Package "linux-gcp-5.13"

  linux-gcp-5.13 (5.13.0-1024.29~20.04.1) focal; urgency=medium

  * focal/linux-gcp-5.13: 5.13.0-1024.29~20.04.1 -proposed tracker
    (LP: #1967348)

  [ Ubuntu: 5.13.0-1024.29 ]

  * impish/linux-gcp: 5.13.0-1024.29 -proposed tracker (LP: #1967349)
  * impish/linux: 5.13.0-40.45 -proposed tracker (LP: #1966701)
  * CVE-2022-1016
    - netfilter: nf_tables: initialize registers in nft_do_chain()
  * CVE-2022-1015
    - netfilter: nf_tables: validate registers coming from userspace.
  * audit: improve audit queue handling when "audit=1" on cmdline
    (LP: #1965723) // Impish update: upstream stable patchset 2022-03-22
    (LP: #1966021)
    - audit: improve audit queue handling when "audit=1" on cmdline
  * PS/2 Keyboard wakeup from s2idle not functioning on AMD Yellow Carp platform
    (LP: #1961739)
    - PM: s2idle: ACPI: Fix wakeup interrupts handling
  * Low RX performance for 40G Solarflare NICs (LP: #1964512)
    - SAUCE: sfc: The size of the RX recycle ring should be more flexible
  * [UBUNTU 20.04] Fix SIGP processing on KVM/s390 (LP: #1962578)
    - KVM: s390: Simplify SIGP Set Arch handling
    - KVM: s390: Add a routine for setting userspace CPU state
  * Move virtual graphics drivers from linux-modules-extra to linux-modules
    (LP: #1960633)
    - [Packaging] Move VM DRM drivers into modules
  * Impish update: upstream stable patchset 2022-03-09 (LP: #1964422)
    - bnx2x: Utilize firmware 7.13.21.0
    - bnx2x: Invalidate fastpath HSI version for VFs
    - rcu: Tighten rcu_advance_cbs_nowake() checks
    - select: Fix indefinitely sleeping task in poll_schedule_timeout()
    - drm/amdgpu: Use correct VIEWPORT_DIMENSION for DCN2
    - arm64/bpf: Remove 128MB limit for BPF JIT programs
    - Bluetooth: refactor malicious adv data check
    - net: sfp: ignore disabled SFP node
    - net: stmmac: skip only stmmac_ptp_register when resume from suspend
    - s390/hypfs: include z/VM guests with access control group set
    - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
    - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP
      devices
    - udf: Restore i_lenAlloc when inode expansion fails
    - udf: Fix NULL ptr deref when converting from inline format
    - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
    - PM: wakeup: simplify the output logic of pm_show_wakelocks()
    - tracing/histogram: Fix a potential memory leak for kstrdup()
    - tracing: Don't inc err_log entry count if entry allocation fails
    - ceph: properly put ceph_string reference after async create attempt
    - ceph: set pool_ns in new inode layout for async creates
    - fsnotify: fix fsnotify hooks in pseudo filesystems
    - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
    - perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
    - drm/etnaviv: relax submit size limits
    - KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
    - netfilter: nft_payload: do not update layer 4 checksum when mangling
      fragments
    - serial: 8250: of: Fix mapped region size when using reg-offset property
    - serial: stm32: fix software flow control transfer
    - tty: n_gsm: fix SW flow control encoding/handling
    - tty: Add support for Brainboxes UC cards.
    - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
    - usb: xhci-plat: fix crash when suspend if remote wake enable
    - usb: common: ulpi: Fix crash in ulpi_match()
    - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
    - USB: core: Fix hang in usb_kill_urb by adding memory barriers
    - usb: typec: tcpm: Do not disconnect while receiving VBUS off
    - ucsi_ccg: Check DEV_INT bit only when starting CCG4
    - jbd2: export jbd2_journal_[grab|put]_journal_head
    - ocfs2: fix a deadlock when commit trans
    - sched/membarrier: Fix membarrier-rseq fence command missing from query
      bitmask
    - x86/MCE/AMD: Allow thresholding interface updates after init
    - powerpc/32s: Allocate one 256k IBAT instead of two consecutives 128k IBATs
    - powerpc/32s: Fix kasan_init_region() for KASAN
    - powerpc/32: Fix boot failure with GCC latent entropy plugin
    - i40e: Increase delay to 1 s after global EMP reset
    - i40e: Fix issue when maximum queues is exceeded
    - i40e: Fix queues reservation for XDP
    - i40e: Fix for failed to init adminq while VF reset
    - i40e: fix unsigned stat widths
    - usb: roles: fix include/linux/usb/role.h compile issue
    - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
    - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
    - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
    - ipv6_tunnel: Rate limit warning messages
    - net: fix information leakage in /proc/net/ptype
    - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
    - hwmon: (lm90) Mark alert as broken for MAX6680
    - ping: fix the sk_bound_dev_if match in ping_lookup
    - ipv4: avoid using shared IP generator for connected sockets
    - hwmon: (lm90) Reduce maximum conversion rate for G781
    - NFSv4: Handle case where the lookup of a directory fails
    - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
    - net-procfs: show net devices bound packet types
    - drm/msm: Fix wrong size calculation
    - drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
    - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
    - ipv6: annotate accesses to fn->fn_sernum
    - NFS: Ensure the server has an up to date ctime before hardlinking
    - NFS: Ensure the server has an up to date ctime before renaming
    - powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
    - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
    - perf: Fix perf_event_read_local() time
    - sched/pelt: Relax the sync of util_sum with util_avg
    - net: phy: broadcom: hook up soft_reset for

  linux-gcp-5.13 (5.13.0-1023.28~20.04.1) focal; urgency=medium

  * focal/linux-gcp-5.13: 5.13.0-1023.28~20.04.1 -proposed tracker
    (LP: #1966227)

  [ Ubuntu: 5.13.0-1023.28 ]

  * impish/linux-gcp: 5.13.0-1023.28 -proposed tracker (LP: #1966228)
  * impish/linux: 5.13.0-39.44 -proposed tracker (LP: #1966236)
  * CVE-2022-27666
    - sock: remove one redundant SKB_FRAG_PAGE_ORDER macro
    - esp: Fix possible buffer overflow in ESP transformation
  * CVE-2022-1055
    - net: sched: fix use-after-free in tc_new_tfilter()

 -- Khalid Elmously <email address hidden> Tue, 29 Mar 2022 22:53:29 -0400

  linux-gcp-5.13 (5.13.0-1021.25~20.04.1) focal; urgency=medium

  * focal/linux-gcp-5.13: 5.13.0-1021.25~20.04.1 -proposed tracker
    (LP: #1964949)

  [ Ubuntu: 5.13.0-1021.25 ]

  * impish/linux-gcp: 5.13.0-1021.25 -proposed tracker (LP: #1964951)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.02.21)
  * impish/linux: 5.13.0-37.42 -proposed tracker (LP: #1964959)
  * CVE-2022-0742
    - ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()

  [ Ubuntu: 5.13.0-1020.24 ]

  * impish/linux-gcp: 5.13.0-1020.24 -proposed tracker (LP: #1964162)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.01.31)
  * Update gvnic driver code (LP: #1953575)
    - gve: Move some static functions to a common file
    - gve: gve_rx_copy: Move padding to an argument
    - gve: Make gve_rx_slot_page_info.page_offset an absolute offset
    - gve: Introduce a new model for device options
    - gve: Introduce per netdev `enum gve_queue_format`
    - gve: adminq: DQO specific device descriptor logic
    - gve: Add support for DQO RX PTYPE map
    - gve: Add dqo descriptors
    - gve: Add DQO fields for core data structures
    - gve: Update adminq commands to support DQO queues
    - gve: DQO: Add core netdev features
    - gve: DQO: Add ring allocation and initialization
    - gve: DQO: Configure interrupts on device up
    - gve: DQO: Add TX path
    - gve: DQO: Add RX path
    - gve: Fix warnings reported for DQO patchset
    - gve: DQO: Fix off by one in gve_rx_dqo()
    - gve: Propagate error codes to caller
    - gve: Simplify code and axe the use of a deprecated API
    - gve: DQO: Remove incorrect prefetch
    - gve: DQO: avoid unused variable warnings
    - gve: Switch to use napi_complete_done
    - gve: Add rx buffer pagecnt bias
    - gve: Do lazy cleanup in TX path
    - gve: Add netif_set_xps_queue call
    - gve: Allow pageflips on larger pages
    - gve: Add RX context.
    - gve: Implement packet continuation for RX.
    - gve: Add a jumbo-frame device option.
    - gve: fix unmatched u64_stats_update_end()
    - gve: fix for null pointer dereference.
    - gve: Correct order of processing device options
    - gve: Add optional metadata descriptor type GVE_TXD_MTD
    - gve: Move the irq db indexes out of the ntfy block struct
    - gve: Update gve_free_queue_page_list signature
    - gve: remove memory barrier around seqno
    - gve: Implement suspend/resume/shutdown
    - gve: Add consumed counts to ethtool stats
    - gve: Add tx|rx-coalesce-usec for DQO
    - gve: Use kvcalloc() instead of kvzalloc()
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/2022.02.21)
  * Broken network on some AWS instances with focal/impish kernels
    (LP: #1961968)
    - SAUCE: Revert "PCI/MSI: Mask MSI-X vectors only on success"
  * [SRU]PCI: vmd: Do not disable MSI-X remapping if interrupt remapping is
    enabled by IOMMU (LP: #1937295)
    - PCI: vmd: Do not disable MSI-X remapping if interrupt remapping is enabled
      by IOMMU
  * [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7
    (LP: #1960182)
    - s390/cpumf: Support for CPU Measurement Facility CSVN 7
    - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit
  * [UBUNTU 21.10] s390/cio: verify the driver availability for path_event call
    (LP: #1960875)
    - s390/cio: verify the driver availability for path_event call
  * Impish update: upstream stable patchset 2022-02-14 (LP: #1960861)
    - devtmpfs regression fix: reconfigure on each mount
    - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
    - remoteproc: qcom: pil_info: Don't memcpy_toio more than is provided
    - perf: Protect perf_guest_cbs with RCU
    - KVM: x86: Register Processor Trace interrupt hook iff PT enabled in guest
    - KVM: s390: Clarify SIGP orders versus STOP/RESTART
    - 9p: only copy valid iattrs in 9P2000.L setattr implementation
    - video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
    - media: uvcvideo: fix division by zero at stream start
    - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
      interrupts enabled
    - firmware: qemu_fw_cfg: fix sysfs information leak
    - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
    - firmware: qemu_fw_cfg: fix kobject leak in probe error path
    - KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all
    - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
    - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
      reboot from Windows
    - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
    - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
    - ALSA: hda/realtek: Re-order quirk entries for Lenovo
    - powerpc/pseries: Get entry and uaccess flush required bits from
      H_GET_CPU_CHARACTERISTICS
    - mtd: fixup CFI on ixp4xx
    - KVM: x86: don't print when fail to read/write pv eoi memory
    - remoteproc: qcom: pas: Add missing power-domain "mxc" for CDSP
    - perf annotate: Avoid TUI crash when navigating in the annotation of
      recursive functions
    - ALSA: hda/realtek: Use ALC285_FIXUP_HP_GPIO_LED on another HP laptop
    - ALSA: hda/tegra: Fix Tegra194 HDA reset failure
  * CVE-2022-0516
    - KVM: s390: Return error on SIDA memop on normal guest
  * CVE-2022-0435
    - tipc: improve size validations for received domain records
  * CVE-2022-0492
    - cgroup-v1: Require capabilities to set release_agent
  * jammy 5.15 kernel soft lockup when zfs.ko is loaded on s390x w/ gcc >=
    11.2.0-10ubuntu1 / gcc-11 PLT regression on s390x (LP: #1954676)
    - s390/module: fix loading modules with a lot of relocations
  * Impish update: upstream stable patchset 2022-02-09 (LP: #1960452)
    - workqueue: Fix unbind_wor

  linux-gcp-5.13 (5.13.0-1019.23~20.04.1) focal; urgency=medium

  [ Ubuntu: 5.13.0-1019.23 ]

  * CVE-2022-0847
    - lib/iov_iter: initialize "flags" in new pipe_buffer

  linux-gcp-5.13 (5.13.0-1015.18~20.04.1) focal; urgency=medium

  * focal/linux-gcp-5.13: 5.13.0-1015.18~20.04.1 -proposed tracker
    (LP: #1960045)

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  [ Ubuntu: 5.13.0-1015.18 ]

  * impish/linux-gcp: 5.13.0-1015.18 -proposed tracker (LP: #1960046)
  * impish/linux: 5.13.0-30.33 -proposed tracker (LP: #1960055)
  * systemd/248.3-1ubuntu8.2 ADT test failure with linux/5.13.0-29.32
    (LP: #1960034)
    - Revert "block: avoid to quiesce queue in elevator_init_mq"
    - Revert "blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and
      disk_release()"

  [ Ubuntu: 5.13.0-1014.17 ]

  * impish/linux-gcp: 5.13.0-1014.17 -proposed tracker (LP: #1959230)
  * impish/linux: 5.13.0-29.32 -proposed tracker (LP: #1959238)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.01.31)
  * CVE-2022-22942
    - SAUCE: drm/vmwgfx: Fix stale file descriptors on failed usercopy
  * CVE-2022-0330
    - drm/i915: Flush TLBs before releasing backing store
  * Impish update: upstream stable patchset 2022-01-05 (LP: #1956508)
    - ACPI: Get acpi_device's parent from the parent field
    - USB: serial: option: add Telit LE910S1 0x9200 composition
    - USB: serial: option: add Fibocom FM101-GL variants
    - usb: dwc2: gadget: Fix ISOC flow for elapsed frames
    - usb: dwc2: hcd_queue: Fix use of floating point literal
    - usb: dwc3: gadget: Ignore NoStream after End Transfer
    - usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
    - usb: dwc3: gadget: Fix null pointer exception
    - net: nexthop: fix null pointer dereference when IPv6 is not enabled
    - usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in probe
    - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
    - usb: hub: Fix usb enumeration issue due to address0 race
    - usb: hub: Fix locking issues with address0_mutex
    - binder: fix test regression due to sender_euid change
    - ALSA: ctxfi: Fix out-of-range access
    - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
    - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
    - media: cec: copy sequence field for the reply
    - Revert "parisc: Fix backtrace to always include init funtion names"
    - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
    - staging/fbtft: Fix backlight
    - staging: greybus: Add missing rwsem around snd_ctl_remove() calls
    - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
    - fuse: release pipe buf after last use
    - xen: don't continue xenstore initialization in case of errors
    - xen: detect uninitialized xenbus in xenbus_init
    - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
    - tracing/uprobe: Fix uprobe_perf_open probes iteration
    - tracing: Fix pid filtering when triggers are attached
    - mmc: sdhci-esdhc-imx: disable CMDQ support
    - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
    - mdio: aspeed: Fix "Link is Down" issue
    - powerpc/32: Fix hardlockup on vmap stack overflow
    - PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
    - PCI: aardvark: Implement re-issuing config requests on CRS response
    - PCI: aardvark: Simplify initialization of rootcap on virtual bridge
    - PCI: aardvark: Fix link training
    - proc/vmcore: fix clearing user buffer by properly using clear_user()
    - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
    - netfilter: ctnetlink: do not erase error code with EINVAL
    - netfilter: ipvs: Fix reuse connection if RS weight is 0
    - netfilter: flowtable: fix IPv6 tunnel addr match
    - ARM: dts: BCM5301X: Fix I2C controller interrupt
    - ARM: dts: BCM5301X: Add interrupt properties to GPIO node
    - ARM: dts: bcm2711: Fix PCIe interrupts
    - ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
    - ASoC: qdsp6: q6asm: fix q6asm_dai_prepare error handling
    - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
    - ASoC: codecs: wcd934x: return error code correctly from hw_params
    - net: ieee802154: handle iftypes as u32
    - firmware: arm_scmi: pm: Propagate return value to caller
    - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
    - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
    - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
    - scsi: mpt3sas: Fix kernel panic during drive powercycle test
    - drm/vc4: fix error code in vc4_create_object()
    - net: marvell: prestera: fix double free issue on err path
    - iavf: Prevent changing static ITR values if adaptive moderation is on
    - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
    - mptcp: fix delack timer
    - firmware: smccc: Fix check for ARCH_SOC_ID not implemented
    - ipv6: fix typos in __ip6_finish_output()
    - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
    - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
    - net: ipv6: add fib6_nh_release_dsts stub
    - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
    - ice: fix vsi->txq_map sizing
    - ice: avoid bpf_prog refcount underflow
    - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
    - scsi: scsi_debug: Zero clear zones at reset write pointer
    - erofs: fix deadlock when shrink erofs slab
    - net/smc: Ensure the active closing peer first closes clcsock
    - mlxsw: Verify the accessed index doesn't exceed the array length
    - mlxsw: spectrum: Protect driver from buggy firmware
    - net: marvell: mvpp2: increase MTU limit when XDP enabled
    - nvmet-tcp: fix incomplete data digest send
    - net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
    - PM: hibernate: use correct mode for swsusp_close()
    - drm/amd/display: Set plane update flags for all planes in reset
    - tcp_cubic: fix spurious Hystart ACK train detect