Package "linux-aws-5.15"

 linux-aws-5.15 (5.15.0-1047.52~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1047.52~20.04.1 -proposed tracker
     (LP: #2036532)
 .
   [ Ubuntu: 5.15.0-1047.52 ]
 .
   * jammy/linux-aws: 5.15.0-1047.52 -proposed tracker (LP: #2036533)
   * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
   * 5.15.0-85 live migration regression (LP: #2036675)
     - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
     - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
   * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
     - selftests/bpf: fix static assert compilation issue for test_cls_*.c
   * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
     (LP: #2034447)
     - crypto: rsa-pkcs1pad - Use helper to set reqsize
 .

 linux-aws-5.15 (5.15.0-1046.51~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1046.51~20.04.1 -proposed tracker
     (LP: #2033781)
 .
   [ Ubuntu: 5.15.0-1046.51 ]
 .
   * jammy/linux-aws: 5.15.0-1046.51 -proposed tracker (LP: #2033782)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * Request backport of xen timekeeping performance improvements (LP: #2033122)
     - x86/xen/time: prefer tsc as clocksource when it is invariant
   * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
     ARM64 (LP: #2033007)
     - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
     - kexec, KEYS: make the code in bzImage64_verify_sig generic
     - arm64: kexec_file: use more system keyrings to verify kernel image signature
   * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
     jammy/fips (LP: #2019880)
     - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
   * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
     (LP: #2019868)
     - selftests/harness: allow tests to be skipped during setup
     - selftests: net: tls: check if FIPS mode is enabled
   * A general-proteciton exception during guest migration to unsupported PKRU
     machine (LP: #2032164)
     - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
     - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
   * CVE-2023-4569
     - netfilter: nf_tables: deactivate catchall elements in next generation
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - x86: fix backwards merge of GDS/SRSO bit
     - x86/srso: Fix build breakage with the LLVM linker
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - x86/alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - x86/ibt: Add ANNOTATE_NOENDBR
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - x86/static_call: Fix __static_call_fixup()
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/srso: Correct the mitigation status when SMT is disabled
     - objtool/x86: Fix SRSO mess
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122)
     - e1000e: Use PME poll to circumvent unreliable ACPI wake
   * Need to get fine-grained control for FAN(TFN) Participant. (LP: #2031333)
     - ACPI: fan: Separate file for attributes creation
     - ACPI: fan: Optimize struct acpi_fan_fif
     - ACPI: fan: Properly handle fine grain control
     - ACPI: fan: Add additional attributes for fine grain control
   * [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in
     cpuinfo_min_freq and cpuino_max_freq sysfs files. (LP: #2030924)
     - cpufreq: intel_pstate: Fix scaling for hybrid-capable
   * CVE-2023-40283
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   * CVE-2023-20588
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/CPU/AMD: Do not leak quotient data after a division by 0
     - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
   * CVE-2023-4194
     - net: tun_chr_open(): set sk_uid from current_fsuid()
     - net: tap_open(): set sk_uid from current_fsuid()
   * CVE-2023-4155
     - KVM: SEV: Refactor out sev_es_state struct
     - KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary
     - KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
     - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
     - KVM: SEV: snapshot the GHCB before accessing it
     - KVM: SEV: only access GHCB fields once
   * CVE-2023-1206
     - tcp: Reduce chance of collisions in inet6_hashfn().
   * Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel
     5.19.0-46.47-22.04.1 (LP: #2032176)
     - Revert "KVM: x86: enable TDP MMU by default"
   * Jammy update: v5.15.122 upstream stable release (LP: #2032690)
     - Linux 5.15.122
     - Upstream stable to v5.15.122
   * Jammy update: v5.15.121 upstream stable release (LP: #2032689)
     - netfilter: nf_tables: drop map element references from preparation phase
     - fs: pipe: reveal missing function protoypes
     - x86/resctrl: Only show tasks' pid in current pid namespace
     - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
     - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
     - md/raid10: fix overflow of md/safe_mode_delay
     - md/raid10: fix wrong setting of max_corr_read_errors
     - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
     - md/raid10: fix io loss while replacement replace rdev
     - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
     - svcrdma: Prevent page release when nothing was received
     - posix-timers: Prevent RT livelock in itimer_delete()
     - tracing/timer: Add missing hrti

 linux-aws-5.15 (5.15.0-1044.49~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1044.49~20.04.1 -proposed tracker
     (LP: #2030382)
 .
   [ Ubuntu: 5.15.0-1044.49 ]
 .
   * jammy/linux-aws: 5.15.0-1044.49 -proposed tracker (LP: #2030383)
   * Packaging resync (LP: #1786013)
     - debian/dkms-versions -- update from kernel-versions (main/s2023.07.10)
   * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
 .

 linux-aws-5.15 (5.15.0-1041.46~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1041.46~20.04.1 -proposed tracker
     (LP: #2026490)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
 .
   [ Ubuntu: 5.15.0-1041.46 ]
 .
   * jammy/linux-aws: 5.15.0-1041.46 -proposed tracker (LP: #2026491)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
   * jammy/linux: 5.15.0-79.86 -proposed tracker (LP: #2026531)
   * Jammy update: v5.15.111 upstream stable release (LP: #2025095)
     - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
     - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
     - x86/hyperv: Block root partition functionality in a Confidential VM
     - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
     - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
     - selftests mount: Fix mount_setattr_test builds failed
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - x86/cpu: Add model number for Intel Arrow Lake processor
     - wireguard: timers: cast enum limits members to int in prints
     - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
     - arm64: Always load shadow stack pointer directly from the task struct
     - arm64: Stash shadow stack pointer in the task struct on interrupt
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - IMA: allow/fix UML builds
     - USB: dwc3: fix runtime pm imbalance on probe errors
     - USB: dwc3: fix runtime pm imbalance on unbind
     - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - staging: iio: resolver: ads1210: fix config mode
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - MIPS: fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - wifi: mt76: add missing locking to protect against concurrent rx/status
       calls
     - pwm: meson: Fix axg ao mux parents
     - pwm: meson: Fix g12a ao clk81 name
     - soundwire: qcom: correct setting ignore bit on v1.5.1
     - pinctrl: qcom: lpass-lpi: set output value before enabling output
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-
       ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - ksmbd: call rcu_barrier() in ksmbd_server_exit()
     - ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
     - ksmbd: fix memleak in session setup
     - i2c: omap: Fix standard mode false ACK readings
     - riscv: mm: remove redundant parameter of create_fdt_early_page_table
     - tracing: Fix permissions for the buffer_percent file
     - iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - xfs: don't consider future format versions valid
     - sound/oss/dmasound: fix build when drivers are mixed =y/=m
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
     - selftests/resctrl: Extend CPU vendor detection
     - selftests/resctrl: Move ->setup() call outside of test specific branches
     - selftests/resctrl: Allow ->setup() to return errors
     - selftests/resctrl: Check for return value after write_schemata()
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007
     - soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
     - arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
     - arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
     - drm/msm/disp/dpu: check for crtc enable rather than crtc active to release
       shared resources
     - EDAC/skx: Fix overflows on the DRAM row address mapping arrays

 linux-aws-5.15 (5.15.0-1038.43~20.04.1) focal; urgency=medium
 .
   * focal/linux-aws-5.15: 5.15.0-1038.43~20.04.1 -proposed tracker
     (LP: #2019380)
 .
   * Use new annotations model (LP: #2019000)
     - [Config] aws-5.15: migrate all configs into annotations
 .
   [ Ubuntu: 5.15.0-1038.43 ]
 .
   * jammy/linux-aws: 5.15.0-1038.42 -proposed tracker (LP: #2019381)
   * Use new annotations model (LP: #2019000)
     - [Config] aws: migrate all configs into annotations
 .
   [ Ubuntu: 5.15.0-1038.42 ]
 .
   * jammy/linux-aws: 5.15.0-1038.42 -proposed tracker (LP: #2019381)
   * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
     - [Config] aws: Drop MICROCODE_OLD_INTERFACE
   * support python < 3.9 with annotations (LP: #2020531)
     - [Packaging] kconfig/annotations.py: support older way of merging dicts
   * fix typo in config-checks invocation (LP: #2020413)
     - [Packaging] fix typo in 4-checks.mk
     - [Packaging] fix typo when calling the old config-check
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
     - [Packaging] resync getabis
   * jammy/linux: 5.15.0-74.81 -proposed tracker (LP: #2019420)
   * smartpqi: Update 22.04 driver to include recent bug fixes and support
     current generation devices (LP: #1998643)
     - scsi: smartpqi: Switch to attribute groups
     - scsi: smartpqi: Fix rmmod stack trace
     - scsi: smartpqi: Add PCI IDs
     - scsi: smartpqi: Enable SATA NCQ priority in sysfs
     - scsi: smartpqi: Eliminate drive spin down on warm boot
     - scsi: smartpqi: Quickly propagate path failures to SCSI midlayer
     - scsi: smartpqi: Fix a name typo and cleanup code
     - scsi: smartpqi: Fix a typo in func pqi_aio_submit_io()
     - scsi: smartpqi: Resolve delay issue with PQI_HZ value
     - scsi: smartpqi: Avoid drive spin-down during suspend
     - scsi: smartpqi: Update volume size after expansion
     - scsi: smartpqi: Speed up RAID 10 sequential reads
     - scsi: smartpqi: Expose SAS address for SATA drives
     - scsi: smartpqi: Fix NUMA node not updated during init
     - scsi: smartpqi: Fix BUILD_BUG_ON() statements
     - scsi: smartpqi: Fix hibernate and suspend
     - scsi: smartpqi: Fix lsscsi -t SAS addresses
     - scsi: smartpqi: Update version to 2.1.14-035
     - scsi: smartpqi: Fix unused variable pqi_pm_ops for clang
     - scsi: smartpqi: Stop using the SCSI pointer
     - scsi: smartpqi: Fix typo in comment
     - scsi: smartpqi: Shorten drive visibility after removal
     - scsi: smartpqi: Add controller fw version to console log
     - scsi: smartpqi: Add PCI IDs for ramaxel controllers
     - scsi: smartpqi: Close write read holes
     - scsi: smartpqi: Add driver support for multi-LUN devices
     - scsi: smartpqi: Fix PCI control linkdown system hang
     - scsi: smartpqi: Add PCI ID for Adaptec SmartHBA 2100-8i
     - scsi: smartpqi: Add PCI IDs for Lenovo controllers
     - scsi: smartpqi: Stop logging spurious PQI reset failures
     - scsi: smartpqi: Fix RAID map race condition
     - scsi: smartpqi: Add module param to disable managed ints
     - scsi: smartpqi: Update deleting a LUN via sysfs
     - scsi: smartpqi: Add ctrl ready timeout module parameter
     - scsi: smartpqi: Update copyright to current year
     - scsi: smartpqi: Update version to 2.1.18-045
     - scsi: smartpqi: Convert to host_tagset
     - scsi: smartpqi: Add new controller PCI IDs
     - scsi: smartpqi: Correct max LUN number
     - scsi: smartpqi: Change sysfs raid_level attribute to N/A for controllers
     - scsi: smartpqi: Correct device removal for multi-actuator devices
     - scsi: smartpqi: Add controller cache flush during rmmod
     - scsi: smartpqi: Initialize feature section info
     - scsi: smartpqi: Change version to 2.1.20-035
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * Add PPIN support for Intel EMR cpu (LP: #2019131)
     - x86/cpu: Merge Intel and AMD ppin_init() functions
     - x86/cpu: Add Xeon Emerald Rapids to list of CPUs that support PPIN
   * conntrack mark is not advertised via netlink (LP: #2016269)
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
   * [SRU] Backport request for hpwdt from upstream 6.1 to Jammy (LP: #2008751)
     - watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems.
     - watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
     - [Config] Add arm64 option to CONFIG_HP_WATCHDOG
   * Ubuntu 22.04 raise abnormal NIC MSI-X requests with larger CPU cores (256)
     (LP: #2012335)
     - ice: Allow operation with reduced device MSI-X
   * Dell: Enable speaker mute hotkey LED indicator (LP: #2015972)
     - platform/x86: dell-laptop: Register ctl-led for speaker-mute
   * [SRU]With "Performance per Watt (DAPC)" enabled in the BIOS, Bootup time is
     taking longer than expected (LP: #2008527)
     - cpufreq: ACPI: Defer setting boost MSRs
   * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
     - [Config] arm64: Enable PCI_MESON module
   * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers
     - powerpc/mm: Rearrange if-else block to avoid clang warning
     - ARM: OMAP2+: Fix memory leak in realtime_counter_init()
     - arm64: dts: qcom: qcs404: use symbol names for PCIe resets
     - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
     - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
     - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
     - arm64: dts: imx8m: Align SoC u