diff --git a/debian.master/changelog b/debian.master/changelog index fa6666b498fc0..72815d1db909f 100644 --- a/debian.master/changelog +++ b/debian.master/changelog @@ -1,10 +1,432 @@ -linux (5.8.0-56.63) UNRELEASED; urgency=medium +linux (5.8.0-56.63) groovy; urgency=medium - CHANGELOG: Do not edit directly. Autogenerated at release. - CHANGELOG: Use the printchanges target to see the curent changes. - CHANGELOG: Use the insertchanges target to create the final log. + * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052) - -- Kleber Sacilotto de Souza Fri, 04 Jun 2021 11:56:05 +0200 + * Packaging resync (LP: #1786013) + - update dkms package versions + + * scsi: storvsc: Parameterize number hardware queues (LP: #1930626) + - scsi: storvsc: Parameterize number hardware queues + + * CVE-2021-33200 + - bpf: Wrap aux data inside bpf_sanitize_info container + - bpf: Fix mask direction swap upon off reg sign change + - bpf: No need to simulate speculative domain for immediates + + * CVE-2021-3490 + - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with + bitwise ops" + - gpf: Fix alu32 const subreg bound tracking on bitwise operations + + * CVE-2021-3489 + - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read- + only ringbuf pages" + - bpf: Prevent writable memory-mapping of read-only ringbuf pages + + * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle + (LP: #1928242) + - USB: Verify the port status when timeout happens during port suspend + + * CVE-2020-26145 + - ath10k: drop fragments with multicast DA for SDIO + - ath10k: add CCMP PN replay protection for fragmented frames for PCIe + - ath10k: drop fragments with multicast DA for PCIe + + * CVE-2020-26141 + - ath10k: Fix TKIP Michael MIC verification for PCIe + + * CVE-2020-24587 + - ath11k: Clear the fragment cache during key install + + * CVE-2020-24588 + - mac80211: properly handle A-MSDUs that start with an RFC 1042 header + - cfg80211: mitigate A-MSDU aggregation attacks + - mac80211: drop A-MSDUs on old ciphers + - ath10k: drop MPDU which has discard flag set by firmware for SDIO + + * CVE-2020-26139 + - mac80211: do not accept/forward invalid EAPOL frames + + * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases. + - mac80211: extend protection against mixed key and fragment cache attacks + + * CVE-2020-24586 // CVE-2020-24587 + - mac80211: prevent mixed key and fragment cache attacks + - mac80211: add fragment cache to sta_info + - mac80211: check defrag PN against current frame + - mac80211: prevent attacks on TKIP/WEP as well + + * CVE-2020-26147 + - mac80211: assure all fragments are encrypted + + * raid10: Block discard is very slow, causing severe delays for mkfs and + fstrim operations (LP: #1896578) + - md: add md_submit_discard_bio() for submitting discard bio + - md/raid10: extend r10bio devs to raid disks + - md/raid10: pull the code that wait for blocked dev into one function + - md/raid10: improve raid10 discard request + - md/raid10: improve discard request for far layout + - dm raid: remove unnecessary discard limits for raid0 and raid10 + + * [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517) + - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES + + * CVE-2021-23133 + - sctp: delay auto_asconf init until binding the first addr + + * kvm: properly tear down PV features on hibernate (LP: #1920944) + - x86/kvm: Fix pr_info() for async PF setup/teardown + - x86/kvm: Teardown PV features on boot CPU as well + - x86/kvm: Disable kvmclock on all CPUs on shutdown + - x86/kvm: Disable all PV features on crash + - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() + + * CVE-2021-31440 + - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds + + * Can't detect intel wifi 6235 (LP: #1920180) + - SAUCE: iwlwifi: add new pci id for 6235 + + * [SRU] Patch for flicker and glitching on common LCD display panels, intel + framebuffer (LP: #1925685) + - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old + max strategy on failure + - drm/i915/dp: Use slow and wide link training for everything + + * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message + (LP: #1887661) + - selftests: pmtu.sh: use $ksft_skip for skipped return code + + * IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49 + (LP: #1926030) + - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation" + - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond + durations" + + * Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132) + - Input: nspire-keypad - enable interrupts only when opened + - gpio: sysfs: Obey valid_mask + - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback + - dmaengine: idxd: fix delta_rec and crc size field for completion record + - dmaengine: idxd: fix opcap sysfs attribute output + - dmaengine: idxd: fix wq size store permission state + - dmaengine: dw: Make it dependent to HAS_IOMEM + - dmaengine: Fix a double free in dma_async_device_register + - dmaengine: plx_dma: add a missing put_device() on error path + - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() + - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race + - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 + - lockdep: Add a missing initialization hint to the "INFO: Trying to register + non-static key" message + - arc: kernel: Return -EFAULT if copy_to_user() fails + - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() + - xfrm: BEET mode doesn't support fragments for inner packets + - ASoC: max98373: Added 30ms turn on/off time delay + - gpu/xen: Fix a use after free in xen_drm_drv_init + - neighbour: Disregard DEAD dst in neigh_update + - ARM: keystone: fix integer overflow warning + - ARM: omap1: fix building with clang IAS + - drm/msm: Fix a5xx/a6xx timestamps + - ASoC: fsl_esai: Fix TDM slot setup for I2S mode + - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state + - iwlwifi: add support for Qu with AX201 device + - net: ieee802154: stop dump llsec keys for monitors + - net: ieee802154: forbid monitor for add llsec key + - net: ieee802154: forbid monitor for del llsec key + - net: ieee802154: stop dump llsec devs for monitors + - net: ieee802154: forbid monitor for add llsec dev + - net: ieee802154: forbid monitor for del llsec dev + - net: ieee802154: stop dump llsec devkeys for monitors + - net: ieee802154: forbid monitor for add llsec devkey + - net: ieee802154: forbid monitor for del llsec devkey + - net: ieee802154: stop dump llsec seclevels for monitors + - net: ieee802154: forbid monitor for add llsec seclevel + - pcnet32: Use pci_resource_len to validate PCI resource + - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN + - virt_wifi: Return micros for BSS TSF values + - lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS + - Input: s6sy761 - fix coordinate read bit shift + - Input: i8042 - fix Pegatron C15B ID entry + - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices + - dm verity fec: fix misaligned RS roots IO + - readdir: make sure to verify directory entry for legacy interfaces too + - arm64: fix inline asm in load_unaligned_zeropad() + - arm64: alternatives: Move length validation in alternative_{insn, endif} + - vfio/pci: Add missing range check in vfio_pci_mmap + - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM" + - scsi: libsas: Reset num_scatter if libata marks qc as NODATA + - netfilter: flowtable: fix NAT IPv6 offload mangling + - netfilter: conntrack: do not print icmpv6 as unknown via /proc + - ice: Fix potential infinite loop when using u8 loop counter + - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC + - netfilter: bridge: add pre_exit hooks for ebtable unregistration + - netfilter: arp_tables: add pre_exit hook for table unregister + - net: macb: fix the restore of cmp registers + - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta + - netfilter: nft_limit: avoid possible divide error in nft_limit_init + - net/mlx5e: Fix setting of RS FEC mode + - net: davicom: Fix regulator not turned off on failed probe + - net: sit: Unregister catch-all devices + - net: ip6_tunnel: Unregister catch-all devices + - mm: ptdump: fix build failure + - net: Make tcp_allowed_congestion_control readonly in non-init netns + - i40e: fix the panic when running bpf in xdpdrv mode + - ia64: remove duplicate entries in generic_defconfig + - ia64: tools: remove inclusion of ia64-specific version of errno.h header + - ibmvnic: avoid calling napi_disable() twice + - ibmvnic: remove duplicate napi_schedule call in do_reset function + - ibmvnic: remove duplicate napi_schedule call in open function + - gro: ensure frag0 meets IP header alignment + - ARM: OMAP2+: Fix warning for omap_init_time_of() + - ARM: footbridge: fix PCI interrupt mapping + - ARM: OMAP2+: Fix uninitialized sr_inst + - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems + - arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference + - bpf: Use correct permission flag for mixed signed bounds arithmetic + - r8169: tweak max read request size for newer chips also in jumbo mtu mode + - r8169: don't advertise pause in jumbo mode + - bpf: Ensure off_reg has no mixed signed bounds for all types + - bpf: Move off_reg into sanitize_ptr_alu + - ARM: 9071/1: uprobes: Don't hook on thumb instructions + - bpf: Rework ptr_limit into alu_limit and add common error path + - bpf: Improve verifier error messages for users + - bpf: Move sanitize_val_alu out of op switch + - net: phy: marvell: fix detection of PHY on Topaz switches + - vhost-vdpa: protect concurrent access to vhost device iotlb + - gpio: omap: Save and restore sysconfig + - KEYS: trusted: Fix TPM reservation for seal/unseal + - pinctrl: lewisburg: Update number of pins in community + - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS + - bpf: Permits pointers on stack for helper calls + - bpf: Refactor and streamline bounds check into helper + - bpf: Tighten speculative pointer arithmetic mask + - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 + - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[] + - perf auxtrace: Fix potential NULL pointer dereference + - perf map: Fix error return code in maps__clone() + - HID: google: add don USB id + - HID: alps: fix error return code in alps_input_configured() + - HID: wacom: Assign boolean values to a bool variable + - ARM: dts: Fix swapped mmc order for omap3 + - net: geneve: check skb is large enough for IPv4/IPv6 header + - dmaengine: tegra20: Fix runtime PM imbalance on error + - s390/entry: save the caller of psw_idle + - arm64: kprobes: Restore local irqflag if kprobes is cancelled + - xen-netback: Check for hotplug-status existence before watching + - cavium/liquidio: Fix duplicate argument + - kasan: fix hwasan build for gcc + - csky: change a Kconfig symbol name to fix e1000 build error + - ia64: fix discontig.c section mismatches + - ia64: tools: remove duplicate definition of ia64_mf() on ia64 + - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access + - net: hso: fix NULL-deref on disconnect regression + - USB: CDC-ACM: fix poison/unpoison imbalance + - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() + - mei: me: add Alder Lake P device id. + - bpf: Update selftests to reflect new error states + - mips: Do not include hi and lo in clobber list for R6 + - netfilter: conntrack: Make global sysctls readonly in non-init netns + - net: usb: ax88179_178a: initialize local variables before use + - igb: Enable RSS for Intel I211 Ethernet Controller + - bpf: Fix masking negation logic upon negative dst register + - bpf: Fix leakage of uninitialized bpf stack under speculation + - net: qrtr: Avoid potential use after free in MHI send + - perf data: Fix error return code in perf_data__create_dir() + - capabilities: require CAP_SETFCAP to map uid 0 + - perf ftrace: Fix access to pid in array when setting a pid filter + - driver core: add a min_align_mask field to struct device_dma_parameters + - swiotlb: add a IO_TLB_SIZE define + - swiotlb: factor out an io_tlb_offset helper + - swiotlb: factor out a nr_slots helper + - swiotlb: clean up swiotlb_tbl_unmap_single + - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single + - ovl: fix leaked dentry + - ovl: allow upperdir inside lowerdir + - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX + - USB: Add reset-resume quirk for WD19's Realtek Hub + - platform/x86: thinkpad_acpi: Correct thermal sensor allocation + - perf/core: Fix unconditional security_locked_down() call + - vfio: Depend on MMU + - avoid __memcat_p link failure + + * r8152 tx status -71 (LP: #1922651) // Groovy update: upstream stable + patchset 2021-05-20 (LP: #1929132) + - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet + + * Fix kdump failures (LP: #1927518) + - video: hyperv_fb: Add ratelimit on error message + - Drivers: hv: vmbus: Increase wait time for VMbus unload + - Drivers: hv: vmbus: Initialize unload_event statically + + * Groovy update: upstream stable patchset 2021-05-13 (LP: #1928386) + - ALSA: aloop: Fix initialization of controls + - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 + - ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model + - ASoC: intel: atom: Stop advertising non working S24LE support + - nfc: fix refcount leak in llcp_sock_bind() + - nfc: fix refcount leak in llcp_sock_connect() + - nfc: fix memory leak in llcp_sock_connect() + - nfc: Avoid endless loops caused by repeated llcp_sock_connect() + - selinux: make nslot handling in avtab more robust + - xen/evtchn: Change irq_info lock to raw_spinlock_t + - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh + - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock + - net: dsa: lantiq_gswip: Don't use PHY auto polling + - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits + - drm/i915: Fix invalid access to ACPI _DSM objects + - ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m + - IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS + - LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late + - gcov: re-fix clang-11+ support + - ia64: fix user_stack_pointer() for ptrace() + - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff + - ocfs2: fix deadlock between setattr and dio_end_io_write + - fs: direct-io: fix missing sdio->boundary + - ethtool: fix incorrect datatype in set_eee ops + - of: property: fw_devlink: do not link ".*,nr-gpios" + - parisc: parisc-agp requires SBA IOMMU driver + - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers + - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin + - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field + - ice: Increase control queue timeout + - ice: prevent ice_open and ice_stop during reset + - ice: remove DCBNL_DEVRESET bit from PF state + - ice: Fix for dereference of NULL pointer + - ice: Cleanup fltr list in case of allocation issues + - iwlwifi: pcie: properly set LTR workarounds on 22000 devices + - net: hso: fix null-ptr-deref during tty device unregistration + - libbpf: Fix bail out from 'ringbuf_process_ring()' on error + - bpf: Enforce that struct_ops programs be GPL-only + - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET + - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx + - libbpf: Only create rx and tx XDP rings when necessary + - bpf, sockmap: Fix sk->prot unhash op reset + - net: ensure mac header is set in virtio_net_hdr_to_skb() + - i40e: Fix sparse warning: missing error code 'err' + - i40e: Fix sparse error: 'vsi->netdev' could be null + - i40e: Fix sparse errors in i40e_txrx.c + - net: sched: sch_teql: fix null-pointer dereference + - net: sched: fix action overwrite reference counting + - mac80211: fix TXQ AC confusion + - net: hsr: Reset MAC header for Tx path + - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind() + - net: let skb_orphan_partial wake-up waiters. + - usbip: add sysfs_lock to synchronize sysfs code paths + - usbip: stub-dev synchronize sysfs code paths + - usbip: vudc synchronize sysfs code paths + - usbip: synchronize event handler with sysfs code paths + - driver core: Fix locking bug in deferred_probe_timeout_work_func() + - scsi: target: iscsi: Fix zero tag inside a trace event + - i2c: turn recovery error on init to debug + - ice: Refactor DCB related variables out of the ice_port_info struct + - ice: Recognize 860 as iSCSI port in CEE mode + - xfrm: interface: fix ipv4 pmtu check to honor ip header df + - xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume + - regulator: bd9571mwv: Fix AVS and DVFS voltage range + - ARM: OMAP4: Fix PMIC voltage domains for bionic + - ARM: OMAP4: PM: update ROM return address for OSWR and OFF + - net: xfrm: Localize sequence counter per network namespace + - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload + - ASoC: SOF: Intel: HDA: fix core status verification + - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips + - xfrm: Fix NULL pointer dereference on policy lookup + - virtchnl: Fix layout of RSS structures + - i40e: Added Asym_Pause to supported link modes + - i40e: Fix kernel oops when i40e driver removes VF's + - hostfs: fix memory handling in follow_link() + - amd-xgbe: Update DMA coherency values + - sch_red: fix off-by-one checks in red_check_params() + - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0 + - xfrm: Provide private skb extensions for segmented and hw offloaded ESP + packets + - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE + - mlxsw: spectrum: Fix ECN marking in tunnel decapsulation + - ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso + - gianfar: Handle error code at MAC address change + - cxgb4: avoid collecting SGE_QBASE regs during traffic + - net:tipc: Fix a double free in tipc_sk_mcast_rcv + - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces + - net/ncsi: Avoid channel_monitor hrtimer deadlock + - net: qrtr: Fix memory leak on qrtr_tx_wait failure + - nfp: flower: ignore duplicate merge hints from FW + - net: phy: broadcom: Only advertise EEE for supported modes + - I2C: JZ4780: Fix bug for Ingenic X1000. + - ASoC: sunxi: sun4i-codec: fill ASoC card owner + - net/mlx5e: Fix ethtool indication of connector type + - net/mlx5: Don't request more than supported EQs + - net/rds: Fix a use after free in rds_message_map_pages + - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model + - soc/fsl: qbman: fix conflicting alignment attributes + - i40e: Fix display statistics for veb_tc + - RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session + files + - drm/msm: Set drvdata to NULL when msm_drm_init() fails + - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...); + - mptcp: forbit mcast-related sockopt on MPTCP sockets + - scsi: ufs: core: Fix task management request completion timeout + - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs + - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb + - net: macb: restore cmp registers on resume path + - clk: fix invalid usage of list cursor in register + - clk: fix invalid usage of list cursor in unregister + - workqueue: Move the position of debug_work_activate() in __queue_work() + - s390/cpcmd: fix inline assembly register clobbering + - perf inject: Fix repipe usage + - net: openvswitch: conntrack: simplify the return expression of + ovs_ct_limit_get_default_limit() + - openvswitch: fix send of uninitialized stack memory in ct limit reply + - i2c: designware: Adjust bus_freq_hz when refuse high speed mode set + - tipc: increment the tmp aead refcnt before attaching it + - net: hns3: clear VF down state bit before request link status + - net/mlx5: Fix placement of log_max_flow_counter + - net/mlx5: Fix PPLM register mapping + - net/mlx5: Fix PBMC register mapping + - RDMA/cxgb4: check for ipv6 address properly while destroying listener + - perf report: Fix wrong LBR block sorting + - i40e: Fix parameters in aq_get_phy_register() + - RDMA/addr: Be strict with gid size + - RAS/CEC: Correct ce_add_elem()'s returned values + - clk: socfpga: fix iomem pointer cast on 64-bit + - lockdep: Address clang -Wformat warning printing for %hd + - dt-bindings: net: ethernet-controller: fix typo in NVMEM + - cfg80211: remove WARN_ON() in cfg80211_sme_connect + - net: tun: set tun->dev->addr_len during TUNSETLINK processing + - drivers: net: fix memory leak in atusb_probe + - drivers: net: fix memory leak in peak_usb_create_dev + - net: mac802154: Fix general protection fault + - net: ieee802154: nl-mac: fix check on panid + - net: ieee802154: fix nl802154 del llsec key + - net: ieee802154: fix nl802154 del llsec dev + - net: ieee802154: fix nl802154 add llsec key + - net: ieee802154: fix nl802154 del llsec devkey + - net: ieee802154: forbid monitor for set llsec params + - net: ieee802154: forbid monitor for del llsec seclevel + - net: ieee802154: stop dump llsec params for monitors + - interconnect: core: fix error return code of icc_link_destroy() + - gfs2: Flag a withdraw if init_threads() fails + - KVM: arm64: Hide system instruction access to Trace registers + - KVM: arm64: Disable guest access to trace filter controls + - drm/imx: imx-ldb: fix out of bounds array access warning + - gfs2: report "already frozen/thawed" errors + - ftrace: Check if pages were allocated before calling free_pages() + - tools/kvm_stat: Add restart delay + - drm/tegra: dc: Don't set PLL clock to 0Hz + - gpu: host1x: Use different lock classes for each client + - block: only update parent bi_status when bio fail + - radix tree test suite: Register the main thread with the RCU library + - idr test suite: Take RCU read lock in idr_find_test_1 + - idr test suite: Create anchor before launching throbber + - io_uring: don't mark S_ISBLK async work as unbounded + - riscv,entry: fix misaligned base for excp_vect_table + - block: don't ignore REQ_NOWAIT for direct IO + - perf map: Tighten snprintf() string precision to pass gcc check on some + 32-bit arches + - net: sfp: relax bitrate-derived mode check + - net: sfp: cope with SFPs that set both LOS normal and LOS inverted + - xen/events: fix setting irq affinity + - perf tools: Use %zd for size_t printf formats on 32-bit + + -- Kleber Sacilotto de Souza Fri, 04 Jun 2021 11:58:36 +0200 linux (5.8.0-55.62) groovy; urgency=medium