Package "linux-hwe-6.8"

 linux-hwe-6.8 (6.8.0-40.40~22.04.2) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.8: 6.8.0-40.40~22.04.2 -proposed tracker (LP: #2073455)
 .
   * net/sched: Fix conntrack use-after-free (LP: #2073092)
     - net/sched: Fix UAF when resolving a clash
 .

 linux-hwe-6.8 (6.8.0-40.40~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.8: 6.8.0-40.40~22.04.1 -proposed tracker (LP: #2072200)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] Include parent config for HWE-6.5
     - [Packaging] update variants
 .
   [ Ubuntu: 6.8.0-40.40 ]
 .
   * noble/linux: 6.8.0-40.40 -proposed tracker (LP: #2072201)
   * FPS of glxgear with fullscreen is too low on MTL platform (LP: #2069380)
     - drm/i915: Bypass LMEMBAR/GTTMMADR for MTL stolen memory access
   * a critical typo in the code managing the ASPM settings for PCI Express
     devices (LP: #2071889)
     - PCI/ASPM: Restore parent state to parent, child state to child
   * [UBUNTU 24.04] IOMMU DMA mode changed in kernel config causes massive
     throughput degradation for PCI-related network workloads (LP: #2071471)
     - [Config] Set IOMMU_DEFAULT_DMA_STRICT=n and IOMMU_DEFAULT_DMA_LAZY=yes for
       s390x
   * UBSAN: array-index-out-of-bounds in
     /build/linux-D15vQj/linux-6.5.0/drivers/md/bcache/bset.c:1098:3
     (LP: #2039368)
     - bcache: fix variable length array abuse in btree_iter
   * Mute/mic LEDs and speaker no function on EliteBook 645/665 G11
     (LP: #2071296)
     - ALSA: hda/realtek: fix mute/micmute LEDs don't work for EliteBook 645/665
       G11.
   * failed to enable IPU6 camera sensor on kernel >= 6.8: ivsc_ace
     intel_vsc-5db76cf6-0a68-4ed6-9b78-0361635e2447: switch camera to host
     failed: -110 (LP: #2067364)
     - mei: vsc: Don't stop/restart mei device during system suspend/resume
     - SAUCE: media: ivsc: csi: don't count privacy on as error
     - SAUCE: media: ivsc: csi: add separate lock for v4l2 control handler
     - SAUCE: media: ivsc: csi: remove privacy status in struct mei_csi
     - SAUCE: mei: vsc: Enhance IVSC chipset stability during warm reboot
     - SAUCE: mei: vsc: Enhance SPI transfer of IVSC rom
     - SAUCE: mei: vsc: Utilize the appropriate byte order swap function
     - SAUCE: mei: vsc: Prevent timeout error with added delay post-firmware
       download
   * failed to probe camera sensor on Dell XPS 9315: ov01a10 i2c-OVTI01A0:00:
     failed to check hwcfg: -22 (LP: #2070251)
     - ACPI: utils: Make acpi_handle_path() not static
     - ACPI: property: Ignore bad graph port nodes on Dell XPS 9315
     - ACPI: property: Polish ignoring bad data nodes
     - ACPI: scan: Ignore camera graph port nodes on all Dell Tiger, Alder and
       Raptor Lake models
   * Update amd_sfh for AMD strix series (LP: #2058331)
     - HID: amd_sfh: Increase sensor command timeout
     - HID: amd_sfh: Improve boot time when SFH is available
     - HID: amd_sfh: Extend MP2 register access to SFH
     - HID: amd_sfh: Set the AMD SFH driver to depend on x86
   * RFIM and SAGV Linux Support for G10 models (LP: #2070158)
     - drm/i915/display: Add meaningful traces for QGV point info error handling
     - drm/i915/display: Extract code required to calculate max qgv/psf gv point
     - drm/i915/display: extract code to prepare qgv points mask
     - drm/i915/display: Disable SAGV on bw init, to force QGV point recalculation
     - drm/i915/display: handle systems with duplicate psf gv points
     - drm/i915/display: force qgv check after the hw state readout
   * Update amd-pmf for AMD strix series (LP: #2058330)
     - platform/x86/amd/pmf: Differentiate PMF ACPI versions
     - platform/x86/amd/pmf: Disable debugfs support for querying power thermals
     - platform/x86/amd/pmf: Add support to get sbios requests in PMF driver
     - platform/x86/amd/pmf: Add support to notify sbios heart beat event
     - platform/x86/amd/pmf: Add support to get APTS index numbers for static
       slider
     - platform/x86/amd/pmf: Add support to get sps default APTS index values
     - platform/x86/amd/pmf: Update sps power thermals according to the platform-
       profiles
   * noble:linux: ADT ubuntu-regression-suite misses fakeroot dependency
     (LP: #2070042)
     - [DEP-8] Add missing fakeroot dependency
   * Noble update: v6.8.12 upstream stable release (LP: #2071621)
     - sunrpc: use the struct net as the svc proc private
     - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
     - selftests/ftrace: Fix BTFARG testcase to check fprobe is enabled correctly
     - ftrace: Fix possible use-after-free issue in ftrace_location()
     - Revert "arm64: fpsimd: Implement lazy restore for kernel mode FPSIMD"
     - arm64/fpsimd: Avoid erroneous elide of user state reload
     - Reapply "arm64: fpsimd: Implement lazy restore for kernel mode FPSIMD"
     - tty: n_gsm: fix missing receive state reset after mode switch
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
     - serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
     - serial: 8250_bcm7271: use default_mux_rate if possible
     - serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup
     - Input: try trimming too long modalias strings
     - io_uring: fail NOP if non-zero op flags is passed in
     - Revert "r8169: don't try to disable interrupts if NAPI is, scheduled
       already"
     - r8169: Fix possible ring buffer corruption on fragmented Tx packets.
     - ring-buffer: Fix a race between readers and resize checks
     - net: mana: Fix the extra HZ in mana_hwc_send_request
     - tools/latency-collector: Fix -Wformat-security compile warns
     - tools/nolibc/stdlib: fix memory error in realloc()
     - net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()
     - net: lan966x: remove debugfs directory in probe() error path
     - net: smc91x: Fix m68k kernel compilation for ColdFire CPU
     - nilfs2: fix use-after-free of timer for log writer thread
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer()
     - fs/ntfs3: Remove max link count info display during driver init
     - fs/ntfs3: Taking DOS names into account during link counting
     -

 linux-hwe-6.8 (6.8.0-38.38~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.8: 6.8.0-38.38~22.04.1 -proposed tracker (LP: #2068734)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] debian.hwe-6.8/dkms-versions -- update from kernel-versions
       (main/2024.06.10)
 .
   * Noble update: v6.8.7 upstream stable release (LP: #2065912)
     - [Config] hwe-6.8: Change BHI mitigation to always enabled
 .
   [ Ubuntu: 6.8.0-38.38 ]
 .
   * noble/linux: 6.8.0-38.38 -proposed tracker (LP: #2068318)
   * race_sched in ubuntu_stress_smoke_test will cause kernel panic on 6.8 with
     Azure Standard_A2_v2 instance (LP: #2068024)
     - sched/eevdf: Prevent vlag from going out of bounds in reweight_eevdf()
   * Noble: btrfs: re-introduce 'norecovery' mount option (LP: #2068591)
     - btrfs: re-introduce 'norecovery' mount option
   * Fix system hang while entering suspend with AMD Navi3x graphics
     (LP: #2063417)
     - drm/amdgpu/mes: fix use-after-free issue
   * Noble update: v6.8.8 upstream stable release (LP: #2068087)
     - io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64()
       failure
     - drm/i915/cdclk: Fix voltage_level programming edge case
     - Revert "vmgenid: emit uevent when VMGENID updates"
     - SUNRPC: Fix rpcgss_context trace event acceptor field
     - selftests/ftrace: Limit length in subsystem-enable tests
     - random: handle creditable entropy from atomic process context
     - scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING
     - net: usb: ax88179_178a: avoid writing the mac address before first reading
     - btrfs: do not wait for short bulk allocation
     - btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer
     - r8169: fix LED-related deadlock on module removal
     - r8169: add missing conditional compiling for call to r8169_remove_leds
     - scsi: ufs: qcom: Add missing interconnect bandwidth values for Gear 5
     - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
     - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()
     - netfilter: br_netfilter: skip conntrack input hook for promisc packets
     - netfilter: nft_set_pipapo: constify lookup fn args where possible
     - netfilter: nft_set_pipapo: walk over current view on netlink dump
     - netfilter: flowtable: validate pppoe header
     - netfilter: flowtable: incorrect pppoe tuple
     - af_unix: Call manage_oob() for every skb in unix_stream_read_generic().
     - af_unix: Don't peek OOB data without MSG_OOB.
     - net: sparx5: flower: fix fragment flags handling
     - net/mlx5: Lag, restore buckets number to default after hash LAG deactivation
     - net/mlx5: Restore mistakenly dropped parts in register devlink flow
     - net/mlx5e: Prevent deadlock while disabling aRFS
     - net: change maximum number of UDP segments to 128
     - octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation
     - selftests/tcp_ao: Make RST tests less flaky
     - selftests/tcp_ao: Zero-init tcp_ao_info_opt
     - selftests/tcp_ao: Fix fscanf() call for format-security
     - selftests/tcp_ao: Printing fixes to confirm with format-security
     - net: stmmac: Apply half-duplex-less constraint for DW QoS Eth only
     - net: stmmac: Fix max-speed being ignored on queue re-init
     - net: stmmac: Fix IP-cores specific MAC capabilities
     - ice: tc: check src_vsi in case of traffic from VF
     - ice: tc: allow zero flags in parsing tc flower
     - ice: Fix checking for unsupported keys on non-tunnel device
     - tun: limit printing rate when illegal packet received by tun dev
     - net: dsa: mt7530: fix mirroring frames received on local port
     - net: dsa: mt7530: fix port mirroring for MT7988 SoC switch
     - s390/ism: Properly fix receive message buffer allocation
     - netfilter: nf_tables: missing iterator type in lookup walk
     - netfilter: nf_tables: restore set elements when delete set fails
     - gpiolib: swnode: Remove wrong header inclusion
     - netfilter: nf_tables: fix memleak in map from abort path
     - net/sched: Fix mirred deadlock on device recursion
     - net: ethernet: mtk_eth_soc: fix WED + wifi reset
     - ravb: Group descriptor types used in Rx ring
     - net: ravb: Count packets instead of descriptors in R-Car RX path
     - net: ravb: Allow RX loop to move past DMA mapping errors
     - net: ethernet: ti: am65-cpsw-nuss: cleanup DMA Channels before using them
     - NFSD: fix endianness issue in nfsd4_encode_fattr4
     - RDMA/rxe: Fix the problem "mutex_destroy missing"
     - RDMA/cm: Print the old state when cm_destroy_id gets timeout
     - RDMA/mlx5: Fix port number for counter query in multi-port configuration
     - perf annotate: Make sure to call symbol__annotate2() in TUI
     - perf lock contention: Add a missing NULL check
     - s390/qdio: handle deferred cc1
     - s390/cio: fix race condition during online processing
     - iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest
     - iommufd: Add config needed for iommufd_fail_nth
     - drm: nv04: Fix out of bounds access
     - drm/v3d: Don't increment `enabled_ns` twice
     - userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE
     - thunderbolt: Introduce tb_port_reset()
     - thunderbolt: Introduce tb_path_deactivate_hop()
     - thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4
       routers
     - thunderbolt: Reset topology created by the boot firmware
     - drm/panel: visionox-rm69299: don't unregister DSI device
     - drm/radeon: make -fstrict-flex-arrays=3 happy
     - ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4
     - thermal/debugfs: Add missing count increment to thermal_debug_tz_trip_up()
     - platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes
     - interconnect: qcom: x1e80100: Remove inexistent ACV_PERF BCM
     - interconnect: Don't access req_list while it's being manipulated
     - clk: Remove prepare_lo

 linux-hwe-6.8 (6.8.0-35.35~22.04.1) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.8: 6.8.0-35.35~22.04.1 -proposed tracker (LP: #2068593)
 .
   * Miscellaneous Ubuntu changes
     - [Packaging] hwe-6.8: disable rtla in hwe kernels
 .
   [ Ubuntu: 6.8.0-35.35 ]
 .
   * noble/linux: 6.8.0-35.35 -proposed tracker (LP: #2065886)
   * CVE-2024-21823
     - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist
     - dmaengine: idxd: add a new security check to deal with a hardware erratum
     - dmaengine: idxd: add a write() method for applications to submit work

 linux-hwe-6.8 (6.8.0-32.32~22.04.3) jammy; urgency=medium
 .
   * jammy/linux-hwe-6.8: 6.8.0-32.32~22.04.3 -proposed tracker (LP: #2067299)