Package "linux-intel-iotg-5.15-tools-common"

  linux-intel-iotg-5.15 (5.15.0-1044.50~20.04.1) focal; urgency=medium

  * focal/linux-intel-iotg-5.15: 5.15.0-1044.50~20.04.1 -proposed tracker
    (LP: #2038041)

  [ Ubuntu: 5.15.0-1044.50 ]

  * jammy/linux-intel-iotg: 5.15.0-1044.50 -proposed tracker (LP: #2038042)
  * [j:linux-intel-iotg][j:linux-intel-iot-realtime] Cannot set frame preemption
    (LP: #2038349)
    - SAUCE: (no-up) igc: fix frame preemption not able to set
  * jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
  * CVE-2023-4244
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * PCI BARs larger than 128GB are disabled (LP: #2037403)
    - PCI: Support BAR sizes up to 8TB
  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Jammy update: v5.15.126 upstream stable release (LP: #2037593)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - arm64: errata: Add workaround for TSB flush failures
    - arm64: errata: Add detection for TRBE write to out-of-range
    - [Config] updateconfigs for ARM64_ERRATUM_ and
      ARM64_WORKAROUND_TSB_FLUSH_FAILURE
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix kernel-doc warnings
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: Switch to use dev_err_probe() helper
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp_metrics: annotate data-races around tm->tcpm_stamp
    - tcp_metrics: annotate data-races around tm->tcpm_lock
    - tcp_metrics: annotate data-races around tm->tcpm_vals[]
    - tcp_metrics: annotate data-races around tm->tcpm_net
    - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
    - scsi: zfcp: Defer fc_rport blocking until after ADISC response
    - scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices
    - libceph: fix potential hang in ceph_osdc_notify()
    - USB: zaurus: Add ID for A-300/B-500/C-700
    - ceph: defer stopping mdsc delayed_work
    - firmware: arm_scmi: Drop OF node reference in the transport channel setup
    - exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
    - exfat: release s_lock before calling dir_emit()
    - mtd: spinand: toshiba: Fix ecc_get_status
    - mtd: rawnand: meson: fix OOB available bytes for ECC
    - arm64: dts: stratix10: fix incorrect I2C property for SCL signal
    - wifi: mt76: mt7615: do not advertise 5 GHz on first phy of MT7615D (DBDC)
    - rbd: prevent bu

  linux-intel-iotg-5.15 (5.15.0-1041.47~20.04.1) focal; urgency=medium

  * focal/linux-intel-iotg-5.15: 5.15.0-1041.47~20.04.1 -proposed tracker
    (LP: #2036561)

  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET

  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8

  [ Ubuntu: 5.15.0-1041.47 ]

  * jammy/linux-intel-iotg: 5.15.0-1041.47 -proposed tracker (LP: #2033808)
  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8
  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * [IOTG][RPL] Integrated TSN controller (stmmac) driver enabling
    (LP: #2019222)
    - stmmac: intel: Separate ADL-N and RPL-P device ID from TGL
  * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
    - [Config] Mark sh-sci as built-in
  * Request backport of xen timekeeping performance improvements (LP: #2033122)
    - x86/xen/time: prefer tsc as clocksource when it is invariant
  * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
    ARM64 (LP: #2033007)
    - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
    - kexec, KEYS: make the code in bzImage64_verify_sig generic
    - arm64: kexec_file: use more system keyrings to verify kernel image signature
  * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
    jammy/fips (LP: #2019880)
    - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
  * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
    (LP: #2019868)
    - selftests/harness: allow tests to be skipped during setup
    - selftests: net: tls: check if FIPS mode is enabled
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
    - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-20569
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - x86/srso: Add a Speculative RAS Overflow mitigation
    - x86/srso: Add IBPB_BRTYPE support
    - x86/srso: Add SRSO_NO support
    - x86/srso: Add IBPB
    - x86/srso: Add IBPB on VMEXIT
    - x86/srso: Fix return thunks in generated code
    - x86/srso: Tie SBPB bit setting to microcode patch detection
    - x86: fix backwards merge of GDS/SRSO bit
    - x86/srso: Fix build breakage with the LLVM linker
    - x86/cpu: Fix __x86_return_thunk symbol type
    - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
    - x86/alternative: Make custom return thunk unconditional
    - objtool: Add frame-pointer-specific function ignore
    - x86/ibt: Add ANNOTATE_NOENDBR
    - x86/cpu: Clean up SRSO return thunk mess
    - x86/cpu: Rename original retbleed methods
    - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
    - x86/cpu: Cleanup the untrain mess
    - x86/srso: Explain the untraining sequences a bit more
    - x86/static_call: Fix __static_call_fixup()
    - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
    - x86/srso: Disable the mitigation on unaffected configurations
    - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
    - objtool/x86: Fixup frame-pointer vs rethunk
    - x86/srso: Correct the mitigation status when SMT is disabled
    - objtool/x86: Fix SRSO mess
    - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
  * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122)
    - e1000e: Use PME poll to circumvent unreliable ACPI wake
  * Need to get fine-grained control for FAN(TFN) Participant. (LP: #2031333)
    - ACPI: fan: Separate file for attributes creation
    - ACPI: fan: Optimize struct acpi_fan_fif
    - ACPI: fan: Properly handle fine grain control
    - ACPI: fan: Add additional attributes for fine grain control
  * [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in
    cpuinfo_min_freq and cpuino_max_freq sysfs files. (LP: #2030924)
    - cpufreq: intel_pstate: Fix scaling for hybrid-capable
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4194
    - net: tun_chr_open(): set sk_uid from current_fsuid()
    - net: tap_open(): set sk_uid from current_fsuid()
  * CVE-2023-4155
    - KVM: SEV: Refactor out sev_es_state struct
    - KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary
    - KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
    - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
    - KVM: SEV: snapshot the GHCB before accessing it
    - KVM: SEV: only access GHCB fields once
  * CVE-2023-1206
    - tcp: Reduce chance of collisions in inet6_hashfn().
  * Crashing with CPU soft lock on GA kernel 5.15.0.79.76 and HWE kernel
    5.19.0-46.47-22.04.1 (LP: #2032176)
    - Revert "KVM: x86: enable TDP MMU by default"
  * Jammy update: v5.15.122 upstream stable release (LP: #2032690)
    - Linux 5.15.122
    - Upstream stable to v5.15.122
  * Jammy update: v5.15.121 upstream stable release (LP: #2032689)
    - netfilter: nf_tables: drop map element references from preparation phase
    - fs: pipe: reveal missing function protoypes
    - x86/resctrl: Only show tasks' pid in current pid namespace
    - blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
    - md/raid10: check slab-out-of

  linux-intel-iotg-5.15 (5.15.0-1039.45~20.04.1) focal; urgency=medium

  * focal/linux-intel-iotg-5.15: 5.15.0-1039.45~20.04.1 -proposed tracker
    (LP: #2035068)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  [ Ubuntu: 5.15.0-1039.45 ]

  * jammy/linux-intel-iotg: 5.15.0-1039.45 -proposed tracker (LP: #2030409)
  * [EHL] Screen flickering when the setup is in multiple monitors with mirror
    mode output (LP: #2031057)
    - SAUCE: (no-up) drm/i915/display : Remove support for interlace mode
  * [ADL-N][RPL-S] support ISHTP module (LP: #2029328)
    - HID: intel-ish-hid: ipc: add ADL and RPL device id
    - HID: intel-ish-hid: ipc: Specify no cache snooping on TGL and ADL
    - HID: intel-ish-hid: ipc: use time_before to replace "jiffies < a"
    - HID: intel-ish-hid: Fix kernel panic during warm reset
  * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
  * jammy/linux: 5.15.0-81.90 -proposed tracker (LP: #2030422)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/2023.08.07)
  * CVE-2022-40982
    - x86/mm: Initialize text poking earlier
    - x86/mm: fix poking_init() for Xen PV guests
    - x86/mm: Use mm_alloc() in poking_init()
    - mm: Move mm_cachep initialization to mm_init()
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow
  * CVE-2023-21400
    - io_uring: ensure IOPOLL locks around deferred work
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
    (LP: #2015400)
    - loop: do not enforce max_loop hard limit by (new) default
  * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
    - r8152: add USB device driver for config selection
  * Jammy update: v5.15.116 upstream stable release (LP: #2029401)
    - RDMA/bnxt_re: Fix the page_size used during the MR creation
    - RDMA/efa: Fix unsupported page sizes in device
    - RDMA/hns: Fix base address table allocation
    - RDMA/hns: Modify the value of long message loopback slice
    - dmaengine: at_xdmac: Move the free desc to the tail of the desc list
    - dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved()
    - RDMA/bnxt_re: Fix a possible memory leak
    - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
    - iommu/rockchip: Fix unwind goto issue
    - iommu/amd: Don't block updates to GATag if guest mode is on
    - dmaengine: pl330: rename _start to prevent build error
    - riscv: Fix unused variable warning when BUILTIN_DTB is set
    - net/mlx5: fw_tracer, Fix event handling
    - net/mlx5e: Don't attach netdev profile while handling internal error
    - net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
    - netrom: fix info-leak in nr_write_internal()
    - af_packet: Fix data-races of pkt_sk(sk)->num.
    - amd-xgbe: fix the false linkup in xgbe_phy_status
    - mtd: rawnand: ingenic: fix empty stub helper definitions
    - RDMA/irdma: Add SW mechanism to generate completions on error
    - RDMA/irdma: Prevent QP use after free
    - RDMA/irdma: Fix Local Invalidate fencing
    - af_packet: do not use READ_ONCE() in packet_bind()
    - tcp: deny tcp_disconnect() when threads are waiting
    - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
    - net/sched: sch_ingress: Only create under TC_H_INGRESS
    - net/sched: sch_clsact: Only create under TC_H_CLSACT
    - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
    - net/sched: Prohibit regrafting ingress or clsact Qdiscs
    - net: sched: fix NULL pointer dereference in mq_attach
    - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
    - udp6: Fix race condition in udp6_sendmsg & connect
    - net/mlx5e: Fix error handling in mlx5e_refresh_tirs
    - net/mlx5: Read embedded cpu after init bit cleared
    - net: dsa: mv88e6xxx: Increase wait after reset deactivation
    - mtd: rawnand: marvell: ensure timing values are written
    - mtd: rawnand: marvell: don't set the NAND frequency select
    - rtnetlink: call validate_linkmsg in rtnl_create_link
    - drm/amdgpu: release gpu full access after "amdgpu_device_ip_late_init"
    - watchdog: m

  linux-intel-iotg-5.15 (5.15.0-1039.44~20.04.1) focal; urgency=medium

  * focal/linux-intel-iotg-5.15: 5.15.0-1039.44~20.04.1 -proposed tracker
    (LP: #2030408)

  [ Ubuntu: 5.15.0-1039.44 ]

  * jammy/linux-intel-iotg: 5.15.0-1039.44 -proposed tracker (LP: #2030409)
  * [EHL] Screen flickering when the setup is in multiple monitors with mirror
    mode output (LP: #2031057)
    - SAUCE: (no-up) drm/i915/display : Remove support for interlace mode
  * [ADL-N][RPL-S] support ISHTP module (LP: #2029328)
    - HID: intel-ish-hid: ipc: add ADL and RPL device id
    - HID: intel-ish-hid: ipc: Specify no cache snooping on TGL and ADL
    - HID: intel-ish-hid: ipc: use time_before to replace "jiffies < a"
    - HID: intel-ish-hid: Fix kernel panic during warm reset
  * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

 -- Jian Hui Lee <email address hidden> Fri, 01 Sep 2023 16:16:27 +0800