[continued from previous message]
- drm/amdgpu/display: disable prefer_shadow for generic fb helpers
(regression in 5.17)
- [x86] drm/i915: fix a possible refcount leak in
intel_dp_add_mst_connector()
- [x86] drm/i915/guc: ADL-N should use the same GuC FW as ADL-S
- ima: Fix a potential integer overflow in ima_appraise_measurement
- [arm64,armhf] ASoC: sgtl5000: Fix noise on shutdown/remove
- [x86] ASoC: Intel: Skylake: Correct the ssp rate discovery in
skl_get_ssp_clks()
- [x86] ASoC: Intel: Skylake: Correct the handling of fmt_config flexible
array
- netfilter: ecache: move to separate structure
- netfilter: conntrack: split inner loop of list dumping to own function
- netfilter: ecache: use dedicated list for event redelivery
- netfilter: conntrack: include ecache dying list in dumps
- netfilter: conntrack: remove the percpu dying list
- netfilter: conntrack: fix crash due to confirmed bit load reordering
(regression in 5.17)
- sysctl: Fix data races in proc_dointvec().
- sysctl: Fix data races in proc_douintvec().
- sysctl: Fix data races in proc_dointvec_minmax().
- sysctl: Fix data races in proc_douintvec_minmax().
- sysctl: Fix data races in proc_doulongvec_minmax().
- sysctl: Fix data races in proc_dointvec_jiffies().
- tcp: Fix a data-race around sysctl_tcp_max_orphans.
- inetpeer: Fix data-races around sysctl.
- net: Fix data-races around sysctl_mem.
- cipso: Fix data-races around sysctl.
- icmp: Fix data-races around sysctl.
- ipv4: Fix a data-race around sysctl_fib_sync_mem.
- [armhf] dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
- netfilter: nf_log: incorrect offset to network header
- nfp: fix issue of skb segments exceeds descriptor limitation
- vlan: fix memory leak in vlan_newlink() (regression in 5.17)
- netfilter: nf_tables: replace BUG_ON by element length check
- [riscv64] KVM: Fix SRCU deadlock caused by
kvm_riscv_check_vcpu_requests()
- [x86] drm/i915/gvt: IS_ERR() vs NULL bug in
intel_gvt_update_reg_whitelist()
- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
- mptcp: fix subflow traversal at disconnect time (regression in 5.17)
- NFSD: Decode NFSv4 birth time attribute (regression in 5.18)
- lockd: set fl_owner when unlocking files
- lockd: fix nlm_close_files (regression in 5.15)
- ice: handle E822 generic device ID in PLDM header
- ice: change devlink code to read NVM in blocks
- [x86] drm/i915/ttm: fix sg_table construction (regression in 5.15)
- [x86] drm/i915/gt: Serialize GRDOM access between multiple engine resets
- [x86] drm/i915/gt: Serialize TLB invalidates with GT resets
- bnxt_en: reclaim max resources if sriov enable fails
- bnxt_en: Fix bnxt_reinit_after_abort() code path
- bnxt_en: fix livepatch query
- bnxt_en: Fix bnxt_refclk_read()
- sysctl: Fix data-races in proc_dou8vec_minmax().
- sysctl: Fix data-races in proc_dointvec_ms_jiffies().
- tcp: Fix a data-race around sysctl_max_tw_buckets.
- icmp: Fix a data-race around sysctl_icmp_echo_ignore_all.
- icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
- icmp: Fix a data-race around sysctl_icmp_echo_ignore_broadcasts.
- icmp: Fix a data-race around sysctl_icmp_ignore_bogus_error_responses.
- icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
- icmp: Fix a data-race around sysctl_icmp_ratelimit.
- icmp: Fix a data-race around sysctl_icmp_ratemask.
- raw: Fix a data-race around sysctl_raw_l3mdev_accept.
- tcp: Fix data-races around sysctl_tcp_ecn.
- tcp: Fix a data-race around sysctl_tcp_ecn_fallback.
- ipv4: Fix data-races around sysctl_ip_dynaddr.
- nexthop: Fix data-races around nexthop_compat_mode.
- [amd64] ima: force signature verification when CONFIG_KEXEC_SIG is
configured
- drm/amd/display: Ignore First MST Sideband Message Return Error
- [amd64] drm/amdkfd: correct the MEC atomic support firmware checking for
GC 10.3.7
- drm/amd/display: Only use depth 36 bpp linebuffers on DCN display
engines. (regression in 5.14)
- drm/amd/pm: Prevent divide by zero
- drm/amd/display: Ensure valid event timestamp for cursor-only commits
- smb3: workaround negprot bug in some Samba servers
- sfc: fix use after free when disabling sriov
- netfs: do not unlock and put the folio twice
- seg6: fix skb checksum evaluation in SRH encapsulation/insertion
- seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
- seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
- sfc: fix kernel panic when creating VF
- net: atlantic: remove deep parameter on suspend/resume functions
- net: atlantic: remove aq_nic_deinit() when resume (regression in 5.18)
- [x86] KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
kvm_pv_kick_cpu_op()
- net/tls: Check for errors in tls_device_init
- mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
- [arm64] tee: tee_get_drvdata(): fix description of return value
- tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
- tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
- scsi: megaraid: Clear READ queue map's nr_queues (regression in 5.13)
- scsi: ufs: core: Drop loglevel of WriteBoost message (regression in 5.13)
- nvme: fix block device naming collision (regression in 5.18)
- ksmbd: use SOCK_NONBLOCK type for kernel_accept()
- [x86] platform/x86: intel/pmc: Add Alder Lake N support to PMC core
driver
- virtio_mmio: Add missing PM calls to freeze/restore
- virtio_mmio: Restore guest page size on resume
- netfilter: nf_tables: avoid skb access on nf_stolen
- netfilter: br_netfilter: do not skip all hooks with 0 priority
- [arm64] scsi: hisi_sas: Limit max hw sectors for v3 HW
- [powerpc*] cpufreq: pmac32-cpufreq: Fix refcount leak bug
- [x86] platform/x86: thinkpad-acpi: profile capabilities as integer
- [x86] platform/x86: thinkpad_acpi: do not use PSC mode on Intel platforms
- [x86] platform/x86: hp-wmi: Ignore Sanitization Mode event
- firmware: sysfb: Make sysfb_create_simplefb() return a pdev pointer
- firmware: sysfb: Add sysfb_disable() helper function
- fbdev: Disable sysfb device registration when removing conflicting FBs
- net: tipc: fix possible refcount leak in tipc_sk_create()
- nvme-tcp: always fail a request when sending it failed
- nvme: fix regression when disconnect a recovering ctrl
- net: sfp: fix memory leak in sfp_probe()
- ASoC: ops: Fix off by one in range control validation
- [armhf] pinctrl: aspeed: Fix potential NULL dereference in
aspeed_pinmux_set_mux()
- ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on remove
- ASoC: rt711-sdca-sdw: fix calibrate mutex initialization
- [x86] ASoC: Intel: sof_sdw: handle errors on card registration
- ASoC: rt711: fix calibrate mutex initialization
- ASoC: rt7*-sdw: harden jack_detect_handler
- ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues in probe
- [x86] ASoC: SOF: Intel: hda-dsp: Expose hda_dsp_core_power_up()
- [x86] ASoC: SOF: Intel: hda-loader: Make sure that the fw load sequence
is followed
- [x86] ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
- [x86] ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering problem
- ASoC: wm_adsp: Fix event for preloader
- ASoC: cs35l41: Correct some control names
- ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
- ASoC: dapm: Initialise kcontrol data for mux/demux controls
- ASoC: cs35l41: Add ASP TX3/4 source to register patch
- [amd64] Clear .brk area at early boot
- [armhf] dts: stm32: use the correct clock source for CEC on stm32mp151
- Revert "can: xilinx_can: Limit CANFD brp to 2"
- ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
- ALSA: usb-audio: Add quirk for Fiero SC-01
- ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0)
- nvme-pci: phison e16 has bogus namespace ids
- nvme: use struct group for generic command dwords
- signal handling: don't use BUG_ON() for debugging
- ACPI: video: Fix acpi_video_handles_brightness_key_presses()
- vt: fix memory overlapping when deleting chars in the buffer
- [s390x] ap: fix error handling in __verify_queue_reservations()
- [x86] ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory
- serial: 8250: fix return error code in serial8250_request_std_resource()
- power: supply: core: Fix boundary conditions in interpolation
(regression in 5.17)
- [armhf] serial: stm32: Clear prev values before setting RTS delays
- [arm*] serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
- serial: 8250: Fix PM usage_count for console handover
- [arm64] serial: mvebu-uart: correctly report configured baudrate value
- [x86] pat: Fix x86_has_pat_wp()
- [i386] drm/i915/ttm: fix 32b build
- drm/aperture: Run fbdev removal before internal helpers
https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.14
- [amd64] Preparation for mitigating RETbleed:
+ x86/traps: Use pt_regs directly in fixup_bad_iret()
+ x86/entry: Switch the stack after error_entry() returns
+ x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
+ x86/entry: Don't call error_entry() for XENPV
+ x86/entry: Remove skip_r11rcx
- [amd64] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
Intel (CVE-2022-29901) processors:
+ x86/kvm/vmx: Make noinstr clean
+ x86/cpufeatures: Move RETPOLINE flags to word 11
+ x86/retpoline: Cleanup some #ifdefery
+ x86/retpoline: Swizzle retpoline thunk
+ x86/retpoline: Use -mfunction-return
+ x86: Undo return-thunk damage
+ x86,objtool: Create .return_sites
+ objtool: skip non-text sections when adding return-thunk sites
+ x86,static_call: Use alternative RET encoding
+ x86/ftrace: Use alternative RET encoding
+ x86/bpf: Use alternative RET encoding
+ x86/kvm: Fix SETcc emulation for return thunks
+ x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
+ x86/sev: Avoid using __x86_return_thunk
+ x86: Use return-thunk in asm code
+ x86/entry: Avoid very early RET
+ objtool: Treat .text.__x86.* as noinstr
+ x86: Add magic AMD return-thunk
+ x86/bugs: Report AMD retbleed vulnerability
+ x86/bugs: Add AMD retbleed= boot parameter
+ x86/bugs: Enable STIBP for JMP2RET
+ x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
+ x86/entry: Add kernel IBRS implementation
+ x86/bugs: Optimize SPEC_CTRL MSR writes
+ x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
+ x86/bugs: Split spectre_v2_select_mitigation() and
spectre_v2_user_select_mitigation()
+ x86/bugs: Report Intel retbleed vulnerability
+ intel_idle: Disable IBRS during long idle
+ objtool: Update Retpoline validation
+ x86/xen: Rename SYS* entry points
+ x86/xen: Add UNTRAIN_RET
+ x86/bugs: Add retbleed=ibpb
+ x86/bugs: Do IBPB fallback check only once
+ objtool: Add entry UNRET validation
+ x86/cpu/amd: Add Spectral Chicken
+ x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
+ x86/speculation: Fix firmware entry SPEC_CTRL handling
+ x86/speculation: Fix SPEC_CTRL write on SMT state change
+ x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
+ x86/speculation: Remove x86_spec_ctrl_mask
+ objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
+ KVM: VMX: Flatten __vmx_vcpu_run()
+ KVM: VMX: Convert launched argument to flags
+ KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
+ KVM: VMX: Fix IBRS handling after vmexit
+ x86/speculation: Fill RSB on vmexit for IBRS
+ KVM: VMX: Prevent RSB underflow before vmenter
+ x86/common: Stamp out the stepping madness
+ x86/cpu/amd: Enumerate BTC_NO
+ x86/retbleed: Add fine grained Kconfig knobs
+ x86/bugs: Add Cannon lake to RETBleed affected CPU list
+ x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
+ x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
+ x86/kexec: Disable RET on kexec
+ x86/speculation: Disable RRSBA behavior
+ x86/static_call: Serialize __static_call_fixup() properly
+ x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
+ x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
+ efi/x86: use naked RET on mixed mode call wrapper
+ x86/kvm: fix FASTOP_SIZE when return thunks are enabled
+ KVM: emulate: do not adjust size of fastop and setcc subroutines
+ tools arch x86: Sync the msr-index.h copy with the kernel sources
+ tools headers cpufeatures: Sync with the kernel sources
+ x86/bugs: Remove apostrophe typo
+ um: Add missing apply_returns()
.
[ John Paul Adrian Glaubitz ]
* [ia64] Disable CONFIG_HARDENED_USERCOPY which is currently broken
.
[ Ben Hutchings ]
* [arm64] pinctrl: Re-enable PINCTRL_MSM (regression in 5.14)
* lintian: Update overrides for lintian 2.115
* [rt] Update to 5.18-rt11:
- Revert "softirq: Check preemption after reenabling interrupts"
* Bump ABI to 3
* Disable SECURITY_LOCKDOWN_LSM and MODULE_SIG where we don't sign code
(Closes: #825141)
* tools/bpf, tools/perf: Update for init_disassemble_info() API change in
binutils 2.38.50
* tools/perf: Fix "unused parameter" warning introduced by "tools/perf:
pmu-events: Fix reproducibility"
* [amd64,arm64,armhf] wireguard: Clear keys after suspend despite
CONFIG_ANDROID=y
* d/salsa-ci.yml: Sync build-script with upstream
* d/salsa-ci.yml: Handle APT sources in debian.sources as well as
sources.list
* d/tests: Remove obsolete dependencies of python test
* d/tests: Add kbuild test that builds a trivial OOT module
* linux-kbuild: Add missing pahole-version.sh script
* [amd64] ata: Enable PATA_LEGACY (Closes: #910010)
* udeb: Add essiv to crypto-modules (Closes: #973378)
* udeb: Add SCSI device handlers to multipath-modules (Closes: #989079)
* linux-source: Update Recommends to include all dependencies for deb-pkg
target
* [x86] speculation: Make all RETbleed mitigations depend on X86_64
.
[ Vincent Blut ]
* [armhf] drivers/crypto/caam: Enable CRYPTO_DEV_FSL_CAAM as module
(Closes: #1013255)
* drivers/net/wireless/mediatek/mt76/mt7921: Enable MT7921U as module
(Closes: #1015808)
Checksums-Sha1:
00f77c9e50302794046f66ce734e646d749d7d6c 251368 linux_5.18.14-1.dsc
bd9ad09a17f0aa6325bc85e2292cedcd7753fc7e 131714096 linux_5.18.14.orig.tar.xz
1e07a9ecdb49d5ee9c598d528fffa12fb514cd48 1339696 linux_5.18.14-1.debian.tar.xz
a1f40eb299a7cdbe7300d464b215d18aa87627a0 7580 linux_5.18.14-1_source.buildinfo Checksums-Sha256:
8b5b638331c98d5dc7e27206ac440796ef7acece61c01961e9b7eeaf0efa3dd6 251368 linux_5.18.14-1.dsc
2ce62b985321d0f7d91e00b8eb6dc9d5fb556d783eac58b0493082af0b89b848 131714096 linux_5.18.14.orig.tar.xz
c21c63f13b0c9da3a64d272e8803ac03a933d9b1cf896d5daf90ce83062b8dc6 1339696 linux_5.18.14-1.debian.tar.xz
7147d8f61586bb279bdc6be54f746fb17dc086b56c19c3d31f470cf784d0cf83 7580 linux_5.18.14-1_source.buildinfo
Files:
1dd69904eb35d11b2d82cab965a43f6b 251368 kernel optional linux_5.18.14-1.dsc
f0f0b2afc3cad17d66e409f28e6aad3e 131714096 kernel optional linux_5.18.14.orig.tar.xz
8b47771ca03ff07037930c072f1b658a 1339696 kernel optional linux_5.18.14-1.debian.tar.xz
0c61f7db3091fbc105b4d74ef33c2b8c 7580 kernel optional linux_5.18.14-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmLcT4wACgkQ57/I7JWG EQmz0hAAkREFnLGtJGn3/ojRXMUxo7QDRejbGFSoLR2PyGZi6TFbvRRVGau+rpkF /lOnv9PO5h5JFJ3LuO3wXwD8kpddWgj4CAOoQFZpp7zQ1N/Vo3cAviD/a/7DBuQj lwEwq0KprniP/esxds+iZiWk5WxiBpUC5IGjBjUmYuUugGnWhMqqIHT72AWbK2py eha+Q0ik8LNCW2rwuvnTHmpU3MB3CRzBMEEmWzdabB9wHh0eEQ+tSqOQngGRgo6K PHoDpwMhxRkblkAtaj0ISaNZbkgZaE9ukJE4SAK4CzW2a5RNoWFeqOHAQ8vCdNQS jwRR5Xp3Xnap77C66Px2WpaMlBZQp1GCYFu0sZkj6c9+D/a4JZ3o1eYggHgL+zJR extv724heua8vYtcUM1Z/44wLtZS40iGM7xV3nmFAHNzjlcUwiO8z3cHAJrPuLQ8 Eh6p3VjjpfMVT15FaqH23UC5JYNadkiqB0h3njfFN6jL97tD99XuQHe75XJuvDsH NGf3JYH4gB6/ytqyBP9l99T9ruWKlcXXGwR2JT5QF9x81+4aO6Uh6qAENMut1LG8 LsRGuP3CYAlQijYeVPF42HALGvScl4ELDHTqIW+dPKO9WWdYDok1mBk2xDFvDzJm RpmtBS2MmV3ed51VjXwvo8ZFehPDWOzdjhqGHrV/AKHXPyfec+E=
=EeYO
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)