Package "linux-azure-5.8"

  linux-azure-5.8 (5.8.0-1034.36~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.8: 5.8.0-1034.36~20.04.1 -proposed tracker
    (LP: #1930040)

  * linux-azure: Add Mana network driver (LP: #1928788)
    - [Config] azure-5.8: CONFIG_MICROSOFT_MANA=m

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 5.8.0-1034.36 ]

  * groovy/linux-azure: 5.8.0-1034.36 -proposed tracker (LP: #1930041)
  * linux-azure: Add Mana network driver (LP: #1928788)
    - hv_netvsc: Make netvsc/VF binding check both MAC and serial number
    - [Config] azure: CONFIG_MICROSOFT_MANA=m
    - net: mana: Add a driver for Microsoft Azure Network Adapter (MANA)
    - net: mana: remove redundant initialization of variable err
    - net: mana: fix PCI_HYPERV dependency
    - net: mana: Use int to check the return value of mana_gd_poll_cq()
  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10
  * [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517)
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
  * CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr
  * kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()
  * CVE-2021-31440
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
  * Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235
  * [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything
  * pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: use $ksft_skip for skipped return code
  * IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49
    (LP: #1926030)
    - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation"
    - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond
      durations"
  * Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132)
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
    - dmaengine: idxd: fix delta_rec and crc size field for completion record
    - dmaengine: idxd: fix opcap sysfs attribute output
    - dmaengine: idxd: fix wq size store permission state
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - dmaengine: Fix a double free in dma_async_device_register
    - dmaengine: plx_dma: add a missing put_device() on error path
    - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user(