SUSE Container Update Advisory: suse/sles/15.3/libguestfs-tools ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:37-1 Container Tags : suse/sles/15.3/libguestfs-tools:0.45.0 , suse/sles/15.3/libguestfs-tools:0.45.0-8.4.3 , suse/sles/15.3/libguestfs-tools:0.45.0.7.7.56 Container Release : 7.7.56 Severity : important Type : security References : 1027519 1040364 1065729 1065729 1065729 1085030 1085030 1085917 1089118 1094840 1127650 1133021 1134353 1135481 1148868 1152472 1152472 1152489 1152489 1152489 1152489 1152489 1154353 1154353 1156395 1156395 1157177 1159886 1160010 1167773 1167773 1168202 1169263 1170269 1170774 1171420 1171688 1172073 1172073 1173604 1173604 1173746 1174003 1174969 1175052 1175543 1176447 1176447 1176447 1176774 1176774 1176914 1176914 1176940 1176940 1177028 1177399 1177902 1178134 1178134 1178134 1178236 1180100 1180100 1180100 1180125 1180141 1180347 1180749 1181006 1181147 1181147 1181148 1181299 1181306 1181309 1181535 1181536 1181972 1183247 1183374 1183858 1183905 1184180 1184439 1184673 1184673 1184804 1184924 1184970 1184994 1185016 1185302 1185524 1185550 1185588 1185677 1185726 1185762 1185762 1185762 1185902 1186063 1186063 1186071 1186109 1186109 1186260 1186264 1186398 1186731 1186910 1187115 1187167 1187167 1187190 1187196 1187211 1187211 1187270 1187455 1187468 1187470 1187483 1187512 1187619 1187668 1187774 1187959 1188067 1188067 1188172 1188231 1188270 1188291 1188344 1188412 1188418 1188418 1188563 1188563 1188588 1188601 1188616 1188651 1188651 1188700 1188713 1188713 1188768 1188780 1188781 1188782 1188783 1188784 1188786 1188787 1188788 1188790 1188878 1188885 1188921 1188924 1188982 1188983 1188985 1188986 1189021 1189057 1189060 1189077 1189153 1189176 1189197 1189209 1189210 1189212 1189213 1189214 1189215 1189216 1189217 1189218 1189219 1189220 1189221 1189222 1189225 1189229 1189233 1189234 1189241 1189257 1189262 1189287 1189291 1189292 1189296 1189297 1189298 1189301 1189305 1189323 1189384 1189385 1189392 1189393 1189399 1189400 1189427 1189441 1189446 1189480 1189503 1189504 1189505 1189506 1189507 1189537 1189552 1189562 1189563 1189564 1189565 1189566 1189567 1189568 1189569 1189573 1189574 1189575 1189576 1189577 1189579 1189581 1189582 1189583 1189585 1189586 1189587 1189702 1189706 1189760 1189762 1189832 1189841 1189841 1189841 1189841 1189841 1189870 1189872 1189883 1189884 1189938 1189983 1189984 1189996 1190006 1190006 1190022 1190023 1190025 1190062 1190067 1190067 1190115 1190115 1190117 1190138 1190159 1190190 1190326 1190349 1190349 1190351 1190351 1190358 1190373 1190374 1190401 1190406 1190412 1190413 1190420 1190425 1190428 1190432 1190440 1190467 1190479 1190479 1190493 1190523 1190523 1190534 1190543 1190544 1190561 1190576 1190595 1190596 1190598 1190598 1190620 1190620 1190620 1190622 1190626 1190642 1190642 1190645 1190679 1190693 1190695 1190705 1190717 1190739 1190746 1190758 1190784 1190785 1190795 1190795 1190795 1190801 1190801 1190845 1190915 1190917 1190933 1190941 1190941 1190984 1191019 1191172 1191193 1191200 1191229 1191229 1191240 1191240 1191241 1191241 1191242 1191260 1191292 1191315 1191315 1191317 1191317 1191339 1191349 1191349 1191363 1191384 1191384 1191449 1191449 1191450 1191450 1191451 1191451 1191452 1191452 1191455 1191455 1191456 1191456 1191480 1191500 1191532 1191566 1191628 1191628 1191645 1191645 1191663 1191663 1191668 1191675 1191690 1191690 1191731 1191731 1191790 1191800 1191800 1191804 1191804 1191851 1191867 1191867 1191922 1191934 1191934 1191958 1191958 1191961 1191980 1192017 1192040 1192040 1192041 1192041 1192045 1192074 1192074 1192104 1192107 1192107 1192145 1192145 1192161 1192217 1192229 1192267 1192273 1192288 1192328 1192375 1192423 1192473 1192549 1192554 1192557 1192559 1192718 1192740 1192745 1192750 1192753 1192758 1192781 1192802 1192858 1192896 1192906 1192918 1193181 1193430 1193512 1193623 1193719 1193759 1193981 1194041 CVE-2020-12770 CVE-2020-3702 CVE-2021-0941 CVE-2021-20322 CVE-2021-22946 CVE-2021-22947 CVE-2021-28702 CVE-2021-28704 CVE-2021-28705 CVE-2021-28706 CVE-2021-28707 CVE-2021-28708 CVE-2021-28709 CVE-2021-31916 CVE-2021-33033 CVE-2021-33033 CVE-2021-3426 CVE-2021-34556 CVE-2021-34866 CVE-2021-34866 CVE-2021-34981 CVE-2021-3542 CVE-2021-3542 CVE-2021-35477 CVE-2021-3622 CVE-2021-3640 CVE-2021-3653 CVE-2021-3655 CVE-2021-3655 CVE-2021-3656 CVE-2021-3669 CVE-2021-3679 CVE-2021-3713 CVE-2021-3715 CVE-2021-3715 CVE-2021-37159 CVE-2021-3732 CVE-2021-3733 CVE-2021-3737 CVE-2021-3739 CVE-2021-3743 CVE-2021-3744 CVE-2021-3748 CVE-2021-3752 CVE-2021-3753 CVE-2021-3759 CVE-2021-3759 CVE-2021-3760 CVE-2021-3760 CVE-2021-37600 CVE-2021-3764 CVE-2021-3772 CVE-2021-3772 CVE-2021-38160 CVE-2021-38166 CVE-2021-38198 CVE-2021-38204 CVE-2021-38205 CVE-2021-38206 CVE-2021-38207 CVE-2021-38209 CVE-2021-3896 CVE-2021-3896 CVE-2021-40490 CVE-2021-4147 CVE-2021-41864 CVE-2021-41864 CVE-2021-42008 CVE-2021-42008 CVE-2021-42252 CVE-2021-42252 CVE-2021-42739 CVE-2021-42739 CVE-2021-43056 CVE-2021-43056 CVE-2021-43389 ----------------------------------------------------------------- The container suse/sles/15.3/libguestfs-tools was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3182-1 Released: Tue Sep 21 17:04:26 2021 Summary: Recommended update for file Type: recommended Severity: moderate References: 1189996 This update for file fixes the following issues: - Fixes exception thrown by memory allocation problem (bsc#1189996) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3201-1 Released: Thu Sep 23 11:28:23 2021 Summary: Security update for hivex Type: security Severity: moderate References: 1189060,CVE-2021-3622 This update for hivex fixes the following issues: - CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children() (bsc#1189060). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3203-1 Released: Thu Sep 23 14:41:35 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate References: 1189537,1190190 This update for kmod fixes the following issues: - Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190). - Enable support for ZSTD compressed modules - Display module information even for modules built into the running kernel (bsc#1189537) - '/usr/lib' should override '/lib' where both are available. Support '/usr/lib' for depmod.d as well. - Remove test patches included in release 29 - Update to release 29 * Fix `modinfo -F` not working for built-in modules and certain fields. * Fix a memory leak, overflow and double free on error path. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3205-1 Released: Thu Sep 23 16:15:20 2021 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1 190412,1190413,1190428,CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). - CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). - CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). - CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). - CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). - CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by invalid id (bsc#1189832 ). - CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883). - CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025). - CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117) - CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). - CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). - CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292). - CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes (bnc#1189298). - CVE-2021-38166: Fixed an integer overflow and out-of-bounds write when many elements are placed in a single bucket in kernel/bpf/hashtab.c (bnc#1189233 ). - CVE-2021-38209: Fixed allowed observation of changes in any net namespace via net/netfilter/nf_conntrack_standalone.c (bnc#1189393). - CVE-2021-38206: Fixed NULL pointer dereference in the radiotap parser inside the mac80211 subsystem (bnc#1189296). - CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). - CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). The following non-security bugs were fixed: - ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). - ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543) - ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543) - ACPI: processor: Export function to claim _CST control (bsc#1175543) - ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543) - ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc#1175543) - ALSA: hda - fix the 'Capture Switch' value change notifications (git-fixes). - ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10 (git-fixes). - ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms (git-fixes). - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically (git-fixes). - ALSA: hda/realtek - Add ALC285 HP init procedure (git-fixes). - ALSA: hda/realtek - Add type for ALC287 (git-fixes). - ALSA: hda/realtek: Change device names for quirks to barebone names (git-fixes). - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop (git-fixes). - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256) (git-fixes). - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8 (git-fixes). - ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes). - ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx series (git-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC (git-fixes). - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E (git-fixes). - ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes). - ALSA: hda: Fix hang during shutdown due to link reset (git-fixes). - ALSA: hda: Release controller display power during shutdown/reboot (git-fixes). - ALSA: pcm: Fix mmap breakage without explicit buffer setup (git-fixes). - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes). - ALSA: seq: Fix racy deletion of subscriber (git-fixes). - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes). - ALSA: usb-audio: Avoid unnecessary or invalid connector selection at resume (git-fixes). - ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (git-fixes). - ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes). - ALSA: usb-audio: fix incorrect clock source setting (git-fixes). - ASoC: Intel: Skylake: Fix module resource and format selection (git-fixes). - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (git-fixes). - ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 (git-fixes). - ASoC: SOF: Intel: hda-ipc: fix reply size checking (git-fixes). - ASoC: amd: Fix reference to PCM buffer address (git-fixes). - ASoC: component: Remove misplaced prefix handling in pin control functions (git-fixes). - ASoC: cs42l42: Correct definition of ADC Volume control (git-fixes). - ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). - ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes). - ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). - ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). - ASoC: intel: atom: Fix breakage for PCM buffer address setup (git-fixes). - ASoC: intel: atom: Fix reference to PCM buffer address (git-fixes). - ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe (git-fixes). - ASoC: rt5682: Adjust headset volume button threshold (git-fixes). - ASoC: rt5682: Adjust headset volume button threshold again (git-fixes). - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend (git-fixes). - ASoC: ti: j721e-evm: Check for not initialized parent_clk_id (git-fixes). - ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking during startup (git-fixes). - ASoC: tlv320aic31xx: Fix jack detection after suspend (git-fixes). - ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (git-fixes). - ASoC: uniphier: Fix reference to PCM buffer address (git-fixes). - ASoC: wcd9335: Disable irq on slave ports in the remove function (git-fixes). - ASoC: wcd9335: Fix a double irq free in the remove function (git-fixes). - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (git-fixes). - ASoC: xilinx: Fix reference to PCM buffer address (git-fixes). - Avoid double printing SUSE specific flags in mod->taint (bsc#1190413). - Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). - Bluetooth: btusb: Fix a unspported condition to set available debug features (git-fixes). - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS (git-fixes). - Bluetooth: defer cleanup of resources in hci_unregister_dev() (git-fixes). - Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). - Bluetooth: hidp: use correct wait queue when removing ctrl_wait (git-fixes). - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd (git-fixes). - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). - Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412) - KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786). - KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787). - KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (bsc#1188788). - KVM: VMX: Extend VMXs #AC interceptor to handle split lock #AC in guest (bsc#1187959). - KVM: nVMX: Handle split-lock #AC exceptions that happen in L2 (bsc#1187959). - KVM: nVMX: Really make emulated nested preemption timer pinned (bsc#1188780). - KVM: nVMX: Reset the segment cache when stuffing guest segs (bsc#1188781). - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1188782). - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration (bsc#1188783). - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit (bsc#1188784). - KVM: x86: Emulate split-lock access as a write in emulator (bsc#1187959). - KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790). - NFS: Correct size calculation for create reply length (bsc#1189870). - NFSv4.1: Do not rebind to the same source port when (bnc#1186264 bnc#1189021) - NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). - NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc#1040364). - PCI/MSI: Correct misleading comments (git-fixes). - PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). - PCI/MSI: Enable and mask MSI-X early (git-fixes). - PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes). - PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes). - PCI/MSI: Mask all unused MSI-X entries (git-fixes). - PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes). - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes). - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes). - PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). - RDMA/bnxt_re: Fix stats counters (bsc#1188231). - SUNRPC: 'Directory with parent 'rpc_clnt' already present!' (bsc#1168202 bsc#1188924). - SUNRPC: Fix the batch tasks count wraparound (git-fixes). - SUNRPC: Should wake up the privileged task firstly (git-fixes). - SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). - SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202 bsc#1188924). - SUNRPC: improve error response to over-size gss credential (bsc#1190022). - SUNRPC: prevent port reuse on transports which do not request it (bnc#1186264 bnc#1189021). - USB: core: Avoid WARNings for 0-length descriptor requests (git-fixes). - USB: serial: ch341: fix character loss at high transfer rates (git-fixes). - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). - USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). - USB: usbtmc: Fix RCU stall warning (git-fixes). - USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). - VMCI: fix NULL pointer dereference when unmapping queue pair (git-fixes). - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). - ath9k: Clear key cache explicitly on disabling hardware (git-fixes). - ath: Use safer key clearing with key cache entries (git-fixes). - bcma: Fix memory leak for internally-handled cores (git-fixes). - bdi: Do not use freezable workqueue (bsc#1189573). - blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() (bsc#1189507). - blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() (bsc#1189503). - blk-wbt: make sure throttle is enabled properly (bsc#1189504). - block: fix trace completion for chained bio (bsc#1189505). - bnxt_en: Validate vlan protocol ID on RX packets (jsc#SLE-15075). - brcmfmac: pcie: fix oops on failure to resume and reprobe (git-fixes). - btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077). - btrfs: add a trace class for dumping the current ENOSPC state (bsc#1135481). - btrfs: add a trace point for reserve tickets (bsc#1135481). - btrfs: adjust the flush trace point to include the source (bsc#1135481). - btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481). - btrfs: factor out create_chunk() (bsc#1189077). - btrfs: factor out decide_stripe_size() (bsc#1189077). - btrfs: factor out gather_device_info() (bsc#1189077). - btrfs: factor out init_alloc_chunk_ctl (bsc#1189077). - btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481). - btrfs: fix deadlock with concurrent chunk allocations involving system chunks (bsc#1189077). - btrfs: handle invalid profile in chunk allocation (bsc#1189077). - btrfs: implement space clamping for preemptive flushing (bsc#1135481). - btrfs: improve preemptive background space flushing (bsc#1135481). - btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481). - btrfs: introduce alloc_chunk_ctl (bsc#1189077). - btrfs: introduce chunk allocation policy (bsc#1189077). - btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1135481). - btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077). - btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077). - btrfs: refactor find_free_dev_extent_start() (bsc#1189077). - btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481). - btrfs: rename need_do_async_reclaim (bsc#1135481). - btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481). - btrfs: rework chunk allocation to avoid exhaustion of the system chunk array (bsc#1189077). - btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481). - btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1135481). - btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481). - btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481). - btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc#1135481). - can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes). - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). - ceph: clean up and optimize ceph_check_delayed_caps() (bsc#1187468). - ceph: reduce contention in ceph_check_delayed_caps() (bsc#1187468). - ceph: take snap_empty_lock atomically with snaprealm refcount change (bsc#1189427). - cfg80211: Fix possible memory leak in function cfg80211_bss_update (git-fixes). - cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). - cifs: avoid starvation when refreshing dfs cache (bsc#1185902). - cifs: constify get_normalized_path() properly (bsc#1185902). - cifs: do not cargo-cult strndup() (bsc#1185902). - cifs: do not send tree disconnect to ipc shares (bsc#1185902). - cifs: do not share tcp servers with dfs mounts (bsc#1185902). - cifs: do not share tcp sessions of dfs connections (bsc#1185902). - cifs: fix check of dfs interlinks (bsc#1185902). - cifs: fix path comparison and hash calc (bsc#1185902). - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). - cifs: handle different charsets in dfs cache (bsc#1185902). - cifs: keep referral server sessions alive (bsc#1185902). - cifs: missing null pointer check in cifs_mount (bsc#1185902). - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). - clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes). - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). - cpuidle: Allow idle states to be disabled by default (bsc#1175543) - cpuidle: Consolidate disabled state checks (bsc#1175543) - cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543) - cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543) - cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc#1175543) - crypto: ccp - Annotate SEV Firmware file names (bsc#1189212). - crypto: qat - use proper type for vf_mask (git-fixes). - crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit (git-fixes). - device-dax: Fix default return code of range_parse() (git-fixes). - dm integrity: fix missing goto in bitmap_flush_interval error handling (git-fixes). - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git-fixes). - dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). - dmaengine: idxd: fix setup sequence for MSIXPERM table (git-fixes). - dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes). - dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes). - dmaengine: imx-sdma: remove duplicated sdma_load_context (git-fixes). - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (git-fixes). - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (git-fixes). - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (git-fixes). - drivers/block/null_blk/main: Fix a double free in null_init (git-fixes). - drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X (git-fixes). - drm/amd/display: Fix comparison error in dcn21 DML (git-fixes). - drm/amd/display: Fix max vstartup calculation for modes with borders (git-fixes). - drm/amd/display: Remove invalid assert for ODM + MPC case (git-fixes). - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work (git-fixes). - drm/amd/display: workaround for hard hang on HPD on native DP (git-fixes). - drm/amdgpu/acp: Make PM domain really work (git-fixes). - drm/amdgpu/display: fix DMUB firmware version info (git-fixes). - drm/amdgpu/display: only enable aux backlight control for OLED panels (git-fixes). - drm/amdgpu: do not enable baco on boco platforms in runpm (git-fixes). - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir (git-fixes). - drm/dp_mst: Fix return code on sideband message failure (git-fixes). - drm/i915/dg1: gmbus pin mapping (bsc#1188700). - drm/i915/dg1: provide port/phy mapping for vbt (bsc#1188700). - drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH + CML combos (bsc#1188700). - drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH + CML combos (bsc#1188700). - drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings (bsc#1188700). - drm/i915/gen9_bc: Recognize TGP PCH + CML combos (bsc#1188700). - drm/i915/rkl: new rkl ddc map for different PCH (bsc#1188700). - drm/i915: Add VBT AUX CH H and I (bsc#1188700). - drm/i915: Add VBT DVO ports H and I (bsc#1188700). - drm/i915: Add more AUX CHs to the enum (bsc#1188700). - drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6 (bsc#1188700). - drm/i915: Correct SFC_DONE register offset (git-fixes). - drm/i915: Introduce HPD_PORT_TC<n> (bsc#1188700). - drm/i915: Move hpd_pin setup to encoder init (bsc#1188700). - drm/i915: Nuke the redundant TC/TBT HPD bit defines (bsc#1188700). - drm/i915: Only access SFC_DONE when media domain is not fused off (git-fixes). - drm/meson: fix colour distortion from HDR set during vendor u-boot (git-fixes). - drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes). - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (git-fixes). - drm/msm/dsi: Fix some reference counted resource leaks (git-fixes). - drm/msm: Fix error return code in msm_drm_init() (git-fixes). - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences (git-fixes). - drm/of: free the iterator object on failure (git-fixes). - drm/of: free the right object (git-fixes). - drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (git-fixes). - drm/prime: fix comment on PRIME Helpers (git-fixes). - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). - ext4: fix avefreec in find_group_orlov (bsc#1189566). - ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). - ext4: fix potential htree corruption when growing large_dir directories (bsc#1189576). - ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). - ext4: return error code when ext4_fill_flex_info() fails (bsc#1189563). - ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). - fanotify: fix copy_event_to_user() fid error clean up (bsc#1189574). - firmware_loader: fix use-after-free in firmware_fallback_sysfs (git-fixes). - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback (git-fixes). - fixup 'rpm: support gz and zst compression methods' (bsc#1190358, bsc#1190428). - fpga: altera-freeze-bridge: Address warning about unused variable (git-fixes). - fpga: dfl: fme: Fix cpu hotplug issue in performance reporting (git-fixes). - fpga: dfl: fme: Fix cpu hotplug issue in performance reporting (git-fixes). - fpga: xiilnx-spi: Address warning about unused variable (git-fixes). - fpga: zynqmp-fpga: Address warning about unused variable (git-fixes). - gpio: eic-sprd: break loop when getting NULL device resource (git-fixes). - gpio: tqmx86: really make IRQ optional (git-fixes). - i2c: dev: zero out array used for i2c reads from userspace (git-fixes). - i2c: highlander: add IRQ check (git-fixes). - i2c: iop3xx: fix deferred probing (git-fixes). - i2c: mt65xx: fix IRQ check (git-fixes). - i2c: s3c2410: fix IRQ check (git-fixes). - iio: adc: Fix incorrect exit of for-loop (git-fixes). - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (git-fixes). - iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). - intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc#1175543) - intel_idle: Allow ACPI _CST to be used for selected known processors (bsc#1175543) - intel_idle: Annotate init time data structures (bsc#1175543) - intel_idle: Customize IceLake server support (bsc#1175543) - intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc#1180347, bsc#1180141) - intel_idle: Fix max_cstate for processor models without C-state tables (bsc#1175543) - intel_idle: Ignore _CST if control cannot be taken from the platform (bsc#1175543) - intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543) - intel_idle: Use ACPI _CST for processor models without C-state tables (bsc#1175543) - iommu/amd: Fix extended features logging (bsc#1189213). - iommu/amd: Move Stoney Ridge check to detect_ivrs() (bsc#1189762). - iommu/arm-smmu-v3: Decrease the queue size of evtq and priq (bsc#1189210). - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189209). - iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214). - iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229). - iommu/vt-d: Check for allocation failure in aux_detach_device() (bsc#1189215). - iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189216). - iommu/vt-d: Do not set then clear private data in prq_event_thread() (bsc#1189217). - iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218). - iommu/vt-d: Force to flush iotlb before creating superpage (bsc#1189219). - iommu/vt-d: Global devTLB flush when present context entry changed (bsc#1189220). - iommu/vt-d: Invalidate PASID cache when root/context entry changed (bsc#1189221). - iommu/vt-d: Reject unsupported page request modes (bsc#1189222). - ionic: add handling of larger descriptors (jsc#SLE-16649). - ionic: add new queue features to interface (jsc#SLE-16649). - ionic: aggregate Tx byte counting calls (jsc#SLE-16649). - ionic: block actions during fw reset (jsc#SLE-16649). - ionic: change mtu after queues are stopped (jsc#SLE-16649). - ionic: check for link after netdev registration (jsc#SLE-16649). - ionic: code cleanup details (jsc#SLE-16649). - ionic: fix sizeof usage (jsc#SLE-16649). - ionic: fix unchecked reference (jsc#SLE-16649). - ionic: fix up dim accounting for tx and rx (jsc#SLE-16649). - ionic: generic tx skb mapping (jsc#SLE-16649). - ionic: implement Rx page reuse (jsc#SLE-16649). - ionic: make all rx_mode work threadsafe (jsc#SLE-16649). - ionic: move rx_page_alloc and free (jsc#SLE-16649). - ionic: optimize fastpath struct usage (jsc#SLE-16649). - ionic: protect adminq from early destroy (jsc#SLE-16649). - ionic: rebuild debugfs on qcq swap (jsc#SLE-16649). - ionic: remove intr coalesce update from napi (jsc#SLE-16649). - ionic: remove some unnecessary oom messages (jsc#SLE-16649). - ionic: simplify TSO descriptor mapping (jsc#SLE-16649). - ionic: simplify rx skb alloc (jsc#SLE-16649). - ionic: simplify the intr_index use in txq_init (jsc#SLE-16649). - ionic: simplify tx clean (jsc#SLE-16649). - ionic: simplify use of completion types (jsc#SLE-16649). - ionic: start queues before announcing link up (jsc#SLE-16649). - ionic: stop watchdog when in broken state (jsc#SLE-16649). - ionic: useful names for booleans (jsc#SLE-16649). - iwlwifi: pnvm: accept multiple HW-type TLVs (git-fixes). - iwlwifi: rs-fw: do not support stbc for HE 160 (git-fixes). - iwlwifi: skip first element in the WTAS ACPI table (git-fixes). - kABI fix of usb_dcd_config_params (git-fixes). - kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). - kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server (bnc#1186264 bnc#1189021) - kabi fix for SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (bsc#1189153). - kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841). - leds: trigger: audio: Add an activate callback to ensure the initial brightness is set (git-fixes). - lib/mpi: use kcalloc in mpi_resize (git-fixes). - lib: Add zstd support to decompress (bsc#1187483, jsc#SLE-18766). - libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes). - mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). - md/raid10: properly indicate failure when ending a failed write request (git-fixes). - md: revert io stats accounting (git-fixes). - media: TDA1997x: enable EDID support (git-fixes). - media: cxd2880-spi: Fix an error handling path (git-fixes). - media: drivers/media/usb: fix memory leak in zr364xx_probe (git-fixes). - media: dvb-usb: Fix error handling in dvb_usb_i2c_init (git-fixes). - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (git-fixes). - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (git-fixes). - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (git-fixes). - media: go7007: fix memory leak in go7007_usb_probe (git-fixes). - media: go7007: remove redundant initialization (git-fixes). - media: rtl28xxu: fix zero-length control request (git-fixes). - media: stkwebcam: fix memory leak in stk_camera_probe (git-fixes). - media: venus: venc: Fix potential null pointer dereference on pointer fmt (git-fixes). - media: videobuf2-core: dequeue if start_streaming fails (git-fixes). - media: zr364xx: fix memory leaks in probe() (git-fixes). - media: zr364xx: propagate errors from zr364xx_start_readpipe() (git-fixes). - misc: atmel-ssc: lock with mutex instead of spinlock (git-fixes). - misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() (git-fixes). - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc#1189569). - mm/vmscan: fix infinite loop in drop_slab_node (VM Functionality, bsc#1189301). - mm: fix memory_failure() handling of dax-namespace metadata (bsc#1189872). - mm: swap: properly update readahead statistics in unuse_pte_range() (bsc#1187619). - mmc: dw_mmc: Fix hang on data CRC error (git-fixes). - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). - mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). - mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (git-fixes). - mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711 (git-fixes). - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (git-fixes). - nbd: Aovid double completion of a request (git-fixes). - nbd: Fix NULL pointer in flush_workqueue (git-fixes). - net/mlx5: Add ts_cqe_to_dest_cqn related bits (bsc#1188412) - net/mlx5: Properly convey driver version to firmware (git-fixes). - net/mlx5e: Add missing capability check for uplink follow (bsc#1188412) - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes). - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (git-fixes). - net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). - net: usb: lan78xx: do not modify phy_device state concurrently (bsc#1188270) - nfs: fix acl memory leak of posix_acl_create() (git-fixes). - nvme-multipath: revalidate paths during rescan (bsc#1187211) - nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth (bsc#1181972). - nvme-pci: fix NULL req in completion handler (bsc#1181972). - nvme-pci: limit maximum queue depth to 4095 (bsc#1181972). - nvme-pci: use unsigned for io queue depth (bsc#1181972). - nvme-tcp: Do not reset transport on data digest errors (bsc#1188418). - nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data (bsc#1181972). - nvme: avoid possible double fetch in handling CQE (bsc#1181972). - nvme: code command_id with a genctr for use-after-free validation (bsc#1181972). - nvme: only call synchronize_srcu when clearing current path (bsc#1188067). - nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384). - ocfs2: fix snprintf() checking (bsc#1189581). - ocfs2: fix zero out valid data (bsc#1189579). - ocfs2: initialize ip_next_orphan (bsc#1186731). - ocfs2: issue zeroout to EOF blocks (bsc#1189582). - ovl: allow upperdir inside lowerdir (bsc#1189323). - ovl: expand warning in ovl_d_real() (bsc#1189323). - ovl: fix missing revert_creds() on error path (bsc#1189323). - ovl: perform vfs_getxattr() with mounter creds (bsc#1189323). - ovl: skip getxattr of security labels (bsc#1189323). - params: lift param_set_uint_minmax to common code (bsc#1181972). - pcmcia: i82092: fix a null pointer dereference bug (git-fixes). - perf/x86/amd: Do not touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (bsc#1189225). - pinctrl: tigerlake: Fix GPIO mapping for newer version of software (git-fixes). - platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (git-fixes). - post.sh: detect /usr mountpoint too - power: supply: max17042: handle fails of reading status register (git-fixes). - powerpc/cacheinfo: Improve diagnostics about malformed cache lists (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/cacheinfo: Lookup cache by dt node and thread-group id (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/cacheinfo: Remove the redundant get_shared_cpu_map() (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/cacheinfo: Use name@unit instead of full DT path in debug messages (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes). - powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible (bsc#1189197 ltc#193906). - powerpc/pseries: Fix regression while building external modules (bsc#1160010 ltc#183046 git-fixes). This changes a GPL symbol to general symbol which is kABI change but not kABI break. - powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes). - powerpc/smp: Make some symbols static (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148 ltc#190702 git-fixes). - regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). - regulator: vctrl: Avoid lockdep warning in enable/disable ops (git-fixes). - regulator: vctrl: Use locked regulator_get_voltage in probe path (git-fixes). - rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. - rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305) - rpm/kernel-source.rpmlintrc: ignore new include/config files In 5.13, since 0e0345b77ac4, config files have no longer .h suffix. Adapt the zero-length check. Based on Martin Liska's change. - rq-qos: fix missed wake-ups in rq_qos_throttle try two (bsc#1189575). - rsi: fix an error code in rsi_probe() (git-fixes). - rsi: fix error code in rsi_load_9116_firmware() (git-fixes). - s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193817). - s390/boot: fix use of expolines in the DMA code (bsc#1188878 ltc#193771). - scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc#SLE-18970). - scsi: blkcg: Fix application ID config options (bsc#1189385 jsc#SLE-18970). - scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970). - scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). - scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). - scsi: libfc: Fix array index out of bound exception (bsc#1188616). - scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). - scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc#1189385). - scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). - scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc#1189385). - scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). - scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). - scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). - scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). - scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). - scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc#1189385). - scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc#1189385). - scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). - scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385). - scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). - scsi: lpfc: Fix function description comments for vmid routines (bsc#1189385). - scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). - scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc#1189385). - scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc#1189385). - scsi: lpfc: Improve firmware download logging (bsc#1189385). - scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). - scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc#1189385). - scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). - scsi: lpfc: Remove redundant assignment to pointer temp_hdr (bsc#1189385). - scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). - scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc#1189385). - scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). - scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc#1189385). - scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). - scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). - scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc#1189385). - scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189385). - scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Add support for VMID in mailbox command (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Append the VMID to the wqe before sending (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Implement ELS commands for appid (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc#SLE-18970). - scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc#SLE-18970). - scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006). - scsi: qla2xxx: Add heartbeat check (bsc#1189392). - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc#1189392). - scsi: qla2xxx: Fix spelling mistakes 'allloc' -> 'alloc' (bsc#1189392). - scsi: qla2xxx: Fix use after free in debug code (bsc#1189392). - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc#1189392). - scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). - scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). - scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc#1189392). - scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc#1189392). - scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). - scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392). - scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). - scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc#1189392). - scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189392). - scsi: qla2xxx: edif: Add detection of secure device (bsc#1189392). - scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189392). - scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392). - scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc#1189392). - scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189392). - scsi: qla2xxx: edif: Add key update (bsc#1189392). - scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc#1189392). - scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). - scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189392). - scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state (bsc#1184180). - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). - scsi: zfcp: Report port fc_security as unknown early during remote cable pull (git-fixes). - serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). - serial: 8250_mtk: fix uart corruption issue when rx power off (git-fixes). - serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts (git-fixes). - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver (git-fixes). - serial: tegra: Only print FIFO error message when an error occurs (git-fixes). - slimbus: messaging: check for valid transaction id (git-fixes). - slimbus: messaging: start transaction ids from 1 instead of zero (git-fixes). - slimbus: ngd: reset dma setup during runtime pm (git-fixes). - soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes). - soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes). - soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes). - soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes). - soc: ixp4xx: fix printing resources (git-fixes). - soc: ixp4xx: fix printing resources (git-fixes). - soc: qcom: rpmhpd: Use corner in power_off (git-fixes). - soc: qcom: smsm: Fix missed interrupts if state changes while masked (git-fixes). - spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes). - spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation (git-fixes). - spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (git-fixes). - spi: mediatek: Fix fifo transfer (git-fixes). - spi: meson-spicc: fix memory leak in meson_spicc_remove (git-fixes). - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). - spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). - spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes). - spi: stm32h7: fix full duplex irq handler handling (git-fixes). - staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (git-fixes). - staging: rtl8712: get rid of flush_scheduled_work (git-fixes). - staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). - staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). - tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (git-fixes). - tracing / histogram: Give calculation hist_fields a size (git-fixes). - tracing: Reject string operand in the histogram expression (git-fixes). - tty: serial: fsl_lpuart: fix the wrong mapbase value (git-fixes). - ubifs: Fix error return code in alloc_wbufs() (bsc#1189585). - ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583). - ubifs: Only check replay with inode type to judge if inode linked (bsc#1187455). - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (bsc#1189587). - ubifs: journal: Fix error return code in ubifs_jnl_write_inode() (bsc#1189586). - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (git-fixes). - usb: dwc3: Disable phy suspend after power-on reset (git-fixes). - usb: dwc3: Separate field holding multiple properties (git-fixes). - usb: dwc3: Stop active transfers before halting the controller (git-fixes). - usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes). - usb: dwc3: Use devres to get clocks (git-fixes). - usb: dwc3: core: do not do suspend for device mode if already suspended (git-fixes). - usb: dwc3: debug: Remove newline printout (git-fixes). - usb: dwc3: gadget: Check MPS of the request length (git-fixes). - usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set (git-fixes). - usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (git-fixes). - usb: dwc3: gadget: Disable gadget IRQ during pullup disable (git-fixes). - usb: dwc3: gadget: Do not send unintended link state change (git-fixes). - usb: dwc3: gadget: Do not setup more than requested (git-fixes). - usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes). - usb: dwc3: gadget: Fix handling ZLP (git-fixes). - usb: dwc3: gadget: Give back staled requests (git-fixes). - usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes). - usb: dwc3: gadget: Prevent EP queuing while stopping transfers (git-fixes). - usb: dwc3: gadget: Properly track pending and queued SG (git-fixes). - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (git-fixes). - usb: dwc3: gadget: Set BESL config parameter (git-fixes). - usb: dwc3: gadget: Set link state to RX_Detect on disconnect (git-fixes). - usb: dwc3: gadget: Stop EP0 transfers during pullup disable (git-fixes). - usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes). - usb: dwc3: meson-g12a: add IRQ check (git-fixes). - usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init (git-fixes). - usb: dwc3: of-simple: add a shutdown (git-fixes). - usb: dwc3: st: Add of_dev_put() in probe function (git-fixes). - usb: dwc3: st: Add of_node_put() before return in probe function (git-fixes). - usb: dwc3: support continuous runtime PM with dual role (git-fixes). - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (git-fixes). - usb: gadget: Export recommended BESL values (git-fixes). - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (git-fixes). - usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes). - usb: gadget: f_hid: idle uses the highest byte for duration (git-fixes). - usb: gadget: mv_u3d: request_irq() after initializing UDC (git-fixes). - usb: gadget: udc: at91: add IRQ check (git-fixes). - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (git-fixes). - usb: host: ohci-tmio: add IRQ check (git-fixes). - usb: host: xhci-rcar: Do not reload firmware after the completion (git-fixes). - usb: mtu3: fix the wrong HS mult value (git-fixes). - usb: mtu3: use @mult for HS isoc or intr (git-fixes). - usb: phy: fsl-usb: add IRQ check (git-fixes). - usb: phy: tahvo: add IRQ check (git-fixes). - usb: phy: twl6030: add IRQ checks (git-fixes). - usr: Add support for zstd compressed initramfs (bsc#1187483, jsc#SLE-18766). - virt_wifi: fix error on connect (git-fixes). - wireguard: allowedips: allocate nodes in kmem_cache (git-fixes). - wireguard: allowedips: free empty intermediate nodes when removing single node (git-fixes). - wireguard: allowedips: remove nodes in O(1) (git-fixes). - writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). - x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1152489). - x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1152489). - x86/fpu: Reset state for all signal restore failures (bsc#1152489). - x86/kvm: fix vcpu-id indexed array sizes (git-fixes). - x86/sev: Make sure IRQs are disabled while GHCB is active (jsc#SLE-14337). - x86/sev: Split up runtime #VC handler for correct state tracking (jsc#SLE-14337). - x86/sev: Use 'SEV: ' prefix for messages from sev.c (jsc#SLE-14337). - x86/signal: Detect and prevent an alternate signal stack overflow (bsc#1152489). - x86/split_lock: Provide handle_guest_split_lock() (bsc#1187959). - xen/events: Fix race in set_evtchn_to_irq (git-fixes). - xprtrdma: Pad optimization, revisited (bsc#1189760). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3233-1 Released: Mon Sep 27 15:02:21 2021 Summary: Recommended update for xfsprogs Type: recommended Severity: moderate References: 1085917,1181299,1181306,1181309,1181535,1181536,1188651,1189552 This update for xfsprogs fixes the following issues: - Fixes an issue when 'fstests' with 'xfs' fail. (bsc#1181309, bsc#1181299) - xfsprogs: Split 'libhandle1' into a separate package, since nothing within xfsprogs dynamically links against it. The shared library is still required by xfsdump as a runtime dependency. - mkfs.xfs: Fix 'ASSERT' on too-small device with stripe geometry. (bsc#1181536) - mkfs.xfs: If either 'sunit' or 'swidth' is not zero, the other must be as well. (bsc#1085917, bsc#1181535) - xfs_growfs: Refactor geometry reporting. (bsc#1181306) - xfs_growfs: Allow mounted device node as argument. (bsc#1181299) - xfs_repair: Rebuild directory when non-root leafn blocks claim block 0. (bsc#1181309) - xfs_repair: Check plausibility of root dir pointer before trashing it. (bsc#1188651) - xfs_bmap: Remove '-c' from manpage. (bsc#1189552) - xfs_bmap: Do not reject '-e'. (bsc#1189552) - Implement 'libhandle1' through ECO. (jsc#SLE-20360) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3241-1 Released: Tue Sep 28 00:24:49 2021 Summary: Recommended update for multipath-tools Type: recommended Severity: important References: 1189176,1190622 This update for multipath-tools provides the following fixes: - Update to version 0.8.5+82+suse.746b76e: * libmultipath: avoid buffer size warning with systemd 240+. (bsc#1189176) - Add a versioned dependency of multipath-tools on libmpath0. (bsc#1190622) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3298-1 Released: Wed Oct 6 16:54:52 2021 Summary: Security update for curl Type: security Severity: moderate References: 1190373,1190374,CVE-2021-22946,CVE-2021-22947 This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3306-1 Released: Wed Oct 6 18:11:57 2021 Summary: Recommended update for numactl Type: recommended Severity: moderate References: This update for numactl fixes the following issues: - Fix System call numbers on s390x. - Debug verify for --preferred option. - Description for the usage of numactl. - Varios memleacks on source files: sysfs.c, shm.c and numactl.c - Description for numa_node_size64 and definition for numa_node_size in manpage. - link with -latomic when needed. - Clear race conditions on numa_police_memory(). - numademo: Use first two nodes instead of node 0 and 1 - Enhance _service settings - Enable automake ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3310-1 Released: Wed Oct 6 18:12:41 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1134353,1184994,1188291,1188588,1188713,1189446,1189480 This update for systemd fixes the following issues: - Switch I/O scheduler from 'mq-deadline' to 'bfq' for rotating disks(HD's) (jsc#SLE-21032, bsc#1134353). - Multipath: Rules weren't applied to dm devices (bsc#1188713). - Ignore obsolete 'elevator' kernel parameter (bsc#1184994). - Remove kernel unsupported single-queue block I/O. - Make sure the versions of both udev and systemd packages are always the same (bsc#1189480). - Avoid error message when updating active udev on sockets restart (bsc#1188291). - Merge of v246.16, for a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/8d8f5fc31eece95644b299b784bbfb8f836d0108...f5c33d9f82d3d782d28938df9ff09484360c540d - Drop 1007-tmpfiles-follow-SUSE-policies.patch: Since most of the tmpfiles config files shipped by upstream are ignored (see previous commit 'Drop most of the tmpfiles that deal with generic paths'), this patch is no more relevant. Additional fixes: - core: make sure cgroup_oom_queue is flushed on manager exit. - cgroup: do 'catchup' for unit cgroup inotify watch files. - journalctl: never fail at flushing when the flushed flag is set (bsc#1188588). - manager: reexecute on SIGRTMIN+25, user instances only. - manager: fix HW watchdog when systemd starts before driver loaded (bsc#1189446). - pid1: watchdog modernizations. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3311-1 Released: Wed Oct 6 18:12:56 2021 Summary: Recommended update for perl-Bootloader Type: recommended Severity: moderate References: 1188768 This update for perl-Bootloader fixes the following issues: - Report error if config file could not be updated (bsc#1188768). - Fix typo in update-bootloader. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3387-1 Released: Tue Oct 12 17:09:16 2021 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1065729,1148868,1152489,1154353,1159886,1167773,1170774,1171688,1173746,1174003,1176447,1176940,1177028,1178134,1184439,1184804,1185302,1185550,1185677,1185726,1185762,1187211,1188067,1188418,1188651,1188986,1189257,1189297,1189841,1189884,1190023,1190062,1190115,1190138,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190544,1190561,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191292,CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3759,CVE-2021-3764,CVE-2021-40490 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bnc#1191193) - CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023) - CVE-2021-40490: Fixed a race condition discovered in the ext4 subsystem that could leat to local priviledge escalation. (bnc#1190159) - CVE-2021-3744: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1189884) - CVE-2021-3764: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1190534) - CVE-2021-3669: Fixed a bug that doesn't allow /proc/sysvipc/shm to scale with large shared memory segment counts which could lead to resource exhaustion and DoS. (bsc#1188986) - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). The following non-security bugs were fixed: - ALSA: firewire-motu: fix truncated bytes in message tracepoints (git-fixes). - apparmor: remove duplicate macro list_entry_is_head() (git-fixes). - ASoC: fsl_micfil: register platform component before registering cpu dai (git-fixes). - ASoC: Intel: Fix platform ID matching (git-fixes). - ASoC: mediatek: common: handle NULL case in suspend/resume function (git-fixes). - ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes). - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (git-fixes). - ASoC: rt5682: Implement remove callback (git-fixes). - ASoC: rt5682: Properly turn off regulators if wrong device ID (git-fixes). - ASoC: rt5682: Remove unused variable in rt5682_i2c_remove() (git-fixes). - ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes). - ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes). - ath9k: fix sleeping in atomic context (git-fixes). - backlight: pwm_bl: Improve bootloader/kernel device handover (git-fixes). - bareudp: Fix invalid read beyond skb's linear data (jsc#SLE-15172). - blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762). - blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762). - blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762). - blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762). - blk-mq: mark if one queue map uses managed irq (bsc#1185762). - blk-mq: mark if one queue map uses managed irq (bsc#1185762). - Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes). - bnx2x: fix an error code in bnx2x_nic_load() (git-fixes). - bnxt_en: Add missing DMA memory barriers (git-fixes). - bnxt_en: Disable aRFS if running on 212 firmware (git-fixes). - bnxt_en: Do not enable legacy TX push on older firmware (git-fixes). - bnxt_en: Fix asic.rev in devlink dev info command (jsc#SLE-16649). - bnxt_en: fix stored FW_PSID version masks (jsc#SLE-16649). - bnxt_en: Store the running firmware version code (git-fixes). - bnxt: count Tx drops (git-fixes). - bnxt: disable napi before canceling DIM (git-fixes). - bnxt: do not lock the tx queue from napi poll (git-fixes). - bnxt: make sure xmit_more + errors does not miss doorbells (git-fixes). - bpf, samples: Add missing mprog-disable to xdp_redirect_cpu's optstring (git-fixes). - bpf: Fix ringbuf helper function compatibility (git-fixes). - bpftool: Add sock_release help info for cgroup attach/prog load command (bsc#1177028). - btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626). - clk: at91: clk-generated: Limit the requested rate to our range (git-fixes). - clk: at91: clk-generated: pass the id of changeable parent at registration (git-fixes). - console: consume APC, DM, DCS (git-fixes). - cpuidle: pseries: Do not cap the CEDE0 latency in fixup_cede0_latency() (bsc#1185550 ltc#192610 git-fixes jsc#SLE-18128). - cuse: fix broken release (bsc#1190596). - cxgb4: dont touch blocked freelist bitmap after free (git-fixes). - debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1173746). - devlink: Break parameter notification sequence to be before/after unload/load driver (bsc#1154353). - devlink: Clear whole devlink_flash_notify struct (bsc#1176447). - dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER (git-fixes). - dmaengine: ioat: depends on !UML (git-fixes). - dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes). - dmaengine: xilinx_dma: Set DMA mask for coherent APIs (git-fixes). - docs: Fix infiniband uverbs minor number (git-fixes). - drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in amdgpu_dm_update_backlight_caps (git-fixes). - drm: avoid blocking in drm_clients_info's rcu section (git-fixes). - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (git-fixes). - drm/amd/display: Fix timer_per_pixel unit error (git-fixes). - drm/amdgpu: Fix BUG_ON assert (git-fixes). - drm/ast: Fix missing conversions to managed API (git-fixes). - drm/gma500: Fix end of loop tests for list_for_each_entry (git-fixes). - drm/i915: Allow the sysadmin to override security mitigations (git-fixes). - drm/i915/rkl: Remove require_force_probe protection (bsc#1189257). - drm/ingenic: Switch IPU plane to type OVERLAY (git-fixes). - drm/mgag200: Select clock in PLL update functions (git-fixes). - drm/msm/mdp4: move HW revision detection to earlier phase (git-fixes). - drm/msm/mdp4: refactor HW revision detection into read_mdp_hw_revision (git-fixes). - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes). - drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes). - drm/pl111: depend on CONFIG_VEXPRESS_CONFIG (git-fixes). - drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused (git-fixes). - e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100). - e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes). - EDAC/i10nm: Fix NVDIMM detection (bsc#1152489). - EDAC/mce_amd: Do not load edac_mce_amd module on guests (bsc#1190138). - EDAC/synopsys: Fix wrong value type assignment for edac_mode (bsc#1152489). - enetc: Fix uninitialized struct dim_sample field usage (git-fixes). - erofs: fix up erofs_lookup tracepoint (git-fixes). - fbmem: do not allow too huge resolutions (git-fixes). - fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (git-fixes). - fpga: machxo2-spi: Return an error on failure (git-fixes). - fuse: flush extending writes (bsc#1190595). - fuse: truncate pagecache on atomic_o_trunc (bsc#1190705). - genirq: add device_has_managed_msi_irq (bsc#1185762). - genirq: add device_has_managed_msi_irq (bsc#1185762). - gpio: uniphier: Fix void functions to remove return value (git-fixes). - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (git-fixes). - gve: fix the wrong AdminQ buffer overflow check (bsc#1176940). - hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185726). - hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185726). - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (git-fixes). - hwmon: (tmp421) fix rounding for negative values (git-fixes). - hwmon: (tmp421) report /PVLD condition as fault (git-fixes). - i40e: Add additional info to PHY type error (git-fixes). - i40e: Fix firmware LLDP agent related warning (git-fixes). - i40e: Fix log TC creation failure when max num of queues is exceeded (git-fixes). - i40e: Fix logic of disabling queues (git-fixes). - i40e: Fix queue-to-TC mapping on Tx (git-fixes). - i40e: improve locking of mac_filter_hash (jsc#SLE-13701). - iavf: Fix ping is lost after untrusted VF had tried to change MAC (jsc#SLE-7940). - iavf: Set RSS LUT and key in reset handle path (git-fixes). - IB/hfi1: Indicate DMA wait when txq is queued for wakeup (jsc#SLE-13208). - ibmvnic: check failover_pending in login response (bsc#1190523 ltc#194510). - ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758 ltc#191943). - ibmvnic: Fix up some comments and messages (bsc#1190758 ltc#191943). - ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758 ltc#191943). - ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943). - ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943). - ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943). - ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943). - ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758 ltc#191943). - ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758 ltc#191943). - ice: do not abort devlink info if board identifier can't be found (jsc#SLE-12878). - ice: do not remove netdev->dev_addr from uc sync list (git-fixes). - ice: Prevent probing virtual functions (git-fixes). - igc: Use num_tx_queues when iterating over tx_ring queue (jsc#SLE-13533). - iio: dac: ad5624r: Fix incorrect handling of an optional regulator (git-fixes). - include/linux/list.h: add a macro to test if entry is pointing to the head (git-fixes). - iomap: Fix negative assignment to unsigned sis->pages in iomap_swapfile_activate (bsc#1190784). - ionic: cleanly release devlink instance (bsc#1167773). - ionic: cleanly release devlink instance (bsc#1167773). - ionic: count csum_none when offload enabled (bsc#1167773). - ionic: drop useless check of PCI driver data validity (bsc#1167773). - ipc: remove memcg accounting for sops objects in do_semtimedop() (bsc#1190115). - ipc: remove memcg accounting for sops objects in do_semtimedop() (bsc#1190115). - ipc/util.c: use binary search for max_idx (bsc#1159886). - ipvs: allow connection reuse for unconfirmed conntrack (bsc#1190467). - ipvs: avoid expiring many connections from timer (bsc#1190467). - ipvs: Fix up kabi for expire_nodest_conn_work addition (bsc#1190467). - ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (bsc#1190467). - iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha (git-fixes). - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (git-fixes). - kernel-binary.spec: Check for no kernel signing certificates. Also remove unused variable. - kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs. - kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). The script part for base package case is completely separate from the part for subpackages. Remove the part for subpackages from the base package script and use the KMP scripts for subpackages instead. - libata: fix ata_host_start() (git-fixes). - libbpf: Fix removal of inner map in bpf_object__create_map (git-fixes). - libbpf: Fix the possible memory leak on error (git-fixes). - mac80211-hwsim: fix late beacon hrtimer handling (git-fixes). - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (git-fixes). - mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes). - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (git-fixes). - mac80211: mesh: fix potentially unaligned access (git-fixes). - media: cedrus: Fix SUNXI tile size calculation (git-fixes). - media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats (git-fixes). - media: dib8000: rewrite the init prbs logic (git-fixes). - media: imx258: Limit the max analogue gain to 480 (git-fixes). - media: imx258: Rectify mismatch of VTS value (git-fixes). - media: rc-loopback: return number of emitters rather than error (git-fixes). - media: TDA1997x: fix tda1997x_query_dv_timings() return value (git-fixes). - media: uvc: do not do DMA on stack (git-fixes). - media: v4l2-dv-timings.c: fix wrong condition in two for-loops (git-fixes). - mfd: Do not use irq_create_mapping() to resolve a mapping (git-fixes). - misc: sram: Only map reserved areas in Tegra SYSRAM (git-fixes). - misc: sram: use devm_platform_ioremap_resource_wc() (git-fixes). - mlx4: Fix missing error code in mlx4_load_one() (git-fixes). - mm: always have io_remap_pfn_range() set pgprot_decrypted() (git-fixes). - mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1190785). - mmc: core: Return correct emmc response in case of ioctl error (git-fixes). - mmc: rtsx_pci: Fix long reads when clock is prescaled (git-fixes). - mmc: sdhci-of-arasan: Check return value of non-void funtions (git-fixes). - mmc: sdhci: Fix issue with uninitialized dma_slave_config (git-fixes). - net: ethernet: ti: cpsw: fix min eth packet size for non-switch use-cases (git-fixes). - net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185726). - net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726). - net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185726). - net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185726). - net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726). - net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726). - net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185726). - net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185726). - net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185726). - net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726). - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (git-fixes). - net: sched: sch_teql: fix null-pointer dereference (bsc#1190717). - net/mlx5: E-Switch, handle devcom events only for ports on the same device (git-fixes). - net/mlx5: Fix flow table chaining (git-fixes). - net/mlx5: Fix missing return value in mlx5_devlink_eswitch_inline_mode_set() (jsc#SLE-15172). - net/mlx5: Fix return value from tracer initialization (git-fixes). - net/mlx5: Unload device upon firmware fatal error (git-fixes). - net/mlx5e: Avoid creating tunnel headers for local route (git-fixes). - net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes). - net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes). - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state (bsc#1190062). - nfp: update ethtool reporting of pauseframe control (git-fixes). - NFS: change nfs_access_get_cached to only report the mask (bsc#1190746). - NFS: do not store 'struct cred *' in struct nfs_access_entry (bsc#1190746). - NFS: pass cred explicitly for access tests (bsc#1190746). - nvme-multipath: revalidate paths during rescan (bsc#1187211). - nvme-tcp: Do not reset transport on data digest errors (bsc#1188418). - nvme: avoid race in shutdown namespace removal (bsc#1188067). - nvme: fix refcounting imbalance when all paths are down (bsc#1188067). - nvme: only call synchronize_srcu when clearing current path (bsc#1188067). - optee: Fix memory leak when failing to register shm pages (git-fixes). - parport: remove non-zero check on count (git-fixes). - PCI: aardvark: Fix checking for PIO status (git-fixes). - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes). - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes). - PCI: Add ACS quirks for Cavium multi-function devices (git-fixes). - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (git-fixes). - PCI: Add AMD GPU multi-function power dependencies (git-fixes). - PCI: ibmphp: Fix double unmap of io_mem (git-fixes). - PCI: of: Do not fail devm_pci_alloc_host_bridge() on missing 'ranges' (git-fixes). - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (git-fixes). - PCI: pci-bridge-emul: Fix array overruns, improve safety (git-fixes). - PCI: pci-bridge-emul: Fix big-endian support (git-fixes). - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes). - PCI: Use pci_update_current_state() in pci_enable_device_flags() (git-fixes). - phy: tegra: xusb: Fix dangling pointer on probe failure (git-fixes). - PM: base: power: do not try to use non-existing RTC for storing data (git-fixes). - PM: EM: Increase energy calculation precision (git-fixes). - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors (git-fixes). - power: supply: max17042_battery: fix typo in MAx17042_TOFF (git-fixes). - powercap: intel_rapl: add support for Sapphire Rapids (jsc#SLE-15289). - powerpc: fix function annotations to avoid section mismatch warnings with gcc-10 (bsc#1148868). - powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543 ltc#194523). - powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1190544 ltc#194520). - powerpc/perf: Drop the case of returning 0 as instruction pointer (bsc#1065729). - powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set (bsc#1065729). - powerpc/perf: Fix the check for SIAR value (bsc#1065729). - powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729). - powerpc/perf: Use stack siar instead of mfspr (bsc#1065729). - powerpc/perf: Use the address from SIAR register to set cpumode flags (bsc#1065729). - powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729). - powerpc/powernv: Fix machine check reporting of async store errors (bsc#1065729). - powerpc/pseries: Prevent free CPU ids being reused on another node (bsc#1190620 ltc#194498). - powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729). - pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523). - pwm: img: Do not modify HW state in .remove() callback (git-fixes). - pwm: rockchip: Do not modify HW state in .remove() callback (git-fixes). - pwm: stm32-lp: Do not modify HW state in .remove() callback (git-fixes). - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (git-fixes). - RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init() (bsc#1170774). - RDMA/hns: Fix QP's resp incomplete assignment (jsc#SLE-14777). - RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it recently (jsc#SLE-15175). - RDMA/mlx5: Delete not-available udata check (jsc#SLE-15175). - RDMA/rtrs: Remove a useless kfree() (jsc#SLE-15176). - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (git-fixes). - regmap: fix page selection for noinc reads (git-fixes). - regmap: fix page selection for noinc writes (git-fixes). - regmap: fix the offset of register error log (git-fixes). - Restore kabi after NFS: pass cred explicitly for access tests (bsc#1190746). - rpm: Abolish scritplet templating (bsc#1189841). Outsource kernel-binary and KMP scriptlets to suse-module-tools. This allows fixing bugs in the scriptlets as well as defining initrd regeneration policy independent of the kernel packages. - rpm/kernel-binary.spec: Use only non-empty certificates. - rpm/kernel-binary.spec.in: avoid conflicting suse-release suse-release had arbitrary values in staging, we can't use it for dependencies. The filesystem one has to be enough (boo#1184804). - rtc: rx8010: select REGMAP_I2C (git-fixes). - rtc: tps65910: Correct driver module alias (git-fixes). - s390/unwind: use current_frame_address() to unwind current task (bsc#1185677). - sch_cake: fix srchost/dsthost hashing mode (bsc#1176447). - sched/fair: Add ancestors of unthrottled undecayed cfs_rq (bsc#1191292). - scsi: core: Add helper to return number of logical blocks in a request (bsc#1190576). - scsi: core: Introduce the scsi_cmd_to_rq() function (bsc#1190576). - scsi: fc: Add EDC ELS definition (bsc#1190576). - scsi: fc: Update formal FPIN descriptor definitions (bsc#1190576). - scsi: lpfc: Add bsg support for retrieving adapter cmf data (bsc#1190576). - scsi: lpfc: Add cm statistics buffer support (bsc#1190576). - scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576). - scsi: lpfc: Add cmfsync WQE support (bsc#1190576). - scsi: lpfc: Add debugfs support for cm framework buffers (bsc#1190576). - scsi: lpfc: Add EDC ELS support (bsc#1190576). - scsi: lpfc: Add MIB feature enablement support (bsc#1190576). - scsi: lpfc: Add rx monitoring statistics (bsc#1190576). - scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info to firmware (bsc#1190576). - scsi: lpfc: Add support for cm enablement buffer (bsc#1190576). - scsi: lpfc: Add support for maintaining the cm statistics buffer (bsc#1190576). - scsi: lpfc: Add support for the CM framework (bsc#1190576). - scsi: lpfc: Adjust bytes received vales during cmf timer interval (bsc#1190576). - scsi: lpfc: Copyright updates for 14.0.0.1 patches (bsc#1190576). - scsi: lpfc: Do not release final kref on Fport node while ABTS outstanding (bsc#1190576). - scsi: lpfc: Do not remove ndlp on PRLI errors in P2P mode (bsc#1190576). - scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576). - scsi: lpfc: Fix compilation errors on kernels with no CONFIG_DEBUG_FS (bsc#1190576). - scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS processing (bsc#1190576). - scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576). - scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (bsc#1190576). - scsi: lpfc: Fix gcc -Wstringop-overread warning, again (bsc#1190576). - scsi: lpfc: Fix hang on unload due to stuck fport node (bsc#1190576). - scsi: lpfc: Fix I/O block after enabling managed congestion mode (bsc#1190576). - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (bsc#1190576). - scsi: lpfc: Fix NVMe I/O failover to non-optimized path (bsc#1190576). - scsi: lpfc: Fix premature rpi release for unsolicited TPLS and LS_RJT (bsc#1190576). - scsi: lpfc: Fix rediscovery of tape device after LIP (bsc#1190576). - scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn() (bsc#1190576). - scsi: lpfc: Improve PBDE checks during SGL processing (bsc#1190576). - scsi: lpfc: Remove unneeded variable (bsc#1190576). - scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576). - scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576). - scsi: lpfc: Use correct scnprintf() limit (bsc#1190576). - scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190576). - scsi: lpfc: Use the proper SCSI midlayer interfaces for PI (bsc#1190576). - scsi: lpfc: Zero CGN stats only during initial driver load and stat reset (bsc#1190576). - scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (bsc#1189297). - scsi/fc: kABI fixes for new ELS_EDC, ELS_RDP definition (bsc#1171688 bsc#1174003 bsc#1190576). - selftests/bpf: Define string const as global for test_sysctl_prog.c (git-fixes). - selftests/bpf: Fix bpf-iter-tcp4 test to print correctly the dest IP (git-fixes). - selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change (git-fixes). - selftests/bpf: Whitelist test_progs.h from .gitignore (git-fixes). - serial: 8250_pci: make setup_port() parameters explicitly unsigned (git-fixes). - serial: 8250: Define RX trigger levels for OxSemi 950 devices (git-fixes). - serial: mvebu-uart: fix driver's tx_empty callback (git-fixes). - serial: sh-sci: fix break handling for sysrq (git-fixes). - spi: Fix tegra20 build with CONFIG_PM=n (git-fixes). - staging: board: Fix uninitialized spinlock when attaching genpd (git-fixes). - staging: ks7010: Fix the initialization of the 'sleep_status' structure (git-fixes). - staging: rts5208: Fix get_ms_information() heap buffer size (git-fixes). - thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (git-fixes). - time: Handle negative seconds correctly in timespec64_to_ns() (git-fixes). - tools: bpf: Fix error in 'make -C tools/ bpf_install' (git-fixes). - tty: Fix data race between tiocsti() and flush_to_ldisc() (git-fixes). - tty: serial: jsm: hold port lock when reporting modem line changes (git-fixes). - tty: synclink_gt, drop unneeded forward declarations (git-fixes). - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (git-fixes). - usb: core: hcd: Add support for deferring roothub registration (git-fixes). - usb: dwc2: Add missing cleanups when usb_add_gadget_udc() fails (git-fixes). - usb: dwc2: Avoid leaving the error_debugfs label unused (git-fixes). - usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes). - usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (git-fixes). - usb: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (git-fixes). - usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes). - usb: gadget: u_ether: fix a potential null pointer dereference (git-fixes). - usb: host: fotg210: fix the actual_length of an iso packet (git-fixes). - usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes). - usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes). - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (git-fixes). - usb: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (git-fixes). - usb: serial: option: add device id for Foxconn T99W265 (git-fixes). - usb: serial: option: add Telit LN920 compositions (git-fixes). - usb: serial: option: remove duplicate USB device ID (git-fixes). - usbip: give back URBs for unsent unlink requests during cleanup (git-fixes). - usbip:vhci_hcd USB port can get stuck in the disabled state (git-fixes). - video: fbdev: asiliantfb: Error out if 'pixclock' equals zero (git-fixes). - video: fbdev: kyro: Error out if 'pixclock' equals zero (git-fixes). - video: fbdev: kyro: fix a DoS bug by restricting user input (git-fixes). - video: fbdev: riva: Error out if 'pixclock' equals zero (git-fixes). - vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406). - vmxnet3: add support for ESP IPv6 RSS (bsc#1190406). - vmxnet3: increase maximum configurable mtu to 9190 (bsc#1190406). - vmxnet3: prepare for version 6 changes (bsc#1190406). - vmxnet3: remove power of 2 limitation on the queues (bsc#1190406). - vmxnet3: set correct hash type based on rss information (bsc#1190406). - vmxnet3: update to version 6 (bsc#1190406). - watchdog/sb_watchdog: fix compilation problem due to COMPILE_TEST (git-fixes). - x86/alternatives: Teach text_poke_bp() to emulate instructions (bsc#1185302). - x86/alternatives: Teach text_poke_bp() to emulate instructions (bsc#1190561). - x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439). - x86/asm: Fix SETZ size enqcmds() build failure (bsc#1178134). - x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289). - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (bsc#1152489). - x86/resctrl: Fix a maybe-uninitialized build warning treated as error (bsc#1152489). - x86/resctrl: Fix default monitoring groups reporting (bsc#1152489). - xfs: allow mount/remount when stripe width alignment is zero (bsc#1188651). - xfs: sync lazy sb accounting on quiesce of read-only mounts (bsc#1190679). - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' (git-fixes). - xhci: Set HCD flag to defer primary roothub registration (git-fixes). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3410-1 Released: Wed Oct 13 10:41:36 2021 Summary: Recommended update for xkeyboard-config Type: recommended Severity: moderate References: 1191242 This update for xkeyboard-config fixes the following issue: - Wrong keyboard mapping causing input delays with ABNT2 keyboards. (bsc#1191242) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3411-1 Released: Wed Oct 13 10:42:25 2021 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1191019 This update for lvm2 fixes the following issues: - Do not crash vgextend when extending VG with missing PV. (bsc#1191019) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3413-1 Released: Wed Oct 13 10:50:45 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: important References: 1189441,1189841,1190598 This update for suse-module-tools fixes the following issues: - Fixed an issue where the queuing of secure boot certificates did not happen (bsc#1189841, bsc#1190598) - Fixed an issue where initrd was not always rebuilding after installing any kernel-*-extra package (bsc#1189441) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3474-1 Released: Wed Oct 20 08:41:31 2021 Summary: Security update for util-linux Type: security Severity: moderate References: 1178236,1188921,CVE-2021-37600 This update for util-linux fixes the following issues: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c. (bsc#1188921) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3479-1 Released: Wed Oct 20 11:23:45 2021 Summary: Recommended update for dracut Type: recommended Severity: moderate References: 1184970,1186260,1187115,1187470,1187774,1190845 This update for dracut fixes the following issues: - Fix usage information for -f parameter. (bsc#1187470) - Fix obsolete reference to 96insmodpost in manpage. (bsc#1187774) - Remove references to INITRD_MODULES. (bsc#1187115) - Multipath FCoE configurations may not boot when using only one path. (bsc#1186260) - Adjust path for SUSE: /var/lib/nfs/statd/sm to /var/lib/nfs/sm. (bsc#1184970) - Systemd coredump unit files are missing in initrd. (1190845) - Use $kernel rather than $(uname -r). - Exclude modules that are built-in. - Restore INITRD_MODULES in mkinitrd script. - Call dracut_instmods with hostonly. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3480-1 Released: Wed Oct 20 11:24:10 2021 Summary: Recommended update for yast2-network Type: recommended Severity: moderate References: 1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933 This update for yast2-network fixes the following issues: - Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915). - Fix the shown description using the interface friendly name when it is empty (bsc#1190933). - Consider aliases sections as case insensitive (bsc#1190739). - Display user defined device name in the devices overview (bnc#1190645). - Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344). - Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910). - Fix desktop file so the control center tooltip is translated (bsc#1187270). - Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016). - Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3509-1 Released: Tue Oct 26 09:47:40 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: important References: 1191200,1191260,1191480,1191804,1191922 This update for suse-module-tools fixes the following issues: Update to version 15.3.13: - Fix bad exit status in openQA. (bsc#1191922) - Ignore kernel keyring for kernel certificates. (bsc#1191480) - Deal with existing certificates that should be de-enrolled. (bsc#1191804) - Don't pass existing files to weak-modules2. (bsc#1191200) - Skip certificate scriptlet on non-UEFI systems. (bsc#1191260) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3532-1 Released: Wed Oct 27 10:11:20 2021 Summary: Recommended update for pmdk Type: recommended Severity: important References: 1191339 This update for pmdk fixes the following issues: - Fixed an issue when 'PMDK' causes data corruption on power failure. (bsc#1191339) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3589-1 Released: Mon Nov 1 19:27:52 2021 Summary: Recommended update for apparmor Type: recommended Severity: moderate References: 1191690 This update for apparmor fixes the following issues: - Fixed an issue when apparmor provides python2 and python3 libraries with the same name. (bsc#1191690) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3605-1 Released: Wed Nov 3 14:59:32 2021 Summary: Security update for qemu Type: security Severity: important References: 1189234,1189702,1189938,1190425,CVE-2021-3713,CVE-2021-3748 This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3713: Fix out-of-bounds write in UAS (USB Attached SCSI) device emulation (bsc#1189702) - CVE-2021-3748: Fix heap use-after-free in virtio_net_receive_rcu (bsc#1189938) Non-security issues fixed: - Add transfer length item in block limits page of scsi vpd (bsc#1190425) - Fix qemu crash while deleting xen-block (bsc#1189234) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3619-1 Released: Fri Nov 5 12:29:52 2021 Summary: Security update for libvirt Type: security Severity: moderate References: 1177902,1183247,1186398,1190420,1190493,1190693,1190695,1190917 This update for libvirt fixes the following issues: - lxc: controller: Fix container launch on cgroup v1. (bsc#1183247) - supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active. - qemu: Do not report error in the logs when processing monitor IO. (bsc#1190917) - spec: Fix an issue when package update hangs (bsc#1177902, bsc#1190693) - spec: Don't add '--timeout' argument to '/etc/sysconfig/libvirtd' when running in traditional mode without socket activation. (bsc#1190695) - libxl: Improve reporting of 'die_id' in capabilities. (bsc#1190493) - libxl: Fix driver reload. (bsc#1190420) - qemu: Set label on virtual host network device when hotplugging. (bsc#1186398) - supportconfig: When checking for installed hypervisor drivers, use the libvirtr-daemon-driver- package instead of libvirt-daemon-. The latter are not required packages for a functioning hypervisor driver. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3655-1 Released: Thu Nov 11 11:59:22 2021 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1065729,1085030,1152472,1152489,1156395,1172073,1173604,1176447,1176774,1176914,1178134,1180100,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191867,1191934,1191958,1192040,1192041,1192074,1192107,1192145,CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to a NFS regression. The following security bugs were fixed: - CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351). - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563). - CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on Power8 (bnc#1192107). - CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958). - CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067). - CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673). - CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063). - CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109). - CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349). - CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation Vulnerability (bsc#1191645). - CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could have allowed local attackers to access the Aspeed LPC control interface to overwrite memory in the kernel and potentially execute privileges (bnc#1190479). - CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (bnc#1191317). - CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315). The following non-security bugs were fixed: - ACPI: NFIT: Use fallback node id when numa info in NFIT table is incorrect (git-fixes). - ACPI: bgrt: Fix CFI violation (git-fixes). - ACPI: fix NULL pointer dereference (git-fixes). - ACPI: fix NULL pointer dereference (git-fixes). - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254 (git-fixes). - ALSA: hda/realtek - ALC236 headset MIC recording issue (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes). - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1 (git-fixes). - ALSA: hda/realtek: Complete partial device name to avoid ambiguity (git-fixes). - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop (git-fixes). - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s Gen2 (git-fixes). - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW (git-fixes). - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops (git-fixes). - ALSA: hda: avoid write to STATESTS if controller is in reset (git-fixes). - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors (bsc#1190801). - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl (git-fixes). - ALSA: seq: Fix a potential UAF by wrong private_free call order (git-fixes). - ALSA: usb-audio: Add quirk for VF0770 (git-fixes). - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset (git-fixes). - ASoC: DAPM: Fix missing kctl change notifications (git-fixes). - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (git-fixes). - ASoC: Intel: Skylake: Fix passing loadable flag for module (git-fixes). - ASoC: Intel: bytcr_rt5640: Move 'Platform Clock' routes to the maps for the matching in-/output (git-fixes). - ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic (git-fixes). - ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and SRAM types (git-fixes). - ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and SRAM types (git-fixes). - ASoC: SOF: loader: release_firmware() on load failure to avoid batching (git-fixes). - ASoC: atmel: ATMEL drivers do not need HAS_DMA (git-fixes). - ASoC: dapm: use component prefix when checking widget names (git-fixes). - ASoC: fsl_spdif: register platform component before registering cpu dai (git-fixes). - ASoC: wm8960: Fix clock configuration on slave mode (git-fixes). - Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731). - Configure mpi3mr as currently unsupported (jsc#SLE-18120) - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS (git-fixes). - HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes). - HID: u2fzero: ignore incomplete packets without data (git-fixes). - HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes). - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs (git-fixes). - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241). - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241). - IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241). - IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241). - Input: snvs_pwrkey - add clk handling (git-fixes). - Input: xpad - add support for another USB ID of Nacon GC-100 (git-fixes). - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (bsc#1156395). - KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state (bsc#1156395). - KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines (jsc#SLE-12936 git-fixes). - KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path (bsc#1065729). - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (bsc#1156395). - KVM: PPC: Fix clearing never mapped TCEs in realmode (bsc#1156395). - KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395). - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() (git-fixes). - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() (git-fixes). - NFS: Do uncached readdir when we're seeking a cookie in an empty page cache (bsc#1191628). - PCI: Fix pci_host_bridge struct device release/free handling (git-fixes). - PM / devfreq: rk3399_dmc: Add missing of_node_put() (git-fixes). - PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails (git-fixes). - PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent (git-fixes). - PM / devfreq: rk3399_dmc: Fix spelling typo (git-fixes). - PM / devfreq: rk3399_dmc: Remove unneeded semicolon (git-fixes). - RDMA/cma: Do not change route.addr.src_addr.ss_family (bsc#1181147). - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure (bsc#1181147). - USB: cdc-acm: clean up probe error labels (git-fixes). - USB: cdc-acm: fix minor-number release (git-fixes). - USB: serial: option: add Quectel EC200S-CN module support (git-fixes). - USB: serial: option: add Telit LE910Cx composition 0x1204 (git-fixes). - USB: serial: option: add prod. id for Quectel EG91 (git-fixes). - USB: serial: qcserial: add EM9191 QDL support (git-fixes). - USB: xhci: dbc: fix tty registration race (git-fixes). - acpi/arm64: fix next_platform_timer() section mismatch error (git-fixes). - acpi/arm64: fix next_platform_timer() section mismatch error (git-fixes). - ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators() (git-fixes). - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (git-fixes). - audit: fix possible null-pointer dereference in audit_filter_rules (git-fixes). - bfq: Remove merged request already in bfq_requests_merged() (bsc#1191456). - blk: Fix lock inversion between ioc lock and bfqd lock (bsc#1191456). - blktrace: Fix uaf in blk_trace access after removing by sysfs (bsc#1191452). - block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451). - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (jsc#SLE-16649). - bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (git-fixes). - bpf: Fix OOB read when printing XDP link fdinfo (git-fixes). - bpf: Fix a typo of reuseport map in bpf.h (git-fixes). - bpf: Fix up bpf_skb_adjust_room helper's skb csum setting (git-fixes). - can: dev: can_restart: fix use after free bug (git-fixes). - can: peak_pci: peak_pci_remove(): fix UAF (git-fixes). - can: peak_usb: fix use after free bugs (git-fixes). - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification (git-fixes). - can: rcar_can: fix suspend/resume (git-fixes). - can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (git-fixes). - can: xilinx_can: handle failure cases of pm_runtime_get_sync (git-fixes). - cb710: avoid NULL pointer subtraction (git-fixes). - ceph: fix handling of 'meta' errors (bsc#1192041). - ceph: skip existing superblocks that are blocklisted or shut down when mounting (bsc#1192040). - cfg80211: correct bridge/4addr mode check (git-fixes). - cfg80211: fix management registrations locking (git-fixes). - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() (git-fixes). - cpuidle: pseries: Mark pseries_idle_proble() as __init (jsc#SLE-13614 bsc#1176914 ltc#186394 git-fixes). - drm/amd/display: Pass PCI deviceid into DC (git-fixes). - drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (git-fixes). - drm/amdgpu: fix gart.bo pin_count leak (git-fixes). - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read (git-fixes). - drm/i915: Fix syncmap memory leak (bsc#1152489) Backporting notes: * context changes in intel_timeline_fini() - drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() (git-fixes). - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling (git-fixes). - drm/msm: Avoid potential overflow in timeout_to_jiffies() (git-fixes). - drm/msm: Fix null pointer dereference on pointer edp (git-fixes). - drm/nouveau/debugfs: fix file release memory leak (git-fixes). - drm/nouveau/kms/nv50-: fix file release memory leak (git-fixes). - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (git-fixes). - drm/nouveau: avoid a use-after-free when BO init fails (bsc#1152472) - drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes). - drm/panfrost: Make sure MMU context lifetime is not bound to (bsc#1152472) - drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup (git-fixes). - e1000e: Drop patch to avoid regressions until real fix is available (bsc#1191663). - e1000e: Fix packet loss on Tiger Lake and later (git-fixes). - e100: fix buffer overrun in e100_get_regs (git-fixes). - e100: fix length calculation in e100_get_regs_len (git-fixes). - e100: handle eeprom as little endian (git-fixes). - ext4: fix reserved space counter leakage (bsc#1191450). - ext4: report correct st_size for encrypted symlinks (bsc#1191449). - fs, mm: fix race in unlinking swapfile (bsc#1191455). - fscrypt: add fscrypt_symlink_getattr() for computing st_size (bsc#1191449). - gpio: pca953x: Improve bias setting (git-fixes). - hso: fix bailout in error case of probe (git-fixes). - i2c: acpi: fix resource leak in reconfiguration device addition (git-fixes). - ice: fix getting UDP tunnel entry (jsc#SLE-12878). - iio: adc128s052: Fix the error handling path of 'adc128_probe()' (git-fixes). - iio: adc: aspeed: set driver data when adc probe (git-fixes). - iio: dac: ti-dac5571: fix an error code in probe() (git-fixes). - iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes). - iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes). - iio: ssp_sensors: add more range checking in ssp_parse_dataframe() (git-fixes). - iio: ssp_sensors: fix error code in ssp_print_mcu_debug() (git-fixes). - ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241). - ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241). - isdn: cpai: check ctr->cnr to avoid array index out of bound (git-fixes). - isdn: mISDN: Fix sleeping function called from invalid context (git-fixes). - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15 (git-fixes). - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup (git-fixes). - kABI workaround for HD-audio probe retry changes (bsc#1190801). - kABI workaround for cfg80211 mgmt_registration_lock changes (git-fixes). - kabi: block: Fix kabi of blk_mq_sched_try_insert_merge() (bsc#1191456). - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167 bsc#1191240 ltc#194716). - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167). - kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. Fixes: e98096d5cf85 ('rpm: Abolish scritplet templating (bsc#1189841).') - kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229). - lan78xx: select CRC32 (git-fixes). - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD (git-fixes). - mac80211: Drop frames from invalid MAC address in ad-hoc mode (git-fixes). - mac80211: check return value of rhashtable_init (git-fixes). - mei: me: add Ice Lake-N device id (git-fixes). - mmc: dw_mmc: exynos: fix the finding clock sample value (git-fixes). - mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk (git-fixes). - mmc: vub300: fix control-message timeouts (git-fixes). - net/mlx5: E-Switch, Fix double allocation of acl flow counter (jsc#SLE-15172). - net/mlx5e: IPSEC RX, enable checksum complete (jsc#SLE-15172). - net/mlx5e: RX, Avoid possible data corruption when relaxed ordering and LRO combined (jsc#SLE-15172). - net/sched: ets: fix crash when flipping from 'strict' to 'quantum' (bsc#1176774). - net: batman-adv: fix error handling (git-fixes). - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (git-fixes). - net: cdc_eem: fix tx fixup skb leak (git-fixes). - net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes). - net: hns3: check queue id range before using (jsc#SLE-14777). - net: hso: add failure handler for add_net_device (git-fixes). - net: hso: fix NULL-deref on disconnect regression (git-fixes). - net: hso: fix null-ptr-deref during tty device unregistration (git-fixes). - net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241). - net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241). - net: lan78xx: fix division by zero in send path (git-fixes). - net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191800). - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() (git-fixes). - netfilter: Drop fragmented ndisc packets assembled in netfilter (git-fixes). - netfilter: conntrack: collect all entries in one cycle (bsc#1173604). - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value (bsc#1176447). - nfc: fix error handling of nfc_proto_register() (git-fixes). - nfc: port100: fix using -ERRNO as command type mask (git-fixes). - nvme-fc: avoid race between time out and tear down (bsc#1185762). - nvme-fc: remove freeze/unfreeze around update_nr_hw_queues (bsc#1185762). - nvme-fc: update hardware queues before using them (bsc#1185762). - nvme-pci: Fix abort command id (git-fixes). - nvme-pci: fix error unwind in nvme_map_data (bsc#1191934). - nvme-pci: fix error unwind in nvme_map_data (bsc#1191934). - nvme-pci: refactor nvme_unmap_data (bsc#1191934). - nvme-pci: refactor nvme_unmap_data (bsc#1191934). - nvme: add command id quirk for apple controllers (git-fixes). - ocfs2: fix data corruption after conversion from inline format (bsc#1190795). - pata_legacy: fix a couple uninitialized variable bugs (git-fixes). - phy: mdio: fix memory leak (git-fixes). - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (git-fixes). - platform/mellanox: mlxreg-io: Fix read access of n-bytes size attributes (git-fixes). - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes). - platform/x86: intel_scu_ipc: Fix busy loop expiry time (git-fixes). - powerpc/64s: Fix entry flush patching w/strict RWX & hash (jsc#SLE-13847 git-fixes). - powerpc/64s: Fix stf mitigation patching w/strict RWX & hash (jsc#SLE-13847 git-fixes). - powerpc/64s: Remove irq mask workaround in accumulate_stolen_time() (jsc#SLE-9246 git-fixes). - powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729). - powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729). - powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729). - powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729). - powerpc/bpf: Use bctrl for making function calls (bsc#1065729). - powerpc/bpf: Use bctrl for making function calls (bsc#1065729). - powerpc/lib/code-patching: Do not use struct 'ppc_inst' for runnable code in tests (jsc#SLE-13847 git-fixes). - powerpc/lib/code-patching: Make instr_is_branch_to_addr() static (jsc#SLE-13847 git-fixes). - powerpc/lib: Fix emulate_step() std test (bsc#1065729). - powerpc/numa: Update cpu_cpu_map on CPU online/offline (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/pseries: Fix build error when NUMA=n (bsc#1190620 ltc#194498 git-fixes). - powerpc/smp: Cache CPU to chip lookup (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Enable CACHE domain for shared processor (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Fix a crash while booting kvm guest with nr_cpus=2 (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Fold cpu_die() into its only caller (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Set numa node before updating mask (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Update cpu_core_map on all PowerPc systems (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/uprobes: Validation for prefixed instruction (jsc#SLE-13847 git-fixes). - powerpc/xive: Discard disabled interrupts in get_irqchip_state() (bsc#1085030 git-fixes). - powerpc: Do not dereference code as 'struct ppc_inst' (uprobe, code-patching, feature-fixups) (jsc#SLE-13847 git-fixes). - powerpc: Do not use 'struct ppc_inst' to reference instruction location (jsc#SLE-13847 git-fixes). - powerpc: Move arch_cpu_idle_dead() into smp.c (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init (git-fixes). - ptp_pch: Load module automatically if ID matches (git-fixes). - ptp_pch: Restore dependency on PCI (git-fixes). - regmap: Fix possible double-free in regcache_rbtree_exit() (git-fixes). - rpm: fix kmp install path - rpm: use _rpmmacrodir (boo#1191384) - scsi: ibmvfc: Fix up duplicate response detection (bsc#1191867 ltc#194757). - scsi: iscsi: Fix deadlock on recovery path during GFP_IO reclaim (git-fixes). - scsi: lpfc: Allow PLOGI retry if previous PLOGI was aborted (bsc#1192145). - scsi: lpfc: Allow fabric node recovery if recovery is in progress before devloss (bsc#1192145). - scsi: lpfc: Correct sysfs reporting of loop support after SFP status change (bsc#1192145). - scsi: lpfc: Fix link down processing to address NULL pointer dereference (bsc#1192145). - scsi: lpfc: Fix memory overwrite during FC-GS I/O abort handling (bsc#1191349). - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine (bsc#1192145). - scsi: lpfc: Revert LOG_TRACE_EVENT back to LOG_INIT prior to driver_resource_setup() (bsc#1192145). - scsi: lpfc: Update lpfc version to 14.0.0.3 (bsc#1192145). - scsi: lpfc: Wait for successful restart of SLI3 adapter during host sg_reset (bsc#1192145). - scsi: mpi3mr: Add EEDP DIF DIX support (jsc#SLE-18120). - scsi: mpi3mr: Add bios_param SCSI host template hook (jsc#SLE-18120). - scsi: mpi3mr: Add change queue depth support (jsc#SLE-18120). - scsi: mpi3mr: Add event handling debug prints (jsc#SLE-18120). - scsi: mpi3mr: Add mpi30 Rev-R headers and Kconfig (jsc#SLE-18120). - scsi: mpi3mr: Add support for DSN secure firmware check (jsc#SLE-18120). - scsi: mpi3mr: Add support for PCIe device event handling (jsc#SLE-18120). - scsi: mpi3mr: Add support for PM suspend and resume (jsc#SLE-18120). - scsi: mpi3mr: Add support for device add/remove event handling (jsc#SLE-18120). - scsi: mpi3mr: Add support for internal watchdog thread (jsc#SLE-18120). - scsi: mpi3mr: Add support for queue command processing (jsc#SLE-18120). - scsi: mpi3mr: Add support for recovering controller (jsc#SLE-18120). - scsi: mpi3mr: Add support for threaded ISR (jsc#SLE-18120). - scsi: mpi3mr: Add support for timestamp sync with firmware (jsc#SLE-18120). - scsi: mpi3mr: Additional event handling (jsc#SLE-18120). - scsi: mpi3mr: Allow certain commands during pci-remove hook (jsc#SLE-18120). - scsi: mpi3mr: Base driver code (jsc#SLE-18120). - scsi: mpi3mr: Complete support for soft reset (jsc#SLE-18120). - scsi: mpi3mr: Create operational request and reply queue pair (jsc#SLE-18120). - scsi: mpi3mr: Fix error handling in mpi3mr_setup_isr() (git-fixes). - scsi: mpi3mr: Fix missing unlock on error (git-fixes). - scsi: mpi3mr: Hardware workaround for UNMAP commands to NVMe drives (jsc#SLE-18120). - scsi: mpi3mr: Implement SCSI error handler hooks (jsc#SLE-18120). - scsi: mpi3mr: Print IOC info for debugging (jsc#SLE-18120). - scsi: mpi3mr: Print pending host I/Os for debugging (jsc#SLE-18120). - scsi: mpi3mr: Set up IRQs in resume path (jsc#SLE-18120). - scsi: mpi3mr: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (jsc#SLE-18120). - scsi: mpi3mr: Use the proper SCSI midlayer interfaces for PI (jsc#SLE-18120). - scsi: mpi3mr: Wait for pending I/O completions upon detection of VD I/O timeout (jsc#SLE-18120). - scsi: qla2xxx: Add debug print of 64G link speed (bsc#1190941). - scsi: qla2xxx: Add host attribute to trigger MPI hang (bsc#1190941). - scsi: qla2xxx: Add support for mailbox passthru (bsc#1190941). - scsi: qla2xxx: Adjust request/response queue size for 28xx (bsc#1190941). - scsi: qla2xxx: Call process_response_queue() in Tx path (bsc#1190941). - scsi: qla2xxx: Changes to support FCP2 Target (bsc#1190941). - scsi: qla2xxx: Changes to support kdump kernel (bsc#1190941). - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS (bsc#1190941). - scsi: qla2xxx: Check for firmware capability before creating QPair (bsc#1190941). - scsi: qla2xxx: Display 16G only as supported speeds for 3830c card (bsc#1190941). - scsi: qla2xxx: Do not call fc_block_scsi_eh() during bus reset (bsc#1190941). - scsi: qla2xxx: Fix NPIV create erroneous error (bsc#1190941). - scsi: qla2xxx: Fix NVMe retry (bsc#1190941). - scsi: qla2xxx: Fix NVMe session down detection (bsc#1190941). - scsi: qla2xxx: Fix NVMe | FCP personality change (bsc#1190941). - scsi: qla2xxx: Fix crash in NVMe abort path (bsc#1190941). - scsi: qla2xxx: Fix excessive messages during device logout (bsc#1190941). - scsi: qla2xxx: Fix hang during NVMe session tear down (bsc#1190941). - scsi: qla2xxx: Fix hang on NVMe command timeouts (bsc#1190941). - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file (bsc#1190941). - scsi: qla2xxx: Fix port type info (bsc#1190941). - scsi: qla2xxx: Fix unsafe removal from linked list (bsc#1190941). - scsi: qla2xxx: Fix use after free in eh_abort path (bsc#1190941). - scsi: qla2xxx: Move heartbeat handling from DPC thread to workqueue (bsc#1190941). - scsi: qla2xxx: Open-code qla2xxx_eh_device_reset() (bsc#1190941). - scsi: qla2xxx: Open-code qla2xxx_eh_target_reset() (bsc#1190941). - scsi: qla2xxx: Remove redundant initialization of pointer req (bsc#1190941). - scsi: qla2xxx: Restore initiator in dual mode (bsc#1190941). - scsi: qla2xxx: Show OS name and version in FDMI-1 (bsc#1190941). - scsi: qla2xxx: Suppress unnecessary log messages during login (bsc#1190941). - scsi: qla2xxx: Sync queue idx with queue_pair_map idx (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.06.100-k (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.06.200-k (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.07.100-k (bsc#1190941). - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190941). - scsi: qla2xxx: edif: Add N2N support for EDIF (bsc#1190941). - scsi: qla2xxx: edif: Do secure PLOGI when auth app is present (bsc#1190941). - scsi: qla2xxx: edif: Fix EDIF enable flag (bsc#1190941). - scsi: qla2xxx: edif: Fix returnvar.cocci warnings (bsc#1190941). - scsi: qla2xxx: edif: Fix stale session (bsc#1190941). - scsi: qla2xxx: edif: Reject AUTH ELS on session down (bsc#1190941). - scsi: qla2xxx: edif: Use link event to wake up app (bsc#1190941). - scsi: target: Fix the pgr/alua_support_store functions (git-fixes). - sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351). - soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment (git-fixes). - spi: spi-nxp-fspi: do not depend on a specific node name erratum workaround (git-fixes). - tpm: ibmvtpm: Avoid error message when process gets signal while waiting (bsc#1065729). - usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle (git-fixes). - usb: hso: fix error handling code of hso_create_net_device (git-fixes). - usb: hso: remove the bailout parameter (git-fixes). - usb: musb: dsps: Fix the probe error path (git-fixes). - video: fbdev: gbefb: Only instantiate device when built for IP32 (git-fixes). - virtio: write back F_VERSION_1 before validate (git-fixes). - watchdog: orion: use 0 for unset heartbeat (git-fixes). - x86/pat: Pass valid address to sanitize_phys() (bsc#1152489). - x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails (bsc#1152489). - x86/sev: Return an error on a returned non-zero SW_EXITINFO1[31:0] (bsc#1178134). - xen: fix setting of max_pfn in shared_info (git-fixes). - xen: reset legacy rtc flag for PV domU (git-fixes). - xfs: Fixed non-directory creation in SGID directories introduced by CVE-2018-13405 patch (bsc#1190006). - xfs: ensure that the inode uid/gid match values match the icdinode ones (bsc#1190006). - xfs: fix I_DONTCACHE (bsc#1192074). - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes (bsc#1190642). - xfs: merge the projid fields in struct xfs_icdinode (bsc#1190006). - xfs: remove the icdinode di_uid/di_gid members (bsc#1190006). - xhci: Enable trust tx length quirk for Fresco FL11 USB controller (git-fixes). - xhci: Fix command ring pointer corruption while aborting a command (git-fixes). - xhci: guard accesses to ep_state in xhci_endpoint_reset() (git-fixes). - xhci: guard accesses to ep_state in xhci_endpoint_reset() (git-fixes). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3663-1 Released: Mon Nov 15 19:14:32 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1191804 This update for suse-module-tools fixes the following issues: - Update to version 15.3.14: * more fixes for updates under secure boot * cert-script: Deal with existing $cert.delete file (bsc#1191804). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3675-1 Released: Tue Nov 16 17:47:44 2021 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1065729,1085030,1089118,1094840,1133021,1152472,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176447,1176774,1176914,1176940,1178134,1180100,1180749,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1188601,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191851,1191867,1191934,1191958,1191980,1192040,1192041,1192074,1192107,1192145,1192229,1192267,1192288,1192549,CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-37159,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056,CVE-2021-43389 The following security bugs were fixed: - CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063). - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563). - CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349). - CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067). - CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351). - CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958). - CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109). - CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation Vulnerability (bsc#1191645). - CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601). - CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (bnc#1191317). - CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315). - CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could have allowed local attackers to access the Aspeed LPC control interface to overwrite memory in the kernel and potentially execute privileges (bnc#1190479). - CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673). - CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on Power8 (bnc#1192107). - CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958). The following non-security bugs were fixed: - acpi/arm64: fix next_platform_timer() section mismatch error (git-fixes). - ACPI: bgrt: Fix CFI violation (git-fixes). - ACPI: fix NULL pointer dereference (git-fixes). - ACPI: NFIT: Use fallback node id when numa info in NFIT table is incorrect (git-fixes). - Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731). - ALSA: hda: avoid write to STATESTS if controller is in reset (git-fixes). - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254 (git-fixes). - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors (bsc#1190801). - ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes). - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1 (git-fixes). - ALSA: hda/realtek - ALC236 headset MIC recording issue (git-fixes). - ALSA: hda/realtek: Complete partial device name to avoid ambiguity (git-fixes). - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop (git-fixes). - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s Gen2 (git-fixes). - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14 (git-fixes). - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW (git-fixes). - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops (git-fixes). - ALSA: hda: Reduce udelay() at SKL+ position reporting (git-fixes). - ALSA: hda: Use position buffer for SKL+ again (git-fixes). - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl (git-fixes). - ALSA: seq: Fix a potential UAF by wrong private_free call order (git-fixes). - ALSA: ua101: fix division by zero at probe (git-fixes). - ALSA: uapi: Fix a C++ style comment in asound.h (git-fixes). - ALSA: usb-audio: Add quirk for VF0770 (git-fixes). - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset (git-fixes). - ASoC: atmel: ATMEL drivers do not need HAS_DMA (git-fixes). - ASoC: cs42l42: Correct some register default values (git-fixes). - ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER (git-fixes). - ASoC: cs42l42: Do not set defaults for volatile registers (git-fixes). - ASoC: DAPM: Fix missing kctl change notifications (git-fixes). - ASoC: dapm: use component prefix when checking widget names (git-fixes). - ASoC: dt-bindings: cs42l42: Correct description of ts-inv (git-fixes). - ASoC: fsl_spdif: register platform component before registering cpu dai (git-fixes). - ASoC: Intel: bytcr_rt5640: Move 'Platform Clock' routes to the maps for the matching in-/output (git-fixes). - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (git-fixes). - ASoC: Intel: Skylake: Fix passing loadable flag for module (git-fixes). - ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic (git-fixes). - ASoC: mediatek: mt8195: Remove unsued irqs_lock (git-fixes). - ASoC: rockchip: Use generic dmaengine code (git-fixes). - ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and SRAM types (git-fixes). - ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and SRAM types (git-fixes). - ASoC: SOF: loader: release_firmware() on load failure to avoid batching (git-fixes). - ASoC: SOF: topology: do not power down primary core during topology removal (git-fixes). - ASoC: topology: Fix stub for snd_soc_tplg_component_remove() (git-fixes). - ASoC: wm8960: Fix clock configuration on slave mode (git-fixes). - ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators() (git-fixes). - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (git-fixes). - ata: sata_mv: Fix the error handling of mv_chip_id() (git-fixes). - ath10k: fix control-message timeout (git-fixes). - ath10k: fix division by zero in send path (git-fixes). - ath10k: fix max antenna gain unit (git-fixes). - ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes). - ath10k: sdio: Add missing BH locking around napi_schdule() (git-fixes). - ath6kl: fix control-message timeout (git-fixes). - ath6kl: fix division by zero in send path (git-fixes). - ath9k: Fix potential interrupt storm on queue reset (git-fixes). - audit: fix possible null-pointer dereference in audit_filter_rules (git-fixes). - b43: fix a lower bounds test (git-fixes). - b43legacy: fix a lower bounds test (git-fixes). - bfq: Remove merged request already in bfq_requests_merged() (bsc#1191456). - blk: Fix lock inversion between ioc lock and bfqd lock (bsc#1191456). - blktrace: Fix uaf in blk_trace access after removing by sysfs (bsc#1191452). - block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451). - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync (git-fixes). - Bluetooth: fix init and cleanup of sco_conn.timeout_work (git-fixes). - bnxt_en: Fix TX timeout when TX ring size is set to the smallest (git-fixes). - bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (jsc#SLE-16649). - bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (git-fixes). - bpf: Fix a typo of reuseport map in bpf.h (git-fixes). - bpf: Fix OOB read when printing XDP link fdinfo (git-fixes). - bpf: Fix up bpf_skb_adjust_room helper's skb csum setting (git-fixes). - can: dev: can_restart: fix use after free bug (git-fixes). - can: peak_pci: peak_pci_remove(): fix UAF (git-fixes). - can: peak_usb: fix use after free bugs (git-fixes). - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification (git-fixes). - can: rcar_can: fix suspend/resume (git-fixes). - can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (git-fixes). - can: xilinx_can: handle failure cases of pm_runtime_get_sync (git-fixes). - cb710: avoid NULL pointer subtraction (git-fixes). - ceph: fix handling of 'meta' errors (bsc#1192041). - ceph: skip existing superblocks that are blocklisted or shut down when mounting (bsc#1192040). - cfg80211: correct bridge/4addr mode check (git-fixes). - cfg80211: fix management registrations locking (git-fixes). - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() (git-fixes). - Configure mpi3mr as currently unsupported (jsc#SLE-18120) - cpuidle: pseries: Mark pseries_idle_proble() as __init (jsc#SLE-13614 bsc#1176914 ltc#186394 git-fixes). - driver core: add a min_align_mask field to struct device_dma_parameters (bsc#1191851). - drm/amd/display: Pass PCI deviceid into DC (git-fixes). - drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (git-fixes). - drm/amdgpu/display: add quirk handling for stutter mode (git-fixes). - drm/amdgpu: fix gart.bo pin_count leak (git-fixes). - drm/amdgpu: fix warning for overflow check (git-fixes). - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits (git-fixes). - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read (git-fixes). - drm/i915: Fix syncmap memory leak (bsc#1152489) Backporting notes: * context changes in intel_timeline_fini() - drm/msm: Avoid potential overflow in timeout_to_jiffies() (git-fixes). - drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() (git-fixes). - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling (git-fixes). - drm/msm: Fix null pointer dereference on pointer edp (git-fixes). - drm/msm: Fix potential NULL dereference in DPU SSPP (git-fixes). - drm/msm: potential error pointer dereference in init() (git-fixes). - drm/msm: uninitialized variable in msm_gem_import() (git-fixes). - drm/nouveau: avoid a use-after-free when BO init fails (bsc#1152472) - drm/nouveau/debugfs: fix file release memory leak (git-fixes). - drm/nouveau/kms/nv50-: fix file release memory leak (git-fixes). - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (git-fixes). - drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes). - drm/panfrost: Make sure MMU context lifetime is not bound to (bsc#1152472) - drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup (git-fixes). - drm/sun4i: Fix macros in sun8i_csc.h (git-fixes). - drm/ttm: stop calling tt_swapin in vm_access (git-fixes). - drm/v3d: fix wait for TMU write combiner flush (git-fixes). - e1000e: Drop patch to avoid regressions until real fix is available (bsc#1191663). - e1000e: Fix packet loss on Tiger Lake and later (git-fixes). - e100: fix buffer overrun in e100_get_regs (git-fixes). - e100: fix length calculation in e100_get_regs_len (git-fixes). - e100: handle eeprom as little endian (git-fixes). - EDAC/amd64: Set proper family type for Family 19h Models 20h-2Fh (bsc#1192288). - ext4: fix reserved space counter leakage (bsc#1191450). - ext4: report correct st_size for encrypted symlinks (bsc#1191449). - firmware/psci: fix application of sizeof to pointer (git-fixes). - fscrypt: add fscrypt_symlink_getattr() for computing st_size (bsc#1191449). - fs, mm: fix race in unlinking swapfile (bsc#1191455). - ftrace: Fix scripts/recordmcount.pl due to new binutils (bsc#1192267). - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP (bsc#1152489). - gpio: pca953x: Improve bias setting (git-fixes). - gve: Avoid freeing NULL pointer (git-fixes). - gve: Correct available tx qpl check (git-fixes). - gve: fix gve_get_stats() (git-fixes). - gve: Properly handle errors in gve_assign_qpl (bsc#1176940). - gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1176940). - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS (git-fixes). - HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes). - HID: u2fzero: ignore incomplete packets without data (git-fixes). - HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes). - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs (git-fixes). - hso: fix bailout in error case of probe (git-fixes). - hwmon: Fix possible memleak in __hwmon_device_register() (git-fixes). - hwmon: (pmbus/lm25066) Add offset coefficients (git-fixes). - hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff (git-fixes). - hwrng: mtk - Force runtime pm ops for sleep ops (git-fixes). - i2c: acpi: fix resource leak in reconfiguration device addition (git-fixes). - i40e: Fix ATR queue selection (git-fixes). - i40e: fix endless loop under rtnl (git-fixes). - i40e: Fix freeing of uninitialized misc IRQ vector (git-fixes). - iavf: fix double unlock of crit_lock (git-fixes). - ibmvnic: delay complete() (bsc#1094840 ltc#167098 git-fixes). - ice: Add missing E810 device ids (jsc#SLE-7966 bsc#1157177). - ice: fix getting UDP tunnel entry (jsc#SLE-12878). - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241). - iio: adc128s052: Fix the error handling path of 'adc128_probe()' (git-fixes). - iio: adc: aspeed: set driver data when adc probe (git-fixes). - iio: dac: ti-dac5571: fix an error code in probe() (git-fixes). - iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes). - iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes). - iio: ssp_sensors: add more range checking in ssp_parse_dataframe() (git-fixes). - iio: ssp_sensors: fix error code in ssp_print_mcu_debug() (git-fixes). - Input: i8042 - Add quirk for Fujitsu Lifebook T725 (bsc#1191980). - Input: snvs_pwrkey - add clk handling (git-fixes). - Input: xpad - add support for another USB ID of Nacon GC-100 (git-fixes). - ionic: do not remove netdev->dev_addr when syncing uc list (bsc#1167773). - ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241). - IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241). - isdn: cpai: check ctr->cnr to avoid array index out of bound (git-fixes). - isdn: mISDN: Fix sleeping function called from invalid context (git-fixes). - iwlwifi: mvm: fix some kerneldoc issues (git-fixes). - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15 (git-fixes). - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup (git-fixes). - kabi: block: Fix kabi of blk_mq_sched_try_insert_merge() (bsc#1191456). - kABI: Fix kABI after 36950f2da1ea (bsc#1191851). - kABI workaround for cfg80211 mgmt_registration_lock changes (git-fixes). - kABI workaround for HD-audio probe retry changes (bsc#1190801). - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167). - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167 bsc#1191240 ltc#194716). - kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. Fixes: e98096d5cf85 ('rpm: Abolish scritplet templating (bsc#1189841).') - kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229). - KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines (jsc#SLE-12936 git-fixes). - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (bsc#1156395). - KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state (bsc#1156395). - KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path (bsc#1065729). - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (bsc#1156395). - KVM: PPC: Fix clearing never mapped TCEs in realmode (bsc#1156395). - KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395). - KVM: s390: extend kvm_s390_shadow_fault to return entry pointer (bsc#1133021). - KVM: s390: index kvm->arch.idle_mask by vcpu_idx (bsc#1133021). - KVM: s390: split kvm_s390_logical_to_effective (bsc#1133021). - KVM: s390: VSIE: correctly handle MVPG when in VSIE (bsc#1133021). - lan78xx: select CRC32 (git-fixes). - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD (git-fixes). - libertas: Fix possible memory leak in probe and disconnect (git-fixes). - libertas_tf: Fix possible memory leak in probe and disconnect (git-fixes). - mac80211: check return value of rhashtable_init (git-fixes). - mac80211: Drop frames from invalid MAC address in ad-hoc mode (git-fixes). - media: cedrus: Fix SUNXI tile size calculation (git-fixes). - media: cx23885: Fix snd_card_free call on null card pointer (git-fixes). - media: cxd2880-spi: Fix a null pointer dereference on error handling path (git-fixes). - media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable() (git-fixes). - media: dvb-usb: fix ununit-value in az6027_rc_query (git-fixes). - media: em28xx: add missing em28xx_close_extension (git-fixes). - media: em28xx: Do not use ops->suspend if it is NULL (git-fixes). - media: i2c: ths8200 needs V4L2_ASYNC (git-fixes). - media: ite-cir: IR receiver stop working after receive overflow (git-fixes). - media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()' (git-fixes). - media: mxl111sf: change mutex_init() location (git-fixes). - media: radio-wl1273: Avoid card name truncation (git-fixes). - media: si470x: Avoid card name truncation (git-fixes). - media: staging/intel-ipu3: css: Fix wrong size comparison imgu_css_fw_init (git-fixes). - media: TDA1997x: handle short reads of hdmi info frame (git-fixes). - media: tm6000: Avoid card name truncation (git-fixes). - media: v4l2-ioctl: Fix check_ext_ctrls (git-fixes). - media: v4l2-ioctl: S_CTRL output the right value (git-fixes). - mei: me: add Ice Lake-N device id (git-fixes). - memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe (git-fixes). - memstick: avoid out-of-range warning (git-fixes). - memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() (git-fixes). - mlx5: count all link events (git-fixes). - mlxsw: thermal: Fix out-of-bounds memory accesses (git-fixes). - mmc: dw_mmc: exynos: fix the finding clock sample value (git-fixes). - mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk (git-fixes). - mmc: mxs-mmc: disable regulator on error and in the remove function (git-fixes). - mmc: sdhci: Map more voltage level to SDHCI_POWER_330 (git-fixes). - mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured (git-fixes). - mmc: vub300: fix control-message timeouts (git-fixes). - mt76: mt7615: fix endianness warning in mt7615_mac_write_txwi (git-fixes). - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c (git-fixes). - mt76: mt7915: fix muar_idx in mt7915_mcu_alloc_sta_req() (git-fixes). - mt76: mt7915: fix possible infinite loop release semaphore (git-fixes). - mt76: mt7915: fix sta_rec_wtbl tag len (git-fixes). - mwifiex: fix division by zero in fw download path (git-fixes). - mwifiex: Send DELBA requests according to spec (git-fixes). - net/af_unix: fix a data-race in unix_dgram_poll (bsc#1154353). - net: batman-adv: fix error handling (git-fixes). - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() (git-fixes). - net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (git-fixes). - net: cdc_eem: fix tx fixup skb leak (git-fixes). - net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes). - netfilter: conntrack: collect all entries in one cycle (bsc#1173604). - netfilter: Drop fragmented ndisc packets assembled in netfilter (git-fixes). - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value (bsc#1176447). - net: hns3: check queue id range before using (jsc#SLE-14777). - net: hns3: fix vf reset workqueue cannot exit (bsc#1154353). - net: hso: add failure handler for add_net_device (git-fixes). - net: hso: fix NULL-deref on disconnect regression (git-fixes). - net: hso: fix null-ptr-deref during tty device unregistration (git-fixes). - net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241). - net: lan78xx: fix division by zero in send path (git-fixes). - net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191800). - net/mlx4_en: Do not allow aRFS for encapsulated packets (git-fixes). - net/mlx4_en: Resolve bad operstate value (git-fixes). - net/mlx5e: IPSEC RX, enable checksum complete (jsc#SLE-15172). - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp (git-fixes). - net/mlx5e: RX, Avoid possible data corruption when relaxed ordering and LRO combined (jsc#SLE-15172). - net/mlx5: E-Switch, Fix double allocation of acl flow counter (jsc#SLE-15172). - net/mlx5: Fix unpublish devlink parameters (jsc#SLE-8464). - net/mlx5: FWTrace, cancel work on alloc pd error flow (git-fixes). - net/sched: ets: fix crash when flipping from 'strict' to 'quantum' (bsc#1176774). - net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() (git-fixes). - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() (git-fixes). - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() (git-fixes). - nfc: fix error handling of nfc_proto_register() (git-fixes). - nfc: port100: fix using -ERRNO as command type mask (git-fixes). - nfs: dir_cookie is a pointer to the cookie in older kernels, not the cookie itself. (bsc#1191628 bsc#1192549). - NFS: Do uncached readdir when we're seeking a cookie in an empty page cache (bsc#1191628). - nvme: add command id quirk for apple controllers (git-fixes). - nvme-fc: avoid race between time out and tear down (bsc#1185762). - nvme-fc: remove freeze/unfreeze around update_nr_hw_queues (bsc#1185762). - nvme-fc: update hardware queues before using them (bsc#1185762). - nvme-pci: Fix abort command id (git-fixes). - nvme-pci: fix error unwind in nvme_map_data (bsc#1191934). - nvme-pci: refactor nvme_unmap_data (bsc#1191934). - nvme-pci: set min_align_mask (bsc#1191851). - ocfs2: fix data corruption after conversion from inline format (bsc#1190795). - pata_legacy: fix a couple uninitialized variable bugs (git-fixes). - PCI: Fix pci_host_bridge struct device release/free handling (git-fixes). - phy: mdio: fix memory leak (git-fixes). - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (git-fixes). - platform/mellanox: mlxreg-io: Fix read access of n-bytes size attributes (git-fixes). - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes). - platform/x86: intel_scu_ipc: Fix busy loop expiry time (git-fixes). - platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning (git-fixes). - PM / devfreq: rk3399_dmc: Add missing of_node_put() (git-fixes). - PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails (git-fixes). - PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent (git-fixes). - PM / devfreq: rk3399_dmc: Fix spelling typo (git-fixes). - PM / devfreq: rk3399_dmc: Remove unneeded semicolon (git-fixes). - PM: sleep: Do not let 'syscore' devices runtime-suspend during system transitions (git-fixes). - powerpc/64s: Fix entry flush patching w/strict RWX & hash (jsc#SLE-13847 git-fixes). - powerpc/64s: Fix stf mitigation patching w/strict RWX & hash (jsc#SLE-13847 git-fixes). - powerpc/64s: Remove irq mask workaround in accumulate_stolen_time() (jsc#SLE-9246 git-fixes). - powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729). - powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729). - powerpc/bpf: Use bctrl for making function calls (bsc#1065729). - powerpc: Do not dereference code as 'struct ppc_inst' (uprobe, code-patching, feature-fixups) (jsc#SLE-13847 git-fixes). - powerpc: Do not use 'struct ppc_inst' to reference instruction location (jsc#SLE-13847 git-fixes). - powerpc/lib/code-patching: Do not use struct 'ppc_inst' for runnable code in tests (jsc#SLE-13847 git-fixes). - powerpc/lib/code-patching: Make instr_is_branch_to_addr() static (jsc#SLE-13847 git-fixes). - powerpc/lib: Fix emulate_step() std test (bsc#1065729). - powerpc: Move arch_cpu_idle_dead() into smp.c (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/numa: Update cpu_cpu_map on CPU online/offline (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/pseries: Fix build error when NUMA=n (bsc#1190620 ltc#194498 git-fixes). - powerpc/smp: Cache CPU to chip lookup (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Enable CACHE domain for shared processor (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Fix a crash while booting kvm guest with nr_cpus=2 (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Fold cpu_die() into its only caller (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Set numa node before updating mask (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/smp: Update cpu_core_map on all PowerPc systems (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). - powerpc/uprobes: Validation for prefixed instruction (jsc#SLE-13847 git-fixes). - powerpc/xive: Discard disabled interrupts in get_irqchip_state() (bsc#1085030 git-fixes). - pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init (git-fixes). - ptp_pch: Load module automatically if ID matches (git-fixes). - ptp_pch: Restore dependency on PCI (git-fixes). - qed: Fix missing error code in qed_slowpath_start() (git-fixes). - qed: Handle management FW error (git-fixes). - qed: rdma - do not wait for resources under hw error recovery flow (git-fixes). - RDMA/cma: Do not change route.addr.src_addr.ss_family (bsc#1181147). - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure (bsc#1181147). - regmap: Fix possible double-free in regcache_rbtree_exit() (git-fixes). - regulator: dt-bindings: samsung,s5m8767: correct s5m8767,pmic-buck-default-dvs-idx property (git-fixes). - regulator: s5m8767: do not use reset value as DVS voltage if GPIO DVS is disabled (git-fixes). - rpm: fix kmp install path - rpm: use _rpmmacrodir (boo#1191384) - rsi: fix control-message timeout (git-fixes). - rsi: Fix module dev_oper_mode parameter description (git-fixes). - rsi: stop thread firstly in rsi_91x_init() error handling (git-fixes). - rtl8187: fix control-message timeouts (git-fixes). - scsi: ibmvfc: Fix up duplicate response detection (bsc#1191867 ltc#194757). - scsi: iscsi: Fix deadlock on recovery path during GFP_IO reclaim (git-fixes). - scsi: lpfc: Allow fabric node recovery if recovery is in progress before devloss (bsc#1192145). - scsi: lpfc: Allow PLOGI retry if previous PLOGI was aborted (bsc#1192145). - scsi: lpfc: Correct sysfs reporting of loop support after SFP status change (bsc#1192145). - scsi: lpfc: Fix link down processing to address NULL pointer dereference (bsc#1192145). - scsi: lpfc: Fix memory overwrite during FC-GS I/O abort handling (bsc#1191349). - scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine (bsc#1192145). - scsi: lpfc: Revert LOG_TRACE_EVENT back to LOG_INIT prior to driver_resource_setup() (bsc#1192145). - scsi: lpfc: Update lpfc version to 14.0.0.3 (bsc#1192145). - scsi: lpfc: Wait for successful restart of SLI3 adapter during host sg_reset (bsc#1192145). - scsi: mpi3mr: Add bios_param SCSI host template hook (jsc#SLE-18120). - scsi: mpi3mr: Add change queue depth support (jsc#SLE-18120). - scsi: mpi3mr: Add EEDP DIF DIX support (jsc#SLE-18120). - scsi: mpi3mr: Add event handling debug prints (jsc#SLE-18120). - scsi: mpi3mr: Additional event handling (jsc#SLE-18120). - scsi: mpi3mr: Add mpi30 Rev-R headers and Kconfig (jsc#SLE-18120). - scsi: mpi3mr: Add support for device add/remove event handling (jsc#SLE-18120). - scsi: mpi3mr: Add support for DSN secure firmware check (jsc#SLE-18120). - scsi: mpi3mr: Add support for internal watchdog thread (jsc#SLE-18120). - scsi: mpi3mr: Add support for PCIe device event handling (jsc#SLE-18120). - scsi: mpi3mr: Add support for PM suspend and resume (jsc#SLE-18120). - scsi: mpi3mr: Add support for queue command processing (jsc#SLE-18120). - scsi: mpi3mr: Add support for recovering controller (jsc#SLE-18120). - scsi: mpi3mr: Add support for threaded ISR (jsc#SLE-18120). - scsi: mpi3mr: Add support for timestamp sync with firmware (jsc#SLE-18120). - scsi: mpi3mr: Allow certain commands during pci-remove hook (jsc#SLE-18120). - scsi: mpi3mr: Base driver code (jsc#SLE-18120). - scsi: mpi3mr: Complete support for soft reset (jsc#SLE-18120). - scsi: mpi3mr: Create operational request and reply queue pair (jsc#SLE-18120). - scsi: mpi3mr: Fix error handling in mpi3mr_setup_isr() (git-fixes). - scsi: mpi3mr: Fix missing unlock on error (git-fixes). - scsi: mpi3mr: Hardware workaround for UNMAP commands to NVMe drives (jsc#SLE-18120). - scsi: mpi3mr: Implement SCSI error handler hooks (jsc#SLE-18120). - scsi: mpi3mr: Print IOC info for debugging (jsc#SLE-18120). - scsi: mpi3mr: Print pending host I/Os for debugging (jsc#SLE-18120). - scsi: mpi3mr: Set up IRQs in resume path (jsc#SLE-18120). - scsi: mpi3mr: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (jsc#SLE-18120). - scsi: mpi3mr: Use the proper SCSI midlayer interfaces for PI (jsc#SLE-18120). - scsi: mpi3mr: Wait for pending I/O completions upon detection of VD I/O timeout (jsc#SLE-18120). - scsi: qla2xxx: Add debug print of 64G link speed (bsc#1190941). - scsi: qla2xxx: Add host attribute to trigger MPI hang (bsc#1190941). - scsi: qla2xxx: Add support for mailbox passthru (bsc#1190941). - scsi: qla2xxx: Adjust request/response queue size for 28xx (bsc#1190941). - scsi: qla2xxx: Call process_response_queue() in Tx path (bsc#1190941). - scsi: qla2xxx: Changes to support FCP2 Target (bsc#1190941). - scsi: qla2xxx: Changes to support kdump kernel (bsc#1190941). - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS (bsc#1190941). - scsi: qla2xxx: Check for firmware capability before creating QPair (bsc#1190941). - scsi: qla2xxx: Display 16G only as supported speeds for 3830c card (bsc#1190941). - scsi: qla2xxx: Do not call fc_block_scsi_eh() during bus reset (bsc#1190941). - scsi: qla2xxx: edif: Add N2N support for EDIF (bsc#1190941). - scsi: qla2xxx: edif: Do secure PLOGI when auth app is present (bsc#1190941). - scsi: qla2xxx: edif: Fix EDIF enable flag (bsc#1190941). - scsi: qla2xxx: edif: Fix returnvar.cocci warnings (bsc#1190941). - scsi: qla2xxx: edif: Fix stale session (bsc#1190941). - scsi: qla2xxx: edif: Reject AUTH ELS on session down (bsc#1190941). - scsi: qla2xxx: edif: Use link event to wake up app (bsc#1190941). - scsi: qla2xxx: Fix crash in NVMe abort path (bsc#1190941). - scsi: qla2xxx: Fix excessive messages during device logout (bsc#1190941). - scsi: qla2xxx: Fix hang during NVMe session tear down (bsc#1190941). - scsi: qla2xxx: Fix hang on NVMe command timeouts (bsc#1190941). - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file (bsc#1190941). - scsi: qla2xxx: Fix NPIV create erroneous error (bsc#1190941). - scsi: qla2xxx: Fix NVMe | FCP personality change (bsc#1190941). - scsi: qla2xxx: Fix NVMe retry (bsc#1190941). - scsi: qla2xxx: Fix NVMe session down detection (bsc#1190941). - scsi: qla2xxx: Fix port type info (bsc#1190941). - scsi: qla2xxx: Fix unsafe removal from linked list (bsc#1190941). - scsi: qla2xxx: Fix use after free in eh_abort path (bsc#1190941). - scsi: qla2xxx: Move heartbeat handling from DPC thread to workqueue (bsc#1190941). - scsi: qla2xxx: Open-code qla2xxx_eh_device_reset() (bsc#1190941). - scsi: qla2xxx: Open-code qla2xxx_eh_target_reset() (bsc#1190941). - scsi: qla2xxx: Remove redundant initialization of pointer req (bsc#1190941). - scsi: qla2xxx: Restore initiator in dual mode (bsc#1190941). - scsi: qla2xxx: Show OS name and version in FDMI-1 (bsc#1190941). - scsi: qla2xxx: Suppress unnecessary log messages during login (bsc#1190941). - scsi: qla2xxx: Sync queue idx with queue_pair_map idx (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.06.100-k (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.06.200-k (bsc#1190941). - scsi: qla2xxx: Update version to 10.02.07.100-k (bsc#1190941). - scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190941). - scsi: target: Fix the pgr/alua_support_store functions (git-fixes). - sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351). - soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment (git-fixes). - spi: spi-nxp-fspi: do not depend on a specific node name erratum workaround (git-fixes). - swiotlb: add a IO_TLB_SIZE define (bsc#1191851). - swiotlb: clean up swiotlb_tbl_unmap_single (bsc#1191851). - swiotlb: do not modify orig_addr in swiotlb_tbl_sync_single (bsc#1191851). - swiotlb: factor out an io_tlb_offset helper (bsc#1191851). - swiotlb: factor out a nr_slots helper (bsc#1191851). - swiotlb: refactor swiotlb_tbl_map_single (bsc#1191851). - swiotlb: respect min_align_mask (bsc#1191851). - swiotlb: Split size parameter to map/unmap APIs (bsc#1191851). - tpm: Check for integer overflow in tpm2_map_response_body() (git-fixes). - tpm: ibmvtpm: Avoid error message when process gets signal while waiting (bsc#1065729). - Update patch reference for AMDGPU fix (bsc#1180749) - USB: cdc-acm: clean up probe error labels (git-fixes). - USB: cdc-acm: fix minor-number release (git-fixes). - usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle (git-fixes). - usb: hso: fix error handling code of hso_create_net_device (git-fixes). - usb: hso: remove the bailout parameter (git-fixes). - usb: musb: dsps: Fix the probe error path (git-fixes). - usbnet: fix error return code in usbnet_probe() (git-fixes). - usbnet: sanity check for maxpacket (git-fixes). - USB: serial: option: add prod. id for Quectel EG91 (git-fixes). - USB: serial: option: add Quectel EC200S-CN module support (git-fixes). - USB: serial: option: add Telit LE910Cx composition 0x1204 (git-fixes). - USB: serial: qcserial: add EM9191 QDL support (git-fixes). - USB: xhci: dbc: fix tty registration race (git-fixes). - video: fbdev: gbefb: Only instantiate device when built for IP32 (git-fixes). - virtio-gpu: fix possible memory allocation failure (git-fixes). - virtio: write back F_VERSION_1 before validate (git-fixes). - watchdog: orion: use 0 for unset heartbeat (git-fixes). - wcn36xx: Add ability for wcn36xx_smd_dump_cmd_req to pass two's complement (git-fixes). - wcn36xx: add proper DMA memory barriers in rx path (git-fixes). - wcn36xx: Fix HT40 capability for 2Ghz band (git-fixes). - x86/ioapic: Force affinity setup before startup (bsc#1152489). - x86/msi: Force affinity setup before startup (bsc#1152489). - x86/pat: Pass valid address to sanitize_phys() (bsc#1152489). - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions (bsc#1152489). - x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails (bsc#1152489). - x86/sev: Return an error on a returned non-zero SW_EXITINFO1[31:0] (bsc#1178134). - xen: fix setting of max_pfn in shared_info (git-fixes). - xen: reset legacy rtc flag for PV domU (git-fixes). - xfs: do not allow log writes if the data device is readonly (bsc#1192229). - xfs: ensure that the inode uid/gid match values match the icdinode ones (bsc#1190006). - xfs: Fixed non-directory creation in SGID directories introduced by CVE-2018-13405 patch (bsc#1190006). - xfs: fix I_DONTCACHE (bsc#1192074). - xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes (bsc#1190642). - xfs: merge the projid fields in struct xfs_icdinode (bsc#1190006). - xfs: remove the icdinode di_uid/di_gid members (bsc#1190006). - xhci: Enable trust tx length quirk for Fresco FL11 USB controller (git-fixes). - xhci: Fix command ring pointer corruption while aborting a command (git-fixes). - xhci: guard accesses to ep_state in xhci_endpoint_reset() (git-fixes). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3782-1 Released: Tue Nov 23 23:49:03 2021 Summary: Recommended update for dracut Type: recommended Severity: moderate References: 1187190,1188713,1190326 This update for dracut fixes the following issues: - Fixed multipath devices that always default to bfq scheduler (bsc#1188713) - Fixed unbootable system when testing kernel 5.14 (bsc#1190326) - Add support for the new iscsiadm 'no-wait' (-W) command (bsc#1187190) - Add iscsid.service requirements (bsc#1187190) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3787-1 Released: Wed Nov 24 06:00:10 2021 Summary: Recommended update for xfsprogs Type: recommended Severity: moderate References: 1189983,1189984,1191500,1191566,1191675 This update for xfsprogs fixes the following issues: - Make libhandle1 an explicit dependency in the xfsprogs-devel package (bsc#1191566) - Remove deprecated barrier/nobarrier mount options from manual pages section 5 (bsc#1191675) - xfs_io: include support for label command (bsc#1191500) - xfs_quota: state command to report all three (-ugp) grace times separately (bsc#1189983) - xfs_admin: add support for external log devices (bsc#1189984) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3792-1 Released: Wed Nov 24 06:12:09 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate References: 1192104 This update for kmod fixes the following issues: - Enable ZSTD compression (bsc#1192104)(jsc#SLE-21256) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3808-1 Released: Fri Nov 26 00:30:54 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1186071,1190440,1190984,1192161 This update for systemd fixes the following issues: - Add timestamp to D-Bus events to improve traceability (jsc#SLE-17798) - Fix fd_is_mount_point() when both the parent and directory are network file systems (bsc#1190984) - Support detection for ARM64 Hyper-V guests (bsc#1186071) - Fix systemd-detect-virt not detecting Amazon EC2 Nitro instance (bsc#1190440) - Enable support for Portable Services in openSUSE Leap only (jsc#SLE-21694) - Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3941-1 Released: Mon Dec 6 14:45:20 2021 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1152489,1169263,1170269,1184924,1190523,1190795,1191790,1191961,1192045,1192217,1192273,1192328,1192375,1192473,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192896,1192906,1192918,CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past (jsc#SLE-22573) You can reenable via systemctl setting /proc/sys/kernel/unprivileged_bpf_disabled to 0. (kernel.unprivileged_bpf_disabled = 0) - CVE-2021-0941: In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1192045 ). - CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel A bound check failure allowed an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability (bnc#1192781). - CVE-2021-20322: Make the ipv4 and ipv6 ICMP exception caches less predictive to avoid information leaks about UDP ports in use. (bsc#1191790) - CVE-2021-34981: Fixed file refcounting in cmtp when cmtp_attach_device fails (bsc#1191961). The following non-security bugs were fixed: - ABI: sysfs-kernel-slab: Document some stats (git-fixes). - ALSA: hda: fix general protection fault in azx_runtime_idle (git-fixes). - ALSA: hda: Free card instance properly at probe errors (git-fixes). - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table (git-fixes). - ALSA: usb-audio: Add minimal-mute notion in dB mapping table (bsc#1192375). - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table (git-fixes). - ALSA: usb-audio: Fix dB level of Bose Revolve+ SoundLink (bsc#1192375). - ALSA: usb-audio: Use int for dB map values (bsc#1192375). - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE (bsc#1192473). - auxdisplay: ht16k33: Connect backlight to fbdev (git-fixes). - auxdisplay: ht16k33: Fix frame buffer device blanking (git-fixes). - auxdisplay: img-ascii-lcd: Fix lock-up when displaying empty string (git-fixes). - bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22573) - bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22574) - bpf: Disallow unprivileged bpf by default (jsc#SLE-22573). - bpf: Disallow unprivileged bpf by default (jsc#SLE-22574). - bpf: Fix BPF_JIT kconfig symbol dependency (git-fixes jsc#SLE-22574). - bpf: Fix potential race in tail call compatibility check (git-fixes). - bpf, kconfig: Add consolidated menu entry for bpf with core options (jsc#SLE-22574). - btrfs: block-group: Rework documentation of check_system_chunk function (bsc#1192896). - btrfs: fix deadlock between chunk allocation and chunk btree modifications (bsc#1192896). - btrfs: fix memory ordering between normal and ordered work functions (git-fixes). - btrfs: update comments for chunk allocation -ENOSPC cases (bsc#1192896). - cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem (git-fixes). - config: disable unprivileged BPF by default (jsc#SLE-22573) Backport of mainline commit 8a03e56b253e ('bpf: Disallow unprivileged bpf by default') only changes kconfig default, used e.g. for 'make oldconfig' when the config option is missing, but does not update our kernel configs used for build. Update also these to make sure unprivileged BPF is really disabled by default. - crypto: caam - disable pkc for non-E SoCs (git-fixes). - crypto: qat - detect PFVF collision after ACK (git-fixes). - crypto: qat - disregard spurious PFVF interrupts (git-fixes). - drm/i915: Introduce intel_hpd_hotplug_irqs() (bsc#1192758). - drm: prevent spectre issue in vmw_execbuf_ioctl (bsc#1192802). - EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell (bsc#1152489). - Eradicate Patch-mainline: No The pre-commit check can reject this deprecated tag then. - exfat: fix erroneous discard when clear cluster bit (git-fixes). - exfat: handle wrong stream entry size in exfat_readdir() (git-fixes). - exfat: properly set s_time_gran (bsc#1192328). - exfat: truncate atimes to 2s granularity (bsc#1192328). - Fix problem with missing installkernel on Tumbleweed. - fuse: fix page stealing (bsc#1192718). - gpio: mpc8xxx: Use 'devm_gpiochip_add_data()' to simplify the code and avoid a leak (git-fixes). - gpio/rockchip: add driver for rockchip gpio (bsc#1192217). - gpio/rockchip: drop irq_gc_lock/irq_gc_unlock for irq set type (bsc#1192217). - gpio/rockchip: extended debounce support is only available on v2 (bsc#1192217). - gpio/rockchip: fetch deferred output settings on probe (bsc#1192217). - gpio/rockchip: fix get_direction value handling (bsc#1192217). - gpio/rockchip: support next version gpio controller (bsc#1192217). - gpio/rockchip: use struct rockchip_gpio_regs for gpio controller (bsc#1192217). - HID: u2fzero: clarify error check and length calculations (git-fixes). - HID: u2fzero: properly handle timeouts in usb_submit_urb (git-fixes). - ibmvnic: check failover_pending in login response (bsc#1190523 ltc#194510). - ibmvnic: do not stop queue in xmit (bsc#1192273 ltc#194629). - ibmvnic: Process crqs after enabling interrupts (bsc#1192273 ltc#194629). - iio: dac: ad5446: Fix ad5622_write() return value (git-fixes). - Input: elantench - fix misreporting trackpoint coordinates (bsc#1192918). - kernel-*-subpackage: Add dependency on kernel scriptlets (bsc#1192740). - mm/hugetlb: initialize hugetlb_usage in mm_init (bsc#1192906). - Move upstreamed sound fix into sorted section - net: dsa: felix: re-enable TX flow control in ocelot_port_flush() (git-fixes). - net: mscc: ocelot: fix hardware timestamp dequeue logic. - net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown skb (git-fixes). - net/smc: Correct smc link connection counter in case of smc client (git-fixes). - net/smc: fix 'workqueue leaked lock' in smc_conn_abort_work (git-fixes). - ocfs2: do not zero pages beyond i_size (bsc#1190795). - ocfs2: fix data corruption on truncate (bsc#1190795). - PCI: aardvark: Do not clear status bits of masked interrupts (git-fixes). - PCI: aardvark: Do not spam about PIO Response Status (git-fixes). - PCI: aardvark: Do not unmask unused interrupts (git-fixes). - PCI: aardvark: Fix checking for link up via LTSSM state (git-fixes). - PCI: aardvark: Fix reporting Data Link Layer Link Active (git-fixes). - PCI: aardvark: Fix return value of MSI domain .alloc() method (git-fixes). - PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG (git-fixes). - PCI/ACPI: Check for _OSC support in acpi_pci_osc_control_set() (bsc#1169263). - PCI/ACPI: Clarify message about _OSC failure (bsc#1169263). - PCI/ACPI: Move _OSC query checks to separate function (bsc#1169263). - PCI/ACPI: Move supported and control calculations to separate functions (bsc#1169263). - PCI/ACPI: Remove OSC_PCI_SUPPORT_MASKS and OSC_PCI_CONTROL_MASKS (bsc#1169263). - PCI/ACPI: Remove unnecessary osc_lock (bsc#1169263). - PCI: pci-bridge-emul: Fix emulation of W1C bits (git-fixes). - PCI: uniphier: Serialize INTx masking/unmasking and fix the bit operation (git-fixes). - pinctrl: core: fix possible memory leak in pinctrl_enable() (git-fixes). - pinctrl: pinctrl-rockchip: Fix a bunch of kerneldoc misdemeanours (bsc#1192217). - pinctrl/rockchip: add a queue for deferred pin output settings on probe (bsc#1192217). - pinctrl/rockchip: add pinctrl device to gpio bank struct (bsc#1192217). - pinctrl: rockchip: add rk3308 SoC support (bsc#1192217). - pinctrl: rockchip: add support for rk3568 (bsc#1192217). - pinctrl/rockchip: always enable clock for gpio controller (bsc#1192217). - pinctrl: rockchip: clear int status when driver probed (bsc#1192217). - pinctrl: rockchip: create irq mapping in gpio_to_irq (bsc#1192217). - pinctrl: rockchip: do coding style for mux route struct (bsc#1192217). - pinctrl/rockchip: drop the gpio related codes (bsc#1192217). - pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq (bsc#1192217). - pinctrl: rockchip: make driver be tristate module (bsc#1192217). - pinctrl: rockchip: Replace HTTP links with HTTPS ones (bsc#1192217). - pinctrl: rockchip: return ENOMEM instead of EINVAL if allocation fails (bsc#1192217). - pinctrl/rockchip: separate struct rockchip_pin_bank to a head file (bsc#1192217). - power: supply: bq27xxx: Fix kernel crash on IRQ handler register error (git-fixes). - power: supply: max17042_battery: Prevent int underflow in set_soc_threshold (git-fixes). - power: supply: max17042_battery: use VFSOC for capacity when no rsns (git-fixes). - power: supply: rt5033-battery: Change voltage values to 5V (git-fixes). - printk/console: Allow to disable console output by using console='' or console=null (bsc#1192753). - printk: handle blank console arguments passed in (bsc#1192753). - qtnfmac: fix potential Spectre vulnerabilities (bsc#1192802). - r8152: add a helper function about setting EEE (git-fixes). - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2 (git-fixes). - r8152: Disable PLA MCU clock speed down (git-fixes). - r8152: disable U2P3 for RTL8153B (git-fixes). - r8152: divide the tx and rx bottom functions (git-fixes). - r8152: do not enable U1U2 with USB_SPEED_HIGH for RTL8153B (git-fixes). - r8152: fix runtime resume for linking change (git-fixes). - r8152: replace array with linking list for rx information (git-fixes). - r8152: reset flow control patch when linking on for RTL8153B (git-fixes). - r8152: saving the settings of EEE (git-fixes). - r8152: separate the rx buffer size (git-fixes). - r8152: use alloc_pages for rx buffer (git-fixes). - random: fix crash on multiple early calls to add_bootloader_randomness() (bsc#1184924) - Revert 'ibmvnic: check failover_pending in login response' (bsc#1190523 ltc#194510). - Revert 'platform/x86: i2c-multi-instantiate: Do not create platform device for INT3515 ACPI nodes' (git-fixes). - Revert 'r8152: adjust the settings about MAC clock speed down for RTL8153' (git-fixes). - Revert 'scsi: ufs: fix a missing check of devm_reset_control_get' (git-fixes). - Revert 'x86/kvm: fix vcpu-id indexed array sizes' (git-fixes). - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request (git-fixes). - s390/dasd: fix use after free in dasd path handling (git-fixes). - s390/pci: fix use after free of zpci_dev (git-fixes). - s390/pci: fix zpci_zdev_put() on reserve (git-fixes). - s390/qeth: fix deadlock during failing recovery (git-fixes). - s390/qeth: Fix deadlock in remove_discipline (git-fixes). - s390/qeth: fix NULL deref in qeth_clear_working_pool_list() (git-fixes). - s390/topology: clear thread/group maps for offline cpus (git-fixes). - scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() (git-fixes). - scsi: BusLogic: Fix missing pr_cont() use (git-fixes). - scsi: core: Fix spelling in a source code comment (git-fixes). - scsi: csiostor: Add module softdep on cxgb4 (git-fixes). - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn() (git-fixes). - scsi: dc395: Fix error case unwinding (git-fixes). - scsi: fdomain: Fix error return code in fdomain_probe() (git-fixes). - scsi: FlashPoint: Rename si_flags field (git-fixes). - scsi: iscsi: Fix iface sysfs attr detection (git-fixes). - scsi: libsas: Use _safe() loop in sas_resume_port() (git-fixes). - scsi: mpt3sas: Fix error return value in _scsih_expander_add() (git-fixes). - scsi: qedf: Add pointer checks in qedf_update_link_speed() (git-fixes). - scsi: qedf: Fix error codes in qedf_alloc_global_queues() (git-fixes). - scsi: qedi: Fix error codes in qedi_alloc_global_queues() (git-fixes). - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() (git-fixes). - scsi: qla2xxx: Make sure that aborted commands are freed (git-fixes). - scsi: smartpqi: Fix an error code in pqi_get_raid_map() (git-fixes). - scsi: snic: Fix an error message (git-fixes). - scsi: ufs-pci: Add quirk for broken auto-hibernate for Intel EHL (git-fixes). - scsi: ufs: ufshcd-pltfrm: Fix memory leak due to probe defer (git-fixes). - serial: 8250_dw: Drop wrong use of ACPI_PTR() (git-fixes). - serial: xilinx_uartps: Fix race condition causing stuck TX (git-fixes). - staging: r8712u: fix control-message timeout (git-fixes). - staging: rtl8192u: fix control-message timeouts (git-fixes). - stmmac: platform: Fix signedness bug in stmmac_probe_config_dt() (git-fixes). - tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together (bsc#1192745). - Update config files: Add CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set - Update config files: pull BPF configs together - usb: gadget: hid: fix error code in do_config() (git-fixes). - USB: iowarrior: fix control-message timeouts (git-fixes). - usb: max-3421: Use driver data instead of maintaining a list of bound devices (git-fixes). - usb: musb: Balance list entry in musb_gadget_queue (git-fixes). - USB: serial: keyspan: fix memleak on probe errors (git-fixes). - video: fbdev: chipsfb: use memset_io() instead of memset() (git-fixes). - x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c (bsc#1152489). - x86/xen: Mark cpu_bringup_and_idle() as dead_end_function (git-fixes). - xen-pciback: Fix return in pm_ctrl_init() (git-fixes). - xen: Fix implicit type conversion (git-fixes). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3963-1 Released: Mon Dec 6 19:57:39 2021 Summary: Recommended update for system-usersType: recommended Severity: moderate References: 1190401 This update for system-users fixes the following issues: - system-user-tss.conf: Removed group entry because it's not needed and contained syntax errors (bsc#1190401) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3968-1 Released: Tue Dec 7 15:31:00 2021 Summary: Security update for xen Type: security Severity: moderate References: 1027519,1191363,1192554,1192557,1192559,CVE-2021-28702,CVE-2021-28704,CVE-2021-28705,CVE-2021-28706,CVE-2021-28707,CVE-2021-28708,CVE-2021-28709 This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly (XSA-386) (bsc#1191363). - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs (XSA-388) (bsc#1192557). - CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful P2M updates on x86 (XSA-389) (bsc#1192559). - CVE-2021-28706: Fixed guests may exceed their designated memory limit (XSA-385) (bsc#1192554). - Update to Xen 4.14.3 bug fix release (bsc#1027519). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3985-1 Released: Fri Dec 10 06:08:24 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1187196 This update for suse-module-tools fixes the following issues: - Blacklist isst_if_mbox_msr driver because uses hardware information based on CPU family and model, which is too unspecific. On large systems, this causes a lot of failing loading attempts for this driver, leading to slow or even stalled boot (bsc#1187196) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:4014-1 Released: Mon Dec 13 13:57:39 2021 Summary: Recommended update for apparmor Type: recommended Severity: moderate References: 1191532,1191690 This update for apparmor fixes the following issues: Changes in apparmor: - Add a profile for 'samba-bgqd'. (bsc#1191532) - Fix 'Requires' of python3 module. (bsc#1191690) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:4104-1 Released: Thu Dec 16 11:14:12 2021 Summary: Security update for python3 Type: security Severity: moderate References: 1180125,1183374,1183858,1185588,1187668,1189241,1189287,CVE-2021-3426,CVE-2021-3733,CVE-2021-3737 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed information disclosure via pydoc (bsc#1183374). - CVE-2021-3733: Fixed infinitely reading potential HTTP headers after a 100 Continue status response from the server (bsc#1189241). - CVE-2021-3737: Fixed ReDoS in urllib.request (bsc#1189287). - We do not require python-rpm-macros package (bsc#1180125). - Use versioned python-Sphinx to avoid dependency on other version of Python (bsc#1183858). - Stop providing 'python' symbol, which means python2 currently (bsc#1185588). - Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:4141-1 Released: Wed Dec 22 05:22:23 2021 Summary: Recommended update for dracut Type: recommended Severity: important References: 1193512 This update for dracut fixes the following issues: - Add iscsi-init.service requirements (bsc#1193512) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:4165-1 Released: Wed Dec 22 22:52:11 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate References: 1193430 This update for kmod fixes the following issues: - Ensure that kmod and packages linking to libkmod provide same features. (bsc#1193430) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:4175-1 Released: Thu Dec 23 11:22:33 2021 Summary: Recommended update for systemd Type: recommended Severity: important References: 1192423,1192858,1193759 This update for systemd fixes the following issues: - Bump the max number of inodes for /dev to a million (bsc#1192858) - sleep: don't skip resume device with low priority/available space (bsc#1192423) - test: use kbd-mode-map we ship in one more test case - test-keymap-util: always use kbd-model-map we ship - Add rules for virtual devices and enforce 'none' for loop devices. (bsc#1193759) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:2-1 Released: Mon Jan 3 08:27:18 2022 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1183905,1193181 This update for lvm2 fixes the following issues: - Fix lvconvert not taking `--stripes` option (bsc#1183905) - Fix LVM vgimportclone not working on hardware snapshot (bsc#1193181) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:12-1 Released: Mon Jan 3 15:36:03 2022 Summary: Recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff Type: recommended Severity: moderate References: This recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff provides the following fix: - Ship some missing binaries to PackageHub. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:21-1 Released: Tue Jan 4 16:06:08 2022 Summary: Security update for libvirt Type: security Severity: important References: 1191668,1192017,1193623,1193719,1193981,1194041,CVE-2021-4147 This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. (bsc#1194041) The following package changes have been done: - augeas-lenses-1.10.1-3.3.1 updated - augeas-1.10.1-3.3.1 updated - curl-7.66.0-4.27.1 updated - file-5.32-7.14.1 updated - libapparmor1-2.13.6-3.8.1 updated - libdevmapper1_03-1.02.163-8.39.1 updated - libhivex0-1.3.14-5.6.1 updated - libjpeg8-8.1.2-32.2.1 updated - libkmod2-29-4.15.1 updated - libnuma1-2.0.14.20.g4ee5e0c-10.1 updated - libpixman-1-0-0.34.0-7.2.1 updated - perl-Bootloader-0.936-3.3.1 updated - qemu-ipxe-1.0.0+-106.4 updated - qemu-seabios-1.14.0_0_g155821a-106.4 updated - qemu-sgabios-8-106.4 updated - qemu-vgabios-1.14.0_0_g155821a-106.4 updated - system-group-kvm-20170617-17.3.1 updated - xfsprogs-4.15.0-4.52.1 updated - libxcb1-1.13-3.7.1 updated - python3-base-3.6.15-10.9.1 updated - libmpath0-0.8.5+82+suse.746b76e-2.7.1 updated - xkeyboard-config-2.23.1-3.9.1 updated - system-user-qemu-20170617-17.3.1 updated - libpython3_6m1_0-3.6.15-10.9.1 updated - perl-Win-Hivex-1.3.14-5.6.1 updated - libpmem1-1.9-3.3.1 updated - xen-libs-4.14.3_04-3.15.1 updated - systemd-246.16-7.28.1 updated - suse-module-tools-15.3.15-3.17.1 updated - udev-246.16-7.28.1 updated - qemu-tools-5.2.0-106.4 updated - systemd-sysvinit-246.16-7.28.1 updated - libvirt-libs-7.1.0-6.11.1 updated - dracut-049.1+suse.218.gca24e614-3.48.3 updated - kmod-29-4.15.1 updated - util-linux-systemd-2.36.2-4.5.1 updated - kernel-kvmsmall-5.3.18-59.37.2 updated - dracut-fips-049.1+suse.218.gca24e614-3.48.3 updated - qemu-5.2.0-106.4 updated - qemu-x86-5.2.0-106.4 updated - python-rpm-macros-20200207.5feb6c1-3.11.1 removed

SUSE: 2022:37-1 suse/sles/15.3/libguestfs-tools Security Update

January 10, 2022

The container suse/sles/15.3/libguestfs-tools was updated

Summary

Advisory ID: SUSE-RU-2021:3182-1 Released: Tue Sep 21 17:04:26 2021 Summary: Recommended update for file Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3201-1 Released: Thu Sep 23 11:28:23 2021 Summary: Security update for hivex Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3203-1 Released: Thu Sep 23 14:41:35 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3205-1 Released: Thu Sep 23 16:15:20 2021 Summary: Security update for the Linux Kernel Type: security Severity: important Advisory ID: SUSE-RU-2021:3233-1 Released: Mon Sep 27 15:02:21 2021 Summary: Recommended update for xfsprogs Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3241-1 Released: Tue Sep 28 00:24:49 2021 Summary: Recommended update for multipath-tools Type: recommended Severity: important Advisory ID: SUSE-SU-2021:3298-1 Released: Wed Oct 6 16:54:52 2021 Summary: Security update for curl Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3306-1 Released: Wed Oct 6 18:11:57 2021 Summary: Recommended update for numactl Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3310-1 Released: Wed Oct 6 18:12:41 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3311-1 Released: Wed Oct 6 18:12:56 2021 Summary: Recommended update for perl-Bootloader Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3387-1 Released: Tue Oct 12 17:09:16 2021 Summary: Security update for the Linux Kernel Type: security Severity: important Advisory ID: SUSE-RU-2021:3410-1 Released: Wed Oct 13 10:41:36 2021 Summary: Recommended update for xkeyboard-config Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3411-1 Released: Wed Oct 13 10:42:25 2021 Summary: Recommended update for lvm2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3413-1 Released: Wed Oct 13 10:50:45 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: important Advisory ID: SUSE-SU-2021:3474-1 Released: Wed Oct 20 08:41:31 2021 Summary: Security update for util-linux Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3479-1 Released: Wed Oct 20 11:23:45 2021 Summary: Recommended update for dracut Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3480-1 Released: Wed Oct 20 11:24:10 2021 Summary: Recommended update for yast2-network Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3509-1 Released: Tue Oct 26 09:47:40 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: important Advisory ID: SUSE-RU-2021:3532-1 Released: Wed Oct 27 10:11:20 2021 Summary: Recommended update for pmdk Type: recommended Severity: important Advisory ID: SUSE-RU-2021:3589-1 Released: Mon Nov 1 19:27:52 2021 Summary: Recommended update for apparmor Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3605-1 Released: Wed Nov 3 14:59:32 2021 Summary: Security update for qemu Type: security Severity: important Advisory ID: SUSE-SU-2021:3619-1 Released: Fri Nov 5 12:29:52 2021 Summary: Security update for libvirt Type: security Severity: moderate Advisory ID: SUSE-SU-2021:3655-1 Released: Thu Nov 11 11:59:22 2021 Summary: Security update for the Linux Kernel Type: security Severity: important Advisory ID: SUSE-RU-2021:3663-1 Released: Mon Nov 15 19:14:32 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3675-1 Released: Tue Nov 16 17:47:44 2021 Summary: Security update for the Linux Kernel Type: security Severity: important Advisory ID: SUSE-RU-2021:3782-1 Released: Tue Nov 23 23:49:03 2021 Summary: Recommended update for dracut Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3787-1 Released: Wed Nov 24 06:00:10 2021 Summary: Recommended update for xfsprogs Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3792-1 Released: Wed Nov 24 06:12:09 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3808-1 Released: Fri Nov 26 00:30:54 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3941-1 Released: Mon Dec 6 14:45:20 2021 Summary: Security update for the Linux Kernel Type: security Severity: important Advisory ID: SUSE-RU-2021:3963-1 Released: Mon Dec 6 19:57:39 2021 Summary: Recommended update for system-usersType: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3968-1 Released: Tue Dec 7 15:31:00 2021 Summary: Security update for xen Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3985-1 Released: Fri Dec 10 06:08:24 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:4014-1 Released: Mon Dec 13 13:57:39 2021 Summary: Recommended update for apparmor Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:4104-1 Released: Thu Dec 16 11:14:12 2021 Summary: Security update for python3 Type: security Severity: moderate Advisory ID: SUSE-RU-2021:4141-1 Released: Wed Dec 22 05:22:23 2021 Summary: Recommended update for dracut Type: recommended Severity: important Advisory ID: SUSE-RU-2021:4165-1 Released: Wed Dec 22 22:52:11 2021 Summary: Recommended update for kmod Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:4175-1 Released: Thu Dec 23 11:22:33 2021 Summary: Recommended update for systemd Type: recommended Severity: important Advisory ID: SUSE-RU-2022:2-1 Released: Mon Jan 3 08:27:18 2022 Summary: Recommended update for lvm2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:12-1 Released: Mon Jan 3 15:36:03 2022 Summary: Recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:21-1 Released: Tue Jan 4 16:06:08 2022 Summary: Security update for libvirt Type: security Severity: important

References

References : 1027519 1040364 1065729 1065729 1065729 1085030 1085030 1085917

1089118 1094840 1127650 1133021 1134353 1135481 1148868 1152472

1152472 1152489 1152489 1152489 1152489 1152489 1154353 1154353

1156395 1156395 1157177 1159886 1160010 1167773 1167773 1168202

1169263 1170269 1170774 1171420 1171688 1172073 1172073 1173604

1173604 1173746 1174003 1174969 1175052 1175543 1176447 1176447

1176447 1176774 1176774 1176914 1176914 1176940 1176940 1177028

1177399 1177902 1178134 1178134 1178134 1178236 1180100 1180100

1180100 1180125 1180141 1180347 1180749 1181006 1181147 1181147

1181148 1181299 1181306 1181309 1181535 1181536 1181972 1183247

1183374 1183858 1183905 1184180 1184439 1184673 1184673 1184804

1184924 1184970 1184994 1185016 1185302 1185524 1185550 1185588

1185677 1185726 1185762 1185762 1185762 1185902 1186063 1186063

1186071 1186109 1186109 1186260 1186264 1186398 1186731 1186910

1187115 1187167 1187167 1187190 1187196 1187211 1187211 1187270

1187455 1187468 1187470 1187483 1187512 1187619 1187668 1187774

1187959 1188067 1188067 1188172 1188231 1188270 1188291 1188344

1188412 1188418 1188418 1188563 1188563 1188588 1188601 1188616

1188651 1188651 1188700 1188713 1188713 1188768 1188780 1188781

1188782 1188783 1188784 1188786 1188787 1188788 1188790 1188878

1188885 1188921 1188924 1188982 1188983 1188985 1188986 1189021

1189057 1189060 1189077 1189153 1189176 1189197 1189209 1189210

1189212 1189213 1189214 1189215 1189216 1189217 1189218 1189219

1189220 1189221 1189222 1189225 1189229 1189233 1189234 1189241

1189257 1189262 1189287 1189291 1189292 1189296 1189297 1189298

1189301 1189305 1189323 1189384 1189385 1189392 1189393 1189399

1189400 1189427 1189441 1189446 1189480 1189503 1189504 1189505

1189506 1189507 1189537 1189552 1189562 1189563 1189564 1189565

1189566 1189567 1189568 1189569 1189573 1189574 1189575 1189576

1189577 1189579 1189581 1189582 1189583 1189585 1189586 1189587

1189702 1189706 1189760 1189762 1189832 1189841 1189841 1189841

1189841 1189841 1189870 1189872 1189883 1189884 1189938 1189983

1189984 1189996 1190006 1190006 1190022 1190023 1190025 1190062

1190067 1190067 1190115 1190115 1190117 1190138 1190159 1190190

1190326 1190349 1190349 1190351 1190351 1190358 1190373 1190374

1190401 1190406 1190412 1190413 1190420 1190425 1190428 1190432

1190440 1190467 1190479 1190479 1190493 1190523 1190523 1190534

1190543 1190544 1190561 1190576 1190595 1190596 1190598 1190598

1190620 1190620 1190620 1190622 1190626 1190642 1190642 1190645

1190679 1190693 1190695 1190705 1190717 1190739 1190746 1190758

1190784 1190785 1190795 1190795 1190795 1190801 1190801 1190845

1190915 1190917 1190933 1190941 1190941 1190984 1191019 1191172

1191193 1191200 1191229 1191229 1191240 1191240 1191241 1191241

1191242 1191260 1191292 1191315 1191315 1191317 1191317 1191339

1191349 1191349 1191363 1191384 1191384 1191449 1191449 1191450

1191450 1191451 1191451 1191452 1191452 1191455 1191455 1191456

1191456 1191480 1191500 1191532 1191566 1191628 1191628 1191645

1191645 1191663 1191663 1191668 1191675 1191690 1191690 1191731

1191731 1191790 1191800 1191800 1191804 1191804 1191851 1191867

1191867 1191922 1191934 1191934 1191958 1191958 1191961 1191980

1192017 1192040 1192040 1192041 1192041 1192045 1192074 1192074

1192104 1192107 1192107 1192145 1192145 1192161 1192217 1192229

1192267 1192273 1192288 1192328 1192375 1192423 1192473 1192549

1192554 1192557 1192559 1192718 1192740 1192745 1192750 1192753

1192758 1192781 1192802 1192858 1192896 1192906 1192918 1193181

1193430 1193512 1193623 1193719 1193759 1193981 1194041 CVE-2020-12770

CVE-2020-3702 CVE-2021-0941 CVE-2021-20322 CVE-2021-22946 CVE-2021-22947

CVE-2021-28702 CVE-2021-28704 CVE-2021-28705 CVE-2021-28706 CVE-2021-28707

CVE-2021-28708 CVE-2021-28709 CVE-2021-31916 CVE-2021-33033 CVE-2021-33033

CVE-2021-3426 CVE-2021-34556 CVE-2021-34866 CVE-2021-34866 CVE-2021-34981

CVE-2021-3542 CVE-2021-3542 CVE-2021-35477 CVE-2021-3622 CVE-2021-3640

CVE-2021-3653 CVE-2021-3655 CVE-2021-3655 CVE-2021-3656 CVE-2021-3669

CVE-2021-3679 CVE-2021-3713 CVE-2021-3715 CVE-2021-3715 CVE-2021-37159

CVE-2021-3732 CVE-2021-3733 CVE-2021-3737 CVE-2021-3739 CVE-2021-3743

CVE-2021-3744 CVE-2021-3748 CVE-2021-3752 CVE-2021-3753 CVE-2021-3759

CVE-2021-3759 CVE-2021-3760 CVE-2021-3760 CVE-2021-37600 CVE-2021-3764

CVE-2021-3772 CVE-2021-3772 CVE-2021-38160 CVE-2021-38166 CVE-2021-38198

CVE-2021-38204 CVE-2021-38205 CVE-2021-38206 CVE-2021-38207 CVE-2021-38209

CVE-2021-3896 CVE-2021-3896 CVE-2021-40490 CVE-2021-4147 CVE-2021-41864

CVE-2021-41864 CVE-2021-42008 CVE-2021-42008 CVE-2021-42252 CVE-2021-42252

CVE-2021-42739 CVE-2021-42739 CVE-2021-43056 CVE-2021-43056 CVE-2021-43389

1189996

This update for file fixes the following issues:

- Fixes exception thrown by memory allocation problem (bsc#1189996)

1189060,CVE-2021-3622

This update for hivex fixes the following issues:

- CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children() (bsc#1189060).

1189537,1190190

This update for kmod fixes the following issues:

- Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190).

- Enable support for ZSTD compressed modules

- Display module information even for modules built into the running kernel (bsc#1189537)

- '/usr/lib' should override '/lib' where both are available. Support '/usr/lib' for depmod.d as well.

- Remove test patches included in release 29

- Update to release 29

* Fix `modinfo -F` not working for built-in modules and certain fields.

* Fix a memory leak, overflow and double free on error path.

1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1

190412,1190413,1190428,CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).

- CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399).

- CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400).

- CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057).

- CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706).

- CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by invalid id (bsc#1189832 ).

- CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883).

- CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025).

- CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117)

- CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262).

- CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291).

- CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292).

- CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes (bnc#1189298).

- CVE-2021-38166: Fixed an integer overflow and out-of-bounds write when many elements are placed in a single bucket in kernel/bpf/hashtab.c (bnc#1189233 ).

- CVE-2021-38209: Fixed allowed observation of changes in any net namespace via net/netfilter/nf_conntrack_standalone.c (bnc#1189393).

- CVE-2021-38206: Fixed NULL pointer dereference in the radiotap parser inside the mac80211 subsystem (bnc#1189296).

- CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983).

- CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985).

- CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115).

- CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420).

The following non-security bugs were fixed:

- ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes).

- ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543)

- ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543)

- ACPI: processor: Export function to claim _CST control (bsc#1175543)

- ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543)

- ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc#1175543)

- ALSA: hda - fix the 'Capture Switch' value change notifications (git-fixes).

- ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10 (git-fixes).

- ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms (git-fixes).

- ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically (git-fixes).

- ALSA: hda/realtek - Add ALC285 HP init procedure (git-fixes).

- ALSA: hda/realtek - Add type for ALC287 (git-fixes).

- ALSA: hda/realtek: Change device names for quirks to barebone names (git-fixes).

- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop (git-fixes).

- ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256) (git-fixes).

- ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8 (git-fixes).

- ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes).

- ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx series (git-fixes).

- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC (git-fixes).

- ALSA: hda/via: Apply runtime PM workaround for ASUS B23E (git-fixes).

- ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes).

- ALSA: hda: Fix hang during shutdown due to link reset (git-fixes).

- ALSA: hda: Release controller display power during shutdown/reboot (git-fixes).

- ALSA: pcm: Fix mmap breakage without explicit buffer setup (git-fixes).

- ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes).

- ALSA: seq: Fix racy deletion of subscriber (git-fixes).

- ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes).

- ALSA: usb-audio: Avoid unnecessary or invalid connector selection at resume (git-fixes).

- ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (git-fixes).

- ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes).

- ALSA: usb-audio: fix incorrect clock source setting (git-fixes).

- ASoC: Intel: Skylake: Fix module resource and format selection (git-fixes).

- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (git-fixes).

- ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 (git-fixes).

- ASoC: SOF: Intel: hda-ipc: fix reply size checking (git-fixes).

- ASoC: amd: Fix reference to PCM buffer address (git-fixes).

- ASoC: component: Remove misplaced prefix handling in pin control functions (git-fixes).

- ASoC: cs42l42: Correct definition of ADC Volume control (git-fixes).

- ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes).

- ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes).

- ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes).

- ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes).

- ASoC: intel: atom: Fix breakage for PCM buffer address setup (git-fixes).

- ASoC: intel: atom: Fix reference to PCM buffer address (git-fixes).

- ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe (git-fixes).

- ASoC: rt5682: Adjust headset volume button threshold (git-fixes).

- ASoC: rt5682: Adjust headset volume button threshold again (git-fixes).

- ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend (git-fixes).

- ASoC: ti: j721e-evm: Check for not initialized parent_clk_id (git-fixes).

- ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking during startup (git-fixes).

- ASoC: tlv320aic31xx: Fix jack detection after suspend (git-fixes).

- ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (git-fixes).

- ASoC: uniphier: Fix reference to PCM buffer address (git-fixes).

- ASoC: wcd9335: Disable irq on slave ports in the remove function (git-fixes).

- ASoC: wcd9335: Fix a double irq free in the remove function (git-fixes).

- ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (git-fixes).

- ASoC: xilinx: Fix reference to PCM buffer address (git-fixes).

- Avoid double printing SUSE specific flags in mod->taint (bsc#1190413).

- Bluetooth: add timeout sanity check to hci_inquiry (git-fixes).

- Bluetooth: btusb: Fix a unspported condition to set available debug features (git-fixes).

- Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS (git-fixes).

- Bluetooth: defer cleanup of resources in hci_unregister_dev() (git-fixes).

- Bluetooth: fix repeated calls to sco_sock_kill (git-fixes).

- Bluetooth: hidp: use correct wait queue when removing ctrl_wait (git-fixes).

- Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes).

- Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd (git-fixes).

- Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes).

- Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412)

- KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786).

- KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787).

- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (bsc#1188788).

- KVM: VMX: Extend VMXs #AC interceptor to handle split lock #AC in guest (bsc#1187959).

- KVM: nVMX: Handle split-lock #AC exceptions that happen in L2 (bsc#1187959).

- KVM: nVMX: Really make emulated nested preemption timer pinned (bsc#1188780).

- KVM: nVMX: Reset the segment cache when stuffing guest segs (bsc#1188781).

- KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1188782).

- KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration (bsc#1188783).

- KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit (bsc#1188784).

- KVM: x86: Emulate split-lock access as a write in emulator (bsc#1187959).

- KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790).

- NFS: Correct size calculation for create reply length (bsc#1189870).

- NFSv4.1: Do not rebind to the same source port when (bnc#1186264 bnc#1189021)

- NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes).

- NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc#1040364).

- PCI/MSI: Correct misleading comments (git-fixes).

- PCI/MSI: Do not set invalid bits in MSI mask (git-fixes).

- PCI/MSI: Enable and mask MSI-X early (git-fixes).

- PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes).

- PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes).

- PCI/MSI: Mask all unused MSI-X entries (git-fixes).

- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).

- PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes).

- PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes).

- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes).

- PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes).

- RDMA/bnxt_re: Fix stats counters (bsc#1188231).

- SUNRPC: 'Directory with parent 'rpc_clnt' already present!' (bsc#1168202 bsc#1188924).

- SUNRPC: Fix the batch tasks count wraparound (git-fixes).

- SUNRPC: Should wake up the privileged task firstly (git-fixes).

- SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924).

- SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202 bsc#1188924).

- SUNRPC: improve error response to over-size gss credential (bsc#1190022).

- SUNRPC: prevent port reuse on transports which do not request it (bnc#1186264 bnc#1189021).

- USB: core: Avoid WARNings for 0-length descriptor requests (git-fixes).

- USB: serial: ch341: fix character loss at high transfer rates (git-fixes).

- USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes).

- USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes).

- USB: usbtmc: Fix RCU stall warning (git-fixes).

- USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes).

- VMCI: fix NULL pointer dereference when unmapping queue pair (git-fixes).

- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes).

- ath9k: Clear key cache explicitly on disabling hardware (git-fixes).

- ath: Use safer key clearing with key cache entries (git-fixes).

- bcma: Fix memory leak for internally-handled cores (git-fixes).

- bdi: Do not use freezable workqueue (bsc#1189573).

- blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() (bsc#1189507).

- blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506).

- blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() (bsc#1189503).

- blk-wbt: make sure throttle is enabled properly (bsc#1189504).

- block: fix trace completion for chained bio (bsc#1189505).

- bnxt_en: Validate vlan protocol ID on RX packets (jsc#SLE-15075).

- brcmfmac: pcie: fix oops on failure to resume and reprobe (git-fixes).

- btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077).

- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1135481).

- btrfs: add a trace point for reserve tickets (bsc#1135481).

- btrfs: adjust the flush trace point to include the source (bsc#1135481).

- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481).

- btrfs: factor out create_chunk() (bsc#1189077).

- btrfs: factor out decide_stripe_size() (bsc#1189077).

- btrfs: factor out gather_device_info() (bsc#1189077).

- btrfs: factor out init_alloc_chunk_ctl (bsc#1189077).

- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481).

- btrfs: fix deadlock with concurrent chunk allocations involving system chunks (bsc#1189077).

- btrfs: handle invalid profile in chunk allocation (bsc#1189077).

- btrfs: implement space clamping for preemptive flushing (bsc#1135481).

- btrfs: improve preemptive background space flushing (bsc#1135481).

- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481).

- btrfs: introduce alloc_chunk_ctl (bsc#1189077).

- btrfs: introduce chunk allocation policy (bsc#1189077).

- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1135481).

- btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077).

- btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077).

- btrfs: refactor find_free_dev_extent_start() (bsc#1189077).

- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481).

- btrfs: rename need_do_async_reclaim (bsc#1135481).

- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481).

- btrfs: rework chunk allocation to avoid exhaustion of the system chunk array (bsc#1189077).

- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481).

- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1135481).

- btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481).

- btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481).

- btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc#1135481).

- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).

- can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes).

- ceph: clean up and optimize ceph_check_delayed_caps() (bsc#1187468).

- ceph: reduce contention in ceph_check_delayed_caps() (bsc#1187468).

- ceph: take snap_empty_lock atomically with snaprealm refcount change (bsc#1189427).

- cfg80211: Fix possible memory leak in function cfg80211_bss_update (git-fixes).

- cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902).

- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).

- cifs: constify get_normalized_path() properly (bsc#1185902).

- cifs: do not cargo-cult strndup() (bsc#1185902).

- cifs: do not send tree disconnect to ipc shares (bsc#1185902).

- cifs: do not share tcp servers with dfs mounts (bsc#1185902).

- cifs: do not share tcp sessions of dfs connections (bsc#1185902).

- cifs: fix check of dfs interlinks (bsc#1185902).

- cifs: fix path comparison and hash calc (bsc#1185902).

- cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902).

- cifs: handle different charsets in dfs cache (bsc#1185902).

- cifs: keep referral server sessions alive (bsc#1185902).

- cifs: missing null pointer check in cifs_mount (bsc#1185902).

- cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902).

- cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902).

- clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes).

- clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes).

- cpuidle: Allow idle states to be disabled by default (bsc#1175543)

- cpuidle: Consolidate disabled state checks (bsc#1175543)

- cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543)

- cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543)

- cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc#1175543)

- crypto: ccp - Annotate SEV Firmware file names (bsc#1189212).

- crypto: qat - use proper type for vf_mask (git-fixes).

- crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit (git-fixes).

- device-dax: Fix default return code of range_parse() (git-fixes).

- dm integrity: fix missing goto in bitmap_flush_interval error handling (git-fixes).

- dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git-fixes).

- dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes).

- dmaengine: idxd: fix setup sequence for MSIXPERM table (git-fixes).

- dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes).

- dmaengine: imx-sdma: remove duplicated sdma_load_context (git-fixes).

- dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (git-fixes).

- dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (git-fixes).

- dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (git-fixes).

- drivers/block/null_blk/main: Fix a double free in null_init (git-fixes).

- drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X (git-fixes).

- drm/amd/display: Fix comparison error in dcn21 DML (git-fixes).

- drm/amd/display: Fix max vstartup calculation for modes with borders (git-fixes).

- drm/amd/display: Remove invalid assert for ODM + MPC case (git-fixes).

- drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work (git-fixes).

- drm/amd/display: workaround for hard hang on HPD on native DP (git-fixes).

- drm/amdgpu/acp: Make PM domain really work (git-fixes).

- drm/amdgpu/display: fix DMUB firmware version info (git-fixes).

- drm/amdgpu/display: only enable aux backlight control for OLED panels (git-fixes).

- drm/amdgpu: do not enable baco on boco platforms in runpm (git-fixes).

- drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir (git-fixes).

- drm/dp_mst: Fix return code on sideband message failure (git-fixes).

- drm/i915/dg1: gmbus pin mapping (bsc#1188700).

- drm/i915/dg1: provide port/phy mapping for vbt (bsc#1188700).

- drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH + CML combos (bsc#1188700).

- drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH + CML combos (bsc#1188700).

- drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings (bsc#1188700).

- drm/i915/gen9_bc: Recognize TGP PCH + CML combos (bsc#1188700).

- drm/i915/rkl: new rkl ddc map for different PCH (bsc#1188700).

- drm/i915: Add VBT AUX CH H and I (bsc#1188700).

- drm/i915: Add VBT DVO ports H and I (bsc#1188700).

- drm/i915: Add more AUX CHs to the enum (bsc#1188700).

- drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6 (bsc#1188700).

- drm/i915: Correct SFC_DONE register offset (git-fixes).

- drm/i915: Introduce HPD_PORT_TC<n> (bsc#1188700).

- drm/i915: Move hpd_pin setup to encoder init (bsc#1188700).

- drm/i915: Nuke the redundant TC/TBT HPD bit defines (bsc#1188700).

- drm/i915: Only access SFC_DONE when media domain is not fused off (git-fixes).

- drm/meson: fix colour distortion from HDR set during vendor u-boot (git-fixes).

- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes).

- drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (git-fixes).

- drm/msm/dsi: Fix some reference counted resource leaks (git-fixes).

- drm/msm: Fix error return code in msm_drm_init() (git-fixes).

- drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences (git-fixes).

- drm/of: free the iterator object on failure (git-fixes).

- drm/of: free the right object (git-fixes).

- drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (git-fixes).

- drm/prime: fix comment on PRIME Helpers (git-fixes).

- ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568).

- ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564).

- ext4: fix avefreec in find_group_orlov (bsc#1189566).

- ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562).

- ext4: fix potential htree corruption when growing large_dir directories (bsc#1189576).

- ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565).

- ext4: return error code when ext4_fill_flex_info() fails (bsc#1189563).

- ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567).

- fanotify: fix copy_event_to_user() fid error clean up (bsc#1189574).

- firmware_loader: fix use-after-free in firmware_fallback_sysfs (git-fixes).

- firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback (git-fixes).

- fixup 'rpm: support gz and zst compression methods' (bsc#1190358, bsc#1190428).

- fpga: altera-freeze-bridge: Address warning about unused variable (git-fixes).

- fpga: dfl: fme: Fix cpu hotplug issue in performance reporting (git-fixes).

- fpga: xiilnx-spi: Address warning about unused variable (git-fixes).

- fpga: zynqmp-fpga: Address warning about unused variable (git-fixes).

- gpio: eic-sprd: break loop when getting NULL device resource (git-fixes).

- gpio: tqmx86: really make IRQ optional (git-fixes).

- i2c: dev: zero out array used for i2c reads from userspace (git-fixes).

- i2c: highlander: add IRQ check (git-fixes).

- i2c: iop3xx: fix deferred probing (git-fixes).

- i2c: mt65xx: fix IRQ check (git-fixes).

- i2c: s3c2410: fix IRQ check (git-fixes).

- iio: adc: Fix incorrect exit of for-loop (git-fixes).

- iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (git-fixes).

- iio: humidity: hdc100x: Add margin to the conversion time (git-fixes).

- intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc#1175543)

- intel_idle: Allow ACPI _CST to be used for selected known processors (bsc#1175543)

- intel_idle: Annotate init time data structures (bsc#1175543)

- intel_idle: Customize IceLake server support (bsc#1175543)

- intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc#1180347, bsc#1180141)

- intel_idle: Fix max_cstate for processor models without C-state tables (bsc#1175543)

- intel_idle: Ignore _CST if control cannot be taken from the platform (bsc#1175543)

- intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543)

- intel_idle: Use ACPI _CST for processor models without C-state tables (bsc#1175543)

- iommu/amd: Fix extended features logging (bsc#1189213).

- iommu/amd: Move Stoney Ridge check to detect_ivrs() (bsc#1189762).

- iommu/arm-smmu-v3: Decrease the queue size of evtq and priq (bsc#1189210).

- iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189209).

- iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214).

- iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229).

- iommu/vt-d: Check for allocation failure in aux_detach_device() (bsc#1189215).

- iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189216).

- iommu/vt-d: Do not set then clear private data in prq_event_thread() (bsc#1189217).

- iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218).

- iommu/vt-d: Force to flush iotlb before creating superpage (bsc#1189219).

- iommu/vt-d: Global devTLB flush when present context entry changed (bsc#1189220).

- iommu/vt-d: Invalidate PASID cache when root/context entry changed (bsc#1189221).

- iommu/vt-d: Reject unsupported page request modes (bsc#1189222).

- ionic: add handling of larger descriptors (jsc#SLE-16649).

- ionic: add new queue features to interface (jsc#SLE-16649).

- ionic: aggregate Tx byte counting calls (jsc#SLE-16649).

- ionic: block actions during fw reset (jsc#SLE-16649).

- ionic: change mtu after queues are stopped (jsc#SLE-16649).

- ionic: check for link after netdev registration (jsc#SLE-16649).

- ionic: code cleanup details (jsc#SLE-16649).

- ionic: fix sizeof usage (jsc#SLE-16649).

- ionic: fix unchecked reference (jsc#SLE-16649).

- ionic: fix up dim accounting for tx and rx (jsc#SLE-16649).

- ionic: generic tx skb mapping (jsc#SLE-16649).

- ionic: implement Rx page reuse (jsc#SLE-16649).

- ionic: make all rx_mode work threadsafe (jsc#SLE-16649).

- ionic: move rx_page_alloc and free (jsc#SLE-16649).

- ionic: optimize fastpath struct usage (jsc#SLE-16649).

- ionic: protect adminq from early destroy (jsc#SLE-16649).

- ionic: rebuild debugfs on qcq swap (jsc#SLE-16649).

- ionic: remove intr coalesce update from napi (jsc#SLE-16649).

- ionic: remove some unnecessary oom messages (jsc#SLE-16649).

- ionic: simplify TSO descriptor mapping (jsc#SLE-16649).

- ionic: simplify rx skb alloc (jsc#SLE-16649).

- ionic: simplify the intr_index use in txq_init (jsc#SLE-16649).

- ionic: simplify tx clean (jsc#SLE-16649).

- ionic: simplify use of completion types (jsc#SLE-16649).

- ionic: start queues before announcing link up (jsc#SLE-16649).

- ionic: stop watchdog when in broken state (jsc#SLE-16649).

- ionic: useful names for booleans (jsc#SLE-16649).

- iwlwifi: pnvm: accept multiple HW-type TLVs (git-fixes).

- iwlwifi: rs-fw: do not support stbc for HE 160 (git-fixes).

- iwlwifi: skip first element in the WTAS ACPI table (git-fixes).

- kABI fix of usb_dcd_config_params (git-fixes).

- kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes).

- kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server (bnc#1186264 bnc#1189021)

- kabi fix for SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924).

- kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (bsc#1189153).

- kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841).

- leds: trigger: audio: Add an activate callback to ensure the initial brightness is set (git-fixes).

- lib/mpi: use kcalloc in mpi_resize (git-fixes).

- lib: Add zstd support to decompress (bsc#1187483, jsc#SLE-18766).

- libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes).

- mac80211: Fix insufficient headroom issue for AMSDU (git-fixes).

- md/raid10: properly indicate failure when ending a failed write request (git-fixes).

- md: revert io stats accounting (git-fixes).

- media: TDA1997x: enable EDID support (git-fixes).

- media: cxd2880-spi: Fix an error handling path (git-fixes).

- media: drivers/media/usb: fix memory leak in zr364xx_probe (git-fixes).

- media: dvb-usb: Fix error handling in dvb_usb_i2c_init (git-fixes).

- media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (git-fixes).

- media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (git-fixes).

- media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (git-fixes).

- media: go7007: fix memory leak in go7007_usb_probe (git-fixes).

- media: go7007: remove redundant initialization (git-fixes).

- media: rtl28xxu: fix zero-length control request (git-fixes).

- media: stkwebcam: fix memory leak in stk_camera_probe (git-fixes).

- media: venus: venc: Fix potential null pointer dereference on pointer fmt (git-fixes).

- media: videobuf2-core: dequeue if start_streaming fails (git-fixes).

- media: zr364xx: fix memory leaks in probe() (git-fixes).

- media: zr364xx: propagate errors from zr364xx_start_readpipe() (git-fixes).

- misc: atmel-ssc: lock with mutex instead of spinlock (git-fixes).

- misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() (git-fixes).

- mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc#1189569).

- mm/vmscan: fix infinite loop in drop_slab_node (VM Functionality, bsc#1189301).

- mm: fix memory_failure() handling of dax-namespace metadata (bsc#1189872).

- mm: swap: properly update readahead statistics in unuse_pte_range() (bsc#1187619).

- mmc: dw_mmc: Fix hang on data CRC error (git-fixes).

- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes).

- mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes).

- mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (git-fixes).

- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711 (git-fixes).

- mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (git-fixes).

- nbd: Aovid double completion of a request (git-fixes).

- nbd: Fix NULL pointer in flush_workqueue (git-fixes).

- net/mlx5: Add ts_cqe_to_dest_cqn related bits (bsc#1188412)

- net/mlx5: Properly convey driver version to firmware (git-fixes).

- net/mlx5e: Add missing capability check for uplink follow (bsc#1188412)

- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).

- net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (git-fixes).

- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).

- net: usb: lan78xx: do not modify phy_device state concurrently (bsc#1188270)

- nfs: fix acl memory leak of posix_acl_create() (git-fixes).

- nvme-multipath: revalidate paths during rescan (bsc#1187211)

- nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth (bsc#1181972).

- nvme-pci: fix NULL req in completion handler (bsc#1181972).

- nvme-pci: limit maximum queue depth to 4095 (bsc#1181972).

- nvme-pci: use unsigned for io queue depth (bsc#1181972).

- nvme-tcp: Do not reset transport on data digest errors (bsc#1188418).

- nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data (bsc#1181972).

- nvme: avoid possible double fetch in handling CQE (bsc#1181972).

- nvme: code command_id with a genctr for use-after-free validation (bsc#1181972).

- nvme: only call synchronize_srcu when clearing current path (bsc#1188067).

- nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384).

- ocfs2: fix snprintf() checking (bsc#1189581).

- ocfs2: fix zero out valid data (bsc#1189579).

- ocfs2: initialize ip_next_orphan (bsc#1186731).

- ocfs2: issue zeroout to EOF blocks (bsc#1189582).

- ovl: allow upperdir inside lowerdir (bsc#1189323).

- ovl: expand warning in ovl_d_real() (bsc#1189323).

- ovl: fix missing revert_creds() on error path (bsc#1189323).

- ovl: perform vfs_getxattr() with mounter creds (bsc#1189323).

- ovl: skip getxattr of security labels (bsc#1189323).

- params: lift param_set_uint_minmax to common code (bsc#1181972).

- pcmcia: i82092: fix a null pointer dereference bug (git-fixes).

- perf/x86/amd: Do not touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (bsc#1189225).

- pinctrl: tigerlake: Fix GPIO mapping for newer version of software (git-fixes).

- platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (git-fixes).

- post.sh: detect /usr mountpoint too

- power: supply: max17042: handle fails of reading status register (git-fixes).

- powerpc/cacheinfo: Improve diagnostics about malformed cache lists (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/cacheinfo: Lookup cache by dt node and thread-group id (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/cacheinfo: Remove the redundant get_shared_cpu_map() (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/cacheinfo: Use name@unit instead of full DT path in debug messages (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).

- powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible (bsc#1189197 ltc#193906).

- powerpc/pseries: Fix regression while building external modules (bsc#1160010 ltc#183046 git-fixes). This changes a GPL symbol to general symbol which is kABI change but not kABI break.

- powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes).

- powerpc/smp: Make some symbols static (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148 ltc#190702 git-fixes).

- regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes).

- regulator: vctrl: Avoid lockdep warning in enable/disable ops (git-fixes).

- regulator: vctrl: Use locked regulator_get_voltage in probe path (git-fixes).

- rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed.

- rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305)

- rpm/kernel-source.rpmlintrc: ignore new include/config files In 5.13, since 0e0345b77ac4, config files have no longer .h suffix. Adapt the zero-length check. Based on Martin Liska's change.

- rq-qos: fix missed wake-ups in rq_qos_throttle try two (bsc#1189575).

- rsi: fix an error code in rsi_probe() (git-fixes).

- rsi: fix error code in rsi_load_9116_firmware() (git-fixes).

- s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193817).

- s390/boot: fix use of expolines in the DMA code (bsc#1188878 ltc#193771).

- scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc#SLE-18970).

- scsi: blkcg: Fix application ID config options (bsc#1189385 jsc#SLE-18970).

- scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970).

- scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392).

- scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650).

- scsi: libfc: Fix array index out of bound exception (bsc#1188616).

- scsi: lpfc: Add 256 Gb link speed support (bsc#1189385).

- scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc#1189385).

- scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385).

- scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc#1189385).

- scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385).

- scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385).

- scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385).

- scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385).

- scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385).

- scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc#1189385).

- scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc#1189385).

- scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385).

- scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385).

- scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385).

- scsi: lpfc: Fix function description comments for vmid routines (bsc#1189385).

- scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385).

- scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc#1189385).

- scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc#1189385).

- scsi: lpfc: Improve firmware download logging (bsc#1189385).

- scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385).

- scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes).

- scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc#1189385).

- scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385).

- scsi: lpfc: Remove redundant assignment to pointer temp_hdr (bsc#1189385).

- scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385).

- scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc#1189385).

- scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385).

- scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc#1189385).

- scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385).

- scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385).

- scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc#1189385).

- scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189385).

- scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Add support for VMID in mailbox command (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Append the VMID to the wqe before sending (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Implement ELS commands for appid (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc#SLE-18970).

- scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc#SLE-18970).

- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).

- scsi: qla2xxx: Add heartbeat check (bsc#1189392).

- scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc#1189392).

- scsi: qla2xxx: Fix spelling mistakes 'allloc' -> 'alloc' (bsc#1189392).

- scsi: qla2xxx: Fix use after free in debug code (bsc#1189392).

- scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc#1189392).

- scsi: qla2xxx: Remove duplicate declarations (bsc#1189392).

- scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392).

- scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc#1189392).

- scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc#1189392).

- scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392).

- scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392).

- scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392).

- scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc#1189392).

- scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189392).

- scsi: qla2xxx: edif: Add detection of secure device (bsc#1189392).

- scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189392).

- scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392).

- scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc#1189392).

- scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189392).

- scsi: qla2xxx: edif: Add key update (bsc#1189392).

- scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc#1189392).

- scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392).

- scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189392).

- scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state (bsc#1184180).

- scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392).

- scsi: zfcp: Report port fc_security as unknown early during remote cable pull (git-fixes).

- serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes).

- serial: 8250_mtk: fix uart corruption issue when rx power off (git-fixes).

- serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts (git-fixes).

- serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver (git-fixes).

- serial: tegra: Only print FIFO error message when an error occurs (git-fixes).

- slimbus: messaging: check for valid transaction id (git-fixes).

- slimbus: messaging: start transaction ids from 1 instead of zero (git-fixes).

- slimbus: ngd: reset dma setup during runtime pm (git-fixes).

- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes).

- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes).

- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).

- soc: ixp4xx: fix printing resources (git-fixes).

- soc: qcom: rpmhpd: Use corner in power_off (git-fixes).

- soc: qcom: smsm: Fix missed interrupts if state changes while masked (git-fixes).

- spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes).

- spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation (git-fixes).

- spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (git-fixes).

- spi: mediatek: Fix fifo transfer (git-fixes).

- spi: meson-spicc: fix memory leak in meson_spicc_remove (git-fixes).

- spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes).

- spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes).

- spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes).

- spi: stm32h7: fix full duplex irq handler handling (git-fixes).

- staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (git-fixes).

- staging: rtl8712: get rid of flush_scheduled_work (git-fixes).

- staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes).

- tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (git-fixes).

- tracing / histogram: Give calculation hist_fields a size (git-fixes).

- tracing: Reject string operand in the histogram expression (git-fixes).

- tty: serial: fsl_lpuart: fix the wrong mapbase value (git-fixes).

- ubifs: Fix error return code in alloc_wbufs() (bsc#1189585).

- ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583).

- ubifs: Only check replay with inode type to judge if inode linked (bsc#1187455).

- ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (bsc#1189587).

- ubifs: journal: Fix error return code in ubifs_jnl_write_inode() (bsc#1189586).

- usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (git-fixes).

- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).

- usb: dwc3: Separate field holding multiple properties (git-fixes).

- usb: dwc3: Stop active transfers before halting the controller (git-fixes).

- usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes).

- usb: dwc3: Use devres to get clocks (git-fixes).

- usb: dwc3: core: do not do suspend for device mode if already suspended (git-fixes).

- usb: dwc3: debug: Remove newline printout (git-fixes).

- usb: dwc3: gadget: Check MPS of the request length (git-fixes).

- usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set (git-fixes).

- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (git-fixes).

- usb: dwc3: gadget: Disable gadget IRQ during pullup disable (git-fixes).

- usb: dwc3: gadget: Do not send unintended link state change (git-fixes).

- usb: dwc3: gadget: Do not setup more than requested (git-fixes).

- usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes).

- usb: dwc3: gadget: Fix handling ZLP (git-fixes).

- usb: dwc3: gadget: Give back staled requests (git-fixes).

- usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes).

- usb: dwc3: gadget: Prevent EP queuing while stopping transfers (git-fixes).

- usb: dwc3: gadget: Properly track pending and queued SG (git-fixes).

- usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (git-fixes).

- usb: dwc3: gadget: Set BESL config parameter (git-fixes).

- usb: dwc3: gadget: Set link state to RX_Detect on disconnect (git-fixes).

- usb: dwc3: gadget: Stop EP0 transfers during pullup disable (git-fixes).

- usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes).

- usb: dwc3: meson-g12a: add IRQ check (git-fixes).

- usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init (git-fixes).

- usb: dwc3: of-simple: add a shutdown (git-fixes).

- usb: dwc3: st: Add of_dev_put() in probe function (git-fixes).

- usb: dwc3: st: Add of_node_put() before return in probe function (git-fixes).

- usb: dwc3: support continuous runtime PM with dual role (git-fixes).

- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (git-fixes).

- usb: gadget: Export recommended BESL values (git-fixes).

- usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (git-fixes).

- usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes).

- usb: gadget: f_hid: idle uses the highest byte for duration (git-fixes).

- usb: gadget: mv_u3d: request_irq() after initializing UDC (git-fixes).

- usb: gadget: udc: at91: add IRQ check (git-fixes).

- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (git-fixes).

- usb: host: ohci-tmio: add IRQ check (git-fixes).

- usb: host: xhci-rcar: Do not reload firmware after the completion (git-fixes).

- usb: mtu3: fix the wrong HS mult value (git-fixes).

- usb: mtu3: use @mult for HS isoc or intr (git-fixes).

- usb: phy: fsl-usb: add IRQ check (git-fixes).

- usb: phy: tahvo: add IRQ check (git-fixes).

- usb: phy: twl6030: add IRQ checks (git-fixes).

- usr: Add support for zstd compressed initramfs (bsc#1187483, jsc#SLE-18766).

- virt_wifi: fix error on connect (git-fixes).

- wireguard: allowedips: allocate nodes in kmem_cache (git-fixes).

- wireguard: allowedips: free empty intermediate nodes when removing single node (git-fixes).

- wireguard: allowedips: remove nodes in O(1) (git-fixes).

- writeback: fix obtain a reference to a freeing memcg css (bsc#1189577).

- x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1152489).

- x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1152489).

- x86/fpu: Reset state for all signal restore failures (bsc#1152489).

- x86/kvm: fix vcpu-id indexed array sizes (git-fixes).

- x86/sev: Make sure IRQs are disabled while GHCB is active (jsc#SLE-14337).

- x86/sev: Split up runtime #VC handler for correct state tracking (jsc#SLE-14337).

- x86/sev: Use 'SEV: ' prefix for messages from sev.c (jsc#SLE-14337).

- x86/signal: Detect and prevent an alternate signal stack overflow (bsc#1152489).

- x86/split_lock: Provide handle_guest_split_lock() (bsc#1187959).

- xen/events: Fix race in set_evtchn_to_irq (git-fixes).

- xprtrdma: Pad optimization, revisited (bsc#1189760).

1085917,1181299,1181306,1181309,1181535,1181536,1188651,1189552

This update for xfsprogs fixes the following issues:

- Fixes an issue when 'fstests' with 'xfs' fail. (bsc#1181309, bsc#1181299)

- xfsprogs: Split 'libhandle1' into a separate package, since nothing within xfsprogs dynamically links against it. The shared library is still required by xfsdump as a runtime dependency.

- mkfs.xfs: Fix 'ASSERT' on too-small device with stripe geometry. (bsc#1181536)

- mkfs.xfs: If either 'sunit' or 'swidth' is not zero, the other must be as well. (bsc#1085917, bsc#1181535)

- xfs_growfs: Refactor geometry reporting. (bsc#1181306)

- xfs_growfs: Allow mounted device node as argument. (bsc#1181299)

- xfs_repair: Rebuild directory when non-root leafn blocks claim block 0. (bsc#1181309)

- xfs_repair: Check plausibility of root dir pointer before trashing it. (bsc#1188651)

- xfs_bmap: Remove '-c' from manpage. (bsc#1189552)

- xfs_bmap: Do not reject '-e'. (bsc#1189552)

- Implement 'libhandle1' through ECO. (jsc#SLE-20360)

1189176,1190622

This update for multipath-tools provides the following fixes:

- Update to version 0.8.5+82+suse.746b76e:

* libmultipath: avoid buffer size warning with systemd 240+. (bsc#1189176)

- Add a versioned dependency of multipath-tools on libmpath0. (bsc#1190622)

1190373,1190374,CVE-2021-22946,CVE-2021-22947

This update for curl fixes the following issues:

- CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374).

- CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373).

This update for numactl fixes the following issues:

- Fix System call numbers on s390x.

- Debug verify for --preferred option.

- Description for the usage of numactl.

- Varios memleacks on source files: sysfs.c, shm.c and numactl.c

- Description for numa_node_size64 and definition for numa_node_size in manpage.

- link with -latomic when needed.

- Clear race conditions on numa_police_memory().

- numademo: Use first two nodes instead of node 0 and 1

- Enhance _service settings

- Enable automake

1134353,1184994,1188291,1188588,1188713,1189446,1189480

This update for systemd fixes the following issues:

- Switch I/O scheduler from 'mq-deadline' to 'bfq' for rotating disks(HD's) (jsc#SLE-21032, bsc#1134353).

- Multipath: Rules weren't applied to dm devices (bsc#1188713).

- Ignore obsolete 'elevator' kernel parameter (bsc#1184994).

- Remove kernel unsupported single-queue block I/O.

- Make sure the versions of both udev and systemd packages are always the same (bsc#1189480).

- Avoid error message when updating active udev on sockets restart (bsc#1188291).

- Merge of v246.16, for a complete list of changes, visit:

https://github.com/openSUSE/systemd/compare/8d8f5fc31eece95644b299b784bbfb8f836d0108...f5c33d9f82d3d782d28938df9ff09484360c540d

- Drop 1007-tmpfiles-follow-SUSE-policies.patch:

Since most of the tmpfiles config files shipped by upstream are

ignored (see previous commit 'Drop most of the tmpfiles that deal

with generic paths'), this patch is no more relevant.

Additional fixes:

- core: make sure cgroup_oom_queue is flushed on manager exit.

- cgroup: do 'catchup' for unit cgroup inotify watch files.

- journalctl: never fail at flushing when the flushed flag is set (bsc#1188588).

- manager: reexecute on SIGRTMIN+25, user instances only.

- manager: fix HW watchdog when systemd starts before driver loaded (bsc#1189446).

- pid1: watchdog modernizations.

1188768

This update for perl-Bootloader fixes the following issues:

- Report error if config file could not be updated (bsc#1188768).

- Fix typo in update-bootloader.

1065729,1148868,1152489,1154353,1159886,1167773,1170774,1171688,1173746,1174003,1176447,1176940,1177028,1178134,1184439,1184804,1185302,1185550,1185677,1185726,1185762,1187211,1188067,1188418,1188651,1188986,1189257,1189297,1189841,1189884,1190023,1190062,1190115,1190138,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190544,1190561,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191292,CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3759,CVE-2021-3764,CVE-2021-40490

The SUSE Linux Enterprise 15 SP3 kernel was updated.

The following security bugs were fixed:

- CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure. (bnc#1191193)

- CVE-2021-3752: Fixed a use after free vulnerability in the Linux kernel's bluetooth module. (bsc#1190023)

- CVE-2021-40490: Fixed a race condition discovered in the ext4 subsystem that could leat to local priviledge escalation. (bnc#1190159)

- CVE-2021-3744: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1189884)

- CVE-2021-3764: Fixed a bug which could allows attackers to cause a denial of service. (bsc#1190534)

- CVE-2021-3669: Fixed a bug that doesn't allow /proc/sysvipc/shm to scale with large shared memory segment counts which could lead to resource exhaustion and DoS. (bsc#1188986)

- CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115).

The following non-security bugs were fixed:

- ALSA: firewire-motu: fix truncated bytes in message tracepoints (git-fixes).

- apparmor: remove duplicate macro list_entry_is_head() (git-fixes).

- ASoC: fsl_micfil: register platform component before registering cpu dai (git-fixes).

- ASoC: Intel: Fix platform ID matching (git-fixes).

- ASoC: mediatek: common: handle NULL case in suspend/resume function (git-fixes).

- ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes).

- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (git-fixes).

- ASoC: rt5682: Implement remove callback (git-fixes).

- ASoC: rt5682: Properly turn off regulators if wrong device ID (git-fixes).

- ASoC: rt5682: Remove unused variable in rt5682_i2c_remove() (git-fixes).

- ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes).

- ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes).

- ath9k: fix sleeping in atomic context (git-fixes).

- backlight: pwm_bl: Improve bootloader/kernel device handover (git-fixes).

- bareudp: Fix invalid read beyond skb's linear data (jsc#SLE-15172).

- blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762).

- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).

- blk-mq: mark if one queue map uses managed irq (bsc#1185762).

- Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes).

- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).

- bnxt_en: Add missing DMA memory barriers (git-fixes).

- bnxt_en: Disable aRFS if running on 212 firmware (git-fixes).

- bnxt_en: Do not enable legacy TX push on older firmware (git-fixes).

- bnxt_en: Fix asic.rev in devlink dev info command (jsc#SLE-16649).

- bnxt_en: fix stored FW_PSID version masks (jsc#SLE-16649).

- bnxt_en: Store the running firmware version code (git-fixes).

- bnxt: count Tx drops (git-fixes).

- bnxt: disable napi before canceling DIM (git-fixes).

- bnxt: do not lock the tx queue from napi poll (git-fixes).

- bnxt: make sure xmit_more + errors does not miss doorbells (git-fixes).

- bpf, samples: Add missing mprog-disable to xdp_redirect_cpu's optstring (git-fixes).

- bpf: Fix ringbuf helper function compatibility (git-fixes).

- bpftool: Add sock_release help info for cgroup attach/prog load command (bsc#1177028).

- btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626).

- clk: at91: clk-generated: Limit the requested rate to our range (git-fixes).

- clk: at91: clk-generated: pass the id of changeable parent at registration (git-fixes).

- console: consume APC, DM, DCS (git-fixes).

- cpuidle: pseries: Do not cap the CEDE0 latency in fixup_cede0_latency() (bsc#1185550 ltc#192610 git-fixes jsc#SLE-18128).

- cuse: fix broken release (bsc#1190596).

- cxgb4: dont touch blocked freelist bitmap after free (git-fixes).

- debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1173746).

- devlink: Break parameter notification sequence to be before/after unload/load driver (bsc#1154353).

- devlink: Clear whole devlink_flash_notify struct (bsc#1176447).

- dma-buf: DMABUF_MOVE_NOTIFY should depend on DMA_SHARED_BUFFER (git-fixes).

- dmaengine: ioat: depends on !UML (git-fixes).

- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).

- dmaengine: xilinx_dma: Set DMA mask for coherent APIs (git-fixes).

- docs: Fix infiniband uverbs minor number (git-fixes).

- drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in amdgpu_dm_update_backlight_caps (git-fixes).

- drm: avoid blocking in drm_clients_info's rcu section (git-fixes).

- drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (git-fixes).

- drm/amd/display: Fix timer_per_pixel unit error (git-fixes).

- drm/amdgpu: Fix BUG_ON assert (git-fixes).

- drm/ast: Fix missing conversions to managed API (git-fixes).

- drm/gma500: Fix end of loop tests for list_for_each_entry (git-fixes).

- drm/i915: Allow the sysadmin to override security mitigations (git-fixes).

- drm/i915/rkl: Remove require_force_probe protection (bsc#1189257).

- drm/ingenic: Switch IPU plane to type OVERLAY (git-fixes).

- drm/mgag200: Select clock in PLL update functions (git-fixes).

- drm/msm/mdp4: move HW revision detection to earlier phase (git-fixes).

- drm/msm/mdp4: refactor HW revision detection into read_mdp_hw_revision (git-fixes).

- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes).

- drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes).

- drm/pl111: depend on CONFIG_VEXPRESS_CONFIG (git-fixes).

- drm/rockchip: cdn-dp-core: Make cdn_dp_core_resume __maybe_unused (git-fixes).

- e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100).

- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).

- EDAC/i10nm: Fix NVDIMM detection (bsc#1152489).

- EDAC/mce_amd: Do not load edac_mce_amd module on guests (bsc#1190138).

- EDAC/synopsys: Fix wrong value type assignment for edac_mode (bsc#1152489).

- enetc: Fix uninitialized struct dim_sample field usage (git-fixes).

- erofs: fix up erofs_lookup tracepoint (git-fixes).

- fbmem: do not allow too huge resolutions (git-fixes).

- fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (git-fixes).

- fpga: machxo2-spi: Return an error on failure (git-fixes).

- fuse: flush extending writes (bsc#1190595).

- fuse: truncate pagecache on atomic_o_trunc (bsc#1190705).

- genirq: add device_has_managed_msi_irq (bsc#1185762).

- gpio: uniphier: Fix void functions to remove return value (git-fixes).

- gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (git-fixes).

- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).

- hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185726).

- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185726).

- hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (git-fixes).

- hwmon: (tmp421) fix rounding for negative values (git-fixes).

- hwmon: (tmp421) report /PVLD condition as fault (git-fixes).

- i40e: Add additional info to PHY type error (git-fixes).

- i40e: Fix firmware LLDP agent related warning (git-fixes).

- i40e: Fix log TC creation failure when max num of queues is exceeded (git-fixes).

- i40e: Fix logic of disabling queues (git-fixes).

- i40e: Fix queue-to-TC mapping on Tx (git-fixes).

- i40e: improve locking of mac_filter_hash (jsc#SLE-13701).

- iavf: Fix ping is lost after untrusted VF had tried to change MAC (jsc#SLE-7940).

- iavf: Set RSS LUT and key in reset handle path (git-fixes).

- IB/hfi1: Indicate DMA wait when txq is queued for wakeup (jsc#SLE-13208).

- ibmvnic: check failover_pending in login response (bsc#1190523 ltc#194510).

- ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758 ltc#191943).

- ibmvnic: Fix up some comments and messages (bsc#1190758 ltc#191943).

- ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758 ltc#191943).

- ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943).

- ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943).

- ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943).

- ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943).

- ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758 ltc#191943).

- ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758 ltc#191943).

- ice: do not abort devlink info if board identifier can't be found (jsc#SLE-12878).

- ice: do not remove netdev->dev_addr from uc sync list (git-fixes).

- ice: Prevent probing virtual functions (git-fixes).

- igc: Use num_tx_queues when iterating over tx_ring queue (jsc#SLE-13533).

- iio: dac: ad5624r: Fix incorrect handling of an optional regulator (git-fixes).

- include/linux/list.h: add a macro to test if entry is pointing to the head (git-fixes).

- iomap: Fix negative assignment to unsigned sis->pages in iomap_swapfile_activate (bsc#1190784).

- ionic: cleanly release devlink instance (bsc#1167773).

- ionic: count csum_none when offload enabled (bsc#1167773).

- ionic: drop useless check of PCI driver data validity (bsc#1167773).

- ipc: remove memcg accounting for sops objects in do_semtimedop() (bsc#1190115).

- ipc/util.c: use binary search for max_idx (bsc#1159886).

- ipvs: allow connection reuse for unconfirmed conntrack (bsc#1190467).

- ipvs: avoid expiring many connections from timer (bsc#1190467).

- ipvs: Fix up kabi for expire_nodest_conn_work addition (bsc#1190467).

- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (bsc#1190467).

- iwlwifi Add support for ax201 in Samsung Galaxy Book Flex2 Alpha (git-fixes).

- iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (git-fixes).

- kernel-binary.spec: Check for no kernel signing certificates. Also remove unused variable.

- kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs.

- kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). The script part for base package case is completely separate from the part for subpackages. Remove the part for subpackages from the base package script and use the KMP scripts for subpackages instead.

- libata: fix ata_host_start() (git-fixes).

- libbpf: Fix removal of inner map in bpf_object__create_map (git-fixes).

- libbpf: Fix the possible memory leak on error (git-fixes).

- mac80211-hwsim: fix late beacon hrtimer handling (git-fixes).

- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (git-fixes).

- mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes).

- mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (git-fixes).

- mac80211: mesh: fix potentially unaligned access (git-fixes).

- media: cedrus: Fix SUNXI tile size calculation (git-fixes).

- media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats (git-fixes).

- media: dib8000: rewrite the init prbs logic (git-fixes).

- media: imx258: Limit the max analogue gain to 480 (git-fixes).

- media: imx258: Rectify mismatch of VTS value (git-fixes).

- media: rc-loopback: return number of emitters rather than error (git-fixes).

- media: TDA1997x: fix tda1997x_query_dv_timings() return value (git-fixes).

- media: uvc: do not do DMA on stack (git-fixes).

- media: v4l2-dv-timings.c: fix wrong condition in two for-loops (git-fixes).

- mfd: Do not use irq_create_mapping() to resolve a mapping (git-fixes).

- misc: sram: Only map reserved areas in Tegra SYSRAM (git-fixes).

- misc: sram: use devm_platform_ioremap_resource_wc() (git-fixes).

- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).

- mm: always have io_remap_pfn_range() set pgprot_decrypted() (git-fixes).

- mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1190785).

- mmc: core: Return correct emmc response in case of ioctl error (git-fixes).

- mmc: rtsx_pci: Fix long reads when clock is prescaled (git-fixes).

- mmc: sdhci-of-arasan: Check return value of non-void funtions (git-fixes).

- mmc: sdhci: Fix issue with uninitialized dma_slave_config (git-fixes).

- net: ethernet: ti: cpsw: fix min eth packet size for non-switch use-cases (git-fixes).

- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185726).

- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726).

- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185726).

- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185726).

- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726).

- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726).

- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185726).

- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185726).

- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185726).

- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726).

- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (git-fixes).

- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).

- net/mlx5: E-Switch, handle devcom events only for ports on the same device (git-fixes).

- net/mlx5: Fix flow table chaining (git-fixes).

- net/mlx5: Fix missing return value in mlx5_devlink_eswitch_inline_mode_set() (jsc#SLE-15172).

- net/mlx5: Fix return value from tracer initialization (git-fixes).

- net/mlx5: Unload device upon firmware fatal error (git-fixes).

- net/mlx5e: Avoid creating tunnel headers for local route (git-fixes).

- net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).

- net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes).

- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state (bsc#1190062).

- nfp: update ethtool reporting of pauseframe control (git-fixes).

- NFS: change nfs_access_get_cached to only report the mask (bsc#1190746).

- NFS: do not store 'struct cred *' in struct nfs_access_entry (bsc#1190746).

- NFS: pass cred explicitly for access tests (bsc#1190746).

- nvme-multipath: revalidate paths during rescan (bsc#1187211).

- nvme-tcp: Do not reset transport on data digest errors (bsc#1188418).

- nvme: avoid race in shutdown namespace removal (bsc#1188067).

- nvme: fix refcounting imbalance when all paths are down (bsc#1188067).

- nvme: only call synchronize_srcu when clearing current path (bsc#1188067).

- optee: Fix memory leak when failing to register shm pages (git-fixes).

- parport: remove non-zero check on count (git-fixes).

- PCI: aardvark: Fix checking for PIO status (git-fixes).

- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).

- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).

- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).

- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (git-fixes).

- PCI: Add AMD GPU multi-function power dependencies (git-fixes).

- PCI: ibmphp: Fix double unmap of io_mem (git-fixes).

- PCI: of: Do not fail devm_pci_alloc_host_bridge() on missing 'ranges' (git-fixes).

- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (git-fixes).

- PCI: pci-bridge-emul: Fix array overruns, improve safety (git-fixes).

- PCI: pci-bridge-emul: Fix big-endian support (git-fixes).

- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).

- PCI: Use pci_update_current_state() in pci_enable_device_flags() (git-fixes).

- phy: tegra: xusb: Fix dangling pointer on probe failure (git-fixes).

- PM: base: power: do not try to use non-existing RTC for storing data (git-fixes).

- PM: EM: Increase energy calculation precision (git-fixes).

- power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors (git-fixes).

- power: supply: max17042_battery: fix typo in MAx17042_TOFF (git-fixes).

- powercap: intel_rapl: add support for Sapphire Rapids (jsc#SLE-15289).

- powerpc: fix function annotations to avoid section mismatch warnings with gcc-10 (bsc#1148868).

- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543 ltc#194523).

- powerpc/numa: Consider the max NUMA node for migratable LPAR (bsc#1190544 ltc#194520).

- powerpc/perf: Drop the case of returning 0 as instruction pointer (bsc#1065729).

- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set (bsc#1065729).

- powerpc/perf: Fix the check for SIAR value (bsc#1065729).

- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).

- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).

- powerpc/perf: Use the address from SIAR register to set cpumode flags (bsc#1065729).

- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).

- powerpc/powernv: Fix machine check reporting of async store errors (bsc#1065729).

- powerpc/pseries: Prevent free CPU ids being reused on another node (bsc#1190620 ltc#194498).

- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).

- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).

- pwm: img: Do not modify HW state in .remove() callback (git-fixes).

- pwm: rockchip: Do not modify HW state in .remove() callback (git-fixes).

- pwm: stm32-lp: Do not modify HW state in .remove() callback (git-fixes).

- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (git-fixes).

- RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init() (bsc#1170774).

- RDMA/hns: Fix QP's resp incomplete assignment (jsc#SLE-14777).

- RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it recently (jsc#SLE-15175).

- RDMA/mlx5: Delete not-available udata check (jsc#SLE-15175).

- RDMA/rtrs: Remove a useless kfree() (jsc#SLE-15176).

- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (git-fixes).

- regmap: fix page selection for noinc reads (git-fixes).

- regmap: fix page selection for noinc writes (git-fixes).

- regmap: fix the offset of register error log (git-fixes).

- Restore kabi after NFS: pass cred explicitly for access tests (bsc#1190746).

- rpm: Abolish scritplet templating (bsc#1189841). Outsource kernel-binary and KMP scriptlets to suse-module-tools. This allows fixing bugs in the scriptlets as well as defining initrd regeneration policy independent of the kernel packages.

- rpm/kernel-binary.spec: Use only non-empty certificates.

- rpm/kernel-binary.spec.in: avoid conflicting suse-release suse-release had arbitrary values in staging, we can't use it for dependencies. The filesystem one has to be enough (boo#1184804).

- rtc: rx8010: select REGMAP_I2C (git-fixes).

- rtc: tps65910: Correct driver module alias (git-fixes).

- s390/unwind: use current_frame_address() to unwind current task (bsc#1185677).

- sch_cake: fix srchost/dsthost hashing mode (bsc#1176447).

- sched/fair: Add ancestors of unthrottled undecayed cfs_rq (bsc#1191292).

- scsi: core: Add helper to return number of logical blocks in a request (bsc#1190576).

- scsi: core: Introduce the scsi_cmd_to_rq() function (bsc#1190576).

- scsi: fc: Add EDC ELS definition (bsc#1190576).

- scsi: fc: Update formal FPIN descriptor definitions (bsc#1190576).

- scsi: lpfc: Add bsg support for retrieving adapter cmf data (bsc#1190576).

- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).

- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).

- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).

- scsi: lpfc: Add debugfs support for cm framework buffers (bsc#1190576).

- scsi: lpfc: Add EDC ELS support (bsc#1190576).

- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).

- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).

- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info to firmware (bsc#1190576).

- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).

- scsi: lpfc: Add support for maintaining the cm statistics buffer (bsc#1190576).

- scsi: lpfc: Add support for the CM framework (bsc#1190576).

- scsi: lpfc: Adjust bytes received vales during cmf timer interval (bsc#1190576).

- scsi: lpfc: Copyright updates for 14.0.0.1 patches (bsc#1190576).

- scsi: lpfc: Do not release final kref on Fport node while ABTS outstanding (bsc#1190576).

- scsi: lpfc: Do not remove ndlp on PRLI errors in P2P mode (bsc#1190576).

- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).

- scsi: lpfc: Fix compilation errors on kernels with no CONFIG_DEBUG_FS (bsc#1190576).

- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS processing (bsc#1190576).

- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).

- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (bsc#1190576).

- scsi: lpfc: Fix gcc -Wstringop-overread warning, again (bsc#1190576).

- scsi: lpfc: Fix hang on unload due to stuck fport node (bsc#1190576).

- scsi: lpfc: Fix I/O block after enabling managed congestion mode (bsc#1190576).

- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (bsc#1190576).

- scsi: lpfc: Fix NVMe I/O failover to non-optimized path (bsc#1190576).

- scsi: lpfc: Fix premature rpi release for unsolicited TPLS and LS_RJT (bsc#1190576).

- scsi: lpfc: Fix rediscovery of tape device after LIP (bsc#1190576).

- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn() (bsc#1190576).

- scsi: lpfc: Improve PBDE checks during SGL processing (bsc#1190576).

- scsi: lpfc: Remove unneeded variable (bsc#1190576).

- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).

- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).

- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).

- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190576).

- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI (bsc#1190576).

- scsi: lpfc: Zero CGN stats only during initial driver load and stat reset (bsc#1190576).

- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (bsc#1189297).

- scsi/fc: kABI fixes for new ELS_EDC, ELS_RDP definition (bsc#1171688 bsc#1174003 bsc#1190576).

- selftests/bpf: Define string const as global for test_sysctl_prog.c (git-fixes).

- selftests/bpf: Fix bpf-iter-tcp4 test to print correctly the dest IP (git-fixes).

- selftests/bpf: Fix test_sysctl_loop{1, 2} failure due to clang change (git-fixes).

- selftests/bpf: Whitelist test_progs.h from .gitignore (git-fixes).

- serial: 8250_pci: make setup_port() parameters explicitly unsigned (git-fixes).

- serial: 8250: Define RX trigger levels for OxSemi 950 devices (git-fixes).

- serial: mvebu-uart: fix driver's tx_empty callback (git-fixes).

- serial: sh-sci: fix break handling for sysrq (git-fixes).

- spi: Fix tegra20 build with CONFIG_PM=n (git-fixes).

- staging: board: Fix uninitialized spinlock when attaching genpd (git-fixes).

- staging: ks7010: Fix the initialization of the 'sleep_status' structure (git-fixes).

- staging: rts5208: Fix get_ms_information() heap buffer size (git-fixes).

- thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (git-fixes).

- time: Handle negative seconds correctly in timespec64_to_ns() (git-fixes).

- tools: bpf: Fix error in 'make -C tools/ bpf_install' (git-fixes).

- tty: Fix data race between tiocsti() and flush_to_ldisc() (git-fixes).

- tty: serial: jsm: hold port lock when reporting modem line changes (git-fixes).

- tty: synclink_gt, drop unneeded forward declarations (git-fixes).

- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (git-fixes).

- usb: core: hcd: Add support for deferring roothub registration (git-fixes).

- usb: dwc2: Add missing cleanups when usb_add_gadget_udc() fails (git-fixes).

- usb: dwc2: Avoid leaving the error_debugfs label unused (git-fixes).

- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes).

- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (git-fixes).

- usb: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (git-fixes).

- usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes).

- usb: gadget: u_ether: fix a potential null pointer dereference (git-fixes).

- usb: host: fotg210: fix the actual_length of an iso packet (git-fixes).

- usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes).

- usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes).

- usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (git-fixes).

- usb: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (git-fixes).

- usb: serial: option: add device id for Foxconn T99W265 (git-fixes).

- usb: serial: option: add Telit LN920 compositions (git-fixes).

- usb: serial: option: remove duplicate USB device ID (git-fixes).

- usbip: give back URBs for unsent unlink requests during cleanup (git-fixes).

- usbip:vhci_hcd USB port can get stuck in the disabled state (git-fixes).

- video: fbdev: asiliantfb: Error out if 'pixclock' equals zero (git-fixes).

- video: fbdev: kyro: Error out if 'pixclock' equals zero (git-fixes).

- video: fbdev: kyro: fix a DoS bug by restricting user input (git-fixes).

- video: fbdev: riva: Error out if 'pixclock' equals zero (git-fixes).

- vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406).

- vmxnet3: add support for ESP IPv6 RSS (bsc#1190406).

- vmxnet3: increase maximum configurable mtu to 9190 (bsc#1190406).

- vmxnet3: prepare for version 6 changes (bsc#1190406).

- vmxnet3: remove power of 2 limitation on the queues (bsc#1190406).

- vmxnet3: set correct hash type based on rss information (bsc#1190406).

- vmxnet3: update to version 6 (bsc#1190406).

- watchdog/sb_watchdog: fix compilation problem due to COMPILE_TEST (git-fixes).

- x86/alternatives: Teach text_poke_bp() to emulate instructions (bsc#1185302).

- x86/alternatives: Teach text_poke_bp() to emulate instructions (bsc#1190561).

- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).

- x86/asm: Fix SETZ size enqcmds() build failure (bsc#1178134).

- x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289).

- x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (bsc#1152489).

- x86/resctrl: Fix a maybe-uninitialized build warning treated as error (bsc#1152489).

- x86/resctrl: Fix default monitoring groups reporting (bsc#1152489).

- xfs: allow mount/remount when stripe width alignment is zero (bsc#1188651).

- xfs: sync lazy sb accounting on quiesce of read-only mounts (bsc#1190679).

- xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' (git-fixes).

- xhci: Set HCD flag to defer primary roothub registration (git-fixes).

1191242

This update for xkeyboard-config fixes the following issue:

- Wrong keyboard mapping causing input delays with ABNT2 keyboards. (bsc#1191242)

1191019

This update for lvm2 fixes the following issues:

- Do not crash vgextend when extending VG with missing PV. (bsc#1191019)

1189441,1189841,1190598

This update for suse-module-tools fixes the following issues:

- Fixed an issue where the queuing of secure boot certificates did not happen (bsc#1189841, bsc#1190598)

- Fixed an issue where initrd was not always rebuilding after installing

any kernel-*-extra package (bsc#1189441)

1178236,1188921,CVE-2021-37600

This update for util-linux fixes the following issues:

- CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c. (bsc#1188921)

1184970,1186260,1187115,1187470,1187774,1190845

This update for dracut fixes the following issues:

- Fix usage information for -f parameter. (bsc#1187470)

- Fix obsolete reference to 96insmodpost in manpage. (bsc#1187774)

- Remove references to INITRD_MODULES. (bsc#1187115)

- Multipath FCoE configurations may not boot when using only one path. (bsc#1186260)

- Adjust path for SUSE: /var/lib/nfs/statd/sm to /var/lib/nfs/sm. (bsc#1184970)

- Systemd coredump unit files are missing in initrd. (1190845)

- Use $kernel rather than $(uname -r).

- Exclude modules that are built-in.

- Restore INITRD_MODULES in mkinitrd script.

- Call dracut_instmods with hostonly.

1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933

This update for yast2-network fixes the following issues:

- Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915).

- Fix the shown description using the interface friendly name when it is empty (bsc#1190933).

- Consider aliases sections as case insensitive (bsc#1190739).

- Display user defined device name in the devices overview (bnc#1190645).

- Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344).

- Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910).

- Fix desktop file so the control center tooltip is translated (bsc#1187270).

- Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016).

- Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512).

1191200,1191260,1191480,1191804,1191922

This update for suse-module-tools fixes the following issues:

Update to version 15.3.13:

- Fix bad exit status in openQA. (bsc#1191922)

- Ignore kernel keyring for kernel certificates. (bsc#1191480)

- Deal with existing certificates that should be de-enrolled. (bsc#1191804)

- Don't pass existing files to weak-modules2. (bsc#1191200)

- Skip certificate scriptlet on non-UEFI systems. (bsc#1191260)

1191339

This update for pmdk fixes the following issues:

- Fixed an issue when 'PMDK' causes data corruption on power failure. (bsc#1191339)

1191690

This update for apparmor fixes the following issues:

- Fixed an issue when apparmor provides python2 and python3 libraries with the same name. (bsc#1191690)

1189234,1189702,1189938,1190425,CVE-2021-3713,CVE-2021-3748

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2021-3713: Fix out-of-bounds write in UAS (USB Attached SCSI) device emulation (bsc#1189702)

- CVE-2021-3748: Fix heap use-after-free in virtio_net_receive_rcu (bsc#1189938)

Non-security issues fixed:

- Add transfer length item in block limits page of scsi vpd (bsc#1190425)

- Fix qemu crash while deleting xen-block (bsc#1189234)

1177902,1183247,1186398,1190420,1190493,1190693,1190695,1190917

This update for libvirt fixes the following issues:

- lxc: controller: Fix container launch on cgroup v1. (bsc#1183247)

- supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active.

- qemu: Do not report error in the logs when processing monitor IO. (bsc#1190917)

- spec: Fix an issue when package update hangs (bsc#1177902, bsc#1190693)

- spec: Don't add '--timeout' argument to '/etc/sysconfig/libvirtd' when running in traditional mode without socket activation. (bsc#1190695)

- libxl: Improve reporting of 'die_id' in capabilities. (bsc#1190493)

- libxl: Fix driver reload. (bsc#1190420)

- qemu: Set label on virtual host network device when hotplugging. (bsc#1186398)

- supportconfig: When checking for installed hypervisor drivers,

use the libvirtr-daemon-driver- package instead of

libvirt-daemon-. The latter are not required packages

for a functioning hypervisor driver.

1065729,1085030,1152472,1152489,1156395,1172073,1173604,1176447,1176774,1176914,1178134,1180100,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191867,1191934,1191958,1192040,1192041,1192074,1192107,1192145,CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

NOTE: This update was retracted due to a NFS regression.

The following security bugs were fixed:

- CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).

- CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563).

- CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on Power8 (bnc#1192107).

- CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958).

- CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067).

- CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).

- CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063).

- CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109).

- CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349).

- CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation Vulnerability (bsc#1191645).

- CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could have allowed local attackers to access the Aspeed LPC control interface to overwrite memory in the kernel and potentially execute privileges (bnc#1190479).

- CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (bnc#1191317).

- CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315).

The following non-security bugs were fixed:

- ACPI: NFIT: Use fallback node id when numa info in NFIT table is incorrect (git-fixes).

- ACPI: bgrt: Fix CFI violation (git-fixes).

- ACPI: fix NULL pointer dereference (git-fixes).

- ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254 (git-fixes).

- ALSA: hda/realtek - ALC236 headset MIC recording issue (git-fixes).

- ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes).

- ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes).

- ALSA: hda/realtek: Add quirk for TongFang PHxTxX1 (git-fixes).

- ALSA: hda/realtek: Complete partial device name to avoid ambiguity (git-fixes).

- ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop (git-fixes).

- ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s Gen2 (git-fixes).

- ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW (git-fixes).

- ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops (git-fixes).

- ALSA: hda: avoid write to STATESTS if controller is in reset (git-fixes).

- ALSA: hda: intel: Allow repeatedly probing on codec configuration errors (bsc#1190801).

- ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl (git-fixes).

- ALSA: seq: Fix a potential UAF by wrong private_free call order (git-fixes).

- ALSA: usb-audio: Add quirk for VF0770 (git-fixes).

- ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset (git-fixes).

- ASoC: DAPM: Fix missing kctl change notifications (git-fixes).

- ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (git-fixes).

- ASoC: Intel: Skylake: Fix passing loadable flag for module (git-fixes).

- ASoC: Intel: bytcr_rt5640: Move 'Platform Clock' routes to the maps for the matching in-/output (git-fixes).

- ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic (git-fixes).

- ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and SRAM types (git-fixes).

- ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and SRAM types (git-fixes).

- ASoC: SOF: loader: release_firmware() on load failure to avoid batching (git-fixes).

- ASoC: atmel: ATMEL drivers do not need HAS_DMA (git-fixes).

- ASoC: dapm: use component prefix when checking widget names (git-fixes).

- ASoC: fsl_spdif: register platform component before registering cpu dai (git-fixes).

- ASoC: wm8960: Fix clock configuration on slave mode (git-fixes).

- Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731).

- Configure mpi3mr as currently unsupported (jsc#SLE-18120)

- HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS (git-fixes).

- HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes).

- HID: u2fzero: ignore incomplete packets without data (git-fixes).

- HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes).

- HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs (git-fixes).

- ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241).

- IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241).

- Input: snvs_pwrkey - add clk handling (git-fixes).

- Input: xpad - add support for another USB ID of Nacon GC-100 (git-fixes).

- KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (bsc#1156395).

- KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state (bsc#1156395).

- KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines (jsc#SLE-12936 git-fixes).

- KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path (bsc#1065729).

- KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (bsc#1156395).

- KVM: PPC: Fix clearing never mapped TCEs in realmode (bsc#1156395).

- KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395).

- NFC: digital: fix possible memory leak in digital_in_send_sdd_req() (git-fixes).

- NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() (git-fixes).

- NFS: Do uncached readdir when we're seeking a cookie in an empty page cache (bsc#1191628).

- PCI: Fix pci_host_bridge struct device release/free handling (git-fixes).

- PM / devfreq: rk3399_dmc: Add missing of_node_put() (git-fixes).

- PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails (git-fixes).

- PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent (git-fixes).

- PM / devfreq: rk3399_dmc: Fix spelling typo (git-fixes).

- PM / devfreq: rk3399_dmc: Remove unneeded semicolon (git-fixes).

- RDMA/cma: Do not change route.addr.src_addr.ss_family (bsc#1181147).

- RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure (bsc#1181147).

- USB: cdc-acm: clean up probe error labels (git-fixes).

- USB: cdc-acm: fix minor-number release (git-fixes).

- USB: serial: option: add Quectel EC200S-CN module support (git-fixes).

- USB: serial: option: add Telit LE910Cx composition 0x1204 (git-fixes).

- USB: serial: option: add prod. id for Quectel EG91 (git-fixes).

- USB: serial: qcserial: add EM9191 QDL support (git-fixes).

- USB: xhci: dbc: fix tty registration race (git-fixes).

- acpi/arm64: fix next_platform_timer() section mismatch error (git-fixes).

- ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators() (git-fixes).

- ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (git-fixes).

- audit: fix possible null-pointer dereference in audit_filter_rules (git-fixes).

- bfq: Remove merged request already in bfq_requests_merged() (bsc#1191456).

- blk: Fix lock inversion between ioc lock and bfqd lock (bsc#1191456).

- blktrace: Fix uaf in blk_trace access after removing by sysfs (bsc#1191452).

- block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451).

- bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (jsc#SLE-16649).

- bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (git-fixes).

- bpf: Fix OOB read when printing XDP link fdinfo (git-fixes).

- bpf: Fix a typo of reuseport map in bpf.h (git-fixes).

- bpf: Fix up bpf_skb_adjust_room helper's skb csum setting (git-fixes).

- can: dev: can_restart: fix use after free bug (git-fixes).

- can: peak_pci: peak_pci_remove(): fix UAF (git-fixes).

- can: peak_usb: fix use after free bugs (git-fixes).

- can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification (git-fixes).

- can: rcar_can: fix suspend/resume (git-fixes).

- can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (git-fixes).

- can: xilinx_can: handle failure cases of pm_runtime_get_sync (git-fixes).

- cb710: avoid NULL pointer subtraction (git-fixes).

- ceph: fix handling of 'meta' errors (bsc#1192041).

- ceph: skip existing superblocks that are blocklisted or shut down when mounting (bsc#1192040).

- cfg80211: correct bridge/4addr mode check (git-fixes).

- cfg80211: fix management registrations locking (git-fixes).

- cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() (git-fixes).

- cpuidle: pseries: Mark pseries_idle_proble() as __init (jsc#SLE-13614 bsc#1176914 ltc#186394 git-fixes).

- drm/amd/display: Pass PCI deviceid into DC (git-fixes).

- drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (git-fixes).

- drm/amdgpu: fix gart.bo pin_count leak (git-fixes).

- drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read (git-fixes).

- drm/i915: Fix syncmap memory leak (bsc#1152489) Backporting notes: * context changes in intel_timeline_fini()

- drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() (git-fixes).

- drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling (git-fixes).

- drm/msm: Avoid potential overflow in timeout_to_jiffies() (git-fixes).

- drm/msm: Fix null pointer dereference on pointer edp (git-fixes).

- drm/nouveau/debugfs: fix file release memory leak (git-fixes).

- drm/nouveau/kms/nv50-: fix file release memory leak (git-fixes).

- drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (git-fixes).

- drm/nouveau: avoid a use-after-free when BO init fails (bsc#1152472)

- drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes).

- drm/panfrost: Make sure MMU context lifetime is not bound to (bsc#1152472)

- drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup (git-fixes).

- e1000e: Drop patch to avoid regressions until real fix is available (bsc#1191663).

- e1000e: Fix packet loss on Tiger Lake and later (git-fixes).

- e100: fix buffer overrun in e100_get_regs (git-fixes).

- e100: fix length calculation in e100_get_regs_len (git-fixes).

- e100: handle eeprom as little endian (git-fixes).

- ext4: fix reserved space counter leakage (bsc#1191450).

- ext4: report correct st_size for encrypted symlinks (bsc#1191449).

- fs, mm: fix race in unlinking swapfile (bsc#1191455).

- fscrypt: add fscrypt_symlink_getattr() for computing st_size (bsc#1191449).

- gpio: pca953x: Improve bias setting (git-fixes).

- hso: fix bailout in error case of probe (git-fixes).

- i2c: acpi: fix resource leak in reconfiguration device addition (git-fixes).

- ice: fix getting UDP tunnel entry (jsc#SLE-12878).

- iio: adc128s052: Fix the error handling path of 'adc128_probe()' (git-fixes).

- iio: adc: aspeed: set driver data when adc probe (git-fixes).

- iio: dac: ti-dac5571: fix an error code in probe() (git-fixes).

- iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes).

- iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes).

- iio: ssp_sensors: add more range checking in ssp_parse_dataframe() (git-fixes).

- iio: ssp_sensors: fix error code in ssp_print_mcu_debug() (git-fixes).

- ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241).

- isdn: cpai: check ctr->cnr to avoid array index out of bound (git-fixes).

- isdn: mISDN: Fix sleeping function called from invalid context (git-fixes).

- iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15 (git-fixes).

- ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup (git-fixes).

- kABI workaround for HD-audio probe retry changes (bsc#1190801).

- kABI workaround for cfg80211 mgmt_registration_lock changes (git-fixes).

- kabi: block: Fix kabi of blk_mq_sched_try_insert_merge() (bsc#1191456).

- kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167 bsc#1191240 ltc#194716).

- kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167).

- kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. Fixes: e98096d5cf85 ('rpm: Abolish scritplet templating (bsc#1189841).')

- kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229).

- lan78xx: select CRC32 (git-fixes).

- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD (git-fixes).

- mac80211: Drop frames from invalid MAC address in ad-hoc mode (git-fixes).

- mac80211: check return value of rhashtable_init (git-fixes).

- mei: me: add Ice Lake-N device id (git-fixes).

- mmc: dw_mmc: exynos: fix the finding clock sample value (git-fixes).

- mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk (git-fixes).

- mmc: vub300: fix control-message timeouts (git-fixes).

- net/mlx5: E-Switch, Fix double allocation of acl flow counter (jsc#SLE-15172).

- net/mlx5e: IPSEC RX, enable checksum complete (jsc#SLE-15172).

- net/mlx5e: RX, Avoid possible data corruption when relaxed ordering and LRO combined (jsc#SLE-15172).

- net/sched: ets: fix crash when flipping from 'strict' to 'quantum' (bsc#1176774).

- net: batman-adv: fix error handling (git-fixes).

- net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (git-fixes).

- net: cdc_eem: fix tx fixup skb leak (git-fixes).

- net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes).

- net: hns3: check queue id range before using (jsc#SLE-14777).

- net: hso: add failure handler for add_net_device (git-fixes).

- net: hso: fix NULL-deref on disconnect regression (git-fixes).

- net: hso: fix null-ptr-deref during tty device unregistration (git-fixes).

- net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241).

- net: lan78xx: fix division by zero in send path (git-fixes).

- net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191800).

- net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() (git-fixes).

- netfilter: Drop fragmented ndisc packets assembled in netfilter (git-fixes).

- netfilter: conntrack: collect all entries in one cycle (bsc#1173604).

- netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value (bsc#1176447).

- nfc: fix error handling of nfc_proto_register() (git-fixes).

- nfc: port100: fix using -ERRNO as command type mask (git-fixes).

- nvme-fc: avoid race between time out and tear down (bsc#1185762).

- nvme-fc: remove freeze/unfreeze around update_nr_hw_queues (bsc#1185762).

- nvme-fc: update hardware queues before using them (bsc#1185762).

- nvme-pci: Fix abort command id (git-fixes).

- nvme-pci: fix error unwind in nvme_map_data (bsc#1191934).

- nvme-pci: refactor nvme_unmap_data (bsc#1191934).

- nvme: add command id quirk for apple controllers (git-fixes).

- ocfs2: fix data corruption after conversion from inline format (bsc#1190795).

- pata_legacy: fix a couple uninitialized variable bugs (git-fixes).

- phy: mdio: fix memory leak (git-fixes).

- platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (git-fixes).

- platform/mellanox: mlxreg-io: Fix read access of n-bytes size attributes (git-fixes).

- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).

- platform/x86: intel_scu_ipc: Fix busy loop expiry time (git-fixes).

- powerpc/64s: Fix entry flush patching w/strict RWX & hash (jsc#SLE-13847 git-fixes).

- powerpc/64s: Fix stf mitigation patching w/strict RWX & hash (jsc#SLE-13847 git-fixes).

- powerpc/64s: Remove irq mask workaround in accumulate_stolen_time() (jsc#SLE-9246 git-fixes).

- powerpc/bpf: Fix BPF_MOD when imm == 1 (bsc#1065729).

- powerpc/bpf: Fix BPF_SUB when imm == 0x80000000 (bsc#1065729).

- powerpc/bpf: Use bctrl for making function calls (bsc#1065729).

- powerpc/lib/code-patching: Do not use struct 'ppc_inst' for runnable code in tests (jsc#SLE-13847 git-fixes).

- powerpc/lib/code-patching: Make instr_is_branch_to_addr() static (jsc#SLE-13847 git-fixes).

- powerpc/lib: Fix emulate_step() std test (bsc#1065729).

- powerpc/numa: Update cpu_cpu_map on CPU online/offline (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/pseries: Fix build error when NUMA=n (bsc#1190620 ltc#194498 git-fixes).

- powerpc/smp: Cache CPU to chip lookup (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Enable CACHE domain for shared processor (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Fix a crash while booting kvm guest with nr_cpus=2 (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Fold cpu_die() into its only caller (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Set numa node before updating mask (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/smp: Update cpu_core_map on all PowerPc systems (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- powerpc/uprobes: Validation for prefixed instruction (jsc#SLE-13847 git-fixes).

- powerpc/xive: Discard disabled interrupts in get_irqchip_state() (bsc#1085030 git-fixes).

- powerpc: Do not dereference code as 'struct ppc_inst' (uprobe, code-patching, feature-fixups) (jsc#SLE-13847 git-fixes).

- powerpc: Do not use 'struct ppc_inst' to reference instruction location (jsc#SLE-13847 git-fixes).

- powerpc: Move arch_cpu_idle_dead() into smp.c (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).

- pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init (git-fixes).

- ptp_pch: Load module automatically if ID matches (git-fixes).

- ptp_pch: Restore dependency on PCI (git-fixes).

- regmap: Fix possible double-free in regcache_rbtree_exit() (git-fixes).

- rpm: fix kmp install path

- rpm: use _rpmmacrodir (boo#1191384)

- scsi: ibmvfc: Fix up duplicate response detection (bsc#1191867 ltc#194757).

- scsi: iscsi: Fix deadlock on recovery path during GFP_IO reclaim (git-fixes).

- scsi: lpfc: Allow PLOGI retry if previous PLOGI was aborted (bsc#1192145).

- scsi: lpfc: Allow fabric node recovery if recovery is in progress before devloss (bsc#1192145).

- scsi: lpfc: Correct sysfs reporting of loop support after SFP status change (bsc#1192145).

- scsi: lpfc: Fix link down processing to address NULL pointer dereference (bsc#1192145).

- scsi: lpfc: Fix memory overwrite during FC-GS I/O abort handling (bsc#1191349).

- scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine (bsc#1192145).

- scsi: lpfc: Revert LOG_TRACE_EVENT back to LOG_INIT prior to driver_resource_setup() (bsc#1192145).

- scsi: lpfc: Update lpfc version to 14.0.0.3 (bsc#1192145).

- scsi: lpfc: Wait for successful restart of SLI3 adapter during host sg_reset (bsc#1192145).

- scsi: mpi3mr: Add EEDP DIF DIX support (jsc#SLE-18120).

- scsi: mpi3mr: Add bios_param SCSI host template hook (jsc#SLE-18120).

- scsi: mpi3mr: Add change queue depth support (jsc#SLE-18120).

- scsi: mpi3mr: Add event handling debug prints (jsc#SLE-18120).

- scsi: mpi3mr: Add mpi30 Rev-R headers and Kconfig (jsc#SLE-18120).

- scsi: mpi3mr: Add support for DSN secure firmware check (jsc#SLE-18120).

- scsi: mpi3mr: Add support for PCIe device event handling (jsc#SLE-18120).

- scsi: mpi3mr: Add support for PM suspend and resume (jsc#SLE-18120).

- scsi: mpi3mr: Add support for device add/remove event handling (jsc#SLE-18120).

- scsi: mpi3mr: Add support for internal watchdog thread (jsc#SLE-18120).

- scsi: mpi3mr: Add support for queue command processing (jsc#SLE-18120).

- scsi: mpi3mr: Add support for recovering controller (jsc#SLE-18120).

- scsi: mpi3mr: Add support for threaded ISR (jsc#SLE-18120).

- scsi: mpi3mr: Add support for timestamp sync with firmware (jsc#SLE-18120).

- scsi: mpi3mr: Additional event handling (jsc#SLE-18120).

- scsi: mpi3mr: Allow certain commands during pci-remove hook (jsc#SLE-18120).

- scsi: mpi3mr: Base driver code (jsc#SLE-18120).

- scsi: mpi3mr: Complete support for soft reset (jsc#SLE-18120).

- scsi: mpi3mr: Create operational request and reply queue pair (jsc#SLE-18120).

- scsi: mpi3mr: Fix error handling in mpi3mr_setup_isr() (git-fixes).

- scsi: mpi3mr: Fix missing unlock on error (git-fixes).

- scsi: mpi3mr: Hardware workaround for UNMAP commands to NVMe drives (jsc#SLE-18120).

- scsi: mpi3mr: Implement SCSI error handler hooks (jsc#SLE-18120).

- scsi: mpi3mr: Print IOC info for debugging (jsc#SLE-18120).

- scsi: mpi3mr: Print pending host I/Os for debugging (jsc#SLE-18120).

- scsi: mpi3mr: Set up IRQs in resume path (jsc#SLE-18120).

- scsi: mpi3mr: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (jsc#SLE-18120).

- scsi: mpi3mr: Use the proper SCSI midlayer interfaces for PI (jsc#SLE-18120).

- scsi: mpi3mr: Wait for pending I/O completions upon detection of VD I/O timeout (jsc#SLE-18120).

- scsi: qla2xxx: Add debug print of 64G link speed (bsc#1190941).

- scsi: qla2xxx: Add host attribute to trigger MPI hang (bsc#1190941).

- scsi: qla2xxx: Add support for mailbox passthru (bsc#1190941).

- scsi: qla2xxx: Adjust request/response queue size for 28xx (bsc#1190941).

- scsi: qla2xxx: Call process_response_queue() in Tx path (bsc#1190941).

- scsi: qla2xxx: Changes to support FCP2 Target (bsc#1190941).

- scsi: qla2xxx: Changes to support kdump kernel (bsc#1190941).

- scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS (bsc#1190941).

- scsi: qla2xxx: Check for firmware capability before creating QPair (bsc#1190941).

- scsi: qla2xxx: Display 16G only as supported speeds for 3830c card (bsc#1190941).

- scsi: qla2xxx: Do not call fc_block_scsi_eh() during bus reset (bsc#1190941).

- scsi: qla2xxx: Fix NPIV create erroneous error (bsc#1190941).

- scsi: qla2xxx: Fix NVMe retry (bsc#1190941).

- scsi: qla2xxx: Fix NVMe session down detection (bsc#1190941).

- scsi: qla2xxx: Fix NVMe | FCP personality change (bsc#1190941).

- scsi: qla2xxx: Fix crash in NVMe abort path (bsc#1190941).

- scsi: qla2xxx: Fix excessive messages during device logout (bsc#1190941).

- scsi: qla2xxx: Fix hang during NVMe session tear down (bsc#1190941).

- scsi: qla2xxx: Fix hang on NVMe command timeouts (bsc#1190941).

- scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file (bsc#1190941).

- scsi: qla2xxx: Fix port type info (bsc#1190941).

- scsi: qla2xxx: Fix unsafe removal from linked list (bsc#1190941).

- scsi: qla2xxx: Fix use after free in eh_abort path (bsc#1190941).

- scsi: qla2xxx: Move heartbeat handling from DPC thread to workqueue (bsc#1190941).

- scsi: qla2xxx: Open-code qla2xxx_eh_device_reset() (bsc#1190941).

- scsi: qla2xxx: Open-code qla2xxx_eh_target_reset() (bsc#1190941).

- scsi: qla2xxx: Remove redundant initialization of pointer req (bsc#1190941).

- scsi: qla2xxx: Restore initiator in dual mode (bsc#1190941).

- scsi: qla2xxx: Show OS name and version in FDMI-1 (bsc#1190941).

- scsi: qla2xxx: Suppress unnecessary log messages during login (bsc#1190941).

- scsi: qla2xxx: Sync queue idx with queue_pair_map idx (bsc#1190941).

- scsi: qla2xxx: Update version to 10.02.06.100-k (bsc#1190941).

- scsi: qla2xxx: Update version to 10.02.06.200-k (bsc#1190941).

- scsi: qla2xxx: Update version to 10.02.07.100-k (bsc#1190941).

- scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190941).

- scsi: qla2xxx: edif: Add N2N support for EDIF (bsc#1190941).

- scsi: qla2xxx: edif: Do secure PLOGI when auth app is present (bsc#1190941).

- scsi: qla2xxx: edif: Fix EDIF enable flag (bsc#1190941).

- scsi: qla2xxx: edif: Fix returnvar.cocci warnings (bsc#1190941).

- scsi: qla2xxx: edif: Fix stale session (bsc#1190941).

- scsi: qla2xxx: edif: Reject AUTH ELS on session down (bsc#1190941).

- scsi: qla2xxx: edif: Use link event to wake up app (bsc#1190941).

- scsi: target: Fix the pgr/alua_support_store functions (git-fixes).

- sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351).

- soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment (git-fixes).

- spi: spi-nxp-fspi: do not depend on a specific node name erratum workaround (git-fixes).

- tpm: ibmvtpm: Avoid error message when process gets signal while waiting (bsc#1065729).

- usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle (git-fixes).

- usb: hso: fix error handling code of hso_create_net_device (git-fixes).

- usb: hso: remove the bailout parameter (git-fixes).

- usb: musb: dsps: Fix the probe error path (git-fixes).

- video: fbdev: gbefb: Only instantiate device when built for IP32 (git-fixes).

- virtio: write back F_VERSION_1 before validate (git-fixes).

- watchdog: orion: use 0 for unset heartbeat (git-fixes).

- x86/pat: Pass valid address to sanitize_phys() (bsc#1152489).

- x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails (bsc#1152489).

- x86/sev: Return an error on a returned non-zero SW_EXITINFO1[31:0] (bsc#1178134).

- xen: fix setting of max_pfn in shared_info (git-fixes).

- xen: reset legacy rtc flag for PV domU (git-fixes).

- xfs: Fixed non-directory creation in SGID directories introduced by CVE-2018-13405 patch (bsc#1190006).

- xfs: ensure that the inode uid/gid match values match the icdinode ones (bsc#1190006).

- xfs: fix I_DONTCACHE (bsc#1192074).

- xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes (bsc#1190642).

- xfs: merge the projid fields in struct xfs_icdinode (bsc#1190006).

- xfs: remove the icdinode di_uid/di_gid members (bsc#1190006).

- xhci: Enable trust tx length quirk for Fresco FL11 USB controller (git-fixes).

- xhci: Fix command ring pointer corruption while aborting a command (git-fixes).

- xhci: guard accesses to ep_state in xhci_endpoint_reset() (git-fixes).

1191804

This update for suse-module-tools fixes the following issues:

- Update to version 15.3.14:

* more fixes for updates under secure boot

* cert-script: Deal with existing $cert.delete file (bsc#1191804).

1065729,1085030,1089118,1094840,1133021,1152472,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176447,1176774,1176914,1176940,1178134,1180100,1180749,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1188601,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191851,1191867,1191934,1191958,1191980,1192040,1192041,1192074,1192107,1192145,1192229,1192267,1192288,1192549,CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-37159,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056,CVE-2021-43389