diff --git a/debian.realtime/abi/amd64/ignore.abi b/debian.realtime/abi/amd64/ignore.abi new file mode 100644 index 000000000000..d00491fd7e5b --- /dev/null +++ b/debian.realtime/abi/amd64/ignore.abi @@ -0,0 +1 @@ +1 diff --git a/debian.realtime/abi/arm64/ignore.abi b/debian.realtime/abi/arm64/ignore.abi new file mode 100644 index 000000000000..d00491fd7e5b --- /dev/null +++ b/debian.realtime/abi/arm64/ignore.abi @@ -0,0 +1 @@ +1 diff --git a/debian.realtime/changelog b/debian.realtime/changelog index f73b14dae441..711d02683b0b 100644 --- a/debian.realtime/changelog +++ b/debian.realtime/changelog @@ -1,10 +1,1480 @@ -linux-realtime (6.7.0-1004.3) UNRELEASED; urgency=medium +linux-realtime (6.7.0-1004.5) noble; urgency=medium - CHANGELOG: Do not edit directly. Autogenerated at release. - CHANGELOG: Use the printchanges target to see the curent changes. - CHANGELOG: Use the insertchanges target to create the final log. + * noble/linux-realtime: 6.7.0-1004.5 -proposed tracker (LP: #2051981) - -- Joseph Salisbury Thu, 01 Feb 2024 14:44:44 -0500 + * Miscellaneous Ubuntu changes + - [Packaging] add Rust 1.73 dependency + - [Config] update toolchain versions in annotations + - [Packaging] rename flavour generic -> realtime + - [Config] disable Rust in annotations + + [ Ubuntu: 6.7.0-3.3 ] + + * noble/linux: 6.7.0-3.3 -proposed tracker (LP: #2051643) + * Migrate from fbdev drivers to simpledrm and DRM fbdev emulation layer + (LP: #1965303) + - [Config] enable simpledrm and DRM fbdev emulation layer + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/94] v6.8: apparmor: switch SECURITY_APPARMOR_HASH + from sha1 to sha256 + - SAUCE: apparmor4.0.0 [02/94] v6.8: apparmor: declare stack_msg as static + - SAUCE: apparmor4.0.0 [03/94] v6.8: apparmor: declare nulldfa as static + - SAUCE: apparmor4.0.0 [04/94] v6.8: apparmor: add missing params to + aa_may_ptrace kernel-doc comments + - SAUCE: apparmor4.0.0 [05/94] v6.8: apparmor: cleanup network hook comments + - SAUCE: apparmor4.0.0 [06/94] v6.8: apparmorfs: don't duplicate kfree_link() + - SAUCE: apparmor4.0.0 [07/94] v6.8: apparmor: Fix ref count leak in task_kill + - SAUCE: apparmor4.0.0 [12/94]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [13/94]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [14/94]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [15/94]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [16/94]: af_unix mediation + - SAUCE: apparmor4.0.0 [17/94]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [18/94]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [19/94]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [20/94]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [21/94]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [22/94]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [23/94]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [24/94]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [25/94]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [26/94]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [27/94]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [28/94]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [29/94]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [30/94]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [31/94]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [32/94]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [33/94]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [34/94]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [35/94]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [36/94]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [38/94]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [39/94]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [40/94]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [41/94]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [42/94]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [43/94]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [44/94]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [45/94]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [46/94]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [47/94]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [48/94]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [49/94]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [50/94]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [51/94]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [52/94]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [53/94]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [54/94]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [55/94]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [56/94]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [57/94]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [58/94]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [59/94]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [60/94]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [61/94]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [62/94]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [63/94]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [64/94]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [65/94]: prompt - fix caching + - SAUCE: apparmor4.0.0 [66/94]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [67/94]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [68/94]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [69/94]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [70/94]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [71/94]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [72/94] v6.8 prompt:fixup interruptible + - SAUCE: apparmor4.0.0 [76/94]: add io_uring mediation + - SAUCE: apparmor4.0.0 [79/94]: fixup notify + - SAUCE: apparmor4.0.0 [82/94]: apparmor: cleanup attachment perm lookup to + use lookup_perms() + - SAUCE: apparmor4.0.0 [83/94]: apparmor: remove redundant unconfined check. + - SAUCE: apparmor4.0.0 [84/94]: apparmor: switch signal mediation to using + RULE_MEDIATES + - SAUCE: apparmor4.0.0 [85/94]: apparmor: ensure labels with more than one + entry have correct flags + - SAUCE: apparmor4.0.0 [86/94]: apparmor: remove explicit restriction that + unconfined cannot use change_hat + - SAUCE: apparmor4.0.0 [87/94]: apparmor: cleanup: refactor file_perm() to + provide semantics of some checks + - SAUCE: apparmor4.0.0 [88/94]: apparmor: carry mediation check on label + - SAUCE: apparmor4.0.0 [89/94]: apparmor: convert easy uses of unconfined() to + label_mediates() + - SAUCE: apparmor4.0.0 [90/94]: apparmor: add additional flags to extended + permission. + - SAUCE: apparmor4.0.0 [91/94]: apparmor: add support for profiles to define + the kill signal + - SAUCE: apparmor4.0.0 [92/94]: apparmor: fix x_table_lookup when stacking is + not the first entry + - SAUCE: apparmor4.0.0 [93/94]: apparmor: allow profile to be transitioned + when a user ns is created + - SAUCE: apparmor4.0.0 [94/94]: apparmor: add ability to mediate caps with + policy state machine + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [81/94]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [80/94]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [78/94]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [77/94]: apparmor: fix oops when racing to retrieve + notification + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [73/94]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [74/94]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [75/94]: userns - make it so special unconfined + profiles can mediate user namespaces + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [37/94]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * Noble update: v6.7.2 upstream stable release (LP: #2051533) + - x86/lib: Fix overflow when counting digits + - x86/mce/inject: Clear test status value + - EDAC/thunderx: Fix possible out-of-bounds string access + - powerpc: add crtsavres.o to always-y instead of extra-y + - fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() + - x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram + - powerpc/44x: select I2C for CURRITUCK + - powerpc/pseries/memhp: Fix access beyond end of drmem array + - x86/microcode/intel: Set new revision only after a successful update + - perf/arm-cmn: Fix HN-F class_occup_id events + - drivers/perf: hisi: Fix some event id for HiSilicon UC pmu + - KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE + - selftests/powerpc: Fix error handling in FPU/VMX preemption tests + - powerpc/hv-gpci: Add return value check in + affinity_domain_via_partition_show function + - powerpc/rtas: Avoid warning on invalid token argument to sys_rtas() + - powerpc/powernv: Add a null pointer check to scom_debug_init_one() + - powerpc/powernv: Add a null pointer check in opal_event_init() + - powerpc/powernv: Add a null pointer check in opal_powercap_init() + - powerpc/imc-pmu: Add a null pointer check in update_events_in_group() + - sched/fair: Update min_vruntime for reweight_entity() correctly + - perf/x86/intel/uncore: Fix NULL pointer dereference issue in + upi_fill_topology() + - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies + - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response + - ACPI: video: check for error while searching for backlight device parent + - ACPI: LPIT: Avoid u32 multiplication overflow + - KEYS: encrypted: Add check for strsep + - spi: cadence-quadspi: add missing clk_disable_unprepare() in cqspi_probe() + - platform/x86/intel/vsec: Fix xa_alloc memory leak + - cpufreq: scmi: process the result of devm_of_clk_add_hw_provider() + - calipso: fix memory leak in netlbl_calipso_add_pass() + - efivarfs: force RO when remounting if SetVariable is not supported + - efivarfs: Free s_fs_info on unmount + - spi: sh-msiof: Enforce fixed DTDL for R-Car H3 + - ACPI: LPSS: Fix the fractional clock divider flags + - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error + - thermal: core: Fix NULL pointer dereference in zone registration error path + - kunit: debugfs: Fix unchecked dereference in debugfs_print_results() + - kunit: debugfs: Handle errors from alloc_string_stream() + - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier + - cpuidle: haltpoll: Do not enable interrupts when entering idle + - drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment + - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket + - crypto: rsa - add a check for allocation failure + - crypto: qat - prevent underflow in rp2srv_store() + - crypto: jh7110 - Correct deferred probe return + - crypto: virtio - Handle dataq logic with tasklet + - crypto: qat - add sysfs_added flag for ras + - crypto: qat - add sysfs_added flag for rate limiting + - crypto: sa2ul - Return crypto_aead_setkey to transfer the error + - crypto: ccp - fix memleak in ccp_init_dm_workarea + - crypto: af_alg - Disallow multiple in-flight AIO requests + - crypto: qat - fix error path in add_update_sla() + - crypto: qat - fix mutex ordering in adf_rl + - crypto: qat - add NULL pointer check + - hwrng: stm32 - add missing clk_disable_unprepare() in stm32_rng_init() + - crypto: safexcel - Add error handling for dma_map_sg() calls + - crypto: sahara - remove FLAGS_NEW_KEY logic + - crypto: sahara - fix cbc selftest failure + - crypto: sahara - fix ahash selftest failure + - crypto: sahara - fix processing requests with cryptlen < sg->length + - crypto: sahara - fix error handling in sahara_hw_descriptor_create() + - crypto: hisilicon/qm - save capability registers in qm init process + - crypto: hisilicon/zip - add zip comp high perf mode configuration + - crypto: hisilicon/qm - add a function to set qm algs + - crypto: hisilicon/hpre - save capability registers in probe process + - crypto: hisilicon/sec2 - save capability registers in probe process + - crypto: hisilicon/zip - save capability registers in probe process + - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() + - erofs: fix memory leak on short-lived bounced pages + - fs: indicate request originates from old mount API + - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump + - gfs2: fix kernel BUG in gfs2_quota_cleanup + - dlm: fix format seq ops type 4 + - crypto: virtio - Wait for tasklet to complete on device remove + - crypto: sahara - avoid skcipher fallback code duplication + - crypto: sahara - handle zero-length aes requests + - crypto: sahara - fix ahash reqsize + - crypto: sahara - fix wait_for_completion_timeout() error handling + - crypto: sahara - improve error handling in sahara_sha_process() + - crypto: sahara - fix processing hash requests with req->nbytes < sg->length + - crypto: sahara - do not resize req->src when doing hash operations + - crypto: scomp - fix req->dst buffer overflow + - keys, dns: Fix size check of V1 server-list header + - csky: fix arch_jump_label_transform_static override + - blocklayoutdriver: Fix reference leak of pnfs_device_node + - NFS: Use parent's objective cred in nfs_access_login_time() + - NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT + - SUNRPC: fix _xprt_switch_find_current_entry logic + - pNFS: Fix the pnfs block driver's calculation of layoutget size + - SUNRPC: Fixup v4.1 backchannel request timeouts + - asm-generic: Fix 32 bit __generic_cmpxchg_local + - arm64: dts: qcom: qrb4210-rb2: don't force usb peripheral mode + - arm64: dts: qcom: sc8280xp-x13s: Use the correct DP PHY compatible + - arm64: dts: qcom: sc8280xp-x13s: add missing camera LED pin config + - ARM: dts: qcom: msm8226: provide dsi phy clocks to mmcc + - wifi: plfxlc: check for allocation failure in plfxlc_usb_wreq_async() + - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag + - bpf, lpm: Fix check prefixlen before walking trie + - bpf: Add KF_RCU flag to bpf_refcount_acquire_impl + - bpf: Add crosstask check to __bpf_get_stack + - wifi: ath11k: Defer on rproc_get failure + - wifi: libertas: stop selecting wext + - ARM: dts: qcom: apq8064: correct XOADC register address + - scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() + - net/ncsi: Fix netlink major/minor version numbers + - firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() + - scsi: bfa: Use the proper data type for BLIST flags + - wifi: ath12k: fix the error handler of rfkill config + - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior + - arm64: dts: ti: k3-am62a-main: Fix GPIO pin count in DT nodes + - arm64: dts: ti: k3-am65-main: Fix DSS irq trigger type + - arm64: dts: ti: iot2050: Re-add aliases + - wifi: rtw88: sdio: Honor the host max_req_size in the RX path + - selftests/bpf: Fix erroneous bitmask operation + - md: synchronize flush io with array reconfiguration + - bpf: enforce precision of R0 on callback return + - ARM: dts: qcom: sdx65: correct PCIe EP phy-names + - ARM: dts: qcom: sdx65: correct SPMI node name + - dt-bindings: arm: qcom: Fix html link + - arm64: dts: qcom: sc8180x-primus: Fix HALL_INT polarity + - arm64: dts: qcom: sm8450: correct TX Soundwire clock + - arm64: dts: qcom: sm8550: correct TX Soundwire clock + - arm64: dts: qcom: sc7180: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sc7280: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sdm845: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sm8150: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sm8250: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sa8775p: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sc8280xp: Make watchdog bark interrupt edge triggered + - arm64: dts: qcom: sm6350: Make watchdog bark interrupt edge triggered + - bpf: Add map and need_defer parameters to .map_fd_put_ptr() + - bpf: Defer the free of inner map when necessary + - selftests/net: specify the interface when do arping + - bpf: fix check for attempt to corrupt spilled pointer + - scsi: fnic: Return error if vmalloc() failed + - arm64: dts: qcom: qrb2210-rb1: use USB host mode + - arm64: dts: qcom: qrb5165-rb5: correct LED panic indicator + - arm64: dts: qcom: sdm845-db845c: correct LED panic indicator + - arm64: dts: qcom: sm6125: add interrupts to DWC3 USB controller + - arm64: dts: qcom: sm8350: Fix DMA0 address + - arm64: dts: qcom: sc7280: Fix up GPU SIDs + - arm64: dts: qcom: sc7280: Mark Adreno SMMU as DMA coherent + - arm64: dts: qcom: sa8775p: fix USB wakeup interrupt types + - arm64: dts: qcom: sc7280: fix usb_2 wakeup interrupt types + - arm64: dts: qcom: sm8550: fix USB wakeup interrupt types + - wifi: mt76: mt7996: fix uninitialized variable in parsing txfree + - wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function + - wifi: mt76: mt7915: fallback to non-wed mode if platform_get_resource fails + in mt7915_mmio_wed_init() + - wifi: mt76: mt7996: fix the size of struct bss_rate_tlv + - wifi: mt76: mt7996: fix rate usage of inband discovery frames + - wifi: mt76: mt7996: fix alignment of sta info event + - wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 + - wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band + - wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing + - wifi: mt76: mt7921s: fix workqueue problem causes STA association fail + - bpf: Fix verification of indirect var-off stack access + - arm64: dts: hisilicon: hikey970-pmic: fix regulator cells properties + - bpf: Guard stack limits against 32bit overflow + - bpf: Fix accesses to uninit stack slots + - test_bpf: Rename second ALU64_SMOD_X to ALU64_SMOD_K + - dt-bindings: media: mediatek: mdp3: correct RDMA and WROT node with generic + names + - arm64: dts: mediatek: mt8183: correct MDP3 DMA-related nodes + - arm64: dts: mediatek: mt8195: revise VDOSYS RDMA node name + - arm64: dts: mediatek: mt8186: Fix alias prefix for ovl_2l0 + - arm64: dts: mediatek: mt8186: fix address warning for ADSP mailboxes + - wifi: mt76: mt7921: fix country count limitation for CLC + - wifi: mt76: mt7921: fix CLC command timeout when suspend/resume + - wifi: mt76: mt7921: fix wrong 6Ghz power type + - wifi: iwlwifi: don't support triggered EHT CQI feedback + - selftests/bpf: Relax time_tai test for equal timestamps in tai_forward + - block: Set memalloc_noio to false on device_add_disk() error path + - arm64: dts: xilinx: Apply overlays to base dtbs + - arm64: dts: renesas: white-hawk-cpu: Fix missing serial console pin control + - arm64: dts: imx8mm: Reduce GPU to nominal speed + - scsi: ufs: qcom: Fix the return value of ufs_qcom_ice_program_key() + - scsi: ufs: qcom: Fix the return value when platform_get_resource_byname() + fails + - scsi: hisi_sas: Replace with standard error code return value + - scsi: hisi_sas: Check before using pointer variables + - scsi: hisi_sas: Rollback some operations if FLR failed + - scsi: hisi_sas: Correct the number of global debugfs registers + - selftests/xsk: Fix for SEND_RECEIVE_UNALIGNED test + - ARM: dts: stm32: don't mix SCMI and non-SCMI board compatibles + - bpf: Fix a race condition between btf_put() and map_free() + - selftests/net: fix grep checking for fib_nexthop_multiprefix + - ipmr: support IP_PKTINFO on cache report IGMP msg + - virtio/vsock: fix logic which reduces credit update messages + - virtio/vsock: send credit update during setting SO_RCVLOWAT + - dma-mapping: clear dev->dma_mem to NULL after freeing it + - bpf: Limit the number of uprobes when attaching program to multiple uprobes + - bpf: Limit the number of kprobes when attaching program to multiple kprobes + - arm64: dts: qcom: acer-aspire1: Correct audio codec definition + - soc: qcom: llcc: Fix dis_cap_alloc and retain_on_pc configuration + - arm64: dts: qcom: sm6375: fix USB wakeup interrupt types + - arm64: dts: qcom: sm6375: Hook up MPM + - arm64: dts: qcom: sm8150: make dispcc cast minimal vote on MMCX + - arm64: dts: qcom: sm8150-hdk: fix SS USB regulators + - firmware: qcom: qseecom: fix memory leaks in error paths + - soc: qcom: llcc: Fix LLCC_TRP_ATTR2_CFGn offset + - block: add check of 'minors' and 'first_minor' in device_add_disk() + - arm64: dts: qcom: sc7280: Mark SDHCI hosts as cache-coherent + - arm64: dts: qcom: ipq6018: fix clock rates for GCC_USB0_MOCK_UTMI_CLK + - arm64: dts: qcom: sm8550: Separate out X3 idle state + - arm64: dts: qcom: sm8550: Update idle state time requirements + - arm64: dts: qcom: sc8180x: Mark PCIe hosts cache-coherent + - arm64: dts: qcom: sc8180x: Fix up PCIe nodes + - bpf: Use c->unit_size to select target cache during free + - wifi: rtlwifi: add calculate_bit_shift() + - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192c: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192de: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() + - wifi: rtlwifi: rtl8192se: using calculate_bit_shift() + - wifi: mac80211: fix advertised TTLM scheduling + - wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request + - wifi: iwlwifi: mvm: send TX path flush in rfkill + - wifi: iwlwifi: mvm: Do not warn if valid link pair was not found + - wifi: iwlwifi: fix out of bound copy_from_user + - wifi: iwlwifi: assign phy_ctxt before eSR activation + - netfilter: nf_tables: mark newset as dead on transaction abort + - netfilter: nf_tables: validate chain type update if available + - Bluetooth: Fix bogus check for re-auth no supported with non-ssp + - Bluetooth: btnxpuart: fix recv_buf() return value + - Bluetooth: btmtkuart: fix recv_buf() return value + - null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS + - arm64: dts: rockchip: Fix led pinctrl of lubancat 1 + - ice: Fix some null pointer dereference issues in ice_ptp.c + - wifi: cfg80211: correct comment about MLD ID + - wifi: cfg80211: parse all ML elements in an ML probe response + - bpf: sockmap, fix proto update hook to avoid dup calls + - sctp: support MSG_ERRQUEUE flag in recvmsg() + - sctp: fix busy polling + - s390/bpf: Fix gotol with large offsets + - blk-cgroup: fix rcu lockdep warning in blkg_lookup() + - net/sched: act_ct: fix skb leak and crash on ooo frags + - mlxbf_gige: Fix intermittent no ip issue + - mlxbf_gige: Enable the GigE port in mlxbf_gige_open + - rxrpc: Fix skbuff cleanup of call's recvmsg_queue and rx_oos_queue + - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() + - ARM: davinci: always select CONFIG_CPU_ARM926T + - Revert "drm/tidss: Annotate dma-fence critical section in commit path" + - Revert "drm/omapdrm: Annotate dma-fence critical section in commit path" + - drm/i915/display: Move releasing gem object away from fb tracking + - drm/dp_mst: Fix fractional DSC bpp handling + - drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() + - RDMA/usnic: Silence uninitialized symbol smatch warnings + - RDMA/hns: Fix inappropriate err code for unsupported operations + - drm/panel: nv3051d: Hold panel in reset for unprepare + - drm/panel-elida-kd35t133: hold panel in reset for unprepare + - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer + - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function + - drm/tilcdc: Fix irq free on unload + - media: pvrusb2: fix use after free on context disconnection + - media: mtk-jpeg: Remove cancel worker in mtk_jpeg_remove to avoid the crash + of multi-core JPEG devices + - media: visl: Hook the (TRY_)DECODER_CMD stateless ioctls + - media: verisilicon: Hook the (TRY_)DECODER_CMD stateless ioctls + - media: rkvdec: Hook the (TRY_)DECODER_CMD stateless ioctls + - media: amphion: Fix VPU core alias name + - drm/sched: Fix bounds limiting when given a malformed entity + - drm/bridge: Fix typo in post_disable() description + - drm/bridge: imx93-mipi-dsi: Fix a couple of building warnings + - f2fs: fix to avoid dirent corruption + - Revert "drm/bridge: Add 200ms delay to wait FW HPD status stable" + - fbdev/sm712fb: Use correct initializer macros for struct fb_ops + - ASoC: fsl_rpmsg: update Kconfig dependencies + - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() + - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() + - drm/radeon: check return value of radeon_ring_lock() + - drm/amd/display: Fix NULL pointer dereference at hibernate + - drm/tidss: Move reset to the end of dispc_init() + - drm/tidss: Return error value from from softreset + - drm/tidss: Check for K2G in in dispc_softreset() + - drm/tidss: Fix dss reset + - drm/imx/lcdc: Fix double-free of driver data + - ASoC: cs35l33: Fix GPIO name and drop legacy include + - ASoC: cs35l34: Fix GPIO name and drop legacy include + - drm/msm/a6xx: add QMP dependency + - drm/msm/mdp4: flush vblank event on disable + - drm/msm/dpu: Add missing safe_lut_tbl in sc8180x catalog + - drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks + - drm/drv: propagate errors from drm_modeset_register_all() + - media: v4l: async: Fix duplicated list deletion + - ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch + - ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL + - ASoC: SOF: topology: Use partial match for disconnecting DAI link and DAI + widget + - drm/msm/dpu: enable SmartDMA on SM8450 + - drm/msm/dpu: populate SSPP scaler block version + - drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq + - drm/msm/dpu: correct clk bit for WB2 block + - drm/amd/display: Return drm_connector from + find_first_crtc_matching_connector + - drm/amd/display: Use drm_connector in create_stream_for_sink + - drm/amd/display: Check writeback connectors in + create_validate_stream_for_sink + - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() + - drm/radeon/dpm: fix a memleak in sumo_parse_power_table + - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table + - drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable + - drm/bridge: tc358767: Fix return value on error case + - media: cx231xx: fix a memleak in cx231xx_init_isoc + - ASoC: SOF: Intel: pci-mtl: fix ARL-S definitions + - RDMA/hns: Fix memory leak in free_mr_init() + - clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config + - f2fs: Restrict max filesize for 16K f2fs + - media: bttv: start_streaming should return a proper error code + - media: bttv: add back vbi hack + - media: videobuf2: request more buffers for vb2_read + - media: imx-mipi-csis: Fix clock handling in remove() + - media: imx-mipi-csis: Drop extra clock enable at probe() + - media: dt-bindings: media: rkisp1: Fix the port description for the parallel + interface + - media: rkisp1: Fix media device memory leak + - media: rkisp1: Fix memory leaks in rkisp1_isp_unregister() + - drm/msm/adreno: Fix A680 chip id + - drm/panel: st7701: Fix AVCL calculation + - f2fs: fix to wait on block writeback for post_read case + - f2fs: fix to check compress file in f2fs_move_file_range() + - f2fs: fix to update iostat correctly in f2fs_filemap_fault() + - media: dvbdev: drop refcount on error path in dvb_device_open() + - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path + of m88ds3103_probe() + - clk: renesas: rzg2l-cpg: Reuse code in rzg2l_cpg_reset() + - clk: renesas: rzg2l: Check reset monitor registers + - drm/msm/dpu: Set input_sel bit for INTF + - drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() + - media: i2c: mt9m114: use fsleep() in place of udelay() + - drm/mediatek: Return error if MDP RDMA failed to enable the clock + - drm/mediatek: Remove the redundant driver data for DPI + - drm/mediatek: Fix underrun in VDO1 when switches off the layer + - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL + - drm/amd/pm: fix a double-free in si_dpm_init + - drivers/amd/pm: fix a use-after-free in kv_parse_power_table + - gpu/drm/radeon: fix two memleaks in radeon_vm_init + - drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table + - f2fs: fix to check return value of f2fs_recover_xattr_data + - clk: qcom: videocc-sm8150: Add missing PLL config property + - clk: sp7021: fix return value check in sp7021_clk_probe() + - drivers: clk: zynqmp: calculate closest mux rate + - drivers: clk: zynqmp: update divider round rate logic + - watchdog: set cdev owner before adding + - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO + - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling + - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused + - clk: rs9: Fix DIF OEn bit placement on 9FGV0241 + - clk: si5341: fix an error code problem in si5341_output_clk_set_rate + - ASoC: amd: vangogh: Drop conflicting ACPI-based probing + - ASoC: tas2781: add support for FW version 0x0503 + - drm/mediatek: dp: Add phy_mtk_dp module as pre-dependency + - accel/habanalabs: fix information leak in sec_attest_info() + - clk: qcom: gcc-sm8550: Add the missing RETAIN_FF_ENABLE GDSC flag + - clk: qcom: gcc-sm8550: Mark the PCIe GDSCs votable + - clk: qcom: gcc-sm8550: use collapse-voting for PCIe GDSCs + - clk: qcom: gcc-sm8550: Mark RCGs shared where applicable + - clk: qcom: gpucc-sm8550: Update GPU PLL settings + - clk: qcom: dispcc-sm8550: Update disp PLL settings + - clk: qcom: dispcc-sm8550: Use the correct PLL configuration function + - clk: fixed-rate: fix clk_hw_register_fixed_rate_with_accuracy_parent_hw + - pwm: stm32: Use hweight32 in stm32_pwm_detect_channels + - pwm: stm32: Fix enable count for clk in .probe() + - ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] + - ALSA: scarlett2: Add missing error check to scarlett2_config_save() + - ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() + - ALSA: scarlett2: Add missing error checks to *_ctl_get() + - ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() + - ALSA: scarlett2: Add missing mutex lock around get meter levels + - mmc: sdhci_am654: Fix TI SoC dependencies + - mmc: sdhci_omap: Fix TI SoC dependencies + - drm/amdkfd: Fix type of 'dbg_flags' in 'struct kfd_process' + - IB/iser: Prevent invalidating wrong MR + - drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in + kfd_topology.c + - drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init + - drm/amd/display: avoid stringop-overflow warnings for + dp_decide_lane_settings() + - kselftest/alsa - mixer-test: fix the number of parameters to + ksft_exit_fail_msg() + - kselftest/alsa - mixer-test: Fix the print format specifier warning + - kselftest/alsa - conf: Stringify the printed errno in sysfs_get() + - ksmbd: validate the zero field of packet header + - of: Fix double free in of_parse_phandle_with_args_map + - fbdev: imxfb: fix left margin setting + - of: unittest: Fix of_count_phandle_with_args() expected value message + - class: fix use-after-free in class_register() + - kernfs: convert kernfs_idr_lock to an irq safe raw spinlock + - Revert "kernfs: convert kernfs_idr_lock to an irq safe raw spinlock" + - selftests/bpf: Add assert for user stacks in test_task_stack + - binder: fix async space check for 0-sized buffers + - binder: fix unused alloc->free_async_space + - Input: atkbd - use ab83 as id when skipping the getid command + - rust: Ignore preserve-most functions + - Revert "drm/amdkfd: Relocate TBA/TMA to opposite side of VM hole" + - xen-netback: don't produce zero-size SKB frags + - binder: fix race between mmput() and do_exit() + - clocksource/drivers/timer-ti-dm: Fix make W=n kerneldoc warnings + - dt-bindings: timer: thead,c900-aclint-mtimer: separate mtime and mtimecmp + regs + - clocksource/drivers/ep93xx: Fix error handling during probe + - powerpc/64s: Increase default stack size to 32KB + - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug + - Revert "usb: gadget: f_uvc: change endpoint allocation in + uvc_function_bind()" + - usb: gadget: u_ether: Re-attach netif device to mirror detachment + - usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() + - usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart + - usb: dwc3: gadget: Handle EP0 request dequeuing properly + - usb: dwc3: gadget: Queue PM runtime idle on disconnect event + - Revert "usb: dwc3: Soft reset phy on probe for host" + - Revert "usb: dwc3: don't reset device side if dwc3 was configured as host- + only" + - usb: chipidea: wait controller resume finished for wakeup irq + - usb: cdns3: fix uvc failure work since sg support enabled + - usb: cdns3: fix iso transfer error when mult is not zero + - usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled + - Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" + - usb: typec: class: fix typec_altmode_put_partner to put plugs + - usb: mon: Fix atomicity violation in mon_bin_vma_fault + - dt-bindings: phy: qcom,sc8280xp-qmp-usb43dp-phy: fix path to header + - serial: Do not hold the port lock when setting rx-during-tx GPIO + - serial: core: fix sanitizing check for RTS settings + - serial: core: make sure RS485 cannot be enabled when it is not supported + - serial: core: set missing supported flag for RX during TX GPIO + - serial: 8250_bcm2835aux: Restore clock error handling + - serial: core, imx: do not set RS485 enabled if it is not supported + - serial: imx: Ensure that imx_uart_rs485_config() is called with enabled + clock + - serial: 8250_exar: Set missing rs485_supported flag + - serial: omap: do not override settings for RS485 support + - ALSA: oxygen: Fix right channel of capture volume mixer + - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx + - ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook + - ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 + - ksmbd: validate mech token in session setup + - ksmbd: fix UAF issue in ksmbd_tcp_new_connection() + - ksmbd: only v2 leases handle the directory + - ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION + - LoongArch: Fix and simplify fcsr initialization on execve() + - io_uring: don't check iopoll if request completes + - io_uring/rw: ensure io->bytes_done is always initialized + - io_uring: ensure local task_work is run on wait timeout + - fbdev/acornfb: Fix name of fb_ops initializer macro + - fbdev: flush deferred work in fb_deferred_io_fsync() + - fbdev: flush deferred IO before closing + - scsi: ufs: core: Simplify power management during async scan + - scsi: target: core: add missing file_{start,end}_write() + - scsi: mpi3mr: Refresh sdev queue depth after controller reset + - scsi: mpi3mr: Clean up block devices post controller reset + - scsi: mpi3mr: Block PEL Enable Command on Controller Reset and Unrecoverable + State + - md: Fix md_seq_ops() regressions + - drm/amd: Enable PCIe PME from D3 + - block: add check that partition length needs to be aligned with block size + - block: Remove special-casing of compound pages + - block: Fix iterating over an empty bio with bio_for_each_folio_all + - netfilter: nf_tables: check if catch-all set element is active in next + generation + - pwm: jz4740: Don't use dev_err_probe() in .request() + - pwm: Fix out-of-bounds access in of_pwm_single_xlate() + - md/raid1: Use blk_opf_t for read and write operations + - rootfs: Fix support for rootfstype= when root= is given + - Bluetooth: Fix atomicity violation in {min,max}_key_size_set + - bpf: Fix re-attachment branch in bpf_tracing_prog_attach + - media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) + - iommu/arm-smmu-qcom: Add missing GMU entry to match table + - iommu/dma: Trace bounce buffer usage when mapping buffers + - wifi: mt76: fix broken precal loading from MTD for mt7915 + - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code + - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors + - wifi: mwifiex: add extra delay for firmware ready + - wifi: mwifiex: configure BSSID consistently when starting AP + - wifi: mwifiex: fix uninitialized firmware_stat + - net: stmmac: fix ethtool per-queue statistics + - net: stmmac: Prevent DSA tags from breaking COE + - Revert "net: rtnetlink: Enslave device before bringing it up" + - Revert "nSVM: Check for reserved encodings of TLB_CONTROL in nested VMCB" + - drm/amdgpu: revert "Adjust removal control flow for smu v13_0_2" + - cxl/port: Fix decoder initialization when nr_targets > interleave_ways + - PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() + - x86/pci: Reserve ECAM if BIOS didn't include it in PNP0C02 _CRS + - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support + - PCI: mediatek: Clear interrupt status before dispatching handler + - ARM: dts: qcom: sdx55: Fix the base address of PCIe PHY + - x86/kvm: Do not try to disable kvmclock if it was not enabled + - KVM: arm64: vgic-v4: Restore pending state on host userspace write + - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache + - KVM: x86/pmu: Move PMU reset logic to common x86 code + - KVM: x86/pmu: Reset the PMU, i.e. stop counters, before refreshing + - iio: adc: ad7091r: Pass iio_dev to event handler + - HID: sensor-hub: Enable hid core report processing for all devices + - HID: wacom: Correct behavior when processing some confidence == false + touches + - serial: sc16is7xx: add check for unsupported SPI modes during probe + - serial: sc16is7xx: set safe default SPI clock frequency + - ARM: 9330/1: davinci: also select PINCTRL + - mfd: rk8xx: fixup devices registration with PLATFORM_DEVID_AUTO + - mfd: cs42l43: Correct SoundWire port list + - mfd: syscon: Fix null pointer dereference in of_syscon_register() + - rcu: Restrict access to RCU CPU stall notifiers + - leds: aw2013: Select missing dependency REGMAP_I2C + - leds: aw200xx: Fix write to DIM parameter + - mfd: tps6594: Add null pointer check to tps6594_device_init() + - mfd: intel-lpss: Fix the fractional clock divider flags + - srcu: Use try-lock lockdep annotation for NMI-safe access. + - mips: dmi: Fix early remap on MIPS32 + - mips: Fix incorrect max_low_pfn adjustment + - um: virt-pci: fix platform map offset + - riscv: Check if the code to patch lies in the exit section + - riscv: Fix wrong usage of lm_alias() when splitting a huge linear mapping + - riscv: Fix module_alloc() that did not reset the linear mapping permissions + - riscv: Fix set_direct_map_default_noflush() to reset _PAGE_EXEC + - riscv: Fixed wrong register in XIP_FIXUP_FLASH_OFFSET macro + - drm/i915/dp: Fix the max DSC bpc supported by source + - MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() + - MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() + - power: supply: cw2015: correct time_to_empty units in sysfs + - power: supply: bq256xx: fix some problem in bq256xx_hw_init + - PCI: Avoid potential out-of-bounds read in pci_dev_for_each_resource() + - serial: 8250: omap: Don't skip resource freeing if + pm_runtime_resume_and_get() failed + - iommu: Map reserved memory as cacheable if device is coherent + - perf test: Remove atomics from test_loop to avoid test failures + - perf header: Fix segfault on build_mem_topology() error path + - libapi: Add missing linux/types.h header to get the __u64 type on io.h + - staging: vc04_services: vchiq_core: Log through struct vchiq_instance + - staging: vc04_services: Do not pass NULL to vchiq_log_error() + - perf test record user-regs: Fix mask for vg register + - vfio/pds: Fix calculations in pds_vfio_dirty_sync + - perf vendor events arm64 AmpereOne: Rename BPU_FLUSH_MEM_FAULT to + GPC_FLUSH_MEM_FAULT + - perf vendor events powerpc: Update datasource event name to fix duplicate + events + - perf mem: Fix error on hybrid related to availability of mem event in a PMU + - perf stat: Exit perf stat if parse groups fails + - base/node.c: initialize the accessor list before registering + - acpi: property: Let args be NULL in __acpi_node_get_property_reference + - software node: Let args be NULL in software_node_get_reference_args + - serial: imx: fix tx statemachine deadlock + - selftests/sgx: Fix uninitialized pointer dereference in error path + - selftests/sgx: Fix uninitialized pointer dereferences in encl_get_entry + - selftests/sgx: Include memory clobber for inline asm in test enclave + - selftests/sgx: Skip non X86_64 platform + - iio: adc: ad9467: fix reset gpio handling + - iio: adc: ad9467: don't ignore error codes + - iio: adc: ad9467: add mutex to struct ad9467_state + - iio: adc: ad9467: fix scale setting + - perf header: Fix one memory leakage in perf_event__fprintf_event_update() + - perf hisi-ptt: Fix one memory leakage in hisi_ptt_process_auxtrace_event() + - perf genelf: Set ELF program header addresses properly + - perf unwind-libdw: Handle JIT-generated DSOs properly + - perf unwind-libunwind: Fix base address for .eh_frame + - bus: mhi: ep: Do not allocate event ring element on stack + - bus: mhi: ep: Use slab allocator where applicable + - bus: mhi: ep: Pass mhi_ep_buf_info struct to read/write APIs + - PCI: epf-mhi: Fix the DMA data direction of dma_unmap_single() + - usb: cdc-acm: return correct error code on unsupported break + - arm64: dts: qcom: qrb5165-rb5: use u16 for DP altmode svid + - cdx: Explicitly include correct DT includes, again + - spmi: mtk-pmif: Serialize PMIF status check and command submission + - usb: gadget: webcam: Make g_webcam loadable again + - greybus: gb-beagleplay: Remove use of pad bytes + - iommu: Don't reserve 0-length IOVA region + - perf vendor events: Remove UTF-8 characters from cmn.json + - power: supply: Fix null pointer dereference in smb2_probe + - vdpa: Fix an error handling path in eni_vdpa_probe() + - apparmor: Fix ref count leak in task_kill + - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length + - nvmet-tcp: fix a crash in nvmet_req_complete() + - nvmet-tcp: fix a missing endianess conversion in nvmet_tcp_try_peek_pdu + - apparmor: free the allocated pdb objects + - perf env: Avoid recursively taking env->bpf_progs.lock + - perf stat: Fix hard coded LL miss units + - cxl/region: fix x9 interleave typo + - apparmor: fix possible memory leak in unpack_trans_table + - apparmor: avoid crash when parsed profile name is empty + - usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer + - serial: imx: Correct clock error message in function probe() + - serial: apbuart: fix console prompt on qemu + - cdx: call of_node_put() on error path + - cdx: Unlock on error path in rescan_store() + - perf db-export: Fix missing reference count get in call_path_from_sample() + - cxl/port: Fix missing target list lock + - spi: coldfire-qspi: Remove an erroneous clk_disable_unprepare() from the + remove function + - hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume + - nvmet: re-fix tracing strncpy() warning + - nvme: trace: avoid memcpy overflow warning + - PCI: xilinx-xdma: Fix uninitialized symbols in + xilinx_pl_dma_pcie_setup_irq() + - PCI: xilinx-xdma: Fix error code in xilinx_pl_dma_pcie_init_irq_domain() + - nvmet-tcp: Fix the H2C expected PDU len calculation + - PCI: keystone: Fix race condition when initializing PHYs + - apparmor: Fix memory leak in unpack_profile() + - PCI: mediatek-gen3: Fix translation window size calculation + - ASoC: mediatek: sof-common: Add NULL check for normal_link string + - s390/pci: fix max size calculation in zpci_memcpy_toio() + - net: qualcomm: rmnet: fix global oob in rmnet_policy + - net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice + events + - rxrpc: Fix use of Don't Fragment flag + - octeontx2-af: CN10KB: Fix FIFO length calculation for RPM2 + - net: ethernet: ti: am65-cpsw: Fix max mtu to fit ethernet frames + - amt: do not use overwrapped cb area + - ALSA: aloop: Introduce a function to get if access is interleaved mode + - net: micrel: Fix PTP frame parsing for lan8841 + - net: phy: micrel: populate .soft_reset for KSZ9131 + - ALSA: hda: Properly setup HDMI stream + - mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN + - mptcp: strict validation before using mp_opt->hmac + - mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() + - mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() + - mptcp: refine opt_mp_capable determination + - block: ensure we hold a queue reference when using queue limits + - net: stmmac: Fix ethool link settings ops for integrated PCS + - udp: annotate data-races around up->pending + - erofs: fix inconsistent per-file compression format + - net: add more sanity check in virtio_net_hdr_to_skb() + - net: netdev_queue: netdev_txq_completed_mb(): fix wake condition + - bpf: iter_udp: Retry with a larger batch size without going back to the + previous bucket + - bpf: Avoid iter->offset making backward progress in bpf_iter_udp + - net: tls, fix WARNIING in __sk_msg_free + - net: ravb: Fix dma_addr_t truncation in error case + - dt-bindings: gpio: xilinx: Fix node address in gpio + - gpio: mlxbf3: add an error code check in mlxbf3_gpio_probe + - ASoC: SOF: ipc4-loader: remove the CPC check warnings + - gpiolib: Fix scope-based gpio_device refcounting + - drm/amdkfd: fixes for HMM mem allocation + - drm/amdgpu: fall back to INPUT power for AVG power via INFO IOCTL + - selftests: bonding: Change script interpreter + - net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake + calls + - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS + - net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe + - LoongArch: BPF: Prevent out-of-bounds memory access + - mptcp: relax check on MPC passive fallback + - net: netdevsim: don't try to destroy PHC on VFs + - netfilter: nf_tables: reject invalid set policy + - netfilter: nft_limit: do not ignore unsupported flags + - netfilter: nfnetlink_log: use proper helper for fetching physinif + - netfilter: nf_queue: remove excess nf_bridge variable + - netfilter: propagate net to nf_bridge_get_physindev + - netfilter: bridge: replace physindev with physinif in nf_bridge_info + - netfilter: nf_tables: do not allow mismatch field size and set key length + - netfilter: nf_tables: skip dead set elements in netlink dump + - netfilter: nf_tables: reject NFT_SET_CONCAT with not field length + description + - ipvs: avoid stat macros calls from preemptible context + - io_uring: adjust defer tw counting + - kdb: Fix a potential buffer overflow in kdb_local() + - arm64/ptrace: Don't flush ZA/ZT storage when writing ZA via ptrace + - ethtool: netlink: Add missing ethnl_ops_begin/complete + - loop: fix the the direct I/O support check when used on top of block devices + - mlxsw: spectrum_acl_erp: Fix error flow of pool allocation failure + - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path + - mlxsw: spectrum_acl_tcam: Fix stack corruption + - mlxsw: spectrum_router: Register netdevice notifier before nexthop + - selftests: mlxsw: qos_pfc: Adjust the test to support 8 lanes + - ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work + - i2c: s3c24xx: fix read transfers in polling mode + - i2c: s3c24xx: fix transferring more than one message in polling mode + - Revert "KEYS: encrypted: Add check for strsep" + - arm64: dts: armada-3720-turris-mox: set irq type for RTC + - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" + - Linux 6.7.2 + * Noble update: v6.7.1 upstream stable release (LP: #2051245) + - f2fs: explicitly null-terminate the xattr list + - ALSA: hda/realtek: Add quirks for Dell models + - ALSA: hda: cs35l41: Support additional Dell models without _DSD + - ALSA: hda: cs35l41: Prevent firmware load if SPI speed too low + - ALSA: hda: Add driver properties for cs35l41 for Lenovo Legion Slim 7 Gen 8 + serie + - ALSA: hda/realtek: enable SND_PCI_QUIRK for Lenovo Legion Slim 7 Gen 8 + (2023) serie + - ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx + - ALSA: hda: cs35l41: Support more HP models without _DSD + - ACPI: resource: Add another DMI match for the TongFang GMxXGxx + - bus: moxtet: Mark the irq as shared + - bus: moxtet: Add spi device table + - drm/amd/display: Pass pwrseq inst for backlight and ABM + - ksmbd: don't allow O_TRUNC open on read-only share + - ksmbd: free ppace array on error in parse_dacl + - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" + - binder: use EPOLLERR from eventpoll.h + - binder: fix use-after-free in shinker's callback + - binder: fix trivial typo of binder_free_buf_locked() + - binder: fix comment on binder_alloc_new_buf() return value + - uio: Fix use-after-free in uio_open + - parport: parport_serial: Add Brainboxes BAR details + - parport: parport_serial: Add Brainboxes device IDs and geometry + - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate + - PCI: Add ACS quirk for more Zhaoxin Root Ports + - coresight: etm4x: Fix width of CCITMIN field + - scripts/decode_stacktrace.sh: optionally use LLVM utilities + - docs: kernel_feat.py: fix potential command injection + - mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval + - Linux 6.7.1 + * Miscellaneous Ubuntu changes + - [Config] update annotations after applying v6.7.2 stable updates + - [Packaging] add Rust 1.73 dependency + + [ Ubuntu: 6.7.0-2.2 ] + + * noble/linux: 6.7.0-2.2 -proposed tracker (LP: #2049182) + * Packaging resync (LP: #1786013) + - [Packaging] resync getabis + * Enforce RETPOLINE and SLS mitigrations (LP: #2046440) + - SAUCE: objtool: Make objtool check actually fatal upon fatal errors + - SAUCE: objtool: make objtool SLS validation fatal when building with + CONFIG_SLS=y + - SAUCE: objtool: make objtool RETPOLINE validation fatal when building with + CONFIG_RETPOLINE=y + - SAUCE: scripts: remove generating .o-ur objects + - [Packaging] Remove all custom retpoline-extract code + - Revert "UBUNTU: SAUCE: vga_set_mode -- avoid jump tables" + - Revert "UBUNTU: SAUCE: early/late -- annotate indirect calls in early/late + initialisation code" + - Revert "UBUNTU: SAUCE: apm -- annotate indirect calls within + firmware_restrict_branch_speculation_{start,end}" + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable riscv64 builds + - [Packaging] temporarily disable Rust dependencies on riscv64 + + [ Ubuntu: 6.7.0-1.1 ] + + * noble/linux: 6.7.0-1.1 -proposed tracker (LP: #2048859) + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + * [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice + anymore (LP: #2048919) + - [Config] Enable S390_UV_UAPI (built-in) + * Support mipi camera on Intel Meteor Lake platform (LP: #2031412) + - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor + Lake + - SAUCE: platform/x86: int3472: Add handshake GPIO function + * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module + (LP: #2033406) + - [Packaging] Make WWAN driver loadable modules + * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439) + - [Packaging] Make linux-tools-common depend on hwdata + * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and + PCIE peripherals (LP: #2036587) + - [Config] Enable CONFIG_MTK_IOMMU on arm64 + * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root + images (LP: #2019040) + - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y + * kexec enable to load/kdump zstd compressed zimg (LP: #2037398) + - [Packaging] Revert arm64 image format to Image.gz + * Mantic minimized/minimal cloud images do not receive IP address during + provisioning; systemd regression with wait-online (LP: #2036968) + - [Config] Enable virtio-net as built-in to avoid race + * Make backlight module auto detect dell_uart_backlight (LP: #2008882) + - SAUCE: ACPI: video: Dell AIO UART backlight detection + * Linux 6.2 fails to reboot with current u-boot-nezha (LP: #2021364) + - [Config] Default to performance CPUFreq governor on riscv64 + * Enable Nezha board (LP: #1975592) + - [Config] Build in D1 clock drivers on riscv64 + - [Config] Enable CONFIG_SUN6I_RTC_CCU on riscv64 + - [Config] Enable CONFIG_SUNXI_WATCHDOG on riscv64 + - [Config] Disable SUN50I_DE2_BUS on riscv64 + - [Config] Disable unneeded sunxi pinctrl drivers on riscv64 + * Enable StarFive VisionFive 2 board (LP: #2013232) + - [Config] Enable CONFIG_PINCTRL_STARFIVE_JH7110_SYS on riscv64 + - [Config] Enable CONFIG_STARFIVE_WATCHDOG on riscv64 + * rcu_sched detected stalls on CPUs/tasks (LP: #1967130) + - [Config] Enable virtually mapped stacks on riscv64 + * Check for changes relevant for security certifications (LP: #1945989) + - [Packaging] Add a new fips-checks script + * Installation support for SMARC RZ/G2L platform (LP: #2030525) + - [Config] build Renesas RZ/G2L USBPHY control driver statically + * Add support for kernels compiled with CONFIG_EFI_ZBOOT (LP: #2002226) + - [Config]: Turn on CONFIG_EFI_ZBOOT on ARM64 + * Default module signing algo should be accelerated (LP: #2034061) + - [Config] Default module signing algo should be accelerated + * Miscellaneous Ubuntu changes + - [Config] annotations clean-up + [ Upstream Kernel Changes ] + * Rebase to v6.7 + + [ Ubuntu: 6.7.0-0.0 ] + + * Empty entry + + [ Ubuntu: 6.7.0-5.5 ] + + * noble/linux-unstable: 6.7.0-5.5 -proposed tracker (LP: #2048118) + * Packaging resync (LP: #1786013) + - debian/dkms-versions -- update from kernel-versions (main/d2024.01.02) + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust support + - [Packaging] temporarily disable riscv64 builds + + [ Ubuntu: 6.7.0-4.4 ] + + * noble/linux-unstable: 6.7.0-4.4 -proposed tracker (LP: #2047807) + * unconfined profile denies userns_create for chromium based processes + (LP: #1990064) + - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [69/69]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [68/69]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [67/69]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [66/69]: apparmor: fix oops when racing to retrieve + notification + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/69]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/69]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [03/69]: add unpriviled user ns mediation + - SAUCE: apparmor4.0.0 [04/69]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [05/69]: af_unix mediation + - SAUCE: apparmor4.0.0 [06/69]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [07/69]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [08/69]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [09/69]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [10/69]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [11/69]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [12/69]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [13/69]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [14/69]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [15/69]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [16/69]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [17/69]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [18/69]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [19/69]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [20/69]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [21/69]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [22/69]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [23/69]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [24/69]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [25/69]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [27/69]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [28/69]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [29/69]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [30/69]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [31/69]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [32/69]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [33/69]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [34/69]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [35/69]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [36/69]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [37/69]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [38/69]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [39/69]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [40/69]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [41/69]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [42/69]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [43/69]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [44/69]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [45/69]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [46/69]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [47/69]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [48/69]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [49/69]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [50/69]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [51/69]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [52/69]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [53/69]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [54/69]: prompt - fix caching + - SAUCE: apparmor4.0.0 [55/69]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [56/69]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [57/69]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [58/69]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [59/69]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [60/69]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [64/69]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [65/69]: add io_uring mediation + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [61/69]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [62/69]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [63/69]: userns - make it so special unconfined + profiles can mediate user namespaces + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [26/69]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * Fix RPL-U CPU C-state always keep at C3 when system run PHM with idle screen + on (LP: #2042385) + - SAUCE: r8169: Add quirks to enable ASPM on Dell platforms + * [Debian] autoreconstruct - Do not generate chmod -x for deleted files + (LP: #2045562) + - [Debian] autoreconstruct - Do not generate chmod -x for deleted files + * Disable Legacy TIOCSTI (LP: #2046192) + - [Config]: disable CONFIG_LEGACY_TIOCSTI + * Packaging resync (LP: #1786013) + - [Packaging] update variants + - [Packaging] remove helper scripts + - [Packaging] update annotations scripts + * Miscellaneous Ubuntu changes + - [Packaging] rules: Remove unused dkms make variables + - [Config] update annotations after rebase to v6.7-rc8 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc8 + + [ Ubuntu: 6.7.0-3.3 ] + + * noble/linux-unstable: 6.7.0-3.3 -proposed tracker (LP: #2046060) + * enable CONFIG_INTEL_TDX_HOST in linux >= 6.7 for noble (LP: #2046040) + - [Config] enable CONFIG_INTEL_TDX_HOST + * linux tools packages for derived kernels refuse to install simultaneously + due to libcpupower name collision (LP: #2035971) + - [Packaging] Statically link libcpupower into cpupower tool + * make lazy RCU a boot time option (LP: #2045492) + - SAUCE: rcu: Provide a boot time parameter to control lazy RCU + * Build failure if run in a console (LP: #2044512) + - [Packaging] Fix kernel module compression failures + * Turning COMPAT_32BIT_TIME off on arm64 (64k & derivatives) (LP: #2038582) + - [Config] y2038: Turn off COMPAT and COMPAT_32BIT_TIME on arm64 64k + * Turning COMPAT_32BIT_TIME off on riscv64 (LP: #2038584) + - [Config] y2038: Disable COMPAT_32BIT_TIME on riscv64 + * Turning COMPAT_32BIT_TIME off on ppc64el (LP: #2038587) + - [Config] y2038: Disable COMPAT and COMPAT_32BIT_TIME on ppc64le + * [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough + (LP: #2042853) + - [Config] CONFIG_VFIO_PCI_ZDEV_KVM=y + * back-out zstd module compression automatic for backports (LP: #2045593) + - [Packaging] make ZSTD module compression conditional + * Miscellaneous Ubuntu changes + - [Packaging] Remove do_full_source variable + - [Packaging] Remove obsolete config handling + - [Packaging] Remove support for sub-flavors + - [Packaging] Remove old linux-libc-dev version hack + - [Packaging] Remove obsolete scripts + - [Packaging] Remove README.inclusion-list + - [Packaging] make $(stampdir)/stamp-build-perarch depend on build-arch + - [Packaging] Enable rootless builds + - [Packaging] Allow to run debian/rules without (fake)root + - [Packaging] remove unneeded trailing slash for INSTALL_MOD_PATH + - [Packaging] override KERNELRELEASE instead of KERNELVERSION + - [Config] update toolchain versions in annotations + - [Packaging] drop useless linux-doc + - [Packaging] scripts: Rewrite insert-ubuntu-changes in Python + - [Packaging] enable riscv64 builds + - [Packaging] remove the last sub-flavours bit + - [Packaging] check debian.env to determine do_libc_dev_package + - [Packaging] remove debian.*/variants + - [Packaging] remove do_libc_dev_package variable + - [Packaging] move linux-libc-dev.stub to debian/control.d/ + - [Packaging] Update check to build linux-libc-dev to the source package name + - [Packaging] rules: Remove startnewrelease target + - [Packaging] Remove debian/commit-templates + - [Config] update annotations after rebase to v6.7-rc4 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc4 + + [ Ubuntu: 6.7.0-2.2 ] + + * noble/linux-unstable: 6.7.0-2.2 -proposed tracker (LP: #2045107) + * Miscellaneous Ubuntu changes + - [Packaging] re-enable Rust + - [Config] enable Rust in annotations + - [Packaging] Remove do_enforce_all variable + - [Config] disable Softlogic 6x10 capture card driver on armhf + - [Packaging] disable Rust support + - [Config] update annotations after rebase to v6.7-rc3 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc3 + + [ Ubuntu: 6.7.0-1.1 ] + + * noble/linux-unstable: 6.7.0-1.1 -proposed tracker (LP: #2044069) + * Packaging resync (LP: #1786013) + - [Packaging] update annotations scripts + - [Packaging] update helper scripts + * Miscellaneous Ubuntu changes + - [Config] update annotations after rebase to v6.7-rc2 + [ Upstream Kernel Changes ] + * Rebase to v6.7-rc2 + + [ Ubuntu: 6.7.0-0.0 ] + + * Empty entry + + [ Ubuntu: 6.6.0-12.12 ] + + * noble/linux-unstable: 6.6.0-12.12 -proposed tracker (LP: #2043664) + * Miscellaneous Ubuntu changes + - [Packaging] temporarily disable zfs dkms + + [ Ubuntu: 6.6.0-11.11 ] + + * noble/linux-unstable: 6.6.0-11.11 -proposed tracker (LP: #2043480) + * Packaging resync (LP: #1786013) + - [Packaging] resync git-ubuntu-log + - [Packaging] resync update-dkms-versions helper + - [Packaging] update variants + - debian/dkms-versions -- update from kernel-versions (main/d2023.11.14) + * Miscellaneous Ubuntu changes + - [Packaging] move to Noble + - [Config] toolchain version update + + [ Ubuntu: 6.6.0-10.10 ] + + * mantic/linux-unstable: 6.6.0-10.10 -proposed tracker (LP: #2043088) + * Bump arm64's CONFIG_NR_CPUS to 512 (LP: #2042897) + - [Config] Bump CONFIG_NR_CPUS to 512 for arm64 + * Miscellaneous Ubuntu changes + - [Config] Include a note for the NR_CPUS setting on riscv64 + - SAUCE: apparmor4.0.0 [83/83]: Fix inode_init for changed prototype + + [ Ubuntu: 6.6.0-9.9 ] + + * mantic/linux-unstable: 6.6.0-9.9 -proposed tracker (LP: #2041852) + * Switch IMA default hash to sha256 (LP: #2041735) + - [Config] Switch IMA_DEFAULT_HASH from sha1 to sha256 + * apparmor restricts read access of user namespace mediation sysctls to root + (LP: #2040194) + - SAUCE: apparmor4.0.0 [82/82]: apparmor: open userns related sysctl so lxc + can check if restriction are in place + * AppArmor spams kernel log with assert when auditing (LP: #2040192) + - SAUCE: apparmor4.0.0 [81/82]: apparmor: fix request field from a prompt + reply that denies all access + * apparmor notification files verification (LP: #2040250) + - SAUCE: apparmor4.0.0 [80/82]: apparmor: fix notification header size + * apparmor oops when racing to retrieve a notification (LP: #2040245) + - SAUCE: apparmor4.0.0 [79/82]: apparmor: fix oops when racing to retrieve + notification + * Disable restricting unprivileged change_profile by default, due to LXD + latest/stable not yet compatible with this new apparmor feature + (LP: #2038567) + - SAUCE: apparmor4.0.0 [78/82]: apparmor: Make + apparmor_restrict_unprivileged_unconfined opt-in + * update apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [01/82]: add/use fns to print hash string hex value + - SAUCE: apparmor4.0.0 [02/82]: rename SK_CTX() to aa_sock and make it an + inline fn + - SAUCE: apparmor4.0.0 [03/82]: patch to provide compatibility with v2.x net + rules + - SAUCE: apparmor4.0.0 [04/82]: add user namespace creation mediation + - SAUCE: apparmor4.0.0 [05/82]: Add sysctls for additional controls of unpriv + userns restrictions + - SAUCE: apparmor4.0.0 [06/82]: af_unix mediation + - SAUCE: apparmor4.0.0 [07/82]: Add fine grained mediation of posix mqueues + - SAUCE: apparmor4.0.0 [08/82]: Stacking v38: LSM: Identify modules by more + than name + - SAUCE: apparmor4.0.0 [09/82]: Stacking v38: LSM: Add an LSM identifier for + external use + - SAUCE: apparmor4.0.0 [10/82]: Stacking v38: LSM: Identify the process + attributes for each module + - SAUCE: apparmor4.0.0 [11/82]: Stacking v38: LSM: Maintain a table of LSM + attribute data + - SAUCE: apparmor4.0.0 [12/82]: Stacking v38: proc: Use lsmids instead of lsm + names for attrs + - SAUCE: apparmor4.0.0 [13/82]: Stacking v38: integrity: disassociate + ima_filter_rule from security_audit_rule + - SAUCE: apparmor4.0.0 [14/82]: Stacking v38: LSM: Infrastructure management + of the sock security + - SAUCE: apparmor4.0.0 [15/82]: Stacking v38: LSM: Add the lsmblob data + structure. + - SAUCE: apparmor4.0.0 [16/82]: Stacking v38: LSM: provide lsm name and id + slot mappings + - SAUCE: apparmor4.0.0 [17/82]: Stacking v38: IMA: avoid label collisions with + stacked LSMs + - SAUCE: apparmor4.0.0 [18/82]: Stacking v38: LSM: Use lsmblob in + security_audit_rule_match + - SAUCE: apparmor4.0.0 [19/82]: Stacking v38: LSM: Use lsmblob in + security_kernel_act_as + - SAUCE: apparmor4.0.0 [20/82]: Stacking v38: LSM: Use lsmblob in + security_secctx_to_secid + - SAUCE: apparmor4.0.0 [21/82]: Stacking v38: LSM: Use lsmblob in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [22/82]: Stacking v38: LSM: Use lsmblob in + security_ipc_getsecid + - SAUCE: apparmor4.0.0 [23/82]: Stacking v38: LSM: Use lsmblob in + security_current_getsecid + - SAUCE: apparmor4.0.0 [24/82]: Stacking v38: LSM: Use lsmblob in + security_inode_getsecid + - SAUCE: apparmor4.0.0 [25/82]: Stacking v38: LSM: Use lsmblob in + security_cred_getsecid + - SAUCE: apparmor4.0.0 [26/82]: Stacking v38: LSM: Specify which LSM to + display + - SAUCE: apparmor4.0.0 [28/82]: Stacking v38: LSM: Ensure the correct LSM + context releaser + - SAUCE: apparmor4.0.0 [29/82]: Stacking v38: LSM: Use lsmcontext in + security_secid_to_secctx + - SAUCE: apparmor4.0.0 [30/82]: Stacking v38: LSM: Use lsmcontext in + security_inode_getsecctx + - SAUCE: apparmor4.0.0 [31/82]: Stacking v38: Use lsmcontext in + security_dentry_init_security + - SAUCE: apparmor4.0.0 [32/82]: Stacking v38: LSM: security_secid_to_secctx in + netlink netfilter + - SAUCE: apparmor4.0.0 [33/82]: Stacking v38: NET: Store LSM netlabel data in + a lsmblob + - SAUCE: apparmor4.0.0 [34/82]: Stacking v38: binder: Pass LSM identifier for + confirmation + - SAUCE: apparmor4.0.0 [35/82]: Stacking v38: LSM: security_secid_to_secctx + module selection + - SAUCE: apparmor4.0.0 [36/82]: Stacking v38: Audit: Keep multiple LSM data in + audit_names + - SAUCE: apparmor4.0.0 [37/82]: Stacking v38: Audit: Create audit_stamp + structure + - SAUCE: apparmor4.0.0 [38/82]: Stacking v38: LSM: Add a function to report + multiple LSMs + - SAUCE: apparmor4.0.0 [39/82]: Stacking v38: Audit: Allow multiple records in + an audit_buffer + - SAUCE: apparmor4.0.0 [40/82]: Stacking v38: Audit: Add record for multiple + task security contexts + - SAUCE: apparmor4.0.0 [41/82]: Stacking v38: audit: multiple subject lsm + values for netlabel + - SAUCE: apparmor4.0.0 [42/82]: Stacking v38: Audit: Add record for multiple + object contexts + - SAUCE: apparmor4.0.0 [43/82]: Stacking v38: netlabel: Use a struct lsmblob + in audit data + - SAUCE: apparmor4.0.0 [44/82]: Stacking v38: LSM: Removed scaffolding + function lsmcontext_init + - SAUCE: apparmor4.0.0 [45/82]: Stacking v38: AppArmor: Remove the exclusive + flag + - SAUCE: apparmor4.0.0 [46/82]: combine common_audit_data and + apparmor_audit_data + - SAUCE: apparmor4.0.0 [47/82]: setup slab cache for audit data + - SAUCE: apparmor4.0.0 [48/82]: rename audit_data->label to + audit_data->subj_label + - SAUCE: apparmor4.0.0 [49/82]: pass cred through to audit info. + - SAUCE: apparmor4.0.0 [50/82]: Improve debug print infrastructure + - SAUCE: apparmor4.0.0 [51/82]: add the ability for profiles to have a + learning cache + - SAUCE: apparmor4.0.0 [52/82]: enable userspace upcall for mediation + - SAUCE: apparmor4.0.0 [53/82]: cache buffers on percpu list if there is lock + contention + - SAUCE: apparmor4.0.0 [54/82]: advertise availability of exended perms + - SAUCE: apparmor4.0.0 [56/82]: cleanup: provide separate audit messages for + file and policy checks + - SAUCE: apparmor4.0.0 [57/82]: prompt - lock down prompt interface + - SAUCE: apparmor4.0.0 [58/82]: prompt - ref count pdb + - SAUCE: apparmor4.0.0 [59/82]: prompt - allow controlling of caching of a + prompt response + - SAUCE: apparmor4.0.0 [60/82]: prompt - add refcount to audit_node in prep or + reuse and delete + - SAUCE: apparmor4.0.0 [61/82]: prompt - refactor to moving caching to + uresponse + - SAUCE: apparmor4.0.0 [62/82]: prompt - Improve debug statements + - SAUCE: apparmor4.0.0 [63/82]: prompt - fix caching + - SAUCE: apparmor4.0.0 [64/82]: prompt - rework build to use append fn, to + simplify adding strings + - SAUCE: apparmor4.0.0 [65/82]: prompt - refcount notifications + - SAUCE: apparmor4.0.0 [66/82]: prompt - add the ability to reply with a + profile name + - SAUCE: apparmor4.0.0 [67/82]: prompt - fix notification cache when updating + - SAUCE: apparmor4.0.0 [68/82]: prompt - add tailglob on name for cache + support + - SAUCE: apparmor4.0.0 [69/82]: prompt - allow profiles to set prompts as + interruptible + - SAUCE: apparmor4.0.0 [74/82]: advertise disconnected.path is available + - SAUCE: apparmor4.0.0 [75/82]: fix invalid reference on profile->disconnected + - SAUCE: apparmor4.0.0 [76/82]: add io_uring mediation + - SAUCE: apparmor4.0.0 [77/82]: apparmor: Fix regression in mount mediation + * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe] + apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic + (LP: #2032602) + - SAUCE: apparmor4.0.0 [70/82]: prompt - add support for advanced filtering of + notifications + - SAUCE: apparmor4.0.0 [71/82]: userns - add the ability to reference a global + variable for a feature value + - SAUCE: apparmor4.0.0 [72/82]: userns - make it so special unconfined + profiles can mediate user namespaces + - SAUCE: apparmor4.0.0 [73/82]: userns - allow restricting unprivileged + change_profile + * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903) // update + apparmor and LSM stacking patch set (LP: #2028253) + - SAUCE: apparmor4.0.0 [55/82]: fix profile verification and enable it + * udev fails to make prctl() syscall with apparmor=0 (as used by maas by + default) (LP: #2016908) // update apparmor and LSM stacking patch set + (LP: #2028253) + - SAUCE: apparmor4.0.0 [27/82]: Stacking v38: Fix prctl() syscall with + apparmor=0 + * Miscellaneous Ubuntu changes + - [Config] SECURITY_APPARMOR_RESTRICT_USERNS=y + + [ Ubuntu: 6.6.0-8.8 ] + + * mantic/linux-unstable: 6.6.0-8.8 -proposed tracker (LP: #2040243) + * Miscellaneous Ubuntu changes + - abi: gc reference to phy-rtk-usb2/phy-rtk-usb3 + + [ Ubuntu: 6.6.0-7.7 ] + + * mantic/linux-unstable: 6.6.0-7.7 -proposed tracker (LP: #2040147) + * test_021_aslr_dapper_libs from ubuntu_qrt_kernel_security failed on K-5.19 / + J-OEM-6.1 / J-6.2 AMD64 (LP: #1983357) + - [Config]: set ARCH_MMAP_RND_{COMPAT_, }BITS to the maximum + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc7 rebase + + [ Ubuntu: 6.6.0-6.6 ] + + * mantic/linux-unstable: 6.6.0-6.6 -proposed tracker (LP: #2039780) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc6 + - [Config] updateconfigs following v6.6-rc6 rebase + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc6 + + [ Ubuntu: 6.6.0-5.5 ] + + * mantic/linux-unstable: 6.6.0-5.5 -proposed tracker (LP: #2038899) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc5 + - [Config] updateconfigs following v6.6-rc5 rebase + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc5 + + [ Ubuntu: 6.6.0-4.4 ] + + * mantic/linux-unstable: 6.6.0-4.4 -proposed tracker (LP: #2038423) + * Miscellaneous Ubuntu changes + - rebase on v6.6-rc4 + [ Upstream Kernel Changes ] + * Rebase to v6.6-rc4 + + [ Ubuntu: 6.6.0-3.3 ] + + * mantic/linux-unstable: 6.6.0-3.3 -proposed tracker (LP: #2037622) + * Miscellaneous Ubuntu changes + - [Config] updateconfigs following v6.6-rc3 rebase + * Miscellaneous upstream changes + - Revert "UBUNTU: SAUCE: enforce rust availability only on x86_64" + - arm64: rust: Enable Rust support for AArch64 + - arm64: rust: Enable PAC support for Rust. + - arm64: Restrict Rust support to little endian only. + + [ Ubuntu: 6.6.0-2.2 ] + + * Miscellaneous upstream changes + - UBUBNTU: [Config] build all COMEDI drivers as modules + + -- Joseph Salisbury Fri, 02 Feb 2024 09:31:47 -0500 linux-realtime (6.7.0-1003.2) noble; urgency=medium diff --git a/debian.realtime/config/annotations b/debian.realtime/config/annotations index 0fd2ce5e8e10..94a6f1e4d6df 100644 --- a/debian.realtime/config/annotations +++ b/debian.realtime/config/annotations @@ -26,7 +26,7 @@ CONFIG_OSNOISE_TRACER note<'LP: #1961588'> CONFIG_PREEMPT_RT policy<{'amd64': 'y', 'arm64': 'y'}> CONFIG_PREEMPT_RT note<'must be enabled in the real-time kernel'> -CONFIG_RUST policy<{'amd64': '-'}> +CONFIG_RUST policy<{'amd64': 'n'}> CONFIG_RUST note<'Disable Rust in linux-realtime'> CONFIG_TIMERLAT_TRACER policy<{'amd64': 'y', 'arm64': 'y'}> @@ -77,6 +77,7 @@ CONFIG_CEC_GPIO policy<{'amd64': 'm', 'arm64': ' CONFIG_CEC_PIN policy<{'amd64': 'y', 'arm64': '-'}> CONFIG_CEC_PIN_ERROR_INJ policy<{'amd64': 'y', 'arm64': '-'}> CONFIG_COMPACT_UNEVICTABLE_DEFAULT policy<{'amd64': '0', 'arm64': '0'}> +CONFIG_CONSTRUCTORS policy<{'amd64': '-'}> CONFIG_CONTEXT_TRACKING_FORCE policy<{'amd64': '-', 'arm64': '-'}> CONFIG_CONTEXT_TRACKING_USER policy<{'amd64': 'y', 'arm64': 'y'}> CONFIG_CONTEXT_TRACKING_USER_FORCE policy<{'amd64': 'n', 'arm64': 'n'}> @@ -171,9 +172,10 @@ CONFIG_RING_BUFFER_ALLOW_SWAP policy<{'amd64': 'y'}> CONFIG_RUSTC_VERSION_TEXT policy<{'amd64': '-'}> CONFIG_RUST_BUILD_ASSERT_ALLOW policy<{'amd64': '-'}> CONFIG_RUST_DEBUG_ASSERTIONS policy<{'amd64': '-'}> -CONFIG_RUST_IS_AVAILABLE policy<{'amd64': '-', 'arm64': '-'}> +CONFIG_RUST_IS_AVAILABLE policy<{'amd64': 'y', 'arm64': 'y'}> CONFIG_RUST_OVERFLOW_CHECKS policy<{'amd64': '-'}> CONFIG_RV_MON_WIP policy<{'amd64': 'n'}> +CONFIG_SAMPLES_RUST policy<{'amd64': '-'}> CONFIG_SENSORS_AAEON policy<{'amd64': 'n'}> CONFIG_SLAB policy<{'amd64': '-', 'arm64': '-'}> CONFIG_SLAB_DEPRECATED policy<{'amd64': '-', 'arm64': '-'}>