNR0CtmEPACm/DAPU/iKiuK1YhmfGvPWQHdQCGQxxMKAdS0sH7BqQ2NU6 c7QiRA0Q3JNc+D2TGO5e2u1D5jqsVnBRaEAOnrHwnX6Dx27I8vwIsSKF1Si6TCdU S7whO8n1r7are5Ahaak25qR83wIpn/2fL4Q0AzP7Ox9kue7ceDQ42RfPzNoYh3LS ITJxRbxZYsnOHjlDS4dc5Hih+WioclSALmYhzSbWsjepzyv0EVEup6vzBffY5A4k ENlXQOCV7jZdfZ+ZdMI+kR9cTGO1F7Le5UKp4H+a0qpY/MWIlUI1C7qWDp5YZTsi 2iYwzrOpKCgqrMBhAR2jHeqmqItkal1dsTvrh2Lwc+3FPYRjNoo= =Lkh+ -----END PGP SIGNATURE----- Merge 5.4.170 into android11-5.4-lts Changes in 5.4.170 HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option tee: handle lookup of shm with reference count 0 Input: i8042 - add deferred probe support Input: i8042 - enable deferred probe quirk for ASUS UM325UA tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok(). platform/x86: apple-gmux: use resource_size() with res memblock: fix memblock_phys_alloc() section mismatch error recordmcount.pl: fix typo in s390 mcount regex selinux: initialize proto variable in selinux_ip_postroute_compat() scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources udp: using datalen to cap ipv6 udp max gso segments selftests: Calculate udpgso segment count without header adjustment sctp: use call_rcu to free endpoint net: usb: pegasus: Do not drop long Ethernet frames net: lantiq_xrx200: fix statistics of received bytes NFC: st21nfca: Fix memory leak in device probe and remove ionic: Initialize the 'lif->dbid_inuse' bitmap net/mlx5e: Fix wrong features assignment in case of error selftests/net: udpgso_bench_tx: fix dst ip argument net/ncsi: check for error return from call to nla_put_u32 fsl/fman: Fix missing put_device() call in fman_port_probe i2c: validate user data in compat ioctl nfc: uapi: use kernel size_t to fix user-space builds uapi: fix linux/nfc.h userspace compilation errors xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. usb: mtu3: add memory barrier before set GPD's HWO usb: mtu3: fix list_head check warning usb: mtu3: set interval of FS intr and isoc endpoint binder: fix async_free_space accounting for empty parcels scsi: vmw_pvscsi: Set residual data length conditionally Input: appletouch - initialize work before device registration Input: spaceball - fix parsing of movement data packets net: fix use-after-free in tw_timer_handler perf script: Fix CPU filtering of a script's switch events Linux 5.4.170 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic66d754505081f001b420af0ee4c8da1edf5c27f |
||
|
Tom Rix
|
44937652af |
selinux: initialize proto variable in selinux_ip_postroute_compat()
commit 732bc2ff080c447f8524f40c970c481f5da6eed3 upstream.
Clang static analysis reports this warning
hooks.c:5765:6: warning: 4th function call argument is an uninitialized
value
if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
selinux_parse_skb() can return ok without setting proto. The later call
to selinux_xfrm_postroute_last() does an early check of proto and can
return ok if the garbage proto value matches. So initialize proto.
Cc: stable@vger.kernel.org
Fixes:
|
||
Dmitry Vyukov
|
930d4986a4 |
tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
[ Upstream commit 04e57a2d952bbd34bc45744e72be3eecdc344294 ] If tomoyo is used in a testing/fuzzing environment in learning mode, for lots of domains the quota will be exceeded and stay exceeded for prolonged periods of time. In such cases it's pointless (and slow) to walk the whole acl list again and again just to rediscover that the quota is exceeded. We already have the TOMOYO_DIF_QUOTA_WARNED flag that notes the overflow condition. Check it early to avoid the slowdown. [penguin-kernel] This patch causes a user visible change that the learning mode will not be automatically resumed after the quota is increased. To resume the learning mode, administrator will need to explicitly clear TOMOYO_DIF_QUOTA_WARNED flag after increasing the quota. But I think that this change is generally preferable, for administrator likely wants to optimize the acl list for that domain before increasing the quota, or that domain likely hits the quota again. Therefore, don't try to care to clear TOMOYO_DIF_QUOTA_WARNED flag automatically when the quota for that domain changed. Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Srinivasarao Pathipati
|
8a6924048b |
Merge android11-5.4.147+ (983a7e7) into msm-5.4
* refs/heads/tmp-983a7e7: FROMGIT: USB: gadget: bRequestType is a bitfield, not a enum UPSTREAM: aio: fix use-after-free due to missing POLLFREE handling UPSTREAM: aio: keep poll requests on waitqueue until completed UPSTREAM: signalfd: use wake_up_pollfree() UPSTREAM: binder: use wake_up_pollfree() UPSTREAM: wait: add wake_up_pollfree() UPSTREAM: USB: gadget: zero allocate endpoint 0 buffers UPSTREAM: USB: gadget: detect too-big endpoint 0 requests UPSTREAM: HID: check for valid USB device for many HID drivers UPSTREAM: HID: wacom: fix problems when device is not a valid USB device UPSTREAM: HID: bigbenff: prevent null pointer dereference UPSTREAM: HID: add USB_HID dependancy on some USB HID drivers UPSTREAM: HID: add USB_HID dependancy to hid-chicony UPSTREAM: HID: add USB_HID dependancy to hid-prodikeys UPSTREAM: HID: add hid_is_usb() function to make it simpler for USB detection BACKPORT: f2fs: relocate inline conversion from mmap() to mkwrite() BACKPORT: f2fs: support RO feature BACKPORT: f2fs: fix wrong total_sections check and fsmeta check BACKPORT: FROMGIT: binder: fix freeze race FROMGIT: binder: BINDER_GET_FROZEN_INFO ioctl FROMGIT: binder: use EINTR for interrupted wait for work BACKPORT: FROMGIT: binder: BINDER_FREEZE ioctl ANDROID: usb: gadget: f_accessory: Mitgate handling of non-existent USB request FROMGIT: binder: fix test regression due to sender_euid change BACKPORT: binder: use cred instead of task for getsecid BACKPORT: binder: use cred instead of task for selinux checks BACKPORT: binder: use euid from cred instead of using task ANDROID: setlocalversion: make KMI_GENERATION optional Change-Id: I00cf067e7b2e31eb3ad074ede720c087a7647959 Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com> |
||
|
Greg Kroah-Hartman
|
5ba000444a |
This is the 5.4.167 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmG8VH8ACgkQONu9yGCS aT5J7g/+L4U69OjgLPKllqMk5nNOJqG3RQz008cgUpSo311OPZla3wlI7mGBtd7+ CUy/XEa7ZJ+4DZyedxR88eOrgMyaBS0flIE7Arg4hqRD1YNJBPcOF1ZRvk1K46RH qonIgWgAiWLuHlH5aQ88qgzRqeFkwBg6x3+YyBYLRX8S5w5ylvUd+w1werzji2U6 uDBSj/o8Yre7jjnBMmSBa3IP5WHBHbxgooyhostsywn60+nyNVZwN7pFbryIZual h1M6txLuNrpIOalf+qBbgcCilve+3/4ILCy+0FtrOhL+7FAeawqlNiWDgdSKoEV0 eBBYoZyxDOaf5wpN3PuW29C1pMKlV2hzOm4jslXuDl29E61ZB9HcXcHZk4REWm8C AasjP+cKj2QSqBwHFqU68ezU/CEszlbhjoJ6Za2QQXRsbtdYTyfIeH25fL9b+WWm L5aIaIlHmegPRsDtDXgeBckwsz6KgMZT9iQ1r6B3JkeRC1cxqHn5alDSPJs7tNVo qQdl0f8LsTLV2g+kLl2AaA0I+ESXrAVOXhdAxBIO++6EkX8TzmYXujdt9b39uOBp FDAtmSR4dFmphlIn6OGgSbbME1Ri8dEwaUWiOgLRPJaa9J41Jf0ykFFbOV4Vdgbe 5gIsZ8/+Jh0NoRs6cdsg1TwKhGBAEIrHBTOM/Ys7MUzxk9E3iBY= =aOVH -----END PGP SIGNATURE----- Merge 5.4.167 into android11-5.4-lts Changes in 5.4.167 nfc: fix segfault in nfc_genl_dump_devices_done drm/msm/dsi: set default num_data_lanes net/mlx4_en: Update reported link modes for 1/10G parisc/agp: Annotate parisc agp init functions with __init i2c: rk3x: Handle a spurious start completion interrupt flag net: netlink: af_netlink: Prevent empty skb by adding a check on len. drm/amd/display: Fix for the no Audio bug with Tiled Displays drm/amd/display: add connector type check for CRC source set tracing: Fix a kmemleak false positive in tracing_map KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI req selinux: fix race condition when computing ocontext SIDs bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc hwmon: (dell-smm) Fix warning on /proc/i8k creation error memblock: free_unused_memmap: use pageblock units instead of MAX_ORDER memblock: align freed memory map on pageblock boundaries with SPARSEMEM memblock: ensure there is no overflow in memblock_overlaps_region() arm: extend pfn_valid to take into account freed memory map alignment arm: ioremap: don't abuse pfn_valid() to check if pfn is in RAM Linux 5.4.167 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1b912710dd31dba153eb6d859856462ea4c01ddd |
||
Ondrej Mosnacek
|
b06b1f4630 |
selinux: fix race condition when computing ocontext SIDs
commit cbfcd13be5cb2a07868afe67520ed181956579a7 upstream. Current code contains a lot of racy patterns when converting an ocontext's context structure to an SID. This is being done in a "lazy" fashion, such that the SID is looked up in the SID table only when it's first needed and then cached in the "sid" field of the ocontext structure. However, this is done without any locking or memory barriers and is thus unsafe. Between commits |
||
|
Greg Kroah-Hartman
|
b2d37d0916 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Srinivasarao Pathipati
|
2603172e50 |
Merge android11-5.4.147+ (e785a25) into msm-5.4
* refs/heads/tmp-e785a25: Revert "ANDROID: GKI: Enable CHACHA20POLY1305 and XCBC" ANDROID: GKI: rework the ANDROID_KABI_USE() macro to not use __UNIQUE() UPSTREAM: security: selinux: allow per-file labeling for bpffs ANDROID: GKI: Enable CHACHA20POLY1305 and XCBC ANDROID: Incremental fs: Fix dentry get/put imbalance on vfs_mkdir() failure ANDROID: f2fs: fix potential deadlock by android ftrace Change-Id: I261a5fa5682452c021ad0ba4bb4da085ee340ab3 Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com> |
||
|
Greg Kroah-Hartman
|
26b09f181d |
This is the 5.4.161 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmGaPeoACgkQONu9yGCS aT4y9RAArO/V2GJCWb2hbycStqH/oLKxDnY2Du0fji5uj7iKaN1wzW2DT5tNstlZ I/aJS5ULZ8IYV/otIxzpCLzc0EHJ82sSqA8l2TgtK/SaqkoWABzcNdeZC3KPoAy+ QLyDIlSIXc2ODhf7Q8sk+6Pxwa5IPjNchKbtjJpaqM3YnMApJ+ub4M89toI6kYYd G9F8BbjCyJ7FQ4TcIXQQG2L+XHWGPXGk/WDrFUlMyj5n4ztOjXMbbT/VmWJdf6cA hyYj1AKfekhKYdb21/ko/6z8D1wlrnZ2OBVVSJJdwbN7VnNB2bA2rxTzds7vJzzW z8dqb3WTnNwkxaoTsKxV59Ii2ienrb7RU60QU9jHg1Yef8g7o7KYknF08OoTl4C5 z2dwxlxr76KR6u19L5jgLSYg/0HXYWNhDq5lyLsDJbrbWjWOFtRIe1jqVc/v3+4f nl54wztGqj0aBGZUsqtK4Ypjs4LJxDD1LqXSKgN9AbZjWq6jtcj25deXPuQNWoBh cZ8PXMD3L6Vl27brHYZ4EmAoLlVQRAdqD4sicUParyMhincb10Eil6xI8ipbvRbR ij0VXhfu6uV/qMfL6nGznIKbbBnK4EgrDzNCAlYC+CiXQvDCHdulZ2Bz3VzK5J3q fIkfSE1DZCwXOzP4JJ43M01BkAk/eOoHI9n4sPC6HZOtokAoIVg= =01H9 -----END PGP SIGNATURE----- Merge 5.4.161 into android11-5.4-lts Changes in 5.4.161 soc/tegra: pmc: Fix imbalanced clock disabling in error code path scsi: ufs: Fix interrupt error message for shared interrupts MIPS: Fix assembly error from MIPSr2 code used within MIPS_ISA_ARCH_LEVEL ext4: fix lazy initialization next schedule time computation in more granular unit scsi: ufs: Fix tm request when non-fatal error happens fortify: Explicitly disable Clang support parisc/entry: fix trace test in syscall exit path PCI/MSI: Destroy sysfs before freeing entries PCI/MSI: Deal with devices lying about their MSI mask capability PCI: Add MSI masking quirk for Nvidia ION AHCI erofs: remove the occupied parameter from z_erofs_pagevec_enqueue() erofs: fix unsafe pagevec reuse of hooked pclusters Linux 5.4.161 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I5c1942d0f5c822a788147c7ade349701a9451cee |
||
|
Kees Cook
|
258c42a8fb |
fortify: Explicitly disable Clang support
commit a52f8a59aef46b59753e583bf4b28fccb069ce64 upstream. Clang has never correctly compiled the FORTIFY_SOURCE defenses due to a couple bugs: Eliding inlines with matching __builtin_* names https://bugs.llvm.org/show_bug.cgi?id=50322 Incorrect __builtin_constant_p() of some globals https://bugs.llvm.org/show_bug.cgi?id=41459 In the process of making improvements to the FORTIFY_SOURCE defenses, the first (silent) bug (coincidentally) becomes worked around, but exposes the latter which breaks the build. As such, Clang must not be used with CONFIG_FORTIFY_SOURCE until at least latter bug is fixed (in Clang 13), and the fortify routines have been rearranged. Update the Kconfig to reflect the reality of the current situation. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Nick Desaulniers <ndesaulniers@google.com> Link: https://lore.kernel.org/lkml/CAKwvOd=A+ueGV2ihdy5GtgR2fQbcXjjAtVxv3=cPjffpebZB7A@mail.gmail.com Cc: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Todd Kjos
|
ea1a2391d5 |
BACKPORT: binder: use cred instead of task for selinux checks
commit 52f88693378a58094c538662ba652aff0253c4fe upstream.
Since binder was integrated with selinux, it has passed
'struct task_struct' associated with the binder_proc
to represent the source and target of transactions.
The conversion of task to SID was then done in the hook
implementations. It turns out that there are race conditions
which can result in an incorrect security context being used.
Fix by using the 'struct cred' saved during binder_open and pass
it to the selinux subsystem.
Cc: stable@vger.kernel.org # 5.14 (need backport for earlier stables)
Fixes:
|
||
|
Greg Kroah-Hartman
|
91a7552bea |
This is the 5.4.160 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmGUwhUACgkQONu9yGCS
aT4hlBAAjcjBBtJ7IuVRAbJhRSIW3H0viMdPTBvydSNwSF6mk9BL56CQ+OyAGLaB
Fnb5DNxhIO9DAbwuvBW4wEJibSA1Q4191bRjZEKrf70LRdmA51vz0dBu2KRNV+IV
HWtJYyXIyqqU/EXPsVmdmNFxr6YUCUmkyEaE18/rsg/cZmMg/Zot434cnSuzVzrW
9yLQVQAs7CAKD7kICZ/S7P7V1IKQyuLj5meX2BBE24YwukvlA9N5ISXGQuW91683
iqv0cfjwYtfrNMOE7K2AKrDgZ0AxuLrIiyppqHjHPB+zIvgm2ErQU+Hp76hVtWpW
yP0cq6ReP3ktc9Hmxr49xU1l3D/6jo+OyqQh5eomP2veGpRh3dq+oe1VoN7Iw9Xg
YBvjOuononlBoChsddlbxwQTZIXff9MvOK2zADmHM0740xTlqSIgw6ITdg/lyKG8
7QbM6pSepXKVXDhHtbEQQGIJP/SvLyjGKX5pJjTKQ0cemkGJ/Sp/HNHMlf/CRLen
LsS2kHCuBTWKQP0NJaAIp0J3lNfcCnB8Cv2BhmkHkVPx0jEvlZKDVJqdH7tbpIdy
hdR9vwq9neBIjAiTFMEAuV1/+zGR4zNqiocUXhkIC9BAzrBKinyct78kV2trVOc2
J4lFhpOv1I9/HwaqP6kYnJW+nNoMzN3sD0uT8fk8dlYo5GBvbVk=
=YkOP
-----END PGP SIGNATURE-----
Merge 5.4.160 into android11-5.4-lts
Changes in 5.4.160
xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay
usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
binder: use euid from cred instead of using task
binder: use cred instead of task for selinux checks
binder: use cred instead of task for getsecid
Input: iforce - fix control-message timeout
Input: elantench - fix misreporting trackpoint coordinates
Input: i8042 - Add quirk for Fujitsu Lifebook T725
libata: fix read log timeout value
ocfs2: fix data corruption on truncate
scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
scsi: qla2xxx: Fix use after free in eh_abort path
mmc: dw_mmc: Dont wait for DRTO on Write RSP error
parisc: Fix ptrace check on syscall return
tpm: Check for integer overflow in tpm2_map_response_body()
firmware/psci: fix application of sizeof to pointer
crypto: s5p-sss - Add error handling in s5p_aes_probe()
media: ite-cir: IR receiver stop working after receive overflow
media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
media: v4l2-ioctl: Fix check_ext_ctrls
ALSA: hda/realtek: Add quirk for Clevo PC70HS
ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
ALSA: hda/realtek: Add quirk for ASUS UX550VE
ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
ALSA: ua101: fix division by zero at probe
ALSA: 6fire: fix control and bulk message timeouts
ALSA: line6: fix control and interrupt message timeouts
ALSA: usb-audio: Add registration quirk for JBL Quantum 400
ALSA: synth: missing check for possible NULL after the call to kstrdup
ALSA: timer: Fix use-after-free problem
ALSA: timer: Unconditionally unlink slave instances, too
fuse: fix page stealing
x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c
x86/cpu: Fix migration safety with X86_BUG_NULL_SEL
x86/irq: Ensure PI wakeup handler is unregistered before module unload
cavium: Return negative value when pci_alloc_irq_vectors() fails
scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
scsi: qla2xxx: Fix unmap of already freed sgl
cavium: Fix return values of the probe function
sfc: Don't use netif_info before net_device setup
hyperv/vmbus: include linux/bitops.h
ARM: dts: sun7i: A20-olinuxino-lime2: Fix ethernet phy-mode
reset: socfpga: add empty driver allowing consumers to probe
mmc: winbond: don't build on M68K
drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
bpf: Prevent increasing bpf_jit_limit above max
xen/netfront: stop tx queues during live migration
nvmet-tcp: fix a memory leak when releasing a queue
spi: spl022: fix Microwire full duplex mode
net: multicast: calculate csum of looped-back and forwarded packets
watchdog: Fix OMAP watchdog early handling
drm: panel-orientation-quirks: Add quirk for GPD Win3
nvmet-tcp: fix header digest verification
r8169: Add device 10ec:8162 to driver r8169
vmxnet3: do not stop tx queues after netif_device_detach()
nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
net/smc: Correct spelling mistake to TCPF_SYN_RECV
btrfs: clear MISSING device status bit in btrfs_close_one_device
btrfs: fix lost error handling when replaying directory deletes
btrfs: call btrfs_check_rw_degradable only if there is a missing device
ia64: kprobes: Fix to pass correct trampoline address to the handler
hwmon: (pmbus/lm25066) Add offset coefficients
regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled
regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property
EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
mwifiex: fix division by zero in fw download path
ath6kl: fix division by zero in send path
ath6kl: fix control-message timeout
ath10k: fix control-message timeout
ath10k: fix division by zero in send path
PCI: Mark Atheros QCA6174 to avoid bus reset
rtl8187: fix control-message timeouts
evm: mark evm_fixmode as __ro_after_init
wcn36xx: Fix HT40 capability for 2Ghz band
mwifiex: Read a PCI register after writing the TX ring write pointer
libata: fix checking of DMA state
wcn36xx: handle connection loss indication
rsi: fix occasional initialisation failure with BT coex
rsi: fix key enabled check causing unwanted encryption for vap_id > 0
rsi: fix rate mask set leading to P2P failure
rsi: Fix module dev_oper_mode parameter description
RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
signal: Remove the bogus sigkill_pending in ptrace_stop
signal/mips: Update (_save|_restore)_fp_context to fail with -EFAULT
power: supply: max17042_battery: Prevent int underflow in set_soc_threshold
power: supply: max17042_battery: use VFSOC for capacity when no rsns
KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use
can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
can: j1939: j1939_can_recv(): ignore messages with invalid source address
powerpc/85xx: Fix oops when mpc85xx_smp_guts_ids node cannot be found
serial: core: Fix initializing and restoring termios speed
ALSA: mixer: oss: Fix racy access to slots
ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
xen/balloon: add late_initcall_sync() for initial ballooning done
PCI: pci-bridge-emul: Fix emulation of W1C bits
PCI: aardvark: Do not clear status bits of masked interrupts
PCI: aardvark: Fix checking for link up via LTSSM state
PCI: aardvark: Do not unmask unused interrupts
PCI: aardvark: Fix reporting Data Link Layer Link Active
PCI: aardvark: Fix return value of MSI domain .alloc() method
PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
quota: check block number when reading the block in quota file
quota: correct error number in free_dqentry()
pinctrl: core: fix possible memory leak in pinctrl_enable()
iio: dac: ad5446: Fix ad5622_write() return value
USB: serial: keyspan: fix memleak on probe errors
USB: iowarrior: fix control-message timeouts
USB: chipidea: fix interrupt deadlock
dma-buf: WARN on dmabuf release with pending attachments
drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
Bluetooth: fix use-after-free error in lock_sock_nested()
drm/panel-orientation-quirks: add Valve Steam Deck
platform/x86: wmi: do not fail if disabling fails
MIPS: lantiq: dma: add small delay after reset
MIPS: lantiq: dma: reset correct number of channel
locking/lockdep: Avoid RCU-induced noinstr fail
net: sched: update default qdisc visibility after Tx queue cnt changes
smackfs: Fix use-after-free in netlbl_catmap_walk()
x86: Increase exception stack sizes
mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
mwifiex: Properly initialize private structure on interface type changes
ath10k: high latency fixes for beacon buffer
media: mt9p031: Fix corrupted frame after restarting stream
media: netup_unidvb: handle interrupt properly according to the firmware
media: stm32: Potential NULL pointer dereference in dcmi_irq_thread()
media: uvcvideo: Set capability in s_param
media: uvcvideo: Return -EIO for control errors
media: uvcvideo: Set unique vdev name based in type
media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
media: s5p-mfc: Add checking to s5p_mfc_probe().
media: imx: set a media_device bus_info string
media: mceusb: return without resubmitting URB in case of -EPROTO error.
ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK
brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
media: rcar-csi2: Add checking to rcsi2_start_receiver()
ipmi: Disable some operations during a panic
ACPICA: Avoid evaluating methods too early during system resume
media: ipu3-imgu: imgu_fmt: Handle properly try
media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info
media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
net-sysfs: try not to restart the syscall if it will fail eventually
tracefs: Have tracefs directories not set OTH permission bits by default
ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
ACPI: battery: Accept charges over the design capacity as full
leaking_addresses: Always print a trailing newline
memstick: r592: Fix a UAF bug when removing the driver
lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression
lib/xz: Validate the value before assigning it to an enum variable
workqueue: make sysfs of unbound kworker cpumask more clever
tracing/cfi: Fix cmp_entries_* functions signature mismatch
mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
block: remove inaccurate requeue check
nvmet: fix use-after-free when a port is removed
nvmet-tcp: fix use-after-free when a port is removed
nvme: drop scan_lock and always kick requeue list when removing namespaces
PM: hibernate: Get block device exclusively in swsusp_check()
selftests: kvm: fix mismatched fclose() after popen()
iwlwifi: mvm: disable RX-diversity in powersave
smackfs: use __GFP_NOFAIL for smk_cipso_doi()
ARM: clang: Do not rely on lr register for stacktrace
gre/sit: Don't generate link-local addr if addr_gen_mode is IN6_ADDR_GEN_MODE_NONE
ARM: 9136/1: ARMv7-M uses BE-8, not BE-32
vrf: run conntrack only in context of lower/physdev for locally generated packets
net: annotate data-race in neigh_output()
btrfs: do not take the uuid_mutex in btrfs_rm_device
spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe()
x86/hyperv: Protect set_hv_tscchange_cb() against getting preempted
parisc: fix warning in flush_tlb_all
task_stack: Fix end_of_stack() for architectures with upwards-growing stack
parisc/unwind: fix unwinder when CONFIG_64BIT is enabled
parisc/kgdb: add kgdb_roundup() to make kgdb work with idle polling
netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state
selftests/bpf: Fix strobemeta selftest regression
Bluetooth: fix init and cleanup of sco_conn.timeout_work
rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
drm/v3d: fix wait for TMU write combiner flush
virtio-gpu: fix possible memory allocation failure
net: net_namespace: Fix undefined member in key_remove_domain()
cgroup: Make rebind_subsystems() disable v2 controllers all at once
wilc1000: fix possible memory leak in cfg_scan_result()
Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
crypto: caam - disable pkc for non-E SoCs
rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
net: dsa: rtl8366rb: Fix off-by-one bug
ath10k: Fix missing frame timestamp for beacon/probe-resp
drm/amdgpu: fix warning for overflow check
media: em28xx: add missing em28xx_close_extension
media: cxd2880-spi: Fix a null pointer dereference on error handling path
media: dvb-usb: fix ununit-value in az6027_rc_query
media: TDA1997x: handle short reads of hdmi info frame.
media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()'
media: radio-wl1273: Avoid card name truncation
media: si470x: Avoid card name truncation
media: tm6000: Avoid card name truncation
media: cx23885: Fix snd_card_free call on null card pointer
kprobes: Do not use local variable when creating debugfs file
crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency
cpuidle: Fix kobject memory leaks in error paths
media: em28xx: Don't use ops->suspend if it is NULL
ath9k: Fix potential interrupt storm on queue reset
EDAC/amd64: Handle three rank interleaving mode
netfilter: nft_dynset: relax superfluous check on set updates
media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable()
crypto: qat - detect PFVF collision after ACK
crypto: qat - disregard spurious PFVF interrupts
hwrng: mtk - Force runtime pm ops for sleep ops
b43legacy: fix a lower bounds test
b43: fix a lower bounds test
mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured
memstick: avoid out-of-range warning
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host()
net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
hwmon: Fix possible memleak in __hwmon_device_register()
hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff
ath10k: fix max antenna gain unit
drm/msm: uninitialized variable in msm_gem_import()
net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
mmc: mxs-mmc: disable regulator on error and in the remove function
block: ataflop: fix breakage introduced at blk-mq refactoring
platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
rsi: stop thread firstly in rsi_91x_init() error handling
mwifiex: Send DELBA requests according to spec
phy: micrel: ksz8041nl: do not use power down mode
nvme-rdma: fix error code in nvme_rdma_setup_ctrl
PM: hibernate: fix sparse warnings
clocksource/drivers/timer-ti-dm: Select TIMER_OF
drm/msm: Fix potential NULL dereference in DPU SSPP
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
libbpf: Fix BTF data layout checks and allow empty BTF
s390/gmap: don't unconditionally call pte_unmap_unlock() in __gmap_zap()
irq: mips: avoid nested irq_enter()
tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
samples/kretprobes: Fix return value if register_kretprobe() failed
KVM: s390: Fix handle_sske page fault handling
libertas_tf: Fix possible memory leak in probe and disconnect
libertas: Fix possible memory leak in probe and disconnect
wcn36xx: add proper DMA memory barriers in rx path
drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
net: amd-xgbe: Toggle PLL settings during rate change
net: phylink: avoid mvneta warning when setting pause parameters
crypto: pcrypt - Delay write to padata->info
selftests/bpf: Fix fclose/pclose mismatch in test_progs
udp6: allow SO_MARK ctrl msg to affect routing
ibmvnic: don't stop queue in xmit
ibmvnic: Process crqs after enabling interrupts
RDMA/rxe: Fix wrong port_cap_flags
clk: mvebu: ap-cpu-clk: Fix a memory leak in error handling paths
ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
arm64: dts: rockchip: Fix GPU register width for RK3328
ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY
RDMA/bnxt_re: Fix query SRQ failure
arm64: dts: meson-g12a: Fix the pwm regulator supply properties
ARM: dts: at91: tse850: the emac<->phy interface is rmii
scsi: dc395: Fix error case unwinding
MIPS: loongson64: make CPU_LOONGSON64 depends on MIPS_FP_SUPPORT
JFS: fix memleak in jfs_mount
ALSA: hda: Reduce udelay() at SKL+ position reporting
arm: dts: omap3-gta04a4: accelerometer irq fix
soc/tegra: Fix an error handling path in tegra_powergate_power_up()
memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe
clk: at91: check pmc node status before registering syscore ops
video: fbdev: chipsfb: use memset_io() instead of memset()
serial: 8250_dw: Drop wrong use of ACPI_PTR()
usb: gadget: hid: fix error code in do_config()
power: supply: rt5033_battery: Change voltage values to µV
scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
RDMA/mlx4: Return missed an error if device doesn't support steering
staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC
ARM: dts: stm32: fix SAI sub nodes register range
ASoC: cs42l42: Correct some register default values
ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER
phy: qcom-qusb2: Fix a memory leak on probe
serial: xilinx_uartps: Fix race condition causing stuck TX
HID: u2fzero: clarify error check and length calculations
HID: u2fzero: properly handle timeouts in usb_submit_urb
powerpc/44x/fsp2: add missing of_node_put
mips: cm: Convert to bitfield API to fix out-of-bounds access
power: supply: bq27xxx: Fix kernel crash on IRQ handler register error
apparmor: fix error check
rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
drm/plane-helper: fix uninitialized variable reference
PCI: aardvark: Don't spam about PIO Response Status
PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on emulated bridge
opp: Fix return in _opp_add_static_v2()
NFS: Fix deadlocks in nfs_scan_commit_list()
fs: orangefs: fix error return code of orangefs_revalidate_lookup()
mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
mtd: core: don't remove debugfs directory if device is in use
dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro
auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string
auxdisplay: ht16k33: Connect backlight to fbdev
auxdisplay: ht16k33: Fix frame buffer device blanking
soc: fsl: dpaa2-console: free buffer before returning from dpaa2_console_read
netfilter: nfnetlink_queue: fix OOB when mac header was cleared
dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
signal/sh: Use force_sig(SIGKILL) instead of do_group_exit(SIGKILL)
m68k: set a default value for MEMORY_RESERVE
watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
ar7: fix kernel builds for compiler test
scsi: qla2xxx: Fix gnl list corruption
scsi: qla2xxx: Turn off target reset during issue_lip
NFSv4: Fix a regression in nfs_set_open_stateid_locked()
i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()'
xen-pciback: Fix return in pm_ctrl_init()
net: davinci_emac: Fix interrupt pacing disable
net: vlan: fix a UAF in vlan_dev_real_dev()
ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and zs_unregister_migration()
zram: off by one in read_block_state()
perf bpf: Add missing free to bpf_event__print_bpf_prog_info()
llc: fix out-of-bound array index in llc_sk_dev_hash()
nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
net: hns3: allow configure ETS bandwidth of all TCs
vsock: prevent unnecessary refcnt inc for nonblocking connect
net/smc: fix sk_refcnt underflow on linkdown and fallback
cxgb4: fix eeprom len when diagnostics not implemented
selftests/net: udpgso_bench_rx: fix port argument
ARM: 9155/1: fix early early_iounmap()
ARM: 9156/1: drop cc-option fallbacks for architecture selection
parisc: Fix backtrace to always include init funtion names
parisc: Fix set_fixmap() on PA1.x CPUs
irqchip/sifive-plic: Fixup EOI failed when masked
f2fs: should use GFP_NOFS for directory inodes
net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
9p/net: fix missing error check in p9_check_errors
ovl: fix deadlock in splice write
powerpc/lib: Add helper to check if offset is within conditional branch range
powerpc/bpf: Validate branch ranges
powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
powerpc/security: Add a helper to query stf_barrier type
powerpc/bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
mm, oom: do not trigger out_of_memory from the #PF
video: backlight: Drop maximum brightness override for brightness zero
s390/cio: check the subchannel validity for dev_busid
s390/tape: fix timer initialization in tape_std_assign()
s390/cio: make ccw_device_dma_* more robust
powerpc/powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module unload
PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
SUNRPC: Partial revert of commit 6f9f17287e78
ath10k: fix invalid dma_addr_t token assignment
selftests/bpf: Fix also no-alu32 strobemeta selftest
Linux 5.4.160
Note, binder* patches were manually reverted as part of this merge, they
are not present in this merge point at all.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1fb759dd89408adbe9b9ac1527af51bfdc4059de
|
||
|
Tom Rix
|
bd48bdbfd9 |
apparmor: fix error check
[ Upstream commit d108370c644b153382632b3e5511ade575c91c86 ]
clang static analysis reports this representative problem:
label.c:1463:16: warning: Assigned value is garbage or undefined
label->hname = name;
^ ~~~~
In aa_update_label_name(), this the problem block of code
if (aa_label_acntsxprint(&name, ...) == -1)
return res;
On failure, aa_label_acntsxprint() has a more complicated return
that just -1. So check for a negative return.
It was also noted that the aa_label_acntsxprint() main comment refers
to a nonexistent parameter, so clean up the comment.
Fixes:
|
||
Tetsuo Handa
|
03a818c096 |
smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi
[ Upstream commit 0934ad42bb2c5df90a1b9de690f93de735b622fe ]
syzbot is reporting UAF at cipso_v4_doi_search() [1], for smk_cipso_doi()
is calling kfree() without removing from the cipso_v4_doi_list list after
netlbl_cfg_cipsov4_map_add() returned an error. We need to use
netlbl_cfg_cipsov4_del() in order to remove from the list and wait for
RCU grace period before kfree().
Link: https://syzkaller.appspot.com/bug?extid=93dba5b91f0fed312cbd [1]
Reported-by: syzbot <syzbot+93dba5b91f0fed312cbd@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes:
|
||
|
Tetsuo Handa
|
681a426e6b |
smackfs: use __GFP_NOFAIL for smk_cipso_doi()
[ Upstream commit f91488ee15bd3cac467e2d6a361fc2d34d1052ae ] syzbot is reporting kernel panic at smk_cipso_doi() due to memory allocation fault injection [1]. The reason for need to use panic() was not explained. But since no fix was proposed for 18 months, for now let's use __GFP_NOFAIL for utilizing syzbot resource on other bugs. Link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22 [1] Reported-by: syzbot <syzbot+89731ccb6fec15ce1c22@syzkaller.appspotmail.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Pawan Gupta
|
91b9c23b6d |
smackfs: Fix use-after-free in netlbl_catmap_walk()
[ Upstream commit 0817534ff9ea809fac1322c5c8c574be8483ea57 ] Syzkaller reported use-after-free bug as described in [1]. The bug is triggered when smk_set_cipso() tries to free stale category bitmaps while there are concurrent reader(s) using the same bitmaps. Wait for RCU grace period to finish before freeing the category bitmaps in smk_set_cipso(). This makes sure that there are no more readers using the stale bitmaps and freeing them should be safe. [1] https://lore.kernel.org/netdev/000000000000a814c505ca657a4e@google.com/ Reported-by: syzbot+3f91de0b813cc3d19a80@syzkaller.appspotmail.com Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Austin Kim
|
301d33c954 |
evm: mark evm_fixmode as __ro_after_init
commit 32ba540f3c2a7ef61ed5a577ce25069a3d714fc9 upstream. The evm_fixmode is only configurable by command-line option and it is never modified outside initcalls, so declaring it with __ro_after_init is better. Signed-off-by: Austin Kim <austin.kim@lge.com> Cc: stable@vger.kernel.org Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Todd Kjos
|
fc9c470cd5 |
binder: use cred instead of task for selinux checks
commit 52f88693378a58094c538662ba652aff0253c4fe upstream.
Since binder was integrated with selinux, it has passed
'struct task_struct' associated with the binder_proc
to represent the source and target of transactions.
The conversion of task to SID was then done in the hook
implementations. It turns out that there are race conditions
which can result in an incorrect security context being used.
Fix by using the 'struct cred' saved during binder_open and pass
it to the selinux subsystem.
Cc: stable@vger.kernel.org # 5.14 (need backport for earlier stables)
Fixes:
|
||
|
Greg Kroah-Hartman
|
3197361248 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Srinivasarao Pathipati
|
828abb51dd |
Merge android11-5.4.147+ (dc8c919) into msm-5.4
* refs/heads/tmp-dc8c919:
Revert dwc3 changes
ANDROID: GKI: Update FCNT KMI symbol list No new symbols added that are not already in the .xml file.
ANDROID: GKI : Update symbols to symbol list
BACKPORT: crypto: arch - conditionalize crypto api in arch glue for lib code
BACKPORT: crypto: arch/lib - limit simd usage to 4k chunks
UPSTREAM: crypto: arm/blake2s - fix for big endian
ANDROID: gki_defconfig: enable BLAKE2b support
BACKPORT: crypto: arm/blake2b - add NEON-accelerated BLAKE2b
BACKPORT: crypto: blake2b - update file comment
BACKPORT: crypto: blake2b - sync with blake2s implementation
UPSTREAM: crypto: arm/blake2s - add ARM scalar optimized BLAKE2s
UPSTREAM: crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
UPSTREAM: crypto: blake2s - adjust include guard naming
UPSTREAM: crypto: blake2s - add comment for blake2s_state fields
UPSTREAM: crypto: blake2s - optimize blake2s initialization
BACKPORT: crypto: blake2s - share the "shash" API boilerplate code
UPSTREAM: crypto: blake2s - move update and final logic to internal/blake2s.h
UPSTREAM: crypto: blake2s - remove unneeded includes
UPSTREAM: crypto: x86/blake2s - define shash_alg structs using macros
UPSTREAM: crypto: blake2s - define shash_alg structs using macros
UPSTREAM: crypto: lib/blake2s - Move selftest prototype into header file
UPSTREAM: crypto: blake2b - Fix clang optimization for ARMv7-M
UPSTREAM: crypto: blake2b - rename tfm context and _setkey callback
UPSTREAM: crypto: blake2b - merge _update to api callback
UPSTREAM: crypto: blake2b - open code set last block helper
UPSTREAM: crypto: blake2b - delete unused structs or members
UPSTREAM: crypto: blake2b - simplify key init
UPSTREAM: crypto: blake2b - merge blake2 init to api callback
UPSTREAM: crypto: blake2b - merge _final implementation to callback
BACKPORT: crypto: testmgr - add test vectors for blake2b
BACKPORT: crypto: blake2b - add blake2b generic implementation
UPSTREAM: crypto: blake2s - x86_64 SIMD implementation
UPSTREAM: crypto: blake2s - implement generic shash driver
UPSTREAM: crypto: testmgr - add test cases for Blake2s
UPSTREAM: crypto: blake2s - generic C library implementation and selftest
UPSTREAM: crypto: lib - tidy up lib/crypto Kconfig and Makefile
ANDROID: ion heap: init ion heaps in subsys_initcall
UPSTREAM: ovl: simplify file splice
ANDROID: ABI: update allowed list for galaxy
ANDROID: ABI: Update allowed list for QCOM
ANDROID: distribute Module.symvers
UPSTREAM: usb: max-3421: Prevent corruption of freed memory
ANDROID: ABI: Update allowed list for QCOM
UPSTREAM: driver core: Prevent warning when removing a device link from unregistered consumer
UPSTREAM: udp: properly flush normal packet at GRO time
UPSTREAM: net/xfrm/compat: Copy xfrm_spdattr_type_t atributes
UPSTREAM: f2fs: Advertise encrypted casefolding in sysfs
UPSTREAM: loop: Fix missing discard support when using LOOP_CONFIGURE
UPSTREAM: thermal/drivers/sprd: Add missing MODULE_DEVICE_TABLE
UPSTREAM: nvmem: sprd: Fix an error message
UPSTREAM: usb: musb: Fix an error message
UPSTREAM: scsi: ufs: core: Cancel rpm_dev_flush_recheck_work during system suspend
UPSTREAM: scsi: ufs: core: Do not put UFS power into LPM if link is broken
UPSTREAM: selinux: add proper NULL termination to the secclass_map permissions
UPSTREAM: of: property: fw_devlink: do not link ".*,nr-gpios"
UPSTREAM: udp: never accept GSO_FRAGLIST packets
UPSTREAM: udp: skip L4 aggregation for UDP tunnel packets
UPSTREAM: xfrm/compat: Cleanup WARN()s that can be user-triggered
UPSTREAM: pinctrl: sunxi: fix irq bank map for the Allwinner A100 pin controller
UPSTREAM: loop: Set correct device size when using LOOP_CONFIGURE
UPSTREAM: loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE
ANDROID: ion_system_heap: Add __GFP_NOWARN to mid-order allocations
ANDROID: drivers: gpu: drm: increase the MAX_DRM_OPEN_COUNT
UPSTREAM: af_unix: fix garbage collect vs MSG_PEEK
Linux 5.4.147
Revert "time: Handle negative seconds correctly in timespec64_to_ns()"
Revert "posix-cpu-timers: Force next expiration recalc after itimer reset"
Revert "block: nbd: add sanity check for first_minor"
Revert "Bluetooth: Move shutdown callback before flushing tx and rx queue"
Linux 5.4.146
clk: kirkwood: Fix a clocking boot regression
backlight: pwm_bl: Improve bootloader/kernel device handover
fbmem: don't allow too huge resolutions
IMA: remove the dependency on CRYPTO_MD5
IMA: remove -Wmissing-prototypes warning
fuse: flush extending writes
fuse: truncate pagecache on atomic_o_trunc
KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter
KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted
KVM: s390: index kvm->arch.idle_mask by vcpu_idx
x86/resctrl: Fix a maybe-uninitialized build warning treated as error
perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
tty: Fix data race between tiocsti() and flush_to_ldisc()
time: Handle negative seconds correctly in timespec64_to_ns()
bpf: Fix pointer arithmetic mask tightening under state pruning
bpf: verifier: Allocate idmap scratch in verifier env
bpf: Fix leakage due to insufficient speculative store bypass mitigation
bpf: Introduce BPF nospec instruction for mitigating Spectre v4
ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
octeontx2-af: Fix loop in free and unmap counter
net: qualcomm: fix QCA7000 checksum handling
net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
ipv4: make exception cache less predictible
ipv6: make exception cache less predictible
brcmfmac: pcie: fix oops on failure to resume and reprobe
bcma: Fix memory leak for internally-handled cores
ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
ASoC: wcd9335: Disable irq on slave ports in the remove function
ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function
ASoC: wcd9335: Fix a double irq free in the remove function
tty: serial: fsl_lpuart: fix the wrong mapbase value
usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available
usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
i2c: mt65xx: fix IRQ check
CIFS: Fix a potencially linear read overflow
bpf: Fix possible out of bound write in narrow load handling
mmc: moxart: Fix issue with uninitialized dma_slave_config
mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
ASoC: Intel: Skylake: Fix module resource and format selection
ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
rsi: fix an error code in rsi_probe()
rsi: fix error code in rsi_load_9116_firmware()
i2c: s3c2410: fix IRQ check
i2c: iop3xx: fix deferred probing
Bluetooth: add timeout sanity check to hci_inquiry
mm/swap: consider max pages in iomap_swapfile_add_extent
usb: gadget: mv_u3d: request_irq() after initializing UDC
nfsd4: Fix forced-expiry locking
lockd: Fix invalid lockowner cast after vfs_test_lock
mac80211: Fix insufficient headroom issue for AMSDU
usb: phy: tahvo: add IRQ check
usb: host: ohci-tmio: add IRQ check
Bluetooth: Move shutdown callback before flushing tx and rx queue
usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
usb: phy: twl6030: add IRQ checks
usb: phy: fsl-usb: add IRQ check
usb: gadget: udc: at91: add IRQ check
drm/msm/dsi: Fix some reference counted resource leaks
Bluetooth: fix repeated calls to sco_sock_kill
counter: 104-quad-8: Return error when invalid mode during ceiling_write
arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7
drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs
PM: EM: Increase energy calculation precision
Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
debugfs: Return error during {full/open}_proxy_open() on rmmod
soc: qcom: smsm: Fix missed interrupts if state changes while masked
PCI: PM: Enable PME if it can be signaled from D3cold
PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
media: venus: venc: Fix potential null pointer dereference on pointer fmt
media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
leds: trigger: audio: Add an activate callback to ensure the initial brightness is set
leds: lt3593: Put fwnode in any case during ->probe()
i2c: highlander: add IRQ check
net: cipso: fix warnings in netlbl_cipsov4_add_std
cgroup/cpuset: Fix a partition bug with hotplug
net/mlx5e: Prohibit inner indir TIRs in IPoIB
ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties
ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties
ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties
ARM: dts: meson8: Use a higher default GPU clock frequency
tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
drm/amdgpu/acp: Make PM domain really work
netns: protect netns ID lookups with RCU
6lowpan: iphc: Fix an off-by-one check of array index
Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
media: go7007: remove redundant initialization
media: dvb-usb: Fix error handling in dvb_usb_i2c_init
media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
soc: qcom: rpmhpd: Use corner in power_off
arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties
ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi
bpf: Fix potential memleak and UAF in the verifier.
bpf: Fix a typo of reuseport map in bpf.h.
media: cxd2880-spi: Fix an error handling path
soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally
media: TDA1997x: enable EDID support
drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init()
EDAC/i10nm: Fix NVDIMM detection
spi: spi-zynq-qspi: use wait_for_completion_timeout to make zynq_qspi_exec_mem_op not interruptible
spi: sprd: Fix the wrong WDG_LOAD_VAL
regulator: vctrl: Avoid lockdep warning in enable/disable ops
regulator: vctrl: Use locked regulator_get_voltage in probe path
certs: Trigger creation of RSA module signing key if it's not an RSA key
crypto: qat - use proper type for vf_mask
block: nbd: add sanity check for first_minor
clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel
lib/mpi: use kcalloc in mpi_resize
genirq/timings: Fix error return code in irq_timings_test_irqs()
spi: spi-pic32: Fix issue with uninitialized dma_slave_config
spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
sched: Fix UCLAMP_FLAG_IDLE setting
m68k: emu: Fix invalid free in nfeth_cleanup()
s390/debug: fix debug area life cycle
s390/kasan: fix large PMD pages address alignment check
udf_get_extendedattr() had no boundary checks.
fcntl: fix potential deadlock for &fasync_struct.fa_lock
crypto: qat - do not export adf_iov_putmsg()
crypto: qat - fix naming for init/shutdown VF to PF notifications
crypto: qat - fix reuse of completion variable
crypto: qat - handle both source of interrupt in VF ISR
crypto: qat - do not ignore errors from enable_vf2pf_comms()
libata: fix ata_host_start()
s390/cio: add dev_busid sysfs entry for each subchannel
power: supply: max17042_battery: fix typo in MAx17042_TOFF
nvmet: pass back cntlid on successful completion
nvme-rdma: don't update queue count when failing to set io queues
nvme-tcp: don't update queue count when failing to set io queues
bcache: add proper error unwinding in bcache_device_init
isofs: joliet: Fix iocharset=utf8 mount option
udf: Fix iocharset=utf8 mount option
udf: Check LVID earlier
hrtimer: Ensure timerfd notification for HIGHRES=n
hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
posix-cpu-timers: Force next expiration recalc after itimer reset
rcu/tree: Handle VM stoppage in stall detection
sched/deadline: Fix missing clock update in migrate_task_rq_dl()
crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop()
power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors
sched/deadline: Fix reset_on_fork reporting of DL tasks
crypto: mxs-dcp - Check for DMA mapping errors
regmap: fix the offset of register error log
locking/mutex: Fix HANDOFF condition
ANDROID: GKI: db845c: Update symbols list and ABI for lts v5.4.144
Linux 5.4.145
PCI: Call Max Payload Size-related fixup quirks early
x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
xhci: fix unsafe memory usage in xhci tracing
usb: mtu3: fix the wrong HS mult value
usb: mtu3: use @mult for HS isoc or intr
usb: host: xhci-rcar: Don't reload firmware after the completion
ALSA: usb-audio: Add registration quirk for JBL Quantum 800
Revert "btrfs: compression: don't try to compress if we don't have enough pages"
x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC power-gating
Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM"
mm/page_alloc: speed up the iteration of max_order
net: ll_temac: Remove left-over debug message
powerpc/boot: Delete unneeded .globl _zimage_start
ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2)
USB: serial: mos7720: improve OOM-handling in read_mos_reg()
igmp: Add ip_mc_list lock in ip_check_mc_rcu
media: stkwebcam: fix memory leak in stk_camera_probe
ARC: wireup clone3 syscall
ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
ARM: 8918/2: only build return_address() if needed
cryptoloop: add a deprecation warning
perf/x86/amd/power: Assign pmu.module
perf/x86/amd/ibs: Work around erratum #1197
perf/x86/intel/pt: Fix mask of num_address_ranges
qede: Fix memset corruption
net: macb: Add a NULL check on desc_ptp
qed: Fix the VF msix vectors flow
reset: reset-zynqmp: Fixed the argument data type
gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V formats
xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
kthread: Fix PF_KTHREAD vs to_kthread() race
ubifs: report correct st_size for encrypted symlinks
f2fs: report correct st_size for encrypted symlinks
ext4: report correct st_size for encrypted symlinks
fscrypt: add fscrypt_symlink_getattr() for computing st_size
ext4: fix race writing to an inline_data file while its xattrs are changing
Revert "once: Fix panic when module unload"
Linux 5.4.144
audit: move put_tree() to avoid trim_trees refcount underflow and UAF
net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
Revert "parisc: Add assembly implementations for memset, strlen, strcpy, strncpy and strcat"
Revert "floppy: reintroduce O_NDELAY fix"
btrfs: fix NULL pointer dereference when deleting device by invalid id
arm64: dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
net: dsa: mt7530: fix VLAN traffic leaks again
bpf: Fix cast to pointer from integer of different size warning
bpf: Track contents of read-only maps as scalars
vt_kdsetmode: extend console locking
btrfs: fix race between marking inode needs to be logged and log syncing
net/rds: dma_map_sg is entitled to merge entries
drm/nouveau/disp: power down unused DP links during init
drm: Copy drm_wait_vblank to user before returning
qed: Fix null-pointer dereference in qed_rdma_create_qp()
qed: qed ll2 race condition fixes
vringh: Use wiov->used to check for read/write desc order
virtio_pci: Support surprise removal of virtio pci device
virtio: Improve vq->broken access to avoid any compiler optimization
opp: remove WARN when no valid OPPs remain
perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32
usb: gadget: u_audio: fix race condition on endpoint stop
drm/i915: Fix syncmap memory leak
net: hns3: fix get wrong pfc_en when query PFC configuration
net: hns3: fix duplicate node in VLAN list
net: hns3: clear hardware resource when loading driver
rtnetlink: Return correct error on changing device netns
net: marvell: fix MVNETA_TX_IN_PRGRS bit number
xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()'
ip_gre: add validation for csum_start
RDMA/efa: Free IRQ vectors on error flow
e1000e: Fix the max snoop/no-snoop latency for 10M
IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
RDMA/bnxt_re: Add missing spin lock initialization
scsi: core: Fix hang of freezing queue between blocking and running device
usb: dwc3: gadget: Stop EP0 transfers during pullup disable
usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
USB: serial: option: add new VID/PID to support Fibocom FG150
Revert "USB: serial: ch341: fix character loss at high transfer rates"
can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters
mm, oom: make the calculation of oom badness more accurate
mmc: sdhci-msm: Update the software timeout value for sdhc
ovl: fix uninitialized pointer read in ovl_lookup_real_one()
once: Fix panic when module unload
netfilter: conntrack: collect all entries in one cycle
ARC: Fix CONFIG_STACKDEPOT
net: qrtr: fix another OOB Read in qrtr_endpoint_post
Revert "virtio: Protect vqs list access"
Revert "net: igmp: fix data-race in igmp_ifc_timer_expire()"
Revert "net: igmp: increase size of mr_ifc_count"
Revert "PCI/MSI: Protect msi_desc::masked for multi-MSI"
Linux 5.4.143
netfilter: nft_exthdr: fix endianness of tcp option cast
fs: warn about impending deprecation of mandatory locks
mm: memcontrol: fix occasional OOMs due to proportional memory.low reclaim
mm, memcg: avoid stale protection values when cgroup is above protection
ASoC: intel: atom: Fix breakage for PCM buffer address setup
PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI
btrfs: prevent rename2 from exchanging a subvol with a directory from different parents
ipack: tpci200: fix memory leak in the tpci200_register
ipack: tpci200: fix many double free issues in tpci200_pci_probe
slimbus: ngd: reset dma setup during runtime pm
slimbus: messaging: check for valid transaction id
slimbus: messaging: start transaction ids from 1 instead of zero
tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name
ALSA: hda - fix the 'Capture Switch' value change notifications
mmc: dw_mmc: Fix hang on data CRC error
ovl: add splice file read write helper
iavf: Fix ping is lost after untrusted VF had tried to change MAC
i40e: Fix ATR queue selection
ovs: clear skb->tstamp in forwarding path
net: mdio-mux: Handle -EPROBE_DEFER correctly
net: mdio-mux: Don't ignore memory allocation errors
net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
virtio-net: use NETIF_F_GRO_HW instead of NETIF_F_LRO
virtio-net: support XDP when not more queues
vrf: Reset skb conntrack connection on VRF rcv
bnxt_en: Add missing DMA memory barriers
ptp_pch: Restore dependency on PCI
net: 6pack: fix slab-out-of-bounds in decode_data
bnxt: disable napi before canceling DIM
bnxt: don't lock the tx queue from napi poll
bpf: Clear zext_dst of dead insns
vhost: Fix the calculation in vhost_overflow()
virtio: Protect vqs list access
dccp: add do-while-0 stubs for dccp_pr_debug macros
cpufreq: armada-37xx: forbid cpufreq for 1.2 GHz variant
iommu: Check if group is NULL before remove device
Bluetooth: hidp: use correct wait queue when removing ctrl_wait
drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X
net: usb: lan78xx: don't modify phy_device state concurrently
ARM: dts: nomadik: Fix up interrupt controller node names
scsi: core: Fix capacity set to zero after offlinining device
scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available
ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218
dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers
USB: core: Avoid WARNings for 0-length descriptor requests
media: drivers/media/usb: fix memory leak in zr364xx_probe
media: zr364xx: fix memory leaks in probe()
media: zr364xx: propagate errors from zr364xx_start_readpipe()
mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
ath9k: Postpone key cache entry deletion for TXQ frames reference it
ath: Modify ath_key_delete() to not need full key entry
ath: Export ath_hw_keysetmac()
ath9k: Clear key cache explicitly on disabling hardware
ath: Use safer key clearing with key cache entries
x86/fpu: Make init_fpstate correct with optimized XSAVE
ext4: fix EXT4_MAX_LOGICAL_BLOCK macro
Linux 5.4.142
KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)
iommu/vt-d: Fix agaw for a supported 48 bit guest address width
vmlinux.lds.h: Handle clang's module.{c,d}tor sections
ceph: take snap_empty_lock atomically with snaprealm refcount change
ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm
ceph: add some lockdep assertions around snaprealm handling
KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation
PCI/MSI: Protect msi_desc::masked for multi-MSI
PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
PCI/MSI: Correct misleading comments
PCI/MSI: Do not set invalid bits in MSI mask
PCI/MSI: Enforce MSI[X] entry updates to be visible
PCI/MSI: Enforce that MSI-X table entry is masked for update
PCI/MSI: Mask all unused MSI-X entries
PCI/MSI: Enable and mask MSI-X early
genirq/timings: Prevent potential array overflow in __irq_timings_store()
genirq/msi: Ensure deactivation on teardown
x86/resctrl: Fix default monitoring groups reporting
x86/ioapic: Force affinity setup before startup
x86/msi: Force affinity setup before startup
genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
x86/tools: Fix objdump version check again
powerpc/kprobes: Fix kprobe Oops happens in booke
nbd: Aovid double completion of a request
vsock/virtio: avoid potential deadlock when vsock device remove
xen/events: Fix race in set_evtchn_to_irq
net: igmp: increase size of mr_ifc_count
tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets
net: linkwatch: fix failure to restore device state across suspend/resume
net: bridge: fix memleak in br_add_if()
net: dsa: sja1105: fix broken backpressure in .port_fdb_dump
net: dsa: lantiq: fix broken backpressure in .port_fdb_dump
net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
net: igmp: fix data-race in igmp_ifc_timer_expire()
net: Fix memory leak in ieee802154_raw_deliver
net: dsa: microchip: Fix ksz_read64()
drm/meson: fix colour distortion from HDR set during vendor u-boot
net/mlx5: Fix return value from tracer initialization
psample: Add a fwd declaration for skbuff
iavf: Set RSS LUT and key in reset handle path
net: sched: act_mirred: Reset ct info when mirror/redirect skb
ppp: Fix generating ifname when empty IFLA_IFNAME is specified
net: phy: micrel: Fix link detection on ksz87xx switch"
platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables
platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED
net: dsa: mt7530: add the missing RxUnicast MIB counter
ASoC: cs42l42: Fix LRCLK frame start edge
netfilter: nf_conntrack_bridge: Fix memory leak when error
ASoC: cs42l42: Remove duplicate control for WNF filter frequency
ASoC: cs42l42: Fix inversion of ADC Notch Switch control
ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
ASoC: cs42l42: Correct definition of ADC Volume control
ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
libnvdimm/region: Fix label activation vs errors
ACPI: NFIT: Fix support for virtual SPA ranges
ceph: reduce contention in ceph_check_delayed_caps()
i2c: dev: zero out array used for i2c reads from userspace
ASoC: intel: atom: Fix reference to PCM buffer address
ASoC: xilinx: Fix reference to PCM buffer address
iio: adc: Fix incorrect exit of for-loop
iio: humidity: hdc100x: Add margin to the conversion time
iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
Linux 5.4.141
btrfs: don't flush from btrfs_delayed_inode_reserve_metadata
btrfs: export and rename qgroup_reserve_meta
btrfs: qgroup: don't commit transaction when we already hold the handle
net: xilinx_emaclite: Do not print real IOMEM pointer
btrfs: fix lockdep splat when enabling and disabling qgroups
btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT
btrfs: transaction: Cleanup unused TRANS_STATE_BLOCKED
btrfs: qgroup: try to flush qgroup space when we get -EDQUOT
btrfs: qgroup: allow to unreserve range without releasing other ranges
btrfs: make btrfs_qgroup_reserve_data take btrfs_inode
btrfs: make qgroup_free_reserved_data take btrfs_inode
ovl: prevent private clone if bind mount is not allowed
ppp: Fix generating ppp unit id when ifname is not specified
ALSA: hda: Add quirk for ASUS Flow x13
USB:ehci:fix Kunpeng920 ehci hardware problem
KVM: X86: MMU: Use the correct inherited permissions to get shadow page
usb: dwc3: gadget: Avoid runtime resume if disabling pullup
usb: dwc3: gadget: Disable gadget IRQ during pullup disable
usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable
usb: dwc3: gadget: Prevent EP queuing while stopping transfers
usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup
usb: dwc3: gadget: Allow runtime suspend if UDC unbinded
usb: dwc3: Stop active transfers before halting the controller
tracing: Reject string operand in the histogram expression
media: v4l2-mem2mem: always consider OUTPUT queue during poll
tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
Linux 5.4.140
arm64: fix compat syscall return truncation
net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset
alpha: Send stop IPI to send to online CPUs
virt_wifi: fix error on connect
reiserfs: check directory items on read from disk
reiserfs: add check for root_inode in reiserfs_fill_super
libata: fix ata_pio_sector for CONFIG_HIGHMEM
bpf, selftests: Adjust few selftest result_unpriv outcomes
perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
soc: ixp4xx/qmgr: fix invalid __iomem access
spi: meson-spicc: fix memory leak in meson_spicc_remove
soc: ixp4xx: fix printing resources
arm64: vdso: Avoid ISB after reading from cntvct_el0
KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
KVM: Do not leak memory for duplicate debugfs directories
KVM: x86: accept userspace interrupt only if no event is injected
md/raid10: properly indicate failure when ending a failed write request
pcmcia: i82092: fix a null pointer dereference bug
timers: Move clearing of base::timer_running under base:: Lock
serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
MIPS: Malta: Do not byte-swap accesses to the CBUS UART
serial: 8250: Mask out floating 16/32-bit bus bits
serial: 8250_mtk: fix uart corruption issue when rx power off
serial: tegra: Only print FIFO error message when an error occurs
ext4: fix potential htree corruption when growing large_dir directories
pipe: increase minimum default pipe size to 2 pages
media: rtl28xxu: fix zero-length control request
staging: rtl8712: get rid of flush_scheduled_work
staging: rtl8723bs: Fix a resource leak in sd_int_dpc
tpm_ftpm_tee: Free and unregister TEE shared memory during kexec
optee: Fix memory leak when failing to register shm pages
tee: add tee_shm_alloc_kernel_buf()
optee: Clear stale cache entries during initialization
tracing / histogram: Give calculation hist_fields a size
scripts/tracing: fix the bug that can't parse raw_trace_func
clk: fix leak on devm_clk_bulk_get_all() unwind
usb: otg-fsm: Fix hrtimer list corruption
usb: gadget: f_hid: idle uses the highest byte for duration
usb: gadget: f_hid: fixed NULL pointer dereference
usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
usb: cdns3: Fixed incorrect gadget state
ALSA: usb-audio: Add registration quirk for JBL Quantum 600
ALSA: hda/realtek: add mic quirk for Acer SF314-42
firmware_loader: fix use-after-free in firmware_fallback_sysfs
firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback
USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
USB: serial: ch341: fix character loss at high transfer rates
USB: serial: option: add Telit FD980 composition 0x1056
USB: usbtmc: Fix RCU stall warning
Bluetooth: defer cleanup of resources in hci_unregister_dev()
blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit()
net: vxge: fix use-after-free in vxge_device_unregister
net: fec: fix use-after-free in fec_drv_remove
net: pegasus: fix uninit-value in get_interrupt_interval
bnx2x: fix an error code in bnx2x_nic_load()
mips: Fix non-POSIX regexp
net: ipv6: fix returned variable type in ip6_skb_dst_mtu
nfp: update ethtool reporting of pauseframe control
sctp: move the active_key update after sh_keys is added
gpio: tqmx86: really make IRQ optional
net: natsemi: Fix missing pci_disable_device() in probe and remove
net: phy: micrel: Fix detection of ksz87xx switch
net: dsa: sja1105: invalidate dynamic FDB entries learned concurrently with statically added ones
net: dsa: sja1105: overwrite dynamic FDB entries with static ones in .port_fdb_add
net, gro: Set inner transport header offset in tcp/udp GRO hook
dmaengine: imx-dma: configure the generic DMA type to make it work
media: videobuf2-core: dequeue if start_streaming fails
scsi: sr: Return correct event when media event code is 3
spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
omap5-board-common: remove not physically existing vdds_1v8_main fixed-regulator
ARM: dts: am437x-l4: fix typo in can@0 node
clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
ALSA: usb-audio: fix incorrect clock source setting
arm64: dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out pins
ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init
ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz
ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms
ARM: imx: add missing clk_disable_unprepare()
ARM: imx: add missing iounmap()
arm64: dts: ls1028a: fix node name for the sysclk
ALSA: seq: Fix racy deletion of subscriber
Revert "ACPICA: Fix memory leak caused by _CID repair function"
ANDROID: GKI: fix up android/abi_gki_aarch64.xml merge
Linux 5.4.139
spi: mediatek: Fix fifo transfer
bpf, selftests: Adjust few selftest outcomes wrt unreachable code
bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit ones
bpf: Test_verifier, add alu32 bounds tracking tests
bpf: Fix leakage under speculation on mispredicted branches
bpf: Do not mark insn as seen under speculative path verification
bpf: Inherit expanded/patched seen count from old aux data
Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
firmware: arm_scmi: Add delayed response status check
firmware: arm_scmi: Ensure drivers provide a probe function
Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled"
ACPI: fix NULL pointer dereference
nvme: fix nvme_setup_command metadata trace event
net: Fix zero-copy head len calculation.
qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
r8152: Fix potential PM refcount imbalance
ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits
spi: stm32h7: fix full duplex irq handler handling
regulator: rt5033: Fix n_voltages settings for BUCK and LDO
btrfs: fix lost inode on log replay after mix of fsync, rename and inode eviction
btrfs: fix race causing unnecessary inode logging during link and rename
btrfs: do not commit logs and transactions during link and rename operations
btrfs: delete duplicated words + other fixes in comments
Linux 5.4.138
can: j1939: j1939_session_deactivate(): clarify lifetime of session object
i40e: Add additional info to PHY type error
Revert "perf map: Fix dso->nsinfo refcounting"
powerpc/pseries: Fix regression while building external modules
PCI: mvebu: Setup BAR0 in order to fix MSI
can: hi311x: fix a signedness bug in hi3110_cmd()
sis900: Fix missing pci_disable_device() in probe and remove
tulip: windbond-840: Fix missing pci_disable_device() in probe and remove
sctp: fix return value check in __sctp_rcv_asconf_lookup
net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev()
net/mlx5: Fix flow table chaining
net: llc: fix skb_over_panic
mlx4: Fix missing error code in mlx4_load_one()
net: Set true network header for ECN decapsulation
tipc: fix sleeping in tipc accept routine
i40e: Fix log TC creation failure when max num of queues is exceeded
i40e: Fix queue-to-TC mapping on Tx
i40e: Fix firmware LLDP agent related warning
i40e: Fix logic of disabling queues
netfilter: nft_nat: allow to specify layer 4 protocol NAT only
netfilter: conntrack: adjust stop timestamp to real expiry value
cfg80211: Fix possible memory leak in function cfg80211_bss_update
nfc: nfcsim: fix use after free during module unload
NIU: fix incorrect error return, missed in previous revert
HID: wacom: Re-enable touch by default for Cintiq 24HDT / 27QHDT
can: esd_usb2: fix memory leak
can: ems_usb: fix memory leak
can: usb_8dev: fix memory leak
can: mcba_usb_start(): add missing urb->transfer_dma initialization
can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive TP.DT to 750ms
ocfs2: issue zeroout to EOF blocks
ocfs2: fix zero out valid data
KVM: add missing compat KVM_CLEAR_DIRTY_LOG
x86/kvm: fix vcpu-id indexed array sizes
Revert "ACPI: resources: Add checks for ACPI IRQ override"
btrfs: mark compressed range uptodate only if all bio succeed
btrfs: fix rw device counting in __btrfs_free_extra_devids
x86/asm: Ensure asm/proto.h can be included stand-alone
net_sched: check error pointer in tcf_dump_walker()
Linux 5.4.137
ipv6: ip6_finish_output2: set sk into newly allocated nskb
ARM: dts: versatile: Fix up interrupt controller node names
iomap: remove the length variable in iomap_seek_hole
iomap: remove the length variable in iomap_seek_data
cifs: fix the out of range assignment to bit fields in parse_server_interfaces
firmware: arm_scmi: Fix range check for the maximum number of pending messages
firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow
hfs: add lock nesting notation to hfs_find_init
hfs: fix high memory mapping in hfs_bnode_read
hfs: add missing clean-up in hfs_fill_super
ipv6: allocate enough headroom in ip6_finish_output2()
sctp: move 198 addresses from unusable to private scope
net: annotate data race around sk_ll_usec
net/802/garp: fix memleak in garp_request_join()
net/802/mrp: fix memleak in mrp_request_join()
cgroup1: fix leaked context root causing sporadic NULL deref in LTP
workqueue: fix UAF in pwq_unbound_release_workfn()
af_unix: fix garbage collect vs MSG_PEEK
KVM: x86: determine if an exception has an error code only when injecting it.
tools: Allow proper CC/CXX/... override with LLVM=1 in Makefile.include
selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
ANDROID: Update android/abi_gki_aarch64.xml
ANDROID: Update android/abi_gki_aarch64_goldfish
Linux 5.4.136
xhci: add xhci_get_virt_ep() helper
perf inject: Close inject.output on exit
PCI: Mark AMD Navi14 GPU ATS as broken
btrfs: compression: don't try to compress if we don't have enough pages
iio: accel: bma180: Fix BMA25x bandwidth register values
iio: accel: bma180: Use explicit member assignment
net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear
net: dsa: mv88e6xxx: use correct .stats_set_histogram() on Topaz
drm: Return -ENOTTY for non-drm ioctls
nds32: fix up stack guard gap
rbd: always kick acquire on "acquired" and "released" notifications
rbd: don't hold lock_rwsem while running_list is being drained
hugetlbfs: fix mount mode command line processing
userfaultfd: do not untag user pointers
selftest: use mmap instead of posix_memalign to allocate memory
ixgbe: Fix packet corruption due to missing DMA sync
media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
btrfs: check for missing device in btrfs_trim_fs
tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop.
tracing/histogram: Rename "cpu" to "common_cpu"
firmware/efi: Tell memblock about EFI iomem reservations
usb: dwc2: gadget: Fix sending zero length packet in DDMA mode.
USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
USB: serial: cp210x: fix comments for GE CS1000
USB: serial: option: add support for u-blox LARA-R6 family
usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop()
usb: max-3421: Prevent corruption of freed memory
USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS
usb: hub: Fix link power management max exit latency (MEL) calculations
usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state
KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
xhci: Fix lost USB 2 remote wake
ALSA: hdmi: Expose all pins on MSI MS-7C94 board
ALSA: sb: Fix potential ABBA deadlock in CSP driver
ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
ALSA: usb-audio: Add missing proc text entry for BESPOKEN type
s390/boot: fix use of expolines in the DMA code
s390/ftrace: fix ftrace_update_ftrace_func implementation
Revert "MIPS: add PMD table accounting into MIPS'pmd_alloc_one"
proc: Avoid mixing integer types in mem_rw()
drm/panel: raspberrypi-touchscreen: Prevent double-free
net: sched: cls_api: Fix the the wrong parameter
sctp: update active_key for asoc when old key is being replaced
nvme: set the PRACT bit when using Write Zeroes with T10 PI
r8169: Avoid duplicate sysfs entry creation error
afs: Fix tracepoint string placement with built-in AFS
Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
nvme-pci: don't WARN_ON in nvme_reset_work if ctrl.state is not RESETTING
ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
net/sched: act_skbmod: Skip non-Ethernet packets
net: hns3: fix rx VLAN offload state inconsistent issue
net/tcp_fastopen: fix data races around tfo_active_disable_stamp
net: hisilicon: rename CACHE_LINE_MASK to avoid redefinition
bnxt_en: Check abort error state in bnxt_half_open_nic()
bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task()
bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe()
bnxt_en: Improve bnxt_ulp_stop()/bnxt_ulp_start() call sequence.
spi: cadence: Correct initialisation of runtime PM again
scsi: target: Fix protect handling in WRITE SAME(32)
scsi: iscsi: Fix iface sysfs attr detection
netrom: Decrease sock refcount when sock timers expire
net: sched: fix memory leak in tcindex_partial_destroy_work
KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
KVM: PPC: Book3S: Fix CONFIG_TRANSACTIONAL_MEM=n crash
net: decnet: Fix sleeping inside in af_decnet
efi/tpm: Differentiate missing and invalid final event log table.
net: fix uninit-value in caif_seqpkt_sendmsg
bpftool: Check malloc return value in mount_bpffs_for_pin
bpf, sockmap, tcp: sk_prot needs inuse_idx set for proc stats
s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1]
liquidio: Fix unintentional sign extension issue on left shift of u16
ASoC: rt5631: Fix regcache sync errors on resume
spi: mediatek: fix fifo rx mode
regulator: hi6421: Fix getting wrong drvdata
regulator: hi6421: Use correct variable type for regmap api val argument
spi: stm32: fixes pm_runtime calls in probe/remove
spi: stm32: Use dma_request_chan() instead dma_request_slave_channel()
spi: imx: add a check for speed_hz before calculating the clock
perf data: Close all files in close_dir()
perf probe-file: Delete namelist in del_events() on the error path
perf lzma: Close lzma stream on exit
perf script: Fix memory 'threads' and 'cpus' leaks on exit
perf dso: Fix memory leak in dso__new_map()
perf test event_update: Fix memory leak of evlist
perf test session_topology: Delete session->evlist
perf env: Fix sibling_dies memory leak
perf probe: Fix dso->nsinfo refcounting
perf map: Fix dso->nsinfo refcounting
nvme-pci: do not call nvme_dev_remove_admin from nvme_remove
cxgb4: fix IRQ free race during driver unload
pwm: sprd: Ensure configuring period and duty_cycle isn't wrongly skipped
selftests: icmp_redirect: IPv6 PMTU info should be cleared after redirect
selftests: icmp_redirect: remove from checking for IPv6 route get
ipv6: fix 'disable_policy' for fwd packets
gve: Fix an error handling path in 'gve_probe()'
igb: Fix position of assignment to *ring
igb: Check if num of q_vectors is smaller than max before array access
iavf: Fix an error handling path in 'iavf_probe()'
e1000e: Fix an error handling path in 'e1000_probe()'
fm10k: Fix an error handling path in 'fm10k_probe()'
igb: Fix an error handling path in 'igb_probe()'
igc: Fix an error handling path in 'igc_probe()'
igc: Prefer to use the pci_release_mem_regions method
ixgbe: Fix an error handling path in 'ixgbe_probe()'
igc: change default return of igc_read_phy_reg()
igb: Fix use-after-free error during reset
igc: Fix use-after-free error during reset
Linux 5.4.135
udp: annotate data races around unix_sk(sk)->gso_size
perf test bpf: Free obj_buf
bpftool: Properly close va_list 'ap' by va_end() on error
ipv6: tcp: drop silly ICMPv6 packet too big messages
tcp: annotate data races around tp->mtu_info
dma-buf/sync_file: Don't leak fences on merge failure
net: fddi: fix UAF in fza_probe
net: validate lwtstate->data before returning from skb_tunnel_info()
net: send SYNACK packet with accepted fwmark
net: ti: fix UAF in tlan_remove_one
net: qcom/emac: fix UAF in emac_remove
net: moxa: fix UAF in moxart_mac_probe
net: ip_tunnel: fix mtu calculation for ETHER tunnel devices
net: bcmgenet: Ensure all TX/RX queues DMAs are disabled
net: bridge: sync fdb to new unicast-filtering ports
net/sched: act_ct: fix err check for nf_conntrack_confirm
netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
net: ipv6: fix return value of ip6_skb_dst_mtu
net: dsa: mv88e6xxx: enable .rmu_disable() on Topaz
net: dsa: mv88e6xxx: enable .port_set_policy() on Topaz
dm writecache: return the exact table values that were set
mm: slab: fix kmem_cache_create failed when sysfs node not destroyed
usb: cdns3: Enable TDL_CHK only for OUT ep
f2fs: Show casefolding support only when supported
arm64: dts: marvell: armada-37xx: move firmware node to generic dtsi file
firmware: turris-mox-rwtm: add marvell,armada-3700-rwtm-firmware compatible string
arm64: dts: armada-3720-turris-mox: add firmware node
cifs: prevent NULL deref in cifs_compose_mount_options()
s390: introduce proper type handling call_on_stack() macro
sched/fair: Fix CFS bandwidth hrtimer expiry type
scsi: qedf: Add check to synchronize abort and flush
scsi: libfc: Fix array index out of bound exception
scsi: libsas: Add LUN number check in .slave_alloc callback
scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8
rtc: max77686: Do not enforce (incorrect) interrupt trigger type
kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set
thermal/core: Correct function name thermal_zone_device_unregister()
arm64: dts: imx8mq: assign PCIe clocks
arm64: dts: ls208xa: remove bus-num from dspi node
firmware: tegra: bpmp: Fix Tegra234-only builds
soc/tegra: fuse: Fix Tegra234-only builds
ARM: dts: stm32: move stmmac axi config in ethernet node on stm32mp15
ARM: dts: stm32: fix i2c node name on stm32f746 to prevent warnings
ARM: dts: rockchip: fix supply properties in io-domains nodes
arm64: dts: juno: Update SCPI nodes as per the YAML schema
ARM: dts: stm32: fix timer nodes on STM32 MCU to prevent warnings
ARM: dts: stm32: fix RCC node name on stm32f429 MCU
ARM: dts: stm32: fix gpio-keys node on STM32 MCU boards
ARM: dts: am437x-gp-evm: fix ti,no-reset-on-init flag for gpios
ARM: dts: am57xx-cl-som-am57x: fix ti,no-reset-on-init flag for gpios
kbuild: sink stdout from cmd for silent build
rtc: mxc_v2: add missing MODULE_DEVICE_TABLE
ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info
ARM: dts: imx6: phyFLEX: Fix UART hardware flow control
ARM: dts: Hurricane 2: Fix NAND nodes names
ARM: dts: BCM63xx: Fix NAND nodes names
ARM: NSP: dts: fix NAND nodes names
ARM: Cygnus: dts: fix NAND nodes names
ARM: brcmstb: dts: fix NAND nodes names
reset: ti-syscon: fix to_ti_syscon_reset_data macro
arm64: dts: rockchip: Fix power-controller node names for rk3328
arm64: dts: rockchip: Fix power-controller node names for px30
ARM: dts: rockchip: Fix power-controller node names for rk3288
ARM: dts: rockchip: Fix power-controller node names for rk3188
ARM: dts: rockchip: Fix power-controller node names for rk3066a
ARM: dts: rockchip: Fix IOMMU nodes properties on rk322x
ARM: dts: rockchip: Fix the timer clocks order
arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi
ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288
ARM: dts: gemini: add device_type on pci
ARM: dts: gemini: rename mdio to the right name
Conflicts:
drivers/mmc/host/sdhci-msm.c
drivers/scsi/ufs/ufshcd.c
drivers/staging/android/ion/heaps/ion_cma_heap.c
drivers/usb/dwc3/gadget.c
include/linux/oom.h
kernel/time/hrtimer.c
mm/oom_kill.c
net/qrtr/qrtr.c
Change-Id: I1c29c9ef4233acd05550475b29b8f7d30b6c452d
Signed-off-by: Srinivasarao Pathipati <quic_spathi@quicinc.com>
|
||
Connor O'Brien
|
937e6e41cc |
UPSTREAM: security: selinux: allow per-file labeling for bpffs
Add support for genfscon per-file labeling of bpffs files. This allows for separate permissions for different pinned bpf objects, which may be completely unrelated to each other. Signed-off-by: Connor O'Brien <connoro@google.com> Signed-off-by: Steven Moreland <smoreland@google.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com> (cherry picked from commit 4ca54d3d3022ce27170b50e4bdecc3a42f05dbdc) [which is v5.6-rc1-10-g4ca54d3d3022 and thus already included in 5.10] Bug: 200440527 Change-Id: I8234b9047f29981b8140bd81bb2ff070b3b0b843 (cherry picked from commit d52ac987ad2ae16ff313d7fb6185bc412cb221a4) |
||
|
Greg Kroah-Hartman
|
5b84549191 |
Merge tag 'android11-5.4.147_r00' android11-5.4
This is the merge of the upstream LTS release of 5.4.147 into the android11-5.4 branch. It contains the following commits: |
||
|
Greg Kroah-Hartman
|
65d414cb38 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
Srinivasarao P
|
8bbb4abad0 |
Merge android11-5.4.134+ (dca02b1) into msm-5.4
* refs/heads/tmp-dca02b1:
ANDROID: GKI: Update abi_gki_aarch64_cuttlefish
ANDROID: GKI: Update abi_gki_aarch64_exynos
ANDROID: GKI: Update android/abi_gki_aarch64_sonywalkman
BACKPORT: blk-mq: fix is_flush_rq
BACKPORT: blk-mq: clearing flush request reference in tags->rqs[]
BACKPORT: blk-mq: clear stale request in tags->rq[] before freeing one request pool
BACKPORT: blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
ANDROID: gki_defconfig: set DEFAULT_MMAP_MIN_ADDR=32768
ANDROID: GKI: upate .xml file for new symbol addtions
ANDROID: xt_quota2: set usersize in xt_match registration object
ANDROID: xt_quota2: clear quota2_log message before sending
ANDROID: xt_quota2: remove trailing junk which might have a digit in it
UPSTREAM: io_uring: Fix current->fs handling in io_sq_wq_submit_work()
ANDROID: ABI: Update allowed list for QCOM
UPSTREAM: arm64: vdso: Avoid ISB after reading from cntvct_el0
ANDROID: GKI: Disable X86_MCE drivers
ANDROID: GKI: Add FCNT KMI symbol list
ANDROID: fuse: Allocate zeroed memory for canonical path
ANDROID: ABI: Update allowed list for Microsoft
ANDROID: GKI: add padding to struct hid_device
ANDROID: Update android/abi_gki_aarch64.xml
ANDROID: Update android/abi_gki_aarch64_goldfish
ANDROID: generate_initcall_order.pl: Use two dash long options for llvm-nm
Linux 5.4.134
seq_file: disallow extremely large seq buffer allocations
misc: alcor_pci: fix inverted branch condition
scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg()
MIPS: vdso: Invalid GIC access through VDSO
mips: disable branch profiling in boot/decompress.o
mips: always link byteswap helpers into decompressor
scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
firmware: turris-mox-rwtm: fail probing when firmware does not support hwrng
firmware: turris-mox-rwtm: report failures better
firmware: turris-mox-rwtm: fix reply status decoding function
thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations
ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery
ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems
ARM: dts: imx6q-dhcom: Fix ethernet reset time properties
ARM: dts: am437x: align ti,pindir-d0-out-d1-in property with dt-shema
ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
memory: fsl_ifc: fix leak of private memory on probe failure
memory: fsl_ifc: fix leak of IO mapping on probe failure
reset: bail if try_module_get() fails
ARM: dts: BCM5301X: Fixup SPI binding
firmware: arm_scmi: Reset Rx buffer to max size during async commands
firmware: tegra: Fix error return code in tegra210_bpmp_init()
ARM: dts: r8a7779, marzen: Fix DU clock names
arm64: dts: renesas: v3msk: Fix memory size
rtc: fix snprintf() checking in is_rtc_hctosys()
memory: pl353: Fix error return code in pl353_smc_probe()
reset: brcmstb: Add missing MODULE_DEVICE_TABLE
memory: atmel-ebi: add missing of_node_put for loop iteration
ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4
ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1
ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3
ARM: exynos: add missing of_node_put for loop iteration
reset: a10sr: add missing of_match_table reference
ARM: dts: gemini-rut1xx: remove duplicate ethernet node
hexagon: use common DISCARDS macro
NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
ALSA: isa: Fix error return code in snd_cmi8330_probe()
nvme-tcp: can't set sk_user_data without write_lock
virtio_net: move tx vq operation under tx queue lock
pwm: imx1: Don't disable clocks at device remove time
x86/fpu: Limit xstate copy size in xstateregs_set()
PCI: iproc: Support multi-MSI only on uniprocessor kernel
PCI: iproc: Fix multi-MSI base vector number allocation
ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
nfs: fix acl memory leak of posix_acl_create()
watchdog: aspeed: fix hardware timeout calculation
um: fix error return code in winch_tramp()
um: fix error return code in slip_open()
NFSv4: Initialise connection to the server in nfs4_alloc_client()
power: supply: rt5033_battery: Fix device tree enumeration
PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
x86/signal: Detect and prevent an alternate signal stack overflow
virtio_console: Assure used length from device is limited
virtio_net: Fix error handling in virtnet_restore()
virtio-blk: Fix memory leak among suspend/resume procedure
ACPI: video: Add quirk for the Dell Vostro 3350
ACPI: AMBA: Fix resource name in /proc/iomem
pwm: tegra: Don't modify HW state in .remove callback
pwm: img: Fix PM reference leak in img_pwm_enable()
power: supply: ab8500: add missing MODULE_DEVICE_TABLE
power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
NFS: nfs_find_open_context() may only select open files
ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
orangefs: fix orangefs df output.
PCI: tegra: Add missing MODULE_DEVICE_TABLE
x86/fpu: Return proper error codes from user access functions
watchdog: iTCO_wdt: Account for rebooting on second timeout
watchdog: imx_sc_wdt: fix pretimeout
watchdog: Fix possible use-after-free by calling del_timer_sync()
watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()
watchdog: Fix possible use-after-free in wdt_startup()
PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1
power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
power: supply: max17042: Do not enforce (incorrect) interrupt trigger type
power: supply: ab8500: Avoid NULL pointers
pwm: spear: Don't modify HW state in .remove callback
power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE
power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE
lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
i2c: core: Disable client irq on reboot/shutdown
intel_th: Wait until port is in reset before programming it
staging: rtl8723bs: fix macro value for 2.4Ghz only device
ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
ALSA: hda: Add IRQ check for platform_get_irq()
backlight: lm3630a: Fix return code of .update_status() callback
ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters
powerpc/boot: Fixup device-tree on little endian
usb: gadget: hid: fix error return code in hid_bind()
usb: gadget: f_hid: fix endianness issue with descriptors
ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
ALSA: usb-audio: scarlett2: Fix data_mutex lock
ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count
ALSA: bebob: add support for ToneWeal FW66
Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
s390/mem_detect: fix tprot() program check new psw handling
s390/mem_detect: fix diag260() program check new psw handling
s390/ipl_parm: fix program check new psw handling
s390/processor: always inline stap() and __load_psw_mask()
ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing()
gpio: pca953x: Add support for the On Semi pca9655
selftests/powerpc: Fix "no_handler" EBB selftest
ALSA: ppc: fix error return code in snd_pmac_probe()
gpio: zynq: Check return value of pm_runtime_get_sync
iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation
iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails
powerpc/ps3: Add dma_mask to ps3_dma_region
ALSA: sb: Fix potential double-free of CSP mixer elements
selftests: timers: rtcpie: skip test if default RTC device does not exist
s390/sclp_vt220: fix console name to match device
serial: tty: uartlite: fix console setup
ASoC: img: Fix PM reference leak in img_i2s_in_probe()
mfd: cpcap: Fix cpcap dmamask not set warnings
mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
scsi: qedi: Fix null ref during abort handling
scsi: iscsi: Fix shost->max_id use
scsi: iscsi: Fix conn use after free during resets
scsi: iscsi: Add iscsi_cls_conn refcount helpers
scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
scsi: megaraid_sas: Early detection of VD deletion through RaidMap update
scsi: megaraid_sas: Fix resource leak in case of probe failure
fs/jfs: Fix missing error code in lmLogInit()
scsi: scsi_dh_alua: Check for negative result value
tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
ALSA: ac97: fix PM reference leak in ac97_bus_remove()
scsi: core: Cap scsi_host cmd_per_lun at can_queue
scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs
scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw()
w1: ds2438: fixing bug that would always get page0
Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
ALSA: usx2y: Don't call free_pages_exact() with NULL address
iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get().
misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
misc/libmasm/module: Fix two use after free in ibmasm_init_one
tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero
srcu: Fix broken node geometry after early ssp init
dmaengine: fsl-qdma: check dma_set_mask return value
net: moxa: Use devm_platform_get_and_ioremap_resource()
fbmem: Do not delete the mode that is still in use
cgroup: verify that source is a string
tracing: Do not reference char * as a string in histograms
scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run()
KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled
KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio
Revert "media: subdev: disallow ioctl for saa6588/davinci"
Linux 5.4.133
smackfs: restrict bytes count in smk_set_cipso()
jfs: fix GPF in diFree
pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
media: gspca/sunplus: fix zero-length control requests
media: gspca/sq905: fix control-request direction
media: zr364xx: fix memory leak in zr364xx_start_readpipe
media: dtv5100: fix control-request directions
media: subdev: disallow ioctl for saa6588/davinci
PCI: aardvark: Implement workaround for the readback value of VEND_ID
PCI: aardvark: Fix checking for PIO Non-posted Request
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
dm btree remove: assign new_root only when removal succeeds
coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer()
ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe
tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
tracing: Simplify & fix saved_tgids logic
rq-qos: fix missed wake-ups in rq_qos_throttle try two
seq_buf: Fix overflow in seq_buf_putmem_hex()
extcon: intel-mrfld: Sync hardware and software state on init
nvmem: core: add a missing of_node_put
power: supply: ab8500: Fix an old bug
ubifs: Fix races between xattr_{set|get} and listxattr operations
thermal/drivers/int340x/processor_thermal: Fix tcc setting
ipmi/watchdog: Stop watchdog timer when the current action is 'none'
qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
ASoC: tegra: Set driver_name=tegra for all machine drivers
MIPS: fix "mipsel-linux-ld: decompress.c:undefined reference to `memmove'"
fpga: stratix10-soc: Add missing fpga_mgr_free() call
clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround
cpu/hotplug: Cure the cpusets trainwreck
ata: ahci_sunxi: Disable DIPM
mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
mmc: core: clear flags before allowing to retune
mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
drm/arm/malidp: Always list modifiers
drm/msm/mdp4: Fix modifier support enabling
drm/tegra: Don't set allow_fb_modifiers explicitly
drm/amd/display: Reject non-zero src_y and src_x for video planes
pinctrl/amd: Add device HID for new AMD GPIO controller
drm/amd/display: fix incorrrect valid irq check
drm/rockchip: dsi: remove extra component_del() call
drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create()
drm/amdgpu: Update NV SIMD-per-CU to 2
powerpc/barrier: Avoid collision with clang's __lwsync macro
powerpc/mm: Fix lockup on kernel exec fault
perf bench: Fix 2 memory sanitizer warnings
crypto: ccp - Annotate SEV Firmware file names
fscrypt: don't ignore minor_hash when hash is 0
MIPS: set mips32r5 for virt extensions
MIPS: loongsoon64: Reserve memory below starting pfn to prevent Oops
sctp: add size validation when walking chunks
sctp: validate from_addr_param return
Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
Bluetooth: Shutdown controller after workqueues are flushed or cancelled
Bluetooth: Fix the HCI to MGMT status conversion table
Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
RDMA/cma: Fix rdma_resolve_route() memory leak
net: ip: avoid OOM kills with large UDP sends over loopback
media, bpf: Do not copy more entries than user space requested
wireless: wext-spy: Fix out-of-bounds warning
sfc: error code if SRIOV cannot be disabled
sfc: avoid double pci_remove of VFs
iwlwifi: pcie: fix context info freeing
iwlwifi: pcie: free IML DMA memory allocation
iwlwifi: mvm: don't change band on bound PHY contexts
RDMA/rxe: Don't overwrite errno from ib_umem_get()
vsock: notify server to shutdown when client has pending signal
atm: nicstar: register the interrupt handler in the right place
atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
MIPS: add PMD table accounting into MIPS'pmd_alloc_one
rtl8xxxu: Fix device info for RTL8192EU devices
drm/amdkfd: Walk through list with dqm lock hold
net: sched: fix error return code in tcf_del_walker()
net: fix mistake path for netdev_features_strings
mt76: mt7615: fix fixed-rate tx status reporting
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
cw1200: add missing MODULE_DEVICE_TABLE
wl1251: Fix possible buffer overflow in wl1251_cmd_scan
wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
xfrm: Fix error reporting in xfrm_state_construct.
drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check
r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
fjes: check return value after calling platform_get_resource()
drm/amdkfd: use allowed domain for vmbo validation
drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7
drm/amd/display: Release MST resources on switch from MST to SST
drm/amd/display: Update scaling settings on modeset
net: micrel: check return value after calling platform_get_resource()
net: mvpp2: check return value after calling platform_get_resource()
net: bcmgenet: check return value after calling platform_get_resource()
virtio_net: Remove BUG() to avoid machine dead
ice: set the value of global config lock timeout longer
pinctrl: mcp23s08: fix race condition in irq handler
dm space maps: don't reset space map allocation cursor when committing
RDMA/cxgb4: Fix missing error code in create_qp()
ipv6: use prandom_u32() for ID generation
clk: tegra: Ensure that PLLU configuration is applied properly
clk: renesas: r8a77995: Add ZA2 clock
drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer()
igb: handle vlan types with checker enabled
e100: handle eeprom as little endian
udf: Fix NULL pointer dereference in udf_symlink function
drm/sched: Avoid data corruptions
drm/virtio: Fix double free on probe failure
reiserfs: add check for invalid 1st journal block
drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init()
net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
mISDN: fix possible use-after-free in HFC_cleanup()
atm: iphase: fix possible use-after-free in ia_module_exit()
hugetlb: clear huge pte during flush function on mips platform
drm/amd/display: fix use_max_lb flag for 420 pixel formats
net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
drm/vc4: fix argument ordering in vc4_crtc_get_margins()
drm/amd/amdgpu/sriov disable all ip hw status by default
drm/zte: Don't select DRM_KMS_FB_HELPER
drm/mxsfb: Don't select DRM_KMS_FB_HELPER
ANDROID: GKI: fix up crc change in ip.h
Linux 5.4.132
iommu/dma: Fix compile warning in 32-bit builds
scsi: core: Retry I/O for Notify (Enable Spinup) Required error
mmc: vub3000: fix control-request direction
mmc: block: Disable CMDQ on the ioctl path
block: return the correct bvec when checking for gaps
scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
perf llvm: Return -ENOMEM when asprintf() fails
selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
mm/huge_memory.c: don't discard hugepage if other processes are mapping it
vfio/pci: Handle concurrent vma faults
arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
serial: mvebu-uart: correctly calculate minimal possible baudrate
serial: mvebu-uart: do not allow changing baudrate when uartclk is not available
powerpc: Offline CPU in stop_this_cpu()
leds: ktd2692: Fix an error handling path
leds: as3645a: Fix error return code in as3645a_parse_node()
configfs: fix memleak in configfs_release_bin_file
ASoC: atmel-i2s: Fix usage of capture and playback at the same time
extcon: max8997: Add missing modalias string
extcon: sm5502: Drop invalid register write in sm5502_reg_data
phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
phy: uniphier-pcie: Fix updating phy parameters
soundwire: stream: Fix test for DP prepare complete
scsi: mpt3sas: Fix error return value in _scsih_expander_add()
mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume()
of: Fix truncation of memory sizes on 32-bit platforms
ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
staging: mt7621-dts: fix pci address for PCI memory range
staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
staging: rtl8712: remove redundant check in r871xu_drv_init
staging: gdm724x: check for overflow in gdm_lte_netif_rx()
staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
usb: dwc2: Don't reset the core after setting turnaround time
usb: gadget: f_fs: Fix setting of device and driver data cross-references
ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()'
iommu/dma: Fix IOVA reserve dma ranges
s390: appldata depends on PROC_SYSCTL
visorbus: fix error return code in visorchipset_init()
fsi/sbefifo: Fix reset timeout
fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE
fsi: occ: Don't accept response from un-initialized OCC
fsi: scom: Reset the FSI2PIB engine for any error
fsi: core: Fix return of error values on failures
scsi: FlashPoint: Rename si_flags field
leds: lm3692x: Put fwnode in any case during ->probe()
leds: lm36274: cosmetic: rename lm36274_data to chip
leds: lm3532: select regmap I2C API
tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
firmware: stratix10-svc: Fix a resource leak in an error handling path
char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol()
mtd: partitions: redboot: seek fis-index-block in the right node
Input: hil_kbd - fix error return code in hil_dev_connect()
ASoC: rsnd: tidyup loop on rsnd_adg_clk_query()
backlight: lm3630a_bl: Put fwnode in error case during ->probe()
ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup()
ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe()
iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: cros_ec_sensors: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: mxc4005: Fix overread of data and alignment issue.
iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls
iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adis16400: do not return ints in irq handlers
iio: adis_buffer: do not return ints in irq handlers
mwifiex: re-fix for unaligned accesses
tty: nozomi: Fix a resource leak in an error handling function
rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
staging: fbtft: Rectify GPIO handling
MIPS: Fix PKMAP with 32-bit MIPS huge page support
RDMA/mlx5: Don't access NULL-cleared mpi pointer
net: sched: fix warning in tcindex_alloc_perfect_hash
net: lwtunnel: handle MTU calculation in forwading
writeback: fix obtain a reference to a freeing memcg css
clk: si5341: Update initialization magic
clk: si5341: Avoid divide errors due to bogus register contents
clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC
clk: actions: Fix SD clocks factor table on Owl S500 SoC
clk: actions: Fix UART clock dividers on Owl S500 SoC
Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
Revert "be2net: disable bh with spin_lock in be_process_mcc"
gve: Fix swapped vars when fetching max queues
bpfilter: Specify the log level for the kmsg message
e1000e: Check the PCIm state
ipv6: fix out-of-bound access in ip6_parse_tlv()
ibmvnic: free tx_pool if tso_pool alloc fails
Revert "ibmvnic: remove duplicate napi_schedule call in open function"
i40e: Fix autoneg disabling for non-10GBaseT links
i40e: Fix error handling in i40e_vsi_open
bpf: Do not change gso_size during bpf_skb_change_proto()
ipv6: exthdrs: do not blindly use init_net
net: bcmgenet: Fix attaching to PYH failed on RPi 4B
mac80211: remove iwlwifi specific workaround NDPs of null_response
ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
ieee802154: hwsim: Fix memory leak in hwsim_add_one
tc-testing: fix list handling
net/ipv4: swap flow ports when validating source
vxlan: add missing rcu_read_lock() in neigh_reduce()
pkt_sched: sch_qfq: fix qfq_change_class() error path
tls: prevent oversized sendfile() hangs by ignoring MSG_MORE
net: sched: add barrier to ensure correct ordering for lockless qdisc
vrf: do not push non-ND strict packets with a source LLA through packet taps again
net: ethernet: ezchip: fix error handling
net: ethernet: ezchip: fix UAF in nps_enet_remove
net: ethernet: aeroflex: fix UAF in greth_of_remove
samples/bpf: Fix the error return code of xdp_redirect's main()
RDMA/rxe: Fix qp reference counting for atomic ops
netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
netfilter: nft_osf: check for TCP packet before further processing
netfilter: nft_exthdr: check for IPv6 packet before further processing
RDMA/mlx5: Don't add slave port to unaffiliated list
netlabel: Fix memory leak in netlbl_mgmt_add_common
ath10k: Fix an error code in ath10k_add_interface()
brcmsmac: mac80211_if: Fix a resource leak in an error handling path
brcmfmac: correctly report average RSSI in station info
brcmfmac: fix setting of station info chains bitmask
ssb: Fix error return code in ssb_bus_scan()
wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
wireless: carl9170: fix LEDS build errors & warnings
ath10k: add missing error return code in ath10k_pci_probe()
ath10k: go to path err_unsupported when chip id is not supported
tools/bpftool: Fix error return code in do_batch()
drm: qxl: ensure surf.data is ininitialized
RDMA/rxe: Fix failure during driver load
RDMA/core: Sanitize WQ state received from the userspace
net/sched: act_vlan: Fix modify to allow 0
ehea: fix error return code in ehea_restart_qps()
drm/rockchip: dsi: move all lane config except LCDC mux to bind()
drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write()
net: ftgmac100: add missing error return code in ftgmac100_probe()
clk: meson: g12a: fix gp0 and hifi ranges
pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities
pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin
net: pch_gbe: Propagate error from devm_gpio_request_one()
net: mvpp2: Put fwnode in error case during ->probe()
video: fbdev: imxfb: Fix an error message
xfrm: xfrm_state_mtu should return at least 1280 for ipv6
dax: fix ENOMEM handling in grab_mapping_entry()
ocfs2: fix snprintf() checking
cpufreq: Make cpufreq_online() call driver->offline() on errors
ACPI: bgrt: Fix CFI violation
ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
blk-wbt: make sure throttle is enabled properly
blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled()
extcon: extcon-max8997: Fix IRQ freeing at error path
ACPI: sysfs: Fix a buffer overrun problem with description_show()
crypto: nx - Fix RCU warning in nx842_OF_upd_status
spi: spi-sun6i: Fix chipselect/clock bug
sched/uclamp: Fix uclamp_tg_restrict()
sched/rt: Fix Deadline utilization tracking during policy change
sched/rt: Fix RT utilization tracking during policy change
btrfs: clear log tree recovering status if starting transaction fails
regulator: hi655x: Fix pass wrong pointer to config.driver_data
KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
hwmon: (max31790) Fix fan speed reporting for fan7..12
hwmon: (max31722) Remove non-standard ACPI device IDs
media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan
arm64: consistently use reserved_pg_dir
mmc: usdhi6rol0: fix error return code in usdhi6_probe()
crypto: omap-sham - Fix PM reference leak in omap sham ops
crypto: nitrox - fix unchecked variable in nitrox_register_interrupts
media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning
media: gspca/gl860: fix zero-length control requests
media: tc358743: Fix error return code in tc358743_probe_of()
media: au0828: fix a NULL vs IS_ERR() check
media: exynos4-is: Fix a use after free in isp_video_release
pata_ep93xx: fix deferred probing
media: rc: i2c: Fix an error message
crypto: ccp - Fix a resource leak in an error handling path
evm: fix writing <securityfs>/evm overflow
pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_<obj> := n'
kbuild: run the checker after the compiler
sched/uclamp: Fix locking around cpu_util_update_eff()
sched/uclamp: Fix wrong implementation of cpu.uclamp.min
media: I2C: change 'RST' to "RSET" to fix multiple build errors
pata_rb532_cf: fix deferred probing
sata_highbank: fix deferred probing
crypto: ux500 - Fix error return code in hash_hw_final()
crypto: ixp4xx - dma_unmap the correct address
media: s5p_cec: decrement usage count if disabled
writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
ia64: mca_drv: fix incorrect array size calculation
kthread_worker: fix return value when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
block: fix discard request merge
cifs: fix missing spinlock around update to ses->status
HID: wacom: Correct base usage for capacitive ExpressKey status bits
ACPI: tables: Add custom DSDT file as makefile prerequisite
clocksource: Retry clock read if long delays detected
PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
EDAC/Intel: Do not load EDAC driver when running as a guest
nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst()
platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard()
block: fix race between adding/removing rq qos and normal IO
ACPI: resources: Add checks for ACPI IRQ override
ACPI: bus: Call kobject_put() in acpi_init() error path
ACPICA: Fix memory leak caused by _CID repair function
fs: dlm: fix memory leak when fenced
random32: Fix implicit truncation warning in prandom_seed_state()
fs: dlm: cancel work sync othercon
block_dump: remove block_dump feature in mark_inode_dirty()
ACPI: EC: Make more Asus laptops use ECDT _GPE
lib: vsprintf: Fix handling of number field widths in vsscanf
hv_utils: Fix passing zero to 'PTR_ERR' warning
ACPI: processor idle: Fix up C-state latency if not ordered
EDAC/ti: Add missing MODULE_DEVICE_TABLE
HID: do not use down_interruptible() when unbinding devices
media: Fix Media Controller API config checks
regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
regulator: mt6358: Fix vdram2 .vsel_mask
KVM: s390: get rid of register asm usage
lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage()
locking/lockdep: Fix the dep path printing for backwards BFS
btrfs: disable build on platforms having page size 256K
btrfs: abort transaction if we fail to update the delayed inode
btrfs: fix error handling in __btrfs_update_delayed_inode
KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 processors
drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
hwmon: (max31790) Fix pwmX_enable attributes
hwmon: (max31790) Report correct current pwm duty cycles
media: imx-csi: Skip first few frames from a BT.656 source
media: siano: fix device register error path
media: dvb_net: avoid speculation from net slot
crypto: shash - avoid comparing pointers to exported functions under CFI
mmc: via-sdmmc: add a check against NULL pointer dereference
mmc: sdhci-sprd: use sdhci_sprd_writew
memstick: rtsx_usb_ms: fix UAF
media: dvd_usb: memory leak in cinergyt2_fe_attach
Makefile: fix GDB warning with CONFIG_RELR
media: st-hva: Fix potential NULL pointer dereferences
media: bt8xx: Fix a missing check bug in bt878_probe
media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
media: em28xx: Fix possible memory leak of em28xx struct
sched/fair: Fix ascii art by relpacing tabs
crypto: qat - remove unused macro in FW loader
crypto: qat - check return code of qat_hal_rd_rel_reg()
media: imx: imx7_mipi_csis: Fix logging of only error event counters
media: pvrusb2: fix warning in pvr2_i2c_core_done
media: cobalt: fix race condition in setting HPD
media: cpia2: fix memory leak in cpia2_usb_probe
media: sti: fix obj-$(config) targets
crypto: nx - add missing MODULE_DEVICE_TABLE
hwrng: exynos - Fix runtime PM imbalance on error
regulator: uniphier: Add missing MODULE_DEVICE_TABLE
spi: omap-100k: Fix the length judgment problem
spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages()
spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
media: exynos-gsc: fix pm_runtime_get_sync() usage count
media: sti/bdisp: fix pm_runtime_get_sync() usage count
media: s5p-jpeg: fix pm_runtime_get_sync() usage count
media: mtk-vcodec: fix PM runtime get logic
media: sh_vou: fix pm_runtime_get_sync() usage count
media: s5p: fix pm_runtime_get_sync() usage count
media: mdk-mdp: fix pm_runtime_get_sync() usage count
spi: Make of_register_spi_device also set the fwnode
fuse: reject internal errno
fuse: check connected before queueing on fpq->io
fuse: ignore PG_workingset after stealing
evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
evm: Execute evm_inode_init_security() only when an HMAC key is loaded
powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
seq_buf: Make trace_seq_putmem_hex() support data longer than 8
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
tracing/histograms: Fix parsing of "sym-offset" modifier
rsi: fix AP mode with WPA failure due to encrypted EAPOL
rsi: Assign beacon rate settings to the correct rate_info descriptor field
ssb: sdio: Don't overwrite const buffer if block_write fails
ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
serial_cs: remove wrong GLOBETROTTER.cis entry
serial_cs: Add Option International GSM-Ready 56K/ISDN modem
serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
serial: mvebu-uart: fix calculation of clock divisor
iio: ltr501: ltr501_read_ps(): add missing endianness conversion
iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too
iio: light: tcs3472: do not free unallocated IRQ
rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
s390/cio: dont call css_wait_for_slow_path() inside a lock
KVM: PPC: Book3S HV: Workaround high stack usage with clang
perf/smmuv3: Don't trample existing events with global filter
SUNRPC: Should wake up the privileged task firstly.
SUNRPC: Fix the batch tasks count wraparound.
mac80211: remove iwlwifi specific workaround that broke sta NDP tx
can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path
can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after RCU is done
can: gw: synchronize rcu operations before removing gw job entry
can: bcm: delay release of struct bcm_op after synchronize_rcu()
ext4: use ext4_grp_locked_error in mb_find_extent
ext4: fix avefreec in find_group_orlov
ext4: remove check for zero nr_to_scan in ext4_es_scan()
ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
ext4: return error code when ext4_fill_flex_info() fails
ext4: fix kernel infoleak via ext4_extent_header
ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle
btrfs: clear defrag status of a root if starting transaction fails
btrfs: send: fix invalid path for unlink operations after parent orphanization
ARM: dts: at91: sama5d4: fix pinctrl muxing
arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode
Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
iov_iter_fault_in_readable() should do nothing in xarray case
copy_page_to_iter(): fix ITER_DISCARD case
ntfs: fix validity check for file name attribute
xhci: solve a double free problem while doing s4
usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
usb: dwc3: Fix debugfs creation flow
USB: cdc-acm: blacklist Heimann USB Appset device
usb: gadget: eem: fix echo command packet response issue
net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
Input: usbtouchscreen - fix control-request directions
media: dvb-usb: fix wrong definition
ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
ALSA: hda/realtek: Add another ALC236 variant support
ALSA: intel8x0: Fix breakage at ac97 clock measurement
ALSA: usb-audio: scarlett2: Fix wrong resume call
ALSA: usb-audio: Fix OOB access at proc output
ALSA: usb-audio: fix rate on Ozone Z90 USB headset
Linux 5.4.131
xen/events: reset active flag for lateeoi events later
KVM: SVM: Call SEV Guest Decommission if ASID binding fails
s390/stack: fix possible register corruption with stack switch helper
KVM: SVM: Periodically schedule when unregistering regions on destroy
Linux 5.4.130
RDMA/mlx5: Block FDB rules when not in switchdev mode
gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP
drm/nouveau: fix dma_address check for CPU/GPU sync
scsi: sr: Return appropriate error code when disk is ejected
x86/efi: remove unused variables
Linux 5.4.129
certs: Move load_system_certificate_list to a common function
certs: Add EFI_CERT_X509_GUID support for dbx entries
x86/efi: move common keyring handler functions to new file
certs: Add wrapper function to check blacklisted binary hash
mm, futex: fix shared futex pgoff on shmem huge page
mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk()
mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes
mm: page_vma_mapped_walk(): get vma_address_end() earlier
mm: page_vma_mapped_walk(): use goto instead of while (1)
mm: page_vma_mapped_walk(): add a level of indentation
mm: page_vma_mapped_walk(): crossing page table boundary
mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block
mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd
mm: page_vma_mapped_walk(): settle PageHuge on entry
mm: page_vma_mapped_walk(): use page for pvmw->page
mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split
mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
mm/thp: fix page_address_in_vma() on file THP tails
mm/thp: fix vma_address() if virtual address below file offset
mm/thp: try_to_unmap() use TTU_SYNC for safe splitting
mm/thp: make is_huge_zero_pmd() safe and quicker
mm/thp: fix __split_huge_pmd_locked() on shmem migration entry
mm, thp: use head page in __migration_entry_wait()
mm/rmap: use page_not_mapped in try_to_unmap()
mm/rmap: remove unneeded semicolon in page_not_mapped()
mm: add VM_WARN_ON_ONCE_PAGE() macro
kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
kthread_worker: split code for canceling the delayed work timer
i2c: robotfuzz-osif: fix control-request directions
KVM: do not allow mapping valid but non-reference-counted pages
nilfs2: fix memory leak in nilfs_sysfs_delete_device_group
pinctrl: stm32: fix the reported number of GPIO lines per bank
net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY
net: ll_temac: Add memory-barriers for TX BD access
PCI: Add AMD RS690 quirk to enable 64-bit DMA
recordmcount: Correct st_shndx handling
net: qed: Fix memcpy() overflow of qed_dcbx_params()
KVM: selftests: Fix kvm_check_cap() assertion
r8169: Avoid memcpy() over-reading of ETH_SS_STATS
sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS
r8152: Avoid memcpy() over-reading of ETH_SS_STATS
net/packet: annotate accesses to po->ifindex
net/packet: annotate accesses to po->bind
net: caif: fix memory leak in ldisc_open
net: phy: dp83867: perform soft reset and retain established link
inet: annotate date races around sk->sk_txhash
ping: Check return value of function 'ping_queue_rcv_skb'
net: ethtool: clear heap allocations for ethtool function
mac80211: drop multicast fragments
net: ipv4: Remove unneed BUG() function
dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma
dmaengine: mediatek: do not issue a new desc if one is still current
dmaengine: mediatek: free the proper desc in desc_free handler
dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
cfg80211: call cfg80211_leave_ocb when switching away from OCB
mac80211_hwsim: drop pending frames on stop
mac80211: remove warning in ieee80211_get_sband()
dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc()
Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
spi: spi-nxp-fspi: move the register operation after the clock enable
MIPS: generic: Update node names to avoid unit addresses
arm64: link with -z norelro for LLD or aarch64-elf
kbuild: add CONFIG_LD_IS_LLD
mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
ARM: 9081/1: fix gcc-10 thumb2-kernel regression
drm/radeon: wait for moving fence after pinning
drm/nouveau: wait for moving fence after pinning v2
Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell."
Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue."
module: limit enabling module.sig_enforce
Revert "clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940"
Linux 5.4.128
usb: dwc3: core: fix kernel panic when do reboot
usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
clocksource/drivers/timer-ti-dm: Handle dra7 timer wrap errata i940
clocksource/drivers/timer-ti-dm: Prepare to handle dra7 timer wrap issue
clocksource/drivers/timer-ti-dm: Add clockevent and clocksource support
ARM: OMAP: replace setup_irq() by request_irq()
KVM: arm/arm64: Fix KVM_VGIC_V3_ADDR_TYPE_REDIST read
tools headers UAPI: Sync linux/in.h copy with the kernel sources
net: fec_ptp: add clock rate zero check
net: stmmac: disable clocks in stmmac_remove_config_dt()
mm/slub.c: include swab.h
mm/slub: fix redzoning for small allocations
mm/slub: clarify verification reporting
net: bridge: fix vlan tunnel dst refcnt when egressing
net: bridge: fix vlan tunnel dst null pointer dereference
net: ll_temac: Fix TX BD buffer overwrite
net: ll_temac: Make sure to free skb when it is completely used
drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue.
drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell.
cfg80211: avoid double free of PMSR request
cfg80211: make certificate generation more robust
dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
x86/fpu: Reset state for all signal restore failures
x86/pkru: Write hardware init value to PKRU when xstate is init
x86/process: Check PF_KTHREAD and not current->mm for kernel threads
ARCv2: save ABI registers across signal handling
KVM: x86: Immediately reset the MMU context when the SMM flag is cleared
PCI: Work around Huawei Intelligent NIC VF FLR erratum
PCI: Add ACS quirk for Broadcom BCM57414 NIC
PCI: aardvark: Fix kernel panic during PIO transfer
PCI: aardvark: Don't rely on jiffies while holding spinlock
PCI: Mark some NVIDIA GPUs to avoid bus reset
PCI: Mark TI C667X to avoid bus reset
tracing: Do no increment trace_clock_global() by one
tracing: Do not stop recording comms if the trace file is being read
tracing: Do not stop recording cmdlines when tracing is off
usb: core: hub: Disable autosuspend for Cypress CY7C65632
can: mcba_usb: fix memory leak in mcba_usb
can: j1939: fix Use-after-Free, hold skb ref while in use
can: bcm/raw/isotp: use per module netdevice notifier
can: bcm: fix infoleak in struct bcm_msg_head
hwmon: (scpi-hwmon) shows the negative temperature properly
radeon: use memcpy_to/fromio for UVD fw upload
pinctrl: ralink: rt2880: avoid to error in calls is pin is already enabled
spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd()
ASoC: rt5659: Fix the lost powers for the HDA header
regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
net: ethernet: fix potential use-after-free in ec_bhf_remove
icmp: don't send out ICMP messages with a source address of 0.0.0.0
bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
bnxt_en: Rediscover PHY capabilities after firmware reset
cxgb4: fix wrong shift.
net: cdc_eem: fix tx fixup skb leak
net: hamradio: fix memory leak in mkiss_close
be2net: Fix an error handling path in 'be_probe()'
net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock
net: ipv4: fix memory leak in ip_mc_add1_src
net: fec_ptp: fix issue caused by refactor the fec_devtype
net: usb: fix possible use-after-free in smsc75xx_bind
lantiq: net: fix duplicated skb in rx descriptor ring
net: cdc_ncm: switch to eth%d interface naming
ptp: improve max_adj check against unreasonable values
net: qrtr: fix OOB Read in qrtr_endpoint_post
netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
qlcnic: Fix an error handling path in 'qlcnic_probe()'
net: make get_net_ns return error if NET_NS is disabled
net: stmmac: dwmac1000: Fix extended MAC address registers definition
alx: Fix an error handling path in 'alx_probe()'
sch_cake: Fix out of bounds when parsing TCP options and header
netfilter: synproxy: Fix out of bounds when parsing TCP options
net/mlx5e: Block offload of outer header csum for UDP tunnels
net/mlx5e: allow TSO on VXLAN over VLAN topologies
net/mlx5: Consider RoCE cap before init RDMA resources
net/mlx5e: Fix page reclaim for dead peer hairpin
net/mlx5e: Remove dependency in IPsec initialization flows
net/sched: act_ct: handle DNAT tuple collision
rtnetlink: Fix regression in bridge VLAN configuration
udp: fix race between close() and udp_abort()
net: lantiq: disable interrupt before sheduling NAPI
net: rds: fix memory leak in rds_recvmsg
vrf: fix maximum MTU
net: ipv4: fix memory leak in netlbl_cipsov4_add_std
batman-adv: Avoid WARN_ON timing related checks
kvm: LAPIC: Restore guard to prevent illegal APIC register access
mm/memory-failure: make sure wait for page writeback in memory_failure
afs: Fix an IS_ERR() vs NULL check
dmaengine: stedma40: add missing iounmap() on error in d40_probe()
dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM
dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM
Linux 5.4.127
fib: Return the correct errno code
net: Return the correct errno code
net/x25: Return the correct errno code
rtnetlink: Fix missing error code in rtnl_bridge_notify()
drm/amd/display: Allow bandwidth validation for 0 streams.
net: ipconfig: Don't override command-line hostnames or domains
nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue()
nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails
nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues()
scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V
scsi: qedf: Do not put host in qedf_vport_create() unconditionally
ethernet: myri10ge: Fix missing error code in myri10ge_probe()
scsi: target: core: Fix warning on realtime kernels
gfs2: Fix use-after-free in gfs2_glock_shrink_scan
riscv: Use -mno-relax when using lld linker
HID: gt683r: add missing MODULE_DEVICE_TABLE
gfs2: Prevent direct-I/O write fallback errors from getting lost
ARM: OMAP2+: Fix build warning when mmc_omap is not built
drm/tegra: sor: Do not leak runtime PM reference
HID: usbhid: fix info leak in hid_submit_ctrl
HID: Add BUS_VIRTUAL to hid_connect logging
HID: multitouch: set Stylus suffix for Stylus-application devices, too
HID: quirks: Add quirk for Lenovo optical mouse
HID: hid-sensor-hub: Return error for hid_set_field() failure
HID: hid-input: add mapping for emoji picker key
HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
net: ieee802154: fix null deref in parse dev addr
Revert "RDMA/ipoib: Fix warning caused by destroying non-initial netns"
Linux 5.4.126
proc: only require mm_struct for writing
tracing: Correct the length check which causes memory corruption
ftrace: Do not blindly read the ip address in ftrace_bug()
scsi: core: Only put parent device if host state differs from SHOST_CREATED
scsi: core: Put .shost_dev in failure path if host state changes to RUNNING
scsi: core: Fix failure handling of scsi_add_host_with_dma()
scsi: core: Fix error handling of scsi_host_alloc()
NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error.
NFSv4: Fix second deadlock in nfs4_evict_inode()
NFS: Fix use-after-free in nfs4_init_client()
kvm: fix previous commit for 32-bit builds
perf session: Correct buffer copying when peeking events
NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode()
NFS: Fix a potential NULL dereference in nfs_get_client()
IB/mlx5: Fix initializing CQ fragments buffer
KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
sched/fair: Make sure to update tg contrib for blocked load
perf: Fix data race between pin_count increment/decrement
vmlinux.lds.h: Avoid orphan section with !SMP
RDMA/mlx4: Do not map the core_clock page to user space unless enabled
RDMA/ipoib: Fix warning caused by destroying non-initial netns
usb: typec: mux: Fix copy-paste mistake in typec_mux_match
regulator: max77620: Use device_set_of_node_from_dev()
regulator: core: resolve supply for boot-on/always-on regulators
usb: fix various gadget panics on 10gbps cabling
usb: fix various gadgets null ptr deref on 10gbps cabling.
usb: gadget: eem: fix wrong eem header operation
USB: serial: cp210x: fix alternate function for CP2102N QFN20
USB: serial: quatech2: fix control-request directions
USB: serial: omninet: add device id for Zyxel Omni 56K Plus
USB: serial: ftdi_sio: add NovaTech OrionMX product ID
usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path
usb: typec: wcove: Use LE to CPU conversion when accessing msg->header
usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling
usb: dwc3: ep0: fix NULL pointer exception
usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms
usb: f_ncm: only first packet of aggregate needs to start timer
USB: f_ncm: ncm_bitrate (speed) is unsigned
cgroup1: don't allow '\n' in renaming
btrfs: promote debugging asserts to full-fledged checks in validate_super
btrfs: return value from btrfs_mark_extent_written() in case of error
staging: rtl8723bs: Fix uninitialized variables
kvm: avoid speculation-based attacks from out-of-range memslot accesses
drm: Lock pointer access in drm_master_release()
drm: Fix use-after-free read in drm_getunique()
spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
x86/boot: Add .text.* to setup.ld
i2c: mpc: implement erratum A-004447 workaround
i2c: mpc: Make use of i2c_recover_bus()
spi: Cleanup on failure of initial setup
spi: Don't have controller clean up spi device before driver unbind
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers
powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers
nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
bnx2x: Fix missing error code in bnx2x_iov_init_one()
dm verity: fix require_signatures module_param permissions
MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER
nvme-fabrics: decode host pathing error for connect
net: dsa: microchip: enable phy errata workaround on 9567
net: appletalk: cops: Fix data race in cops_probe1
net: macb: ensure the device is available before accessing GEMGXL control registers
scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
scsi: vmw_pvscsi: Set correct residual data length
scsi: bnx2fc: Return failure if io_req is already in ABTS processing
RDS tcp loopback connection can hang
net/qla3xxx: fix schedule while atomic in ql_sem_spinlock
wq: handle VM suspension in stall detection
cgroup: disable controllers at parse time
net: mdiobus: get rid of a BUG_ON()
netlink: disable IRQs for netlink_lock_table()
bonding: init notify_work earlier to avoid uninitialized use
isdn: mISDN: netjet: Fix crash in nj_probe:
spi: sprd: Add missing MODULE_DEVICE_TABLE
ASoC: sti-sas: add missing MODULE_DEVICE_TABLE
vfio-ccw: Serialize FSM IDLE state with I/O completion
ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
usb: cdns3: Fix runtime PM imbalance on error
net/nfc/rawsock.c: fix a permission check bug
spi: Fix spi device unregister flow
ASoC: max98088: fix ni clock divider calculation
proc: Track /proc/$pid/attr/ opener mm_struct
ANDROID: GKI: update .xml file
ANDROID: restore abi breakage in usbnet.h
Linux 5.4.125
neighbour: allow NUD_NOARP entries to be forced GCed
i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops
xen-pciback: redo VF placement in the virtual topology
lib/lz4: explicitly support in-place decompression
x86/kvm: Disable all PV features on crash
x86/kvm: Disable kvmclock on all CPUs on shutdown
x86/kvm: Teardown PV features on boot CPU as well
KVM: arm64: Fix debug register indexing
KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode
btrfs: fix unmountable seed device after fstrim
mm/filemap: fix storing to a THP shadow entry
XArray: add xas_split
XArray: add xa_get_order
mm: add thp_order
bnxt_en: Remove the setting of dev_port.
mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY
btrfs: fixup error handling in fixup_inode_link_counts
btrfs: return errors from btrfs_del_csums in cleanup_ref_head
btrfs: fix error handling in btrfs_del_csums
btrfs: mark ordered extent and inode with error if we fail to finish
x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
drm/amdgpu: make sure we unpin the UVD BO
drm/amdgpu: Don't query CE and UE errors
nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect
ocfs2: fix data corruption by fallocate
pid: take a reference when initializing `cad_pid`
usb: dwc2: Fix build in periphal-only mode
ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators
ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch
ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx
ALSA: timer: Fix master timer notification
HID: multitouch: require Finger field to mark Win8 reports as MT
HID: magicmouse: fix NULL-deref on disconnect
HID: i2c-hid: Skip ELAN power-on command after reset
net: caif: fix memory leak in cfusbl_device_notify
net: caif: fix memory leak in caif_device_notify
net: caif: add proper error handling
net: caif: added cfserl_release function
Bluetooth: use correct lock to prevent UAF of hdev object
Bluetooth: fix the erroneous flush_work() order
tipc: fix unique bearer names sanity check
tipc: add extack messages for bearer/media failure
bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act
ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells
ARM: dts: imx7d-pico: Fix the 'tuning-step' property
ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property
arm64: dts: zii-ultra: fix 12V_MAIN voltage
arm64: dts: ls1028a: fix memory node
i40e: add correct exception tracing for XDP
i40e: optimize for XDP_REDIRECT in xsk path
i2c: qcom-geni: Add shutdown callback for i2c
ice: Allow all LLDP packets from PF to Tx
ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared
ice: write register with correct offset
ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
ixgbevf: add correct exception tracing for XDP
ieee802154: fix error return code in ieee802154_llsec_getparams()
ieee802154: fix error return code in ieee802154_add_iface()
netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
netfilter: nft_ct: skip expectations for confirmed conntrack
ACPICA: Clean up context mutex during object deletion
net/sched: act_ct: Fix ct template allocation for zone 0
HID: i2c-hid: fix format string mismatch
HID: pidff: fix error return code in hid_pidff_init()
ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
vfio/platform: fix module_put call in error flow
samples: vfio-mdev: fix error handing in mdpy_fb_probe()
vfio/pci: zap_vma_ptes() needs MMU
vfio/pci: Fix error return code in vfio_ecap_init()
efi: cper: fix snprintf() use in cper_dimm_err_location()
efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
netfilter: conntrack: unregister ipv4 sockopts on error unwind
hwmon: (dell-smm-hwmon) Fix index values
nl80211: validate key indexes for cfg80211_registered_device
ALSA: usb: update old-style static const declaration
net: usb: cdc_ncm: don't spew notifications
btrfs: tree-checker: do not error out if extent ref hash doesn't match
ANDROID: GKI: Preserve abi change in ieee80211_data_to_8023_exthdr()
Linux 5.4.124
usb: core: reduce power-on-good delay time of root hub
neighbour: Prevent Race condition in neighbour subsytem
net: hso: bail out on interrupt URB allocation failure
Revert "Revert "ALSA: usx2y: Fix potential NULL pointer dereference""
net: hns3: check the return of skb_checksum_help()
drivers/net/ethernet: clean up unused assignments
i915: fix build warning in intel_dp_get_link_status()
drm/i915/display: fix compiler warning about array overrun
MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c
MIPS: alchemy: xxs1500: add gpio-au1000.h header file
sch_dsmark: fix a NULL deref in qdisc_reset()
net: ethernet: mtk_eth_soc: Fix packet statistics support for MT7628/88
ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be static
ipv6: record frag_max_size in atomic fragments in input path
net: lantiq: fix memory corruption in RX ring
scsi: libsas: Use _safe() loop in sas_resume_port()
ixgbe: fix large MTU request from VF
bpf: Set mac_len in bpf_skb_change_head
ASoC: cs35l33: fix an error code in probe()
staging: emxx_udc: fix loop in _nbu2ss_nuke()
cxgb4: avoid accessing registers when clearing filters
gve: Correct SKB queue index validation.
gve: Upgrade memory barrier in poll routine
gve: Add NULL pointer checks when freeing irqs.
gve: Update mgmt_msix_idx if num_ntfy changes
gve: Check TX QPL was actually assigned
mld: fix panic in mld_newpack()
bnxt_en: Include new P5 HV definition in VF check.
net: bnx2: Fix error return code in bnx2_init_board()
net: hso: check for allocation failure in hso_create_bulk_serial_device()
net: sched: fix tx action reschedule issue with stopped queue
net: sched: fix tx action rescheduling issue during deactivation
net: sched: fix packet stuck problem for lockless qdisc
tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
openvswitch: meter: fix race when getting now_ms.
net: mdio: octeon: Fix some double free issues
net: mdio: thunder: Fix a double free issue in the .remove function
net: fec: fix the potential memory leak in fec_enet_init()
net: really orphan skbs tied to closing sk
vfio-ccw: Check initialized flag in cp_init()
ASoC: cs42l42: Regmap must use_single_read/write
net: dsa: fix error code getting shifted with 4 in dsa_slave_get_sset_count
net: netcp: Fix an error message
drm/amd/amdgpu: fix a potential deadlock in gpu reset
drm/amdgpu: Fix a use-after-free
drm/amd/amdgpu: fix refcount leak
drm/amd/display: Disconnect non-DP with no EDID
SMB3: incorrect file id in requests compounded with open
platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet
platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI
platform/x86: hp-wireless: add AMD's hardware id to the supported list
btrfs: do not BUG_ON in link_to_fixup_dir
openrisc: Define memory barrier mb
scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
btrfs: return whole extents in fiemap
brcmfmac: properly check for bus register errors
Revert "brcmfmac: add a check for the status of usb_register"
net: liquidio: Add missing null pointer checks
Revert "net: liquidio: fix a NULL pointer dereference"
media: gspca: properly check for errors in po1030_probe()
Revert "media: gspca: Check the return value of write_bridge for timeout"
media: gspca: mt9m111: Check write_bridge for timeout
Revert "media: gspca: mt9m111: Check write_bridge for timeout"
media: dvb: Add check on sp8870_readreg return
Revert "media: dvb: Add check on sp8870_readreg"
ASoC: cs43130: handle errors in cs43130_probe() properly
Revert "ASoC: cs43130: fix a NULL pointer dereference"
libertas: register sysfs groups properly
Revert "libertas: add checks for the return value of sysfs_create_group"
dmaengine: qcom_hidma: comment platform_driver_register call
Revert "dmaengine: qcom_hidma: Check for driver register failure"
isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info
Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
Revert "ALSA: usx2y: Fix potential NULL pointer dereference"
Revert "ALSA: gus: add a check of the status of snd_ctl_add"
char: hpet: add checks after calling ioremap
Revert "char: hpet: fix a missing check of ioremap"
net: caif: remove BUG_ON(dev == NULL) in caif_xmit
Revert "net/smc: fix a NULL pointer dereference"
net: fujitsu: fix potential null-ptr-deref
Revert "net: fujitsu: fix a potential NULL pointer dereference"
serial: max310x: unregister uart driver in case of failure and abort
Revert "serial: max310x: pass return value of spi_register_driver"
Revert "ALSA: sb: fix a missing check of snd_ctl_add"
Revert "media: usb: gspca: add a missed check for goto_low_power"
gpio: cadence: Add missing MODULE_DEVICE_TABLE
platform/x86: hp_accel: Avoid invoking _INI to speed up resume
perf jevents: Fix getting maximum number of fds
i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
i2c: i801: Don't generate an interrupt on bus reset
i2c: s3c2410: fix possible NULL pointer deref on read message after write
net: dsa: sja1105: error out on unsupported PHY mode
net: dsa: fix a crash if ->get_sset_count() fails
net: dsa: mt7530: fix VLAN traffic leaks
spi: spi-fsl-dspi: Fix a resource leak in an error handling path
tipc: skb_linearize the head skb when reassembling msgs
tipc: wait and exit until all work queues are done
Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
net/mlx4: Fix EEPROM dump support
net/mlx5e: Fix nullptr in add_vlan_push_action()
net/mlx5e: Fix multipath lag activation
drm/meson: fix shutdown crash when component not probed
NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
NFS: fix an incorrect limit in filelayout_decode_layout()
fs/nfs: Use fatal_signal_pending instead of signal_pending
Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
spi: spi-geni-qcom: Fix use-after-free on unbind
net: usb: fix memory leak in smsc75xx_bind
usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
usb: dwc3: gadget: Properly track pending and queued SG
thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
USB: serial: pl2303: add device id for ADLINK ND-6530 GC
USB: serial: ftdi_sio: add IDs for IDS GmbH Products
USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
USB: serial: ti_usb_3410_5052: add startech.com device id
serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
serial: tegra: Fix a mask operation that is always true
USB: usbfs: Don't WARN about excessively large memory allocations
USB: trancevibrator: fix control-request direction
serial: 8250_pci: handle FL_NOIRQ board flag
serial: 8250_pci: Add support for new HPE serial device
iio: adc: ad7793: Add missing error code in ad7793_setup()
iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
iio: adc: ad7768-1: Fix too small buffer passed to iio_push_to_buffers_with_timestamp()
iio: gyro: fxas21002c: balance runtime power in error path
staging: iio: cdc: ad7746: avoid overwrite of num_channels
mei: request autosuspend after sending rx flow control
thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
misc/uss720: fix memory leak in uss720_probe
serial: core: fix suspicious security_locked_down() call
Documentation: seccomp: Fix user notification documentation
kgdb: fix gcc-11 warnings harder
selftests/gpio: Fix build when source tree is read only
selftests/gpio: Move include of lib.mk up
selftests/gpio: Use TEST_GEN_PROGS_EXTENDED
drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
dm snapshot: properly fix a crash when an origin has no snapshots
ath10k: Validate first subframe of A-MSDU before processing the list
ath10k: Fix TKIP Michael MIC verification for PCIe
ath10k: drop MPDU which has discard flag set by firmware for SDIO
ath10k: drop fragments with multicast DA for SDIO
ath10k: drop fragments with multicast DA for PCIe
ath10k: add CCMP PN replay protection for fragmented frames for PCIe
mac80211: extend protection against mixed key and fragment cache attacks
mac80211: do not accept/forward invalid EAPOL frames
mac80211: prevent attacks on TKIP/WEP as well
mac80211: check defrag PN against current frame
mac80211: add fragment cache to sta_info
mac80211: drop A-MSDUs on old ciphers
cfg80211: mitigate A-MSDU aggregation attacks
mac80211: properly handle A-MSDUs that start with an RFC 1042 header
mac80211: prevent mixed key and fragment cache attacks
mac80211: assure all fragments are encrypted
net: hso: fix control-request directions
proc: Check /proc/$pid/attr/ writes against file opener
perf scripts python: exported-sql-viewer.py: Fix warning display
perf scripts python: exported-sql-viewer.py: Fix Array TypeError
perf scripts python: exported-sql-viewer.py: Fix copy to clipboard from Top Calls by elapsed Time report
perf intel-pt: Fix transaction abort handling
perf intel-pt: Fix sample instruction bytes
iommu/vt-d: Fix sysfs leak in alloc_iommu()
NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
cifs: set server->cipher_type to AES-128-CCM for SMB3.0
ALSA: usb-audio: scarlett2: Improve driver startup messages
ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
ALSA: hda/realtek: Headphone volume is controlled by Front mixer
ANDROID: GKI: update .xml file due to merge with `android11-5.4`
Linux 5.4.123
NFC: nci: fix memory leak in nci_allocate_device
perf unwind: Set userdata for all __report_module() paths
perf unwind: Fix separate debug info files when using elfutils' libdw's unwinder
usb: dwc3: gadget: Enable suspend events
bpf: No need to simulate speculative domain for immediates
bpf: Fix mask direction swap upon off reg sign change
bpf: Wrap aux data inside bpf_sanitize_info container
ANDROID: GKI: add thermal_zone_get_slope() to the .xml file
Linux 5.4.122
Bluetooth: SMP: Fail if remote and local public keys are identical
video: hgafb: correctly handle card detect failure during probe
nvmet: use new ana_log_size instead the old one
Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS
ext4: fix error handling in ext4_end_enable_verity()
nvme-multipath: fix double initialization of ANA state
tty: vt: always invoke vc->vc_sw->con_resize callback
vt: Fix character height handling with VT_RESIZEX
vgacon: Record video mode changes with VT_RESIZEX
video: hgafb: fix potential NULL pointer dereference
qlcnic: Add null check after calling netdev_alloc_skb
leds: lp5523: check return value of lp5xx_read and jump to cleanup code
ics932s401: fix broken handling of errors when word reading fails
net: rtlwifi: properly check for alloc_workqueue() failure
scsi: ufs: handle cleanup correctly on devm_reset_control_get error
net: stmicro: handle clk_prepare() failure during init
ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
Revert "niu: fix missing checks of niu_pci_eeprom_read"
Revert "qlcnic: Avoid potential NULL pointer dereference"
Revert "rtlwifi: fix a potential NULL pointer dereference"
Revert "media: rcar_drif: fix a memory disclosure"
cdrom: gdrom: initialize global variable at init time
cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
Revert "gdrom: fix a memory leak bug"
Revert "scsi: ufs: fix a missing check of devm_reset_control_get"
Revert "ecryptfs: replace BUG_ON with error handling code"
Revert "video: imsttfb: fix potential NULL pointer dereferences"
Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
Revert "net: stmicro: fix a missing check of clk_prepare"
Revert "video: hgafb: fix potential NULL pointer dereference"
dm snapshot: fix crash with transient storage and zero chunk size
xen-pciback: reconfigure also from backend watch handler
mmc: sdhci-pci-gli: increase 1.8V regulator wait
drm/amdgpu: update sdma golden setting for Navi12
drm/amdgpu: update gc golden setting for Navi12
drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer dereference"
rapidio: handle create_workqueue() failure
Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails"
uio_hv_generic: Fix a memory leak in error handling paths
ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx
ALSA: hda/realtek: Add fixup for HP OMEN laptop
ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
ALSA: hda/realtek: reset eapd coeff to default value for alc287
ALSA: firewire-lib: fix check for the size of isochronous packet payload
Revert "ALSA: sb8: add a check for request_region"
ALSA: hda: fixup headset for ASUS GU502 laptop
ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
ALSA: usb-audio: Validate MS endpoint descriptors
ALSA: firewire-lib: fix calculation for size of IR context payload
ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
ALSA: line6: Fix racy initialization of LINE6 MIDI
ALSA: intel8x0: Don't update period unless prepared
ALSA: dice: fix stream format for TC Electronic Konnekt Live at high sampling transfer frequency
cifs: fix memory leak in smb2_copychunk_range
btrfs: avoid RCU stalls while running delayed iputs
locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
nvmet: seset ns->file when open fails
ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
RDMA/uverbs: Fix a NULL vs IS_ERR() bug
platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue
RDMA/core: Don't access cm_id after its destruction
RDMA/mlx5: Recover from fatal event in dual port mode
scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
scsi: ufs: core: Increase the usable queue depth
RDMA/rxe: Clear all QP fields if creation failed
RDMA/siw: Release xarray entry
RDMA/siw: Properly check send and receive CQ pointers
openrisc: Fix a memory leak
firmware: arm_scpi: Prevent the ternary sign expansion bug
Linux 5.4.121
scripts: switch explicitly to Python 3
tweewide: Fix most Shebang lines
KVM: arm64: Initialize VCPU mdcr_el2 before loading it
ipv6: remove extra dev_hold() for fallback tunnels
ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
sit: proper dev_{hold|put} in ndo_[un]init methods
ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
net: stmmac: Do not enable RX FIFO overflow interrupts
lib: stackdepot: turn depot_lock spinlock to raw_spinlock
block: reexpand iov_iter after read/write
ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
drm/amd/display: Fix two cursor duplication when using overlay
bridge: Fix possible races between assigning rx_handler_data and setting IFF_BRIDGE_PORT bit
scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found
ceph: fix fscache invalidation
scsi: lpfc: Fix illegal memory access on Abort IOCBs
riscv: Workaround mcount name prior to clang-13
scripts/recordmcount.pl: Fix RISC-V regex for clang
ARM: 9075/1: kernel: Fix interrupted SMC calls
um: Disable CONFIG_GCOV with MODULES
um: Mark all kernel symbols as local
Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state
Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices
ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
dmaengine: dw-edma: Fix crash on loading/unloading driver
PCI: thunder: Fix compile testing
virtio_net: Do not pull payload in skb->head
xsk: Simplify detection of empty and full rings
pinctrl: ingenic: Improve unreachable code generation
isdn: capi: fix mismatched prototypes
cxgb4: Fix the -Wmisleading-indentation warning
usb: sl811-hcd: improve misleading indentation
kgdb: fix gcc-11 warning on indentation
x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
ANDROID: GKI: genksyms fixup for efed9a3337e3 ("kyber: fix out of bounds access when * preempted")
Revert "PM: runtime: Fix unpaired parent child_count for force_resume"
Revert "mm: fix struct page layout on 32-bit systems"
Linux 5.4.120
ASoC: rsnd: check all BUSIF status when error
nvme: do not try to reconfigure APST when the controller is not live
clk: exynos7: Mark aclk_fsys1_200 as critical
netfilter: conntrack: Make global sysctls readonly in non-init netns
kobject_uevent: remove warning in init_uevent_argv()
usb: typec: tcpm: Fix error while calculating PPS out values
ARM: 9027/1: head.S: explicitly map DT even if it lives in the first physical section
ARM: 9020/1: mm: use correct section size macro to describe the FDT virtual address
ARM: 9012/1: move device tree mapping out of linear region
ARM: 9011/1: centralize phys-to-virt conversion of DT/ATAGS address
f2fs: fix error handling in f2fs_end_enable_verity()
thermal/core/fair share: Lock the thermal zone while looping over instances
MIPS: Avoid handcoded DIVU in `__div64_32' altogether
MIPS: Avoid DIVU in `__div64_32' is result would be zero
MIPS: Reinstate platform `__div64_32' handler
FDDI: defxx: Make MMIO the configuration default except for EISA
mm: fix struct page layout on 32-bit systems
KVM: x86: Cancel pvclock_gtod_work on module removal
cdc-wdm: untangle a circular dependency between callback and softint
iio: tsl2583: Fix division by a zero lux_val
iio: gyro: mpu3050: Fix reported temperature value
xhci: Add reset resume quirk for AMD xhci controller.
xhci: Do not use GFP_KERNEL in (potentially) atomic context
usb: dwc3: gadget: Return success always for kick transfer in ep queue
usb: core: hub: fix race condition about TRSMRCY of resume
usb: dwc2: Fix gadget DMA unmap direction
usb: xhci: Increase timeout for HC halt
usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
usb: dwc3: omap: improve extcon initialization
iomap: fix sub-page uptodate handling
blk-mq: Swap two calls in blk_mq_exit_queue()
nbd: Fix NULL pointer in flush_workqueue
kyber: fix out of bounds access when preempted
ACPI: scan: Fix a memory leak in an error handling path
hwmon: (occ) Fix poll rate limiting
usb: fotg210-hcd: Fix an error message
iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
drm/i915: Avoid div-by-zero on gen2
drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected
mm/hugetlb: fix F_SEAL_FUTURE_WRITE
userfaultfd: release page in error path to avoid BUG_ON
squashfs: fix divide error in calculate_skip()
hfsplus: prevent corruption in shrinking truncate
powerpc/64s: Fix crashes when toggling entry flush barrier
powerpc/64s: Fix crashes when toggling stf barrier
ARC: mm: PAE: use 40-bit physical page mask
ARC: entry: fix off-by-one error in syscall number validation
i40e: Fix PHY type identifiers for 2.5G and 5G adapters
i40e: fix the restart auto-negotiation after FEC modified
i40e: Fix use-after-free in i40e_client_subtask()
netfilter: nftables: avoid overflows in nft_hash_buckets()
kernel: kexec_file: fix error return code of kexec_calculate_store_digests()
sched/fair: Fix unfairness caused by missing load decay
sched: Fix out-of-bound access in uclamp
can: m_can: m_can_tx_work_queue(): fix tx_skb race condition
netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
smc: disallow TCP_ULP in smc_setsockopt()
net: fix nla_strcmp to handle more then one trailing null character
ksm: fix potential missing rmap_item for stable_node
mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page()
mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts()
khugepaged: fix wrong result value for trace_mm_collapse_huge_page_isolate()
drm/radeon: Avoid power table parsing memory leaks
drm/radeon: Fix off-by-one power_state index heap overwrite
netfilter: xt_SECMARK: add new revision to fix structure layout
sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b
ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
sunrpc: Fix misplaced barrier in call_decode
RISC-V: Fix error code returned by riscv_hartid_to_cpuid()
sctp: do asoc update earlier in sctp_sf_do_dupcook_a
net: hns3: disable phy loopback setting in hclge_mac_start_phy
net: hns3: use netif_tx_disable to stop the transmit queue
net: hns3: fix for vxlan gpe tx checksum bug
net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet()
net: hns3: initialize the message content in hclge_get_link_mode()
net: hns3: fix incorrect configuration for igu_egu_hw_err
rtc: ds1307: Fix wday settings for rx8130
ceph: fix inode leak on getattr error in __fh_to_dentry
rtc: fsl-ftm-alarm: add MODULE_TABLE()
NFSv4.2 fix handling of sr_eof in SEEK's reply
pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
PCI: endpoint: Fix missing destroy_workqueue()
NFS: Deal correctly with attribute generation counter overflow
NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data()
ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
PCI: Release OF node in pci_scan_device()'s error path
PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc()
f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
thermal: thermal_of: Fix error return code of thermal_of_populate_bind_params()
ASoC: rt286: Make RT286_SET_GPIO_* readable and writable
ia64: module: fix symbolizer crash on fdescr
bnxt_en: Add PCI IDs for Hyper-V VF devices.
net: ethernet: mtk_eth_soc: fix RX VLAN offload
iavf: remove duplicate free resources calls
powerpc/iommu: Annotate nested lock for lockdep
qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join
wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt
drm/amd/display: fixed divide by zero kernel crash during dsc enablement
powerpc/pseries: Stop calling printk in rtas_stop_self()
samples/bpf: Fix broken tracex1 due to kprobe argument change
net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
ethtool: ioctl: Fix out-of-bounds warning in store_link_ksettings_for_user()
ASoC: rt286: Generalize support for ALC3263 codec
powerpc/smp: Set numa node before updating mask
flow_dissector: Fix out-of-bounds warning in __skb_flow_bpf_to_target()
sctp: Fix out-of-bounds warning in sctp_process_asconf_param()
ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
kconfig: nconf: stop endless search loops
selftests: Set CC to clang in lib.mk if LLVM is set
drm/amd/display: Force vsync flip when reconfiguring MPCC
iommu/amd: Remove performance counter pre-initialization test
Revert "iommu/amd: Fix performance counter initialization"
ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
cuse: prevent clone
mt76: mt76x0: disable GTK offloading
pinctrl: samsung: use 'int' for register masks in Exynos
mac80211: clear the beacon's CRC after channel switch
i2c: Add I2C_AQ_NO_REP_START adapter quirk
ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
ip6_vti: proper dev_{hold|put} in ndo_[un]init methods
Bluetooth: check for zapped sk before connecting
net: bridge: when suppression is enabled exclude RARP packets
Bluetooth: initialize skb_queue_head at l2cap_chan_create()
Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
ALSA: bebob: enable to deliver MIDI messages for multiple ports
ALSA: rme9652: don't disable if not enabled
ALSA: hdspm: don't disable if not enabled
ALSA: hdsp: don't disable if not enabled
i2c: bail out early when RDWR parameters are wrong
ASoC: rsnd: core: Check convert rate in rsnd_hw_params
net: stmmac: Set FIFO sizes for ipq806x
ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
tipc: convert dest node's address to network order
fs: dlm: fix debugfs dump
PM: runtime: Fix unpaired parent child_count for force_resume
KVM: x86/mmu: Remove the defunct update_pte() paging hook
tpm, tpm_tis: Reserve locality in tpm_tis_resume()
tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt()
tpm: fix error return code in tpm2_get_cc_attrs_tbl()
Revert "smp: Fix smp_call_function_single_async prototype"
Revert "usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply"
Revert "usb: typec: tcpm: Address incorrect values of tcpm psy for pps supply"
Revert "usb: typec: tcpm: update power supply once partner accepts"
Revert "spi: Fix use-after-free with devm_spi_alloc_*"
Linux 5.4.119
Revert "fdt: Properly handle "no-map" field in the memory region"
Revert "of/fdt: Make sure no-map does not remove already reserved regions"
sctp: delay auto_asconf init until binding the first addr
Revert "net/sctp: fix race condition in sctp_destroy_sock"
smp: Fix smp_call_function_single_async prototype
net: Only allow init netns to set default tcp cong to a restricted algo
mm/memory-failure: unnecessary amount of unmapping
mm/sparse: add the missing sparse_buffer_fini() in error branch
kfifo: fix ternary sign extension bugs
net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res
RDMA/siw: Fix a use after free in siw_alloc_mr
net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
bnxt_en: Fix RX consumer index logic in the error path.
selftests: net: mirror_gre_vlan_bridge_1q: Make an FDB entry static
net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb
arm64: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins for RTL8211E
bnxt_en: fix ternary sign extension bug in bnxt_show_temp()
powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add')
ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
net: phy: intel-xway: enable integrated led functions
net: renesas: ravb: Fix a stuck issue when a lot of frames are received
net: davinci_emac: Fix incorrect masking of tx and rx error channel
ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails
RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails
RDMA/cxgb4: add missing qpid increment
gro: fix napi_gro_frags() Fast GRO breakage due to IP alignment check
vsock/vmci: log once the failed queue pair allocation
mwl8k: Fix a double Free in mwl8k_probe_hw
i2c: sh7760: fix IRQ error path
rtlwifi: 8821ae: upgrade PHY and RF parameters
powerpc/pseries: extract host bridge from pci_bus prior to bus removal
MIPS: pci-legacy: stop using of_pci_range_to_resource
perf beauty: Fix fsconfig generator
drm/i915/gvt: Fix error code in intel_gvt_init_device()
ASoC: ak5558: correct reset polarity
powerpc/xive: Fix xmon command "dxi"
i2c: sh7760: add IRQ check
i2c: jz4780: add IRQ check
i2c: emev2: add IRQ check
i2c: cadence: add IRQ check
i2c: sprd: fix reference leak when pm_runtime_get_sync fails
i2c: omap: fix reference leak when pm_runtime_get_sync fails
i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
RDMA/srpt: Fix error return code in srpt_cm_req_recv()
net: thunderx: Fix unintentional sign extension issue
cxgb4: Fix unintentional sign extension issues
IB/hfi1: Fix error return code in parse_platform_config()
RDMA/qedr: Fix error return code in qedr_iw_connect()
KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
mt7601u: fix always true expression
mac80211: bail out if cipher schemes are invalid
powerpc: iommu: fix build when neither PCI or IBMVIO is set
powerpc/perf: Fix PMU constraint check for EBB events
powerpc/64s: Fix pte update for kernel memory on radix
liquidio: Fix unintented sign extension of a left shift of a u16
ASoC: simple-card: fix possible uninitialized single_cpu local variable
ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
mips: bmips: fix syscon-reboot nodes
net: hns3: Limiting the scope of vector_ring_chain variable
nfc: pn533: prevent potential memory corruption
bug: Remove redundant condition check in report_bug
ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
inet: use bigger hash table for IP ID generation
powerpc/prom: Mark identical_pvr_fixup as __init
powerpc/fadump: Mark fadump_calculate_reserve_size as __init
net: lapbether: Prevent racing when checking whether the netif is running
perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars
HID: plantronics: Workaround for double volume key presses
drivers/block/null_blk/main: Fix a double free in null_init.
sched/debug: Fix cgroup_path[] serialization
x86/events/amd/iommu: Fix sysfs type mismatch
HSI: core: fix resource leaks in hsi_add_client_from_dt()
nvme-pci: don't simple map sgl when sgls are disabled
mfd: stm32-timers: Avoid clearing auto reload register
scsi: ibmvfc: Fix invalid state machine BUG_ON()
scsi: sni_53c710: Add IRQ check
scsi: sun3x_esp: Add IRQ check
scsi: jazz_esp: Add IRQ check
scsi: hisi_sas: Fix IRQ checks
clk: uniphier: Fix potential infinite loop
clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE
clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
media: v4l2-ctrls.c: fix race condition in hdl->requests list
nvme: retrigger ANA log update if group descriptor isn't found
nvmet-tcp: fix incorrect locking in state_change sk callback
nvme-tcp: block BH in sk state_change sk callback
ata: libahci_platform: fix IRQ check
sata_mv: add IRQ checks
pata_ipx4xx_cf: fix IRQ check
pata_arasan_cf: fix IRQ check
x86/kprobes: Fix to check non boostable prefixes correctly
drm/amdkfd: fix build error with AMD_IOMMU_V2=m
media: m88rs6000t: avoid potential out-of-bounds reads on arrays
media: platform: sunxi: sun6i-csi: fix error return code of sun6i_video_start_streaming()
media: aspeed: fix clock handling logic
media: omap4iss: return error code when omap4iss_get() failed
media: vivid: fix assignment of dev->fbuf_out_flags
soc: aspeed: fix a ternary sign expansion bug
xen-blkback: fix compatibility bug with single page rings
ttyprintk: Add TTY hangup callback.
usb: dwc2: Fix hibernation between host and device modes.
usb: dwc2: Fix host mode hibernation exit with remote wakeup flow.
Drivers: hv: vmbus: Increase wait time for VMbus unload
x86/platform/uv: Fix !KEXEC build failure
platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table
usbip: vudc: fix missing unlock on error in usbip_sockfd_store()
node: fix device cleanups in error handling code
firmware: qcom-scm: Fix QCOM_SCM configuration
serial: core: return early on unsupported ioctls
tty: fix return value for unsupported ioctls
tty: actually undefine superseded ASYNC flags
USB: cdc-acm: fix TIOCGSERIAL implementation
USB: cdc-acm: fix unprivileged TIOCCSERIAL
usb: gadget: r8a66597: Add missing null check on return from platform_get_resource
spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
cpufreq: armada-37xx: Fix determining base CPU frequency
cpufreq: armada-37xx: Fix driver cleanup when registration failed
clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0
clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz
cpufreq: armada-37xx: Fix the AVS value for load L1
clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock
cpufreq: armada-37xx: Fix setting TBG parent for load levels
crypto: qat - Fix a double free in adf_create_ring
ACPI: CPPC: Replace cppc_attr with kobj_attribute
soc: qcom: mdt_loader: Detect truncated read of segments
soc: qcom: mdt_loader: Validate that p_filesz < p_memsz
spi: Fix use-after-free with devm_spi_alloc_*
PM / devfreq: Use more accurate returned new_freq as resume_freq
staging: greybus: uart: fix unprivileged TIOCCSERIAL
staging: rtl8192u: Fix potential infinite loop
irqchip/gic-v3: Fix OF_BAD_ADDR error handling
mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init
m68k: mvme147,mvme16x: Don't wipe PCC timer config bits
soundwire: stream: fix memory leak in stream config error path
memory: pl353: fix mask of ECC page_size config register
USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
usb: gadget: aspeed: fix dma map failure
crypto: qat - fix error path in adf_isr_resource_alloc()
phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally
soundwire: bus: Fix device found flag correctly
bus: qcom: Put child node before return
mtd: require write permissions for locking and badblock ioctls
fotg210-udc: Complete OUT requests on short packets
fotg210-udc: Don't DMA more than the buffer can take
fotg210-udc: Mask GRP2 interrupts we don't handle
fotg210-udc: Remove a dubious condition leading to fotg210_done
fotg210-udc: Fix EP0 IN requests bigger than two packets
fotg210-udc: Fix DMA on EP0 for length > max packet size
crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
crypto: qat - don't release uninitialized resources
usb: gadget: pch_udc: Check for DMA mapping error
usb: gadget: pch_udc: Check if driver is present before calling ->setup()
usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
x86/microcode: Check for offline CPUs before requesting new microcode
arm64: dts: renesas: r8a77980: Fix vin4-7 endpoint binding
spi: stm32: drop devres version of spi_register_master
arm64: dts: qcom: sm8150: fix number of pins in 'gpio-ranges'
mtd: rawnand: qcom: Return actual error code instead of -ENODEV
mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC
mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe()
regmap: set debugfs_name to NULL after it is freed
usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
serial: stm32: fix tx_empty condition
serial: stm32: fix incorrect characters on console
ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family
ARM: dts: exynos: correct PMIC interrupt trigger level on Midas family
ARM: dts: exynos: correct MUIC interrupt trigger level on Midas family
ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas family
memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
usb: gadget: pch_udc: Revert
|
||
Paul Moore
|
5576e5e477 |
UPSTREAM: selinux: add proper NULL termination to the secclass_map permissions
This patch adds the missing NULL termination to the "bpf" and
"perf_event" object class permission lists.
This missing NULL termination should really only affect the tools
under scripts/selinux, with the most important being genheaders.c,
although in practice this has not been an issue on any of my dev/test
systems. If the problem were to manifest itself it would likely
result in bogus permissions added to the end of the object class;
thankfully with no access control checks using these bogus
permissions and no policies defining these permissions the impact
would likely be limited to some noise about undefined permissions
during policy load.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Greg Kroah-Hartman
|
2abce4ec2a |
Merge 5.4.149 into android11-5.4-lts
Changes in 5.4.149 PCI: pci-bridge-emul: Fix big-endian support PCI: aardvark: Indicate error in 'val' when config read fails PCI: pci-bridge-emul: Add PCIe Root Capabilities Register PCI: aardvark: Fix reporting CRS value PCI/ACPI: Add Ampere Altra SOC MCFG quirk KVM: remember position in kvm->vcpus array console: consume APC, DM, DCS s390/pci_mmio: fully validate the VMA before calling follow_pte() ARM: Qualify enabling of swiotlb_init() apparmor: remove duplicate macro list_entry_is_head() ARM: 9077/1: PLT: Move struct plt_entries definition to header ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() ARM: 9079/1: ftrace: Add MODULE_PLTS support ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE sctp: validate chunk size in __rcv_asconf_lookup sctp: add param size validation for SCTP_PARAM_SET_PRIMARY staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() um: virtio_uml: fix memory leak on init failures dmaengine: acpi: Avoid comparison GSI with Linux vIRQ thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() 9p/trans_virtio: Remove sysfs file on probe failure prctl: allow to setup brk for et_dyn executables nilfs2: use refcount_dec_and_lock() to fix potential UAF profiling: fix shift-out-of-bounds bugs pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was registered phy: avoid unnecessary link-up delay in polling mode net: stmmac: reset Tx desc base address before restarting Tx Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH thermal/core: Fix thermal_cooling_device_register() prototype drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() parisc: Move pci_dev_is_behind_card_dino to where it is used dmaengine: sprd: Add missing MODULE_DEVICE_TABLE dmaengine: ioat: depends on !UML dmaengine: xilinx_dma: Set DMA mask for coherent APIs ceph: request Fw caps before updating the mtime in ceph_write_iter ceph: lockdep annotations for try_nonblocking_invalidate btrfs: fix lockdep warning while mounting sprout fs nilfs2: fix memory leak in nilfs_sysfs_create_device_group nilfs2: fix NULL pointer in nilfs_##name##_attr_release nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group pwm: img: Don't modify HW state in .remove() callback pwm: rockchip: Don't modify HW state in .remove() callback pwm: stm32-lp: Don't modify HW state in .remove() callback blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() rtc: rx8010: select REGMAP_I2C drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV Linux 5.4.149 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic55297fb43e33c9ff518898479a7313aafeb9375 |
||
Andy Shevchenko
|
278df06460 |
apparmor: remove duplicate macro list_entry_is_head()
commit 9801ca279ad37f72f71234fa81722afd95a3f997 upstream. Strangely I hadn't had noticed the existence of the list_entry_is_head() in apparmor code when added the same one in the list.h. Luckily it's fully identical and didn't break builds. In any case we don't need a duplicate anymore, thus remove it from apparmor code. Link: https://lkml.kernel.org/r/20201208100639.88182-1-andriy.shevchenko@linux.intel.com Fixes: e130816164e244 ("include/linux/list.h: add a macro to test if entry is pointing to the head") Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Acked-by: John Johansen <john.johansen@canonical.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E . Hallyn " <serge@hallyn.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Nobuhiro Iwamatsu (CIP) <nobuhiro1.iwamatsu@toshiba.co.jp> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
c4f92aff87 |
This is the 5.4.148 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmFLBPMACgkQONu9yGCS
aT6BIQ//Wb4ZQJtEVvaKnda7vFwe8BoZzPGYZA4Imn9KERDRgHuavEuRfMQtKc2y
YHwe/PD2JreuDHcd+Wz32xsdMe045xNvgiE1oGcxq0jNBvhJqANSmVTWpdqAquON
cTmwsK3roa7ELC2g1WjrYZDv6CrCggqvbuM9AJ/cLITtd8zerhLdZo+CCDG/28cH
EosrWvkBcaGmX+r/IBC86Rt6K2OFQ/3LLbb79L4vjKi5lopsm5CTAmfOfIk8p1gB
mGB3PkQZnIqphBfqGXLGuljl4e+zb1SONrugUh78Egom393Ex34oo+RjWEGe9dV2
Stkuqo0GTi85X7JA7SGCA/xgF8A8yvaaLjQBsJsL9+2ji+GW+J7hfn4mE5h8H3Di
UBjeLMFJA8Mge8Ng9xUSttvjRdwSTm0jWTS9SOl07w24b0pKYbMrQdWt2eI6CT+/
ytq3nCxNJZKeVcAVH+OJNrbSLYvMy/PgYvGTbzASkNmpAeyNiHOyBz1sRcoiAM9U
QCWDdZyaqDKktqEyKHxK3opqPzbnHfZFFlCxR7Gw7vvR+itIGJEh/50RNv2F6vnu
wzowrVxe+Bf1h7JiNEqLLVHdiuygRqjH1ygepGM4+3TVF4jYHzDISyrqlA/Se3Pg
Hhvlzsbv7PH+KiApwBFjSeHTs5WOrokGMFQ7ZYFDpPkleWiywS0=
=50Hk
-----END PGP SIGNATURE-----
Merge 5.4.148 into android11-5.4-lts
Changes in 5.4.148
rtc: tps65910: Correct driver module alias
btrfs: wake up async_delalloc_pages waiters after submit
btrfs: reset replace target device to allocation state on close
blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
PCI/MSI: Skip masking MSI-X on Xen PV
powerpc/perf/hv-gpci: Fix counter value parsing
xen: fix setting of max_pfn in shared_info
include/linux/list.h: add a macro to test if entry is pointing to the head
9p/xen: Fix end of loop tests for list_for_each_entry
tools/thermal/tmon: Add cross compiling support
pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
pinctrl: ingenic: Fix incorrect pull up/down info
soc: qcom: aoss: Fix the out of bound usage of cooling_devs
soc: aspeed: lpc-ctrl: Fix boundary check for mmap
soc: aspeed: p2a-ctrl: Fix boundary check for mmap
arm64: head: avoid over-mapping in map_memory
crypto: public_key: fix overflow during implicit conversion
block: bfq: fix bfq_set_next_ioprio_data()
power: supply: max17042: handle fails of reading status register
dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
VMCI: fix NULL pointer dereference when unmapping queue pair
media: uvc: don't do DMA on stack
media: rc-loopback: return number of emitters rather than error
Revert "dmaengine: imx-sdma: refine to load context only once"
dmaengine: imx-sdma: remove duplicated sdma_load_context
libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
ARM: 9105/1: atags_to_fdt: don't warn about stack size
PCI/portdrv: Enable Bandwidth Notification only if port supports it
PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
PCI: xilinx-nwl: Enable the clock through CCF
PCI: aardvark: Fix checking for PIO status
PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response
PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
HID: input: do not report stylus battery state as "full"
f2fs: quota: fix potential deadlock
scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
IB/hfi1: Adjust pkey entry in index 0
RDMA/iwcm: Release resources if iw_cm module initialization fails
docs: Fix infiniband uverbs minor number
pinctrl: samsung: Fix pinctrl bank pin count
vfio: Use config not menuconfig for VFIO_NOIOMMU
powerpc/stacktrace: Include linux/delay.h
RDMA/efa: Remove double QP type assignment
f2fs: show f2fs instance in printk_ratelimited
f2fs: reduce the scope of setting fsck tag when de->name_len is zero
openrisc: don't printk() unconditionally
dma-debug: fix debugfs initialization order
SUNRPC: Fix potential memory corruption
scsi: fdomain: Fix error return code in fdomain_probe()
pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
scsi: smartpqi: Fix an error code in pqi_get_raid_map()
scsi: qedi: Fix error codes in qedi_alloc_global_queues()
scsi: qedf: Fix error codes in qedf_alloc_global_queues()
powerpc/config: Renable MTD_PHYSMAP_OF
scsi: target: avoid per-loop XCOPY buffer allocations
HID: i2c-hid: Fix Elan touchpad regression
KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live
platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call
fscache: Fix cookie key hashing
clk: at91: sam9x60: Don't use audio PLL
clk: at91: clk-generated: pass the id of changeable parent at registration
clk: at91: clk-generated: Limit the requested rate to our range
KVM: PPC: Fix clearing never mapped TCEs in realmode
f2fs: fix to account missing .skipped_gc_rwsem
f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
f2fs: fix to unmap pages from userspace process in punch_hole()
MIPS: Malta: fix alignment of the devicetree buffer
kbuild: Fix 'no symbols' warning when CONFIG_TRIM_UNUSD_KSYMS=y
userfaultfd: prevent concurrent API initialization
drm/amdgpu: Fix amdgpu_ras_eeprom_init()
ASoC: atmel: ATMEL drivers don't need HAS_DMA
media: dib8000: rewrite the init prbs logic
crypto: mxs-dcp - Use sg_mapping_iter to copy data
PCI: Use pci_update_current_state() in pci_enable_device_flags()
tipc: keep the skb in rcv queue until the whole data is read
iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
iavf: do not override the adapter state in the watchdog task
iavf: fix locking of critical sections
ARM: dts: qcom: apq8064: correct clock names
video: fbdev: kyro: fix a DoS bug by restricting user input
netlink: Deal with ESRCH error in nlmsg_notify()
Smack: Fix wrong semantics in smk_access_entry()
drm: avoid blocking in drm_clients_info's rcu section
igc: Check if num of q_vectors is smaller than max before array access
usb: host: fotg210: fix the endpoint's transactional opportunities calculation
usb: host: fotg210: fix the actual_length of an iso packet
usb: gadget: u_ether: fix a potential null pointer dereference
USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
usb: gadget: composite: Allow bMaxPower=0 if self-powered
staging: board: Fix uninitialized spinlock when attaching genpd
tty: serial: jsm: hold port lock when reporting modem line changes
drm/amd/display: Fix timer_per_pixel unit error
drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex
bpf/tests: Fix copy-and-paste error in double word test
bpf/tests: Do not PASS tests without actually testing the result
video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
video: fbdev: kyro: Error out if 'pixclock' equals zero
video: fbdev: riva: Error out if 'pixclock' equals zero
ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
flow_dissector: Fix out-of-bounds warnings
s390/jump_label: print real address in a case of a jump label bug
s390: make PCI mio support a machine flag
serial: 8250: Define RX trigger levels for OxSemi 950 devices
xtensa: ISS: don't panic in rs_init
hvsi: don't panic on tty_register_driver failure
serial: 8250_pci: make setup_port() parameters explicitly unsigned
staging: ks7010: Fix the initialization of the 'sleep_status' structure
samples: bpf: Fix tracex7 error raised on the missing argument
ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
Bluetooth: skip invalid hci_sync_conn_complete_evt
workqueue: Fix possible memory leaks in wq_numa_init()
bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler()
arm64: tegra: Fix Tegra194 PCIe EP compatible string
ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output
media: imx258: Rectify mismatch of VTS value
media: imx258: Limit the max analogue gain to 480
media: v4l2-dv-timings.c: fix wrong condition in two for-loops
media: TDA1997x: fix tda1997x_query_dv_timings() return value
media: tegra-cec: Handle errors of clk_prepare_enable()
ARM: dts: imx53-ppd: Fix ACHC entry
arm64: dts: qcom: sdm660: use reg value for memory node
net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe()
drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
selftests/bpf: Fix xdp_tx.c prog section name
Bluetooth: schedule SCO timeouts with delayed_work
Bluetooth: avoid circular locks in sco_sock_connect
net/mlx5: Fix variable type to match 64bit
gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port()
drm/display: fix possible null-pointer dereference in dcn10_set_clock()
mac80211: Fix monitor MTU limit so that A-MSDUs get through
ARM: tegra: tamonten: Fix UART pad setting
arm64: tegra: Fix compatible string for Tegra132 CPUs
arm64: dts: ls1046a: fix eeprom entries
nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
Bluetooth: Fix handling of LE Enhanced Connection Complete
opp: Don't print an error if required-opps is missing
serial: sh-sci: fix break handling for sysrq
tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
rpc: fix gss_svc_init cleanup on failure
staging: rts5208: Fix get_ms_information() heap buffer size
gfs2: Don't call dlm after protocol is unmounted
usb: chipidea: host: fix port index underflow and UBSAN complains
lockd: lockd server-side shouldn't set fl_ops
drm/exynos: Always initialize mapping in exynos_drm_register_dma()
m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch
btrfs: tree-log: check btrfs_lookup_data_extent return value
ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
ASoC: Intel: Skylake: Fix passing loadable flag for module
of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
mmc: sdhci-of-arasan: Check return value of non-void funtions
mmc: rtsx_pci: Fix long reads when clock is prescaled
selftests/bpf: Enlarge select() timeout for test_maps
mmc: core: Return correct emmc response in case of ioctl error
cifs: fix wrong release in sess_alloc_buffer() failed path
Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set"
usb: musb: musb_dsps: request_irq() after initializing musb
usbip: give back URBs for unsent unlink requests during cleanup
usbip:vhci_hcd USB port can get stuck in the disabled state
ASoC: rockchip: i2s: Fix regmap_ops hang
ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
drm/amdkfd: Account for SH/SE count when setting up cu masks.
iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
iwlwifi: mvm: avoid static queue number aliasing
iwlwifi: mvm: fix access to BSS elements
net/mlx5: DR, Enable QP retransmission
parport: remove non-zero check on count
ath9k: fix OOB read ar9300_eeprom_restore_internal
ath9k: fix sleeping in atomic context
net: fix NULL pointer reference in cipso_v4_doi_free
fix array-index-out-of-bounds in taprio_change
net: w5100: check return value after calling platform_get_resource()
parisc: fix crash with signals and alloca
ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
scsi: BusLogic: Fix missing pr_cont() use
scsi: qla2xxx: Changes to support kdump kernel
scsi: qla2xxx: Sync queue idx with queue_pair_map idx
cpufreq: powernv: Fix init_chip_info initialization in numa=off
s390/pv: fix the forcing of the swiotlb
mm/hugetlb: initialize hugetlb_usage in mm_init
mm,vmscan: fix divide by zero in get_scan_count
memcg: enable accounting for pids in nested pid namespaces
platform/chrome: cros_ec_proto: Send command again when timeout occurs
lib/test_stackinit: Fix static initializer test
net: dsa: lantiq_gswip: fix maximum frame length
drm/msi/mdp4: populate priv->kms in mdp4_kms_init
drm/amdgpu: Fix BUG_ON assert
drm/panfrost: Simplify lock_region calculation
drm/panfrost: Use u64 for size in lock_region
drm/panfrost: Clamp lock region to Bifrost minimum
btrfs: fix upper limit for max_inline for page size 64K
xen: reset legacy rtc flag for PV domU
bnx2x: Fix enabling network interfaces without VFs
arm64/sve: Use correct size when reinitialising SVE state
PM: base: power: don't try to use non-existing RTC for storing data
PCI: Add AMD GPU multi-function power dependencies
drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
drm/etnaviv: return context from etnaviv_iommu_context_get
drm/etnaviv: put submit prev MMU context when it exists
drm/etnaviv: stop abusing mmu_context as FE running marker
drm/etnaviv: keep MMU context across runtime suspend/resume
drm/etnaviv: exec and MMU state is lost when resetting the GPU
drm/etnaviv: fix MMU context leak on GPU reset
drm/etnaviv: reference MMU context when setting up hardware state
drm/etnaviv: add missing MMU context put when reaping MMU mapping
s390/sclp: fix Secure-IPL facility detection
x86/mm: Fix kern_addr_valid() to cope with existing but not present entries
tipc: fix an use-after-free issue in tipc_recvmsg
net-caif: avoid user-triggerable WARN_ON(1)
ptp: dp83640: don't define PAGE0
dccp: don't duplicate ccid when cloning dccp sock
net/l2tp: Fix reference count leak in l2tp_udp_recv_core
r6040: Restore MDIO clock frequency after MAC reset
tipc: increase timeout in tipc_sk_enqueue()
perf machine: Initialize srcline string member in add_location struct
net/mlx5: FWTrace, cancel work on alloc pd error flow
net/mlx5: Fix potential sleeping in atomic context
events: Reuse value read using READ_ONCE instead of re-reading it
vhost_net: fix OoB on sendmsg() failure.
net/af_unix: fix a data-race in unix_dgram_poll
net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup
tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
qed: Handle management FW error
dt-bindings: arm: Fix Toradex compatible typo
ibmvnic: check failover_pending in login response
KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers
net: hns3: pad the short tunnel frame before sending to hardware
net: hns3: change affinity_mask to numa node range
net: hns3: disable mac in flr process
net: hns3: fix the timing issue of VF clearing interrupt sources
mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
mfd: db8500-prcmu: Adjust map to reality
PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
fuse: fix use after free in fuse_read_interrupt()
mfd: Don't use irq_create_mapping() to resolve a mapping
tracing/probes: Reject events which have the same name of existing one
PCI: Add ACS quirks for Cavium multi-function devices
Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
block, bfq: honor already-setup queue merges
PCI: ibmphp: Fix double unmap of io_mem
ethtool: Fix an error code in cxgb2.c
NTB: Fix an error code in ntb_msit_probe()
NTB: perf: Fix an error code in perf_setup_inbuf()
mfd: axp20x: Update AXP288 volatile ranges
PCI: Fix pci_dev_str_match_path() alloc while atomic bug
mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
KVM: arm64: Handle PSCI resets before userspace touches vCPU state
PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()'
ARC: export clear_user_page() for modules
perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
net: dsa: b53: Fix calculating number of switch ports
netfilter: socket: icmp6: fix use-after-scope
fq_codel: reject silly quantum parameters
qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
ip_gre: validate csum_start only on pull
net: renesas: sh_eth: Fix freeing wrong tx descriptor
s390/bpf: Fix optimizing out zero-extensions
s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant
Linux 5.4.148
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8613b511cb543a7ce0d1623663fc1306aaa45af1
|
||
Tianjia Zhang
|
a1d12196c3 |
Smack: Fix wrong semantics in smk_access_entry()
[ Upstream commit 6d14f5c7028eea70760df284057fe198ce7778dd ] In the smk_access_entry() function, if no matching rule is found in the rust_list, a negative error code will be used to perform bit operations with the MAY_ enumeration value. This is semantically wrong. This patch fixes this issue. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
d756462d85 |
This is the 5.4.146 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmFBpSMACgkQONu9yGCS
aT6PRw//T4GhyaqI0+hhYnYv2++RBzAtKsOAPE7JUZ8X5zNNe3NZKD/+c0q9loy3
vs1GpkjppSzZcL2WGZidwpgOTO0fqEYiJKusI+E60UGbu8GmmoUl0EbV3A3PP1K7
n+T1jzMID1j4NwmZQsAA1o3/9pkWrKLb/1+g0mHVCL6WQjA4/YROi5f6xhVeCq/u
aZFLxrgJ8YRkT9znEHCBcipEGRLid5kQp1uxSA5KaQh0JJl01eoJ3M52swYiExC/
8g+QXPHFWOs9a1vVyxUG5o4WCShnjKwY1fNkEJ5j54LMmmg52llHfMHajV2a1Kdt
qihSgY5/pPY9FgEDQ3Sy6xiTO2Lvq17lvHtEbGIn5V7SjQ4ISEN15Pqv3l+PqAFc
gHeukc28mBfw6/kbolKZ/wksIKyDzxCHd4QNEYZMKjSPbjpzg7zjsvCX53lHkKNb
23I0iJTu9yVDcPzYYCh/8ndFtxEIBGXS8c9kL5YN8p2k1AMqXcr1qUbYzM9CJqwm
MSaZ2C1rR58Uhd4CUvOK4N2K7lw+2PH6I0UcSGlp9jv+xHVlmERiM7uaZGBn7oLm
+n+5BRAU/qDK+Vm1poIZogrsI4BwMp9ZH4terELR28i0gPwYo+tCzddWqq98BuGT
52ylkG56l0gbC9Bvpf3Ou3K5/qbmhN9HYElt16HNFO6x/ufE2XI=
=1neh
-----END PGP SIGNATURE-----
Merge 5.4.146 into android11-5.4-lts
Changes in 5.4.146
locking/mutex: Fix HANDOFF condition
regmap: fix the offset of register error log
crypto: mxs-dcp - Check for DMA mapping errors
sched/deadline: Fix reset_on_fork reporting of DL tasks
power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors
crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop()
sched/deadline: Fix missing clock update in migrate_task_rq_dl()
rcu/tree: Handle VM stoppage in stall detection
posix-cpu-timers: Force next expiration recalc after itimer reset
hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
hrtimer: Ensure timerfd notification for HIGHRES=n
udf: Check LVID earlier
udf: Fix iocharset=utf8 mount option
isofs: joliet: Fix iocharset=utf8 mount option
bcache: add proper error unwinding in bcache_device_init
nvme-tcp: don't update queue count when failing to set io queues
nvme-rdma: don't update queue count when failing to set io queues
nvmet: pass back cntlid on successful completion
power: supply: max17042_battery: fix typo in MAx17042_TOFF
s390/cio: add dev_busid sysfs entry for each subchannel
libata: fix ata_host_start()
crypto: qat - do not ignore errors from enable_vf2pf_comms()
crypto: qat - handle both source of interrupt in VF ISR
crypto: qat - fix reuse of completion variable
crypto: qat - fix naming for init/shutdown VF to PF notifications
crypto: qat - do not export adf_iov_putmsg()
fcntl: fix potential deadlock for &fasync_struct.fa_lock
udf_get_extendedattr() had no boundary checks.
s390/kasan: fix large PMD pages address alignment check
s390/debug: fix debug area life cycle
m68k: emu: Fix invalid free in nfeth_cleanup()
sched: Fix UCLAMP_FLAG_IDLE setting
spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
spi: spi-pic32: Fix issue with uninitialized dma_slave_config
genirq/timings: Fix error return code in irq_timings_test_irqs()
lib/mpi: use kcalloc in mpi_resize
clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock source channel
block: nbd: add sanity check for first_minor
crypto: qat - use proper type for vf_mask
certs: Trigger creation of RSA module signing key if it's not an RSA key
regulator: vctrl: Use locked regulator_get_voltage in probe path
regulator: vctrl: Avoid lockdep warning in enable/disable ops
spi: sprd: Fix the wrong WDG_LOAD_VAL
spi: spi-zynq-qspi: use wait_for_completion_timeout to make zynq_qspi_exec_mem_op not interruptible
EDAC/i10nm: Fix NVDIMM detection
drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init()
media: TDA1997x: enable EDID support
soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally
media: cxd2880-spi: Fix an error handling path
bpf: Fix a typo of reuseport map in bpf.h.
bpf: Fix potential memleak and UAF in the verifier.
ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi
arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties
soc: qcom: rpmhpd: Use corner in power_off
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
media: dvb-usb: Fix error handling in dvb_usb_i2c_init
media: go7007: remove redundant initialization
media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
6lowpan: iphc: Fix an off-by-one check of array index
netns: protect netns ID lookups with RCU
drm/amdgpu/acp: Make PM domain really work
tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
ARM: dts: meson8: Use a higher default GPU clock frequency
ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties
ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties
ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties
net/mlx5e: Prohibit inner indir TIRs in IPoIB
cgroup/cpuset: Fix a partition bug with hotplug
net: cipso: fix warnings in netlbl_cipsov4_add_std
i2c: highlander: add IRQ check
leds: lt3593: Put fwnode in any case during ->probe()
leds: trigger: audio: Add an activate callback to ensure the initial brightness is set
media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
media: venus: venc: Fix potential null pointer dereference on pointer fmt
PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
PCI: PM: Enable PME if it can be signaled from D3cold
soc: qcom: smsm: Fix missed interrupts if state changes while masked
debugfs: Return error during {full/open}_proxy_open() on rmmod
Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
PM: EM: Increase energy calculation precision
drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs
arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7
counter: 104-quad-8: Return error when invalid mode during ceiling_write
Bluetooth: fix repeated calls to sco_sock_kill
drm/msm/dsi: Fix some reference counted resource leaks
usb: gadget: udc: at91: add IRQ check
usb: phy: fsl-usb: add IRQ check
usb: phy: twl6030: add IRQ checks
usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
Bluetooth: Move shutdown callback before flushing tx and rx queue
usb: host: ohci-tmio: add IRQ check
usb: phy: tahvo: add IRQ check
mac80211: Fix insufficient headroom issue for AMSDU
lockd: Fix invalid lockowner cast after vfs_test_lock
nfsd4: Fix forced-expiry locking
usb: gadget: mv_u3d: request_irq() after initializing UDC
mm/swap: consider max pages in iomap_swapfile_add_extent
Bluetooth: add timeout sanity check to hci_inquiry
i2c: iop3xx: fix deferred probing
i2c: s3c2410: fix IRQ check
rsi: fix error code in rsi_load_9116_firmware()
rsi: fix an error code in rsi_probe()
ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
ASoC: Intel: Skylake: Fix module resource and format selection
mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
mmc: moxart: Fix issue with uninitialized dma_slave_config
bpf: Fix possible out of bound write in narrow load handling
CIFS: Fix a potencially linear read overflow
i2c: mt65xx: fix IRQ check
usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available
tty: serial: fsl_lpuart: fix the wrong mapbase value
ASoC: wcd9335: Fix a double irq free in the remove function
ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function
ASoC: wcd9335: Disable irq on slave ports in the remove function
ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
bcma: Fix memory leak for internally-handled cores
brcmfmac: pcie: fix oops on failure to resume and reprobe
ipv6: make exception cache less predictible
ipv4: make exception cache less predictible
net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
net: qualcomm: fix QCA7000 checksum handling
octeontx2-af: Fix loop in free and unmap counter
ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
bpf: Introduce BPF nospec instruction for mitigating Spectre v4
bpf: Fix leakage due to insufficient speculative store bypass mitigation
bpf: verifier: Allocate idmap scratch in verifier env
bpf: Fix pointer arithmetic mask tightening under state pruning
time: Handle negative seconds correctly in timespec64_to_ns()
tty: Fix data race between tiocsti() and flush_to_ldisc()
perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
x86/resctrl: Fix a maybe-uninitialized build warning treated as error
KVM: s390: index kvm->arch.idle_mask by vcpu_idx
KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted
KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter
fuse: truncate pagecache on atomic_o_trunc
fuse: flush extending writes
IMA: remove -Wmissing-prototypes warning
IMA: remove the dependency on CRYPTO_MD5
fbmem: don't allow too huge resolutions
backlight: pwm_bl: Improve bootloader/kernel device handover
clk: kirkwood: Fix a clocking boot regression
Linux 5.4.146
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I5524baa0c07d9d9b80c0736488e3ea0e4fb8e335
|
||
THOBY Simon
|
4a95b04afa |
IMA: remove the dependency on CRYPTO_MD5
commit 8510505d55e194d3f6c9644c9f9d12c4f6b0395a upstream.
MD5 is a weak digest algorithm that shouldn't be used for cryptographic
operation. It hinders the efficiency of a patch set that aims to limit
the digests allowed for the extended file attribute namely security.ima.
MD5 is no longer a requirement for IMA, nor should it be used there.
The sole place where we still use the MD5 algorithm inside IMA is setting
the ima_hash algorithm to MD5, if the user supplies 'ima_hash=md5'
parameter on the command line. With commit
|
||
|
Austin Kim
|
c69935f0b0 |
IMA: remove -Wmissing-prototypes warning
commit a32ad90426a9c8eb3915eed26e08ce133bd9e0da upstream.
With W=1 build, the compiler throws warning message as below:
security/integrity/ima/ima_mok.c:24:12: warning:
no previous prototype for ‘ima_mok_init’ [-Wmissing-prototypes]
__init int ima_mok_init(void)
Silence the warning by adding static keyword to ima_mok_init().
Signed-off-by: Austin Kim <austin.kim@lge.com>
Fixes:
|
||
|
Greg Kroah-Hartman
|
a7e747c026 |
Merge 5.4.133 into android11-5.4-lts
Changes in 5.4.133
drm/mxsfb: Don't select DRM_KMS_FB_HELPER
drm/zte: Don't select DRM_KMS_FB_HELPER
drm/amd/amdgpu/sriov disable all ip hw status by default
drm/vc4: fix argument ordering in vc4_crtc_get_margins()
net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
drm/amd/display: fix use_max_lb flag for 420 pixel formats
hugetlb: clear huge pte during flush function on mips platform
atm: iphase: fix possible use-after-free in ia_module_exit()
mISDN: fix possible use-after-free in HFC_cleanup()
atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init()
reiserfs: add check for invalid 1st journal block
drm/virtio: Fix double free on probe failure
drm/sched: Avoid data corruptions
udf: Fix NULL pointer dereference in udf_symlink function
e100: handle eeprom as little endian
igb: handle vlan types with checker enabled
drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer()
clk: renesas: r8a77995: Add ZA2 clock
clk: tegra: Ensure that PLLU configuration is applied properly
ipv6: use prandom_u32() for ID generation
RDMA/cxgb4: Fix missing error code in create_qp()
dm space maps: don't reset space map allocation cursor when committing
pinctrl: mcp23s08: fix race condition in irq handler
ice: set the value of global config lock timeout longer
virtio_net: Remove BUG() to avoid machine dead
net: bcmgenet: check return value after calling platform_get_resource()
net: mvpp2: check return value after calling platform_get_resource()
net: micrel: check return value after calling platform_get_resource()
drm/amd/display: Update scaling settings on modeset
drm/amd/display: Release MST resources on switch from MST to SST
drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7
drm/amdkfd: use allowed domain for vmbo validation
fjes: check return value after calling platform_get_resource()
selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check
xfrm: Fix error reporting in xfrm_state_construct.
wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
wl1251: Fix possible buffer overflow in wl1251_cmd_scan
cw1200: add missing MODULE_DEVICE_TABLE
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
mt76: mt7615: fix fixed-rate tx status reporting
net: fix mistake path for netdev_features_strings
net: sched: fix error return code in tcf_del_walker()
drm/amdkfd: Walk through list with dqm lock hold
rtl8xxxu: Fix device info for RTL8192EU devices
MIPS: add PMD table accounting into MIPS'pmd_alloc_one
atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
atm: nicstar: register the interrupt handler in the right place
vsock: notify server to shutdown when client has pending signal
RDMA/rxe: Don't overwrite errno from ib_umem_get()
iwlwifi: mvm: don't change band on bound PHY contexts
iwlwifi: pcie: free IML DMA memory allocation
iwlwifi: pcie: fix context info freeing
sfc: avoid double pci_remove of VFs
sfc: error code if SRIOV cannot be disabled
wireless: wext-spy: Fix out-of-bounds warning
media, bpf: Do not copy more entries than user space requested
net: ip: avoid OOM kills with large UDP sends over loopback
RDMA/cma: Fix rdma_resolve_route() memory leak
Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip.
Bluetooth: Fix the HCI to MGMT status conversion table
Bluetooth: Shutdown controller after workqueues are flushed or cancelled
Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
sctp: validate from_addr_param return
sctp: add size validation when walking chunks
MIPS: loongsoon64: Reserve memory below starting pfn to prevent Oops
MIPS: set mips32r5 for virt extensions
fscrypt: don't ignore minor_hash when hash is 0
crypto: ccp - Annotate SEV Firmware file names
perf bench: Fix 2 memory sanitizer warnings
powerpc/mm: Fix lockup on kernel exec fault
powerpc/barrier: Avoid collision with clang's __lwsync macro
drm/amdgpu: Update NV SIMD-per-CU to 2
drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create()
drm/rockchip: dsi: remove extra component_del() call
drm/amd/display: fix incorrrect valid irq check
pinctrl/amd: Add device HID for new AMD GPIO controller
drm/amd/display: Reject non-zero src_y and src_x for video planes
drm/tegra: Don't set allow_fb_modifiers explicitly
drm/msm/mdp4: Fix modifier support enabling
drm/arm/malidp: Always list modifiers
mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
mmc: core: clear flags before allowing to retune
mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
ata: ahci_sunxi: Disable DIPM
cpu/hotplug: Cure the cpusets trainwreck
clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround
fpga: stratix10-soc: Add missing fpga_mgr_free() call
MIPS: fix "mipsel-linux-ld: decompress.c:undefined reference to `memmove'"
ASoC: tegra: Set driver_name=tegra for all machine drivers
qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
ipmi/watchdog: Stop watchdog timer when the current action is 'none'
thermal/drivers/int340x/processor_thermal: Fix tcc setting
ubifs: Fix races between xattr_{set|get} and listxattr operations
power: supply: ab8500: Fix an old bug
nvmem: core: add a missing of_node_put
extcon: intel-mrfld: Sync hardware and software state on init
seq_buf: Fix overflow in seq_buf_putmem_hex()
rq-qos: fix missed wake-ups in rq_qos_throttle try two
tracing: Simplify & fix saved_tgids logic
tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe
coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer()
dm btree remove: assign new_root only when removal succeeds
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
PCI: aardvark: Fix checking for PIO Non-posted Request
PCI: aardvark: Implement workaround for the readback value of VEND_ID
media: subdev: disallow ioctl for saa6588/davinci
media: dtv5100: fix control-request directions
media: zr364xx: fix memory leak in zr364xx_start_readpipe
media: gspca/sq905: fix control-request direction
media: gspca/sunplus: fix zero-length control requests
media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
jfs: fix GPF in diFree
smackfs: restrict bytes count in smk_set_cipso()
Linux 5.4.133
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4daf813e30444755db3a7d587f8be81ccd2f748b
|
||
|
Tetsuo Handa
|
135122f174 |
smackfs: restrict bytes count in smk_set_cipso()
commit 49ec114a6e62d8d320037ce71c1aaf9650b3cafd upstream.
Oops, I failed to update subject line.
From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Mon, 12 Apr 2021 22:25:06 +0900
Subject: smackfs: restrict bytes count in smk_set_cipso()
Commit 7ef4c19d245f3dc2 ("smackfs: restrict bytes count in smackfs write
functions") missed that count > SMK_CIPSOMAX check applies to only
format == SMK_FIXED24_FMT case.
Reported-by: syzbot <syzbot+77c53db50c9fff774e8e@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Minchan Kim
|
bfb8eb833e |
selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
[ Upstream commit 648f2c6100cfa18e7dfe43bc0b9c3b73560d623c ]
In the field, we have seen lots of allocation failure from the call
path below.
06-03 13:29:12.999 1010315 31557 31557 W Binder : 31542_2: page allocation failure: order:0, mode:0x800(GFP_NOWAIT), nodemask=(null),cpuset=background,mems_allowed=0
...
...
06-03 13:29:12.999 1010315 31557 31557 W Call trace:
06-03 13:29:12.999 1010315 31557 31557 W : dump_backtrace.cfi_jt+0x0/0x8
06-03 13:29:12.999 1010315 31557 31557 W : dump_stack+0xc8/0x14c
06-03 13:29:12.999 1010315 31557 31557 W : warn_alloc+0x158/0x1c8
06-03 13:29:12.999 1010315 31557 31557 W : __alloc_pages_slowpath+0x9d8/0xb80
06-03 13:29:12.999 1010315 31557 31557 W : __alloc_pages_nodemask+0x1c4/0x430
06-03 13:29:12.999 1010315 31557 31557 W : allocate_slab+0xb4/0x390
06-03 13:29:12.999 1010315 31557 31557 W : ___slab_alloc+0x12c/0x3a4
06-03 13:29:12.999 1010315 31557 31557 W : kmem_cache_alloc+0x358/0x5e4
06-03 13:29:12.999 1010315 31557 31557 W : avc_alloc_node+0x30/0x184
06-03 13:29:12.999 1010315 31557 31557 W : avc_update_node+0x54/0x4f0
06-03 13:29:12.999 1010315 31557 31557 W : avc_has_extended_perms+0x1a4/0x460
06-03 13:29:12.999 1010315 31557 31557 W : selinux_file_ioctl+0x320/0x3d0
06-03 13:29:12.999 1010315 31557 31557 W : __arm64_sys_ioctl+0xec/0x1fc
06-03 13:29:12.999 1010315 31557 31557 W : el0_svc_common+0xc0/0x24c
06-03 13:29:12.999 1010315 31557 31557 W : el0_svc+0x28/0x88
06-03 13:29:12.999 1010315 31557 31557 W : el0_sync_handler+0x8c/0xf0
06-03 13:29:12.999 1010315 31557 31557 W : el0_sync+0x1a4/0x1c0
..
..
06-03 13:29:12.999 1010315 31557 31557 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:12.999 1010315 31557 31557 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:12.999 1010315 31557 31557 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:12.999 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:12.999 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:12.999 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:12.999 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:12.999 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:12.999 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:12.999 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:12.999 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:12.999 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:13.000 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:13.000 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:13.000 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:13.000 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:13.000 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:13.000 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:13.000 1010161 10686 10686 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:13.000 1010161 10686 10686 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:13.000 1010161 10686 10686 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:13.000 10230 30892 30892 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:13.000 10230 30892 30892 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
06-03 13:29:13.000 10230 30892 30892 W node 0 : slabs: 57, objs: 2907, free: 0
06-03 13:29:13.000 10230 30892 30892 W SLUB : Unable to allocate memory on node -1, gfp=0x900(GFP_NOWAIT|__GFP_ZERO)
06-03 13:29:13.000 10230 30892 30892 W cache : avc_node, object size: 72, buffer size: 80, default order: 0, min order: 0
Based on [1], selinux is tolerate for failure of memory allocation.
Then, use __GFP_NOWARN together.
[1]
|
||
|
Greg Kroah-Hartman
|
374d020984 |
This is the 5.4.132 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmDu+p0ACgkQONu9yGCS
aT5SOw/9F58e4gz7PSTn4A9oCTNodRPe9B9rzf3y1Ol0k7T1aeQoWsPFOkZpNSOJ
tdOGEXnwYnLpMC7nuFshWv1uKGAL/weHADyGV6J37AntYFjpEFhJhSH7pGGhDk7V
EeIl98luBynPXOKNnDvcrQweeRaHKOInQBT8JJzwwsZbF2oqfOqdU0A787BiRu+3
zoi/mV0upDB443ji/JY0xj+o4jlbsuD0WxEqgkcD2YHL+QvU5Wr0mGys7m5gG9x7
TpKpMic0ILrF1vt/znLL5rOlX497prTvZ74ZXV/DYizeYxqtl/UG3CZjo1uf2yqk
pAXA57paz6DY2Ct+3QbJBeuer27bTz6SCClSS1om9AcUk6oNSdULmMdTGvQb0SLU
wx1Cy8b2ei04SVl96+McKKZ6ln47LJediGn0qIdwC6O/XHHrLq4u5PkSnQxRU4pA
GH1tP5oYy4GzL9RbBeiDJQETFiXwkexSEWVyuSc6BhqQXao9yVzmLQbL1zgjH/zO
m/tckZ3vEg+ll8j4QJCisHRyqYhwfru4PsJQH9Q7q6CtIuGOsd0Z/OUcLuF6knXg
jDOrDIykE/PnkQ2Dc2RhdONP1ud5j3oBnHvNHs6FDghRKjaixMQzg3g/RNtnAaTj
+7Xsfbi6ntpZSDOaY7YNgt+ZH3l4YRnUL/xBA6qIygayz374nzI=
=LU0G
-----END PGP SIGNATURE-----
Merge 5.4.132 into android11-5.4-lts
Changes in 5.4.132
ALSA: usb-audio: fix rate on Ozone Z90 USB headset
ALSA: usb-audio: Fix OOB access at proc output
ALSA: usb-audio: scarlett2: Fix wrong resume call
ALSA: intel8x0: Fix breakage at ac97 clock measurement
ALSA: hda/realtek: Add another ALC236 variant support
ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx
ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too
media: dvb-usb: fix wrong definition
Input: usbtouchscreen - fix control-request directions
net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
usb: gadget: eem: fix echo command packet response issue
USB: cdc-acm: blacklist Heimann USB Appset device
usb: dwc3: Fix debugfs creation flow
usb: typec: Add the missed altmode_id_remove() in typec_register_altmode()
xhci: solve a double free problem while doing s4
ntfs: fix validity check for file name attribute
copy_page_to_iter(): fix ITER_DISCARD case
iov_iter_fault_in_readable() should do nothing in xarray case
Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode
ARM: dts: at91: sama5d4: fix pinctrl muxing
btrfs: send: fix invalid path for unlink operations after parent orphanization
btrfs: clear defrag status of a root if starting transaction fails
ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle
ext4: fix kernel infoleak via ext4_extent_header
ext4: return error code when ext4_fill_flex_info() fails
ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
ext4: remove check for zero nr_to_scan in ext4_es_scan()
ext4: fix avefreec in find_group_orlov
ext4: use ext4_grp_locked_error in mb_find_extent
can: bcm: delay release of struct bcm_op after synchronize_rcu()
can: gw: synchronize rcu operations before removing gw job entry
can: j1939: j1939_sk_init(): set SOCK_RCU_FREE to call sk_destruct() after RCU is done
can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path
mac80211: remove iwlwifi specific workaround that broke sta NDP tx
SUNRPC: Fix the batch tasks count wraparound.
SUNRPC: Should wake up the privileged task firstly.
perf/smmuv3: Don't trample existing events with global filter
KVM: PPC: Book3S HV: Workaround high stack usage with clang
s390/cio: dont call css_wait_for_slow_path() inside a lock
rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
iio: light: tcs3472: do not free unallocated IRQ
iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too
iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
iio: ltr501: ltr501_read_ps(): add missing endianness conversion
serial: mvebu-uart: fix calculation of clock divisor
serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
serial_cs: Add Option International GSM-Ready 56K/ISDN modem
serial_cs: remove wrong GLOBETROTTER.cis entry
ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
ssb: sdio: Don't overwrite const buffer if block_write fails
rsi: Assign beacon rate settings to the correct rate_info descriptor field
rsi: fix AP mode with WPA failure due to encrypted EAPOL
tracing/histograms: Fix parsing of "sym-offset" modifier
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
seq_buf: Make trace_seq_putmem_hex() support data longer than 8
powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
evm: Execute evm_inode_init_security() only when an HMAC key is loaded
evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
fuse: ignore PG_workingset after stealing
fuse: check connected before queueing on fpq->io
fuse: reject internal errno
spi: Make of_register_spi_device also set the fwnode
media: mdk-mdp: fix pm_runtime_get_sync() usage count
media: s5p: fix pm_runtime_get_sync() usage count
media: sh_vou: fix pm_runtime_get_sync() usage count
media: mtk-vcodec: fix PM runtime get logic
media: s5p-jpeg: fix pm_runtime_get_sync() usage count
media: sti/bdisp: fix pm_runtime_get_sync() usage count
media: exynos-gsc: fix pm_runtime_get_sync() usage count
spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages()
spi: omap-100k: Fix the length judgment problem
regulator: uniphier: Add missing MODULE_DEVICE_TABLE
hwrng: exynos - Fix runtime PM imbalance on error
crypto: nx - add missing MODULE_DEVICE_TABLE
media: sti: fix obj-$(config) targets
media: cpia2: fix memory leak in cpia2_usb_probe
media: cobalt: fix race condition in setting HPD
media: pvrusb2: fix warning in pvr2_i2c_core_done
media: imx: imx7_mipi_csis: Fix logging of only error event counters
crypto: qat - check return code of qat_hal_rd_rel_reg()
crypto: qat - remove unused macro in FW loader
sched/fair: Fix ascii art by relpacing tabs
media: em28xx: Fix possible memory leak of em28xx struct
media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
media: bt8xx: Fix a missing check bug in bt878_probe
media: st-hva: Fix potential NULL pointer dereferences
Makefile: fix GDB warning with CONFIG_RELR
media: dvd_usb: memory leak in cinergyt2_fe_attach
memstick: rtsx_usb_ms: fix UAF
mmc: sdhci-sprd: use sdhci_sprd_writew
mmc: via-sdmmc: add a check against NULL pointer dereference
crypto: shash - avoid comparing pointers to exported functions under CFI
media: dvb_net: avoid speculation from net slot
media: siano: fix device register error path
media: imx-csi: Skip first few frames from a BT.656 source
hwmon: (max31790) Report correct current pwm duty cycles
hwmon: (max31790) Fix pwmX_enable attributes
drivers/perf: fix the missed ida_simple_remove() in ddr_perf_probe()
KVM: PPC: Book3S HV: Fix TLB management on SMT8 POWER9 and POWER10 processors
btrfs: fix error handling in __btrfs_update_delayed_inode
btrfs: abort transaction if we fail to update the delayed inode
btrfs: disable build on platforms having page size 256K
locking/lockdep: Fix the dep path printing for backwards BFS
lockding/lockdep: Avoid to find wrong lock dep path in check_irq_usage()
KVM: s390: get rid of register asm usage
regulator: mt6358: Fix vdram2 .vsel_mask
regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
media: Fix Media Controller API config checks
HID: do not use down_interruptible() when unbinding devices
EDAC/ti: Add missing MODULE_DEVICE_TABLE
ACPI: processor idle: Fix up C-state latency if not ordered
hv_utils: Fix passing zero to 'PTR_ERR' warning
lib: vsprintf: Fix handling of number field widths in vsscanf
ACPI: EC: Make more Asus laptops use ECDT _GPE
block_dump: remove block_dump feature in mark_inode_dirty()
fs: dlm: cancel work sync othercon
random32: Fix implicit truncation warning in prandom_seed_state()
fs: dlm: fix memory leak when fenced
ACPICA: Fix memory leak caused by _CID repair function
ACPI: bus: Call kobject_put() in acpi_init() error path
ACPI: resources: Add checks for ACPI IRQ override
block: fix race between adding/removing rq qos and normal IO
platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard()
nvmet-fc: do not check for invalid target port in nvmet_fc_handle_fcp_rqst()
EDAC/Intel: Do not load EDAC driver when running as a guest
PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv()
clocksource: Retry clock read if long delays detected
ACPI: tables: Add custom DSDT file as makefile prerequisite
HID: wacom: Correct base usage for capacitive ExpressKey status bits
cifs: fix missing spinlock around update to ses->status
block: fix discard request merge
kthread_worker: fix return value when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync()
ia64: mca_drv: fix incorrect array size calculation
writeback, cgroup: increment isw_nr_in_flight before grabbing an inode
media: s5p_cec: decrement usage count if disabled
crypto: ixp4xx - dma_unmap the correct address
crypto: ux500 - Fix error return code in hash_hw_final()
sata_highbank: fix deferred probing
pata_rb532_cf: fix deferred probing
media: I2C: change 'RST' to "RSET" to fix multiple build errors
sched/uclamp: Fix wrong implementation of cpu.uclamp.min
sched/uclamp: Fix locking around cpu_util_update_eff()
kbuild: run the checker after the compiler
kbuild: Fix objtool dependency for 'OBJECT_FILES_NON_STANDARD_<obj> := n'
pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
evm: fix writing <securityfs>/evm overflow
crypto: ccp - Fix a resource leak in an error handling path
media: rc: i2c: Fix an error message
pata_ep93xx: fix deferred probing
media: exynos4-is: Fix a use after free in isp_video_release
media: au0828: fix a NULL vs IS_ERR() check
media: tc358743: Fix error return code in tc358743_probe_of()
media: gspca/gl860: fix zero-length control requests
m68k: atari: Fix ATARI_KBD_CORE kconfig unmet dependency warning
media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
crypto: nitrox - fix unchecked variable in nitrox_register_interrupts
crypto: omap-sham - Fix PM reference leak in omap sham ops
mmc: usdhi6rol0: fix error return code in usdhi6_probe()
arm64: consistently use reserved_pg_dir
arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan
media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
hwmon: (max31722) Remove non-standard ACPI device IDs
hwmon: (max31790) Fix fan speed reporting for fan7..12
KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap
regulator: hi655x: Fix pass wrong pointer to config.driver_data
btrfs: clear log tree recovering status if starting transaction fails
sched/rt: Fix RT utilization tracking during policy change
sched/rt: Fix Deadline utilization tracking during policy change
sched/uclamp: Fix uclamp_tg_restrict()
spi: spi-sun6i: Fix chipselect/clock bug
crypto: nx - Fix RCU warning in nx842_OF_upd_status
ACPI: sysfs: Fix a buffer overrun problem with description_show()
extcon: extcon-max8997: Fix IRQ freeing at error path
blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled()
blk-wbt: make sure throttle is enabled properly
ACPI: Use DEVICE_ATTR_<RW|RO|WO> macros
ACPI: bgrt: Fix CFI violation
cpufreq: Make cpufreq_online() call driver->offline() on errors
ocfs2: fix snprintf() checking
dax: fix ENOMEM handling in grab_mapping_entry()
xfrm: xfrm_state_mtu should return at least 1280 for ipv6
video: fbdev: imxfb: Fix an error message
net: mvpp2: Put fwnode in error case during ->probe()
net: pch_gbe: Propagate error from devm_gpio_request_one()
pinctrl: renesas: r8a7796: Add missing bias for PRESET# pin
pinctrl: renesas: r8a77990: JTAG pins do not have pull-down capabilities
clk: meson: g12a: fix gp0 and hifi ranges
net: ftgmac100: add missing error return code in ftgmac100_probe()
drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write()
drm/rockchip: dsi: move all lane config except LCDC mux to bind()
ehea: fix error return code in ehea_restart_qps()
net/sched: act_vlan: Fix modify to allow 0
RDMA/core: Sanitize WQ state received from the userspace
RDMA/rxe: Fix failure during driver load
drm: qxl: ensure surf.data is ininitialized
tools/bpftool: Fix error return code in do_batch()
ath10k: go to path err_unsupported when chip id is not supported
ath10k: add missing error return code in ath10k_pci_probe()
wireless: carl9170: fix LEDS build errors & warnings
ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others
wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
ssb: Fix error return code in ssb_bus_scan()
brcmfmac: fix setting of station info chains bitmask
brcmfmac: correctly report average RSSI in station info
brcmsmac: mac80211_if: Fix a resource leak in an error handling path
ath10k: Fix an error code in ath10k_add_interface()
netlabel: Fix memory leak in netlbl_mgmt_add_common
RDMA/mlx5: Don't add slave port to unaffiliated list
netfilter: nft_exthdr: check for IPv6 packet before further processing
netfilter: nft_osf: check for TCP packet before further processing
netfilter: nft_tproxy: restrict support to TCP and UDP transport protocols
RDMA/rxe: Fix qp reference counting for atomic ops
samples/bpf: Fix the error return code of xdp_redirect's main()
net: ethernet: aeroflex: fix UAF in greth_of_remove
net: ethernet: ezchip: fix UAF in nps_enet_remove
net: ethernet: ezchip: fix error handling
vrf: do not push non-ND strict packets with a source LLA through packet taps again
net: sched: add barrier to ensure correct ordering for lockless qdisc
tls: prevent oversized sendfile() hangs by ignoring MSG_MORE
pkt_sched: sch_qfq: fix qfq_change_class() error path
vxlan: add missing rcu_read_lock() in neigh_reduce()
net/ipv4: swap flow ports when validating source
tc-testing: fix list handling
ieee802154: hwsim: Fix memory leak in hwsim_add_one
ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
mac80211: remove iwlwifi specific workaround NDPs of null_response
net: bcmgenet: Fix attaching to PYH failed on RPi 4B
ipv6: exthdrs: do not blindly use init_net
bpf: Do not change gso_size during bpf_skb_change_proto()
i40e: Fix error handling in i40e_vsi_open
i40e: Fix autoneg disabling for non-10GBaseT links
Revert "ibmvnic: remove duplicate napi_schedule call in open function"
ibmvnic: free tx_pool if tso_pool alloc fails
ipv6: fix out-of-bound access in ip6_parse_tlv()
e1000e: Check the PCIm state
bpfilter: Specify the log level for the kmsg message
gve: Fix swapped vars when fetching max queues
Revert "be2net: disable bh with spin_lock in be_process_mcc"
Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event
clk: actions: Fix UART clock dividers on Owl S500 SoC
clk: actions: Fix SD clocks factor table on Owl S500 SoC
clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC
clk: si5341: Avoid divide errors due to bogus register contents
clk: si5341: Update initialization magic
writeback: fix obtain a reference to a freeing memcg css
net: lwtunnel: handle MTU calculation in forwading
net: sched: fix warning in tcindex_alloc_perfect_hash
RDMA/mlx5: Don't access NULL-cleared mpi pointer
MIPS: Fix PKMAP with 32-bit MIPS huge page support
staging: fbtft: Rectify GPIO handling
rcu: Invoke rcu_spawn_core_kthreads() from rcu_spawn_gp_kthread()
tty: nozomi: Fix a resource leak in an error handling function
mwifiex: re-fix for unaligned accesses
iio: adis_buffer: do not return ints in irq handlers
iio: adis16400: do not return ints in irq handlers
iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls
iio: accel: mxc4005: Fix overread of data and alignment issue.
iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: cros_ec_sensors: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe()
ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup()
backlight: lm3630a_bl: Put fwnode in error case during ->probe()
ASoC: rsnd: tidyup loop on rsnd_adg_clk_query()
Input: hil_kbd - fix error return code in hil_dev_connect()
mtd: partitions: redboot: seek fis-index-block in the right node
char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol()
firmware: stratix10-svc: Fix a resource leak in an error handling path
tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
leds: lm3532: select regmap I2C API
leds: lm36274: cosmetic: rename lm36274_data to chip
leds: lm3692x: Put fwnode in any case during ->probe()
scsi: FlashPoint: Rename si_flags field
fsi: core: Fix return of error values on failures
fsi: scom: Reset the FSI2PIB engine for any error
fsi: occ: Don't accept response from un-initialized OCC
fsi/sbefifo: Clean up correct FIFO when receiving reset request from SBE
fsi/sbefifo: Fix reset timeout
visorbus: fix error return code in visorchipset_init()
s390: appldata depends on PROC_SYSCTL
iommu/dma: Fix IOVA reserve dma ranges
ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()'
usb: gadget: f_fs: Fix setting of device and driver data cross-references
usb: dwc2: Don't reset the core after setting turnaround time
eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
staging: gdm724x: check for overflow in gdm_lte_netif_rx()
staging: rtl8712: remove redundant check in r871xu_drv_init
staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
staging: mt7621-dts: fix pci address for PCI memory range
serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
of: Fix truncation of memory sizes on 32-bit platforms
mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume()
scsi: mpt3sas: Fix error return value in _scsih_expander_add()
soundwire: stream: Fix test for DP prepare complete
phy: uniphier-pcie: Fix updating phy parameters
phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
extcon: sm5502: Drop invalid register write in sm5502_reg_data
extcon: max8997: Add missing modalias string
ASoC: atmel-i2s: Fix usage of capture and playback at the same time
configfs: fix memleak in configfs_release_bin_file
leds: as3645a: Fix error return code in as3645a_parse_node()
leds: ktd2692: Fix an error handling path
powerpc: Offline CPU in stop_this_cpu()
serial: mvebu-uart: do not allow changing baudrate when uartclk is not available
serial: mvebu-uart: correctly calculate minimal possible baudrate
arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
vfio/pci: Handle concurrent vma faults
mm/huge_memory.c: don't discard hugepage if other processes are mapping it
mm/z3fold: fix potential memory leak in z3fold_destroy_pool()
selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
perf llvm: Return -ENOMEM when asprintf() fails
scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd()
block: return the correct bvec when checking for gaps
mmc: block: Disable CMDQ on the ioctl path
mmc: vub3000: fix control-request direction
scsi: core: Retry I/O for Notify (Enable Spinup) Required error
iommu/dma: Fix compile warning in 32-bit builds
Linux 5.4.132
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I36eef11d7d5fed3388f0c90904a4e9c495327826
|
||
Mimi Zohar
|
4020615bd7 |
evm: fix writing <securityfs>/evm overflow
[ Upstream commit 49219d9b8785ba712575c40e48ce0f7461254626 ]
EVM_SETUP_COMPLETE is defined as 0x80000000, which is larger than INT_MAX.
The "-fno-strict-overflow" compiler option properly prevents signaling
EVM that the EVM policy setup is complete. Define and read an unsigned
int.
Fixes:
|
||
|
Roberto Sassu
|
74e9d920f2 |
evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded
commit 9acc89d31f0c94c8e573ed61f3e4340bbd526d0c upstream.
EVM_ALLOW_METADATA_WRITES is an EVM initialization flag that can be set to
temporarily disable metadata verification until all xattrs/attrs necessary
to verify an EVM portable signature are copied to the file. This flag is
cleared when EVM is initialized with an HMAC key, to avoid that the HMAC is
calculated on unverified xattrs/attrs.
Currently EVM unnecessarily denies setting this flag if EVM is initialized
with a public key, which is not a concern as it cannot be used to trust
xattrs/attrs updates. This patch removes this limitation.
Fixes:
|
||
|
Roberto Sassu
|
d7dfaf13d2 |
evm: Execute evm_inode_init_security() only when an HMAC key is loaded
commit 9eea2904292c2d8fa98df141d3bf7c41ec9dc1b5 upstream.
evm_inode_init_security() requires an HMAC key to calculate the HMAC on
initial xattrs provided by LSMs. However, it checks generically whether a
key has been loaded, including also public keys, which is not correct as
public keys are not suitable to calculate the HMAC.
Originally, support for signature verification was introduced to verify a
possibly immutable initial ram disk, when no new files are created, and to
switch to HMAC for the root filesystem. By that time, an HMAC key should
have been loaded and usable to calculate HMACs for new files.
More recently support for requiring an HMAC key was removed from the
kernel, so that signature verification can be used alone. Since this is a
legitimate use case, evm_inode_init_security() should not return an error
when no HMAC key has been loaded.
This patch fixes this problem by replacing the evm_key_loaded() check with
a check of the EVM_INIT_HMAC flag in evm_initialized.
Fixes:
|
||
|
Greg Kroah-Hartman
|
98bb72abc9 |
Linux 5.4.130
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAmDlnnAACgkQ3qZv95d3 LNxq3Q/5AaAtg+YK2+b1bBV/sLq9rmLt/TlxxB4jpDklD+F9ioCqr7AR9/OCX6KG Q9+PUS/gEixC542IjzF/EPlKNjvTmNhIP9V9tWJo7XYyqP0TkZ7VSNhreWv+N51Y SMRoA/T37Fmhy6IMeAp1EvdAEpqlIntjdifJBLnt56fv3cCCy6I1sHenUG8H9iSf oRwGLsfBadEtihP4h+sqcLbMTHVhMBxyn0rKTa+Qt+sCRjVHgMzWs/XMQO3Ou/bZ Zy6BwWkYFXpc78E6HIk5mBj6JBmx4YdFNNjQG2ld6TCNq7P5DrjWQAchVUrSgLyO dz2ntpdBS/9GukByIaD9HbTICuUrf8f5mCpK730IcEOxb3rqVWCIrpJQXhrrYWfi 3xjzxHzu2DH6ZNedHdH59N5il4WpOMAsasBEIRYZTLK2oEkRLah6k2HDS9LSgZ4M wcnmdEeA7vKlYyaYGhkFPePKVoVdFW8yTxGsN6f2kyKR7DjW7zRcFT5/9GH5Hu+n 0jfUbCsIN+VSP7NFPYW5VywwUiVz1uVTdFK0XKpKzKrLTaWztQ+R5cQDatYu/jpq Chq7VTWdZIRsTe2tHetA7SMh32NRbESx9bxXz+OjvAbc7QlOss37YAztBusH0Uup /nBeRZw7z5N5jn8g2tl+mV/pTE+DrH86cDeAba4SqHztG2Y3H0g= =Uo47 -----END PGP SIGNATURE----- Merge 5.4.130 into android11-5.4-lts Changes in 5.4.130 x86/efi: remove unused variables scsi: sr: Return appropriate error code when disk is ejected drm/nouveau: fix dma_address check for CPU/GPU sync gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP RDMA/mlx5: Block FDB rules when not in switchdev mode Linux 5.4.130 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I81aa4b6d954afeda3fe6971a5611547db6b9fb7a |
||
|
Srinivasarao P
|
1154cfab73 |
Merge android11-5.4.86+ (fe9e863) into msm-5.4
* refs/heads/tmp-fe9e863:
FROMGIT: bpf: Do not change gso_size during bpf_skb_change_proto()
ANDROID: selinux: modify RTM_GETNEIGH{TBL}
Change-Id: I02fcc7795c4380aafb293dd8f575cccdc8e86825
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
||
YueHaibing
|
a6c85a8433 |
x86/efi: remove unused variables
[ Upstream commit 6f090192f8225f52ba95d08785989688cb768cca ]
commit ad723674d675 ("x86/efi: move common keyring handler functions
to new file") leave this unused.
Fixes: ad723674d675 ("x86/efi: move common keyring handler functions to new file")
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Link: https://lore.kernel.org/r/20191115130830.13320-1-yuehaibing@huawei.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
904c2c6cd7 |
Linux 5.4.129
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAmDcbxkACgkQ3qZv95d3 LNxZMBAArNPLhVYdEDDFosb6Y/5RGjjZ/79OGHH0p5YiTo8D+wBHi+wXRl5Jp0PA 3YVVU8lDTbeDm7E7uWeduWjFwEpsPBL8395scbhC6VR3PfnyunjarVXZgi6EHnMl p6HjXXtQ1jTrdDSziGDIhZVQT5FGb2/MMx9m69mfi5BTLjGfWy8chHFbC2GZszlp Znu9syjisUBbc4I4XHFgXw0hoQSSig6SUTZCrdTpIW/PZ0swfl8ZPxREh0CZNMpw Y2orRt+oHlkWPw1/sSkoTE1PRvXwNWFXyw5caOu846jAfhKtxO54SsqJqhM7VLHZ pdH4eb6q7AFyt0A62HkIqa5oabs5Vk9G24b8m5ggc2F/UTkHqgwUcMCud0d3DYL0 Q7OEAmThQzHHKJ+CeNRJLsiKqVBNHmeS24B+ELldlAiX22vLr9pUsIb342Au1ZjR S3BTnneAbYGBv4qUoV2yUF9wQ/LxsFMSl/vmjCBOxg7c3LbKYChUwskYnvd6EwWj ObCyLU6FK9HWXSBSp/X+irlF1CLla+HuOC+Aej2U5a8DtmHId4LHMeq/XOxZ9s/8 QUoX4rh5P+TJ8PIiTqXKrQo5rnR79MiYssIhUozKTdt9ZoMtXzI4mVLXN/yzAVD9 v4aWYx8m2x17Wq+ptaLMSTSed4m3c25uEl4MucLBmKQV8ClAxW8= =Sijo -----END PGP SIGNATURE----- Merge 5.4.129 into android11-5.4-lts Changes in 5.4.129 module: limit enabling module.sig_enforce Revert "drm/amdgpu/gfx9: fix the doorbell missing when in CGPG issue." Revert "drm/amdgpu/gfx10: enlarge CP_MEC_DOORBELL_RANGE_UPPER to cover full doorbell." drm/nouveau: wait for moving fence after pinning v2 drm/radeon: wait for moving fence after pinning ARM: 9081/1: fix gcc-10 thumb2-kernel regression mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk kbuild: add CONFIG_LD_IS_LLD arm64: link with -z norelro for LLD or aarch64-elf MIPS: generic: Update node names to avoid unit addresses spi: spi-nxp-fspi: move the register operation after the clock enable Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() mac80211: remove warning in ieee80211_get_sband() mac80211_hwsim: drop pending frames on stop cfg80211: call cfg80211_leave_ocb when switching away from OCB dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() dmaengine: mediatek: free the proper desc in desc_free handler dmaengine: mediatek: do not issue a new desc if one is still current dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma net: ipv4: Remove unneed BUG() function mac80211: drop multicast fragments net: ethtool: clear heap allocations for ethtool function ping: Check return value of function 'ping_queue_rcv_skb' inet: annotate date races around sk->sk_txhash net: phy: dp83867: perform soft reset and retain established link net: caif: fix memory leak in ldisc_open net/packet: annotate accesses to po->bind net/packet: annotate accesses to po->ifindex r8152: Avoid memcpy() over-reading of ETH_SS_STATS sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS r8169: Avoid memcpy() over-reading of ETH_SS_STATS KVM: selftests: Fix kvm_check_cap() assertion net: qed: Fix memcpy() overflow of qed_dcbx_params() recordmcount: Correct st_shndx handling PCI: Add AMD RS690 quirk to enable 64-bit DMA net: ll_temac: Add memory-barriers for TX BD access net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY pinctrl: stm32: fix the reported number of GPIO lines per bank nilfs2: fix memory leak in nilfs_sysfs_delete_device_group KVM: do not allow mapping valid but non-reference-counted pages i2c: robotfuzz-osif: fix control-request directions kthread_worker: split code for canceling the delayed work timer kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() mm: add VM_WARN_ON_ONCE_PAGE() macro mm/rmap: remove unneeded semicolon in page_not_mapped() mm/rmap: use page_not_mapped in try_to_unmap() mm, thp: use head page in __migration_entry_wait() mm/thp: fix __split_huge_pmd_locked() on shmem migration entry mm/thp: make is_huge_zero_pmd() safe and quicker mm/thp: try_to_unmap() use TTU_SYNC for safe splitting mm/thp: fix vma_address() if virtual address below file offset mm/thp: fix page_address_in_vma() on file THP tails mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split mm: page_vma_mapped_walk(): use page for pvmw->page mm: page_vma_mapped_walk(): settle PageHuge on entry mm: page_vma_mapped_walk(): use pmde for *pvmw->pmd mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block mm: page_vma_mapped_walk(): crossing page table boundary mm: page_vma_mapped_walk(): add a level of indentation mm: page_vma_mapped_walk(): use goto instead of while (1) mm: page_vma_mapped_walk(): get vma_address_end() earlier mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() mm, futex: fix shared futex pgoff on shmem huge page certs: Add wrapper function to check blacklisted binary hash x86/efi: move common keyring handler functions to new file certs: Add EFI_CERT_X509_GUID support for dbx entries certs: Move load_system_certificate_list to a common function Linux 5.4.129 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6ba417dfeb30d91ebc61345bc057f927beeee0a9 |
||
|
Greg Kroah-Hartman
|
4dd6db1903 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Eric Snowberg
|
e20b90e4f8 |
certs: Add EFI_CERT_X509_GUID support for dbx entries
[ Upstream commit 56c5812623f95313f6a46fbf0beee7fa17c68bbf ] This fixes CVE-2020-26541. The Secure Boot Forbidden Signature Database, dbx, contains a list of now revoked signatures and keys previously approved to boot with UEFI Secure Boot enabled. The dbx is capable of containing any number of EFI_CERT_X509_SHA256_GUID, EFI_CERT_SHA256_GUID, and EFI_CERT_X509_GUID entries. Currently when EFI_CERT_X509_GUID are contained in the dbx, the entries are skipped. Add support for EFI_CERT_X509_GUID dbx entries. When a EFI_CERT_X509_GUID is found, it is added as an asymmetrical key to the .blacklist keyring. Anytime the .platform keyring is used, the keys in the .blacklist keyring are referenced, if a matching key is found, the key will be rejected. [DH: Made the following changes: - Added to have a config option to enable the facility. This allows a Kconfig solution to make sure that pkcs7_validate_trust() is enabled.[1][2] - Moved the functions out from the middle of the blacklist functions. - Added kerneldoc comments.] Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> cc: Randy Dunlap <rdunlap@infradead.org> cc: Mickaël Salaün <mic@digikod.net> cc: Arnd Bergmann <arnd@kernel.org> cc: keyrings@vger.kernel.org Link: https://lore.kernel.org/r/20200901165143.10295-1-eric.snowberg@oracle.com/ # rfc Link: https://lore.kernel.org/r/20200909172736.73003-1-eric.snowberg@oracle.com/ # v2 Link: https://lore.kernel.org/r/20200911182230.62266-1-eric.snowberg@oracle.com/ # v3 Link: https://lore.kernel.org/r/20200916004927.64276-1-eric.snowberg@oracle.com/ # v4 Link: https://lore.kernel.org/r/20210122181054.32635-2-eric.snowberg@oracle.com/ # v5 Link: https://lore.kernel.org/r/161428672051.677100.11064981943343605138.stgit@warthog.procyon.org.uk/ Link: https://lore.kernel.org/r/161433310942.902181.4901864302675874242.stgit@warthog.procyon.org.uk/ # v2 Link: https://lore.kernel.org/r/161529605075.163428.14625520893961300757.stgit@warthog.procyon.org.uk/ # v3 Link: https://lore.kernel.org/r/bc2c24e3-ed68-2521-0bf4-a1f6be4a895d@infradead.org/ [1] Link: https://lore.kernel.org/r/20210225125638.1841436-1-arnd@kernel.org/ [2] Signed-off-by: Sasha Levin <sashal@kernel.org> |