Package "linux-nvidia-tegra-5.15-tools-host"

  linux-nvidia-tegra-5.15 (5.15.0-1020.20~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1020.20~20.04.1 -proposed tracker
    (LP: #2045982)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.12.04)

  * NVIDIA pull request 1018-002v1, 1018-003v1, 1018-004v1 (LP: #2042935)
    - [Packaging] linux-nvidia-tegra-5.15: remove dmi-sysfs and surface_gpe

  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata

  [ Ubuntu: 5.15.0-1020.20 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1020.20 -proposed tracker (LP: #2045981)
  * NVIDIA pull request 1018-002v1, 1018-003v1, 1018-004v1 (LP: #2042935)
    - NVIDIA: SAUCE: arm64: config: Enable BRCMFMAC driver
    - NVIDIA: SAUCE: memory: tegra: Add client for RCE in Tegra234
    - NVIDIA: SAUCE: phy: xusb-tegra186: No redundant pad control
    - usb: typec: ucsi: don't print PPM init deferred errors
    - NVIDIA: SAUCE: arm64: configs: enable NTFS fs
    - NVIDIA: SAUCE: Remove support for summation channel control
    - NVIDIA: SAUCE: hwmon: ina3221: Add support for channel summation disable
    - mmc: sdhci-tegra: Add runtime PM and OPP support
    - [Config] linux-nvidia-tegra: set CONFIG_NTFS_FS as built-in
    - NVIDIA: SAUCE: aquantia: issue PHY reset during phy init
    - NVIDIA: SAUCE: arm: configs: enable QFMT_V2 for quota
    - NVIDIA: SAUCE: arm64: configs: disable LOGO
    - NVIDIA: SAUCE: arm64: config: Disable DMI config
    - NVIDIA: SAUCE: platform: tegra: Add new config TEGRA_PROD_LEGACY
    - NVIDIA: SAUCE: configs: defconfig: enable TPM configs
    - [Config] linux-nvidia-tegra: Integrate config changes
    - NVIDIA: SAUCE: arm64: configs: Sanitize arm64 defconfig
    - NVIDIA: SAUCE: arm64: configs: Enable NFS server support
    - NVIDIA: SAUCE: arm64: configs: Enable dm_multipath driver
    - NVIDIA: SAUCE: arm64: configs: enable few matches for netfliter
    - NVIDIA: SAUCE: pinctrl: tegra: Set SFIO mode to Mux Register
    - Revert "pinctrl: tegra: Add support to display pin function"
    - pinctrl: tegra: Display pin function in pinconf-groups
    - [Packaging] linux-nvidia-tegra: remove dmi-sysfs and surface_gpe
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * Packaging resync (LP: #1786013)
    - [Packaging] remove helper scripts
  * jammy/linux-realtime: 5.15.0-1052.58 -proposed tracker (LP: #2041583)
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync update-dkms-versions helper
  * jammy/linux: 5.15.0-91.101 -proposed tracker (LP: #2043452)
  * USB bus error after upgrading to proposed kernel on lunar and jammy
    (LP: #2043197)
    - USB: core: Fix oversight in SuperSpeed initialization
  * jammy/linux: 5.15.0-90.100 -proposed tracker (LP: #2041603)
  * CVE-2023-25775
    - RDMA/irdma: Remove irdma_uk_mw_bind()
    - RDMA/irdma: Remove irdma_sc_send_lsmm_nostag()
    - RDMA/irdma: Remove irdma_cqp_up_map_cmd()
    - RDMA/irdma: Remove irdma_get_hw_addr()
    - RDMA/irdma: Make irdma_uk_cq_init() return a void
    - RDMA/irdma: optimize rx path by removing unnecessary copy
    - RDMA/irdma: Remove enum irdma_status_code
    - RDMA/irdma: Remove excess error variables
    - RDMA/irdma: Prevent zero-length STAG registration
  * CVE-2023-39189
    - netfilter: nfnetlink_osf: avoid OOB read
  * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
    (LP: #2039575)
    - net/smc: Fix pos miscalculation in statistics
  * CVE-2023-45871
    - igb: set max size RX buffer when store bad packet is enabled
  * CVE-2023-39193
    - netfilter: xt_sctp: validate the flag_info count
  * CVE-2023-39192
    - netfilter: xt_u32: validate user space input
  * CVE-2023-31085
    - ubi: Refuse attaching if mtd's erasesize is 0
  * CVE-2023-5717
    - perf: Disallow mis-matched inherited group reads
  * CVE-2023-5178
    - nvmet-tcp: Fix a possible UAF in queue intialization setup
  * CVE-2023-5158
    - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
  * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
    (LP: #2033406)
    - [Packaging] Make WWAN driver loadable modules
  * HP ProBook 450 G8 Notebook fail to wifi test (LP: #2037513)
    - iwlwifi: mvm: Don't fail if PPAG isn't supported
    - wifi: iwlwifi: fw: skip PPAG for JF
  * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
    - [Packaging] Make linux-tools-common depend on hwdata
  * scripts/pahole-flags.sh change return to exit 0 (LP: #2035123)
    - SAUCE: scripts/pahole-flags.sh change return to exit 0
  * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
    - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
      probe
  * Jammy update: v5.15.131 upstream stable release (LP: #2039610)
    - erofs: ensure that the post-EOF tails are all zeroed
    - ksmbd: fix wrong DataOffset validation of create context
    - ksmbd: replace one-element array with flex-array member in struct
      smb2_ea_info
    - ARM: pxa: remove use of symbol_get()
    - mmc: au1xmmc: force non-modular build and remove symbol_get usage
    - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index
    - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff
    - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
    - USB: serial: option: add Quectel EM05G variant (0x030e)
    - USB: serial: option: add FOXCONN T99W368/T99W373 product
    - ALSA: usb-audio: Fix init call orders for UAC1
    - usb: dwc3: meson-g12a: do post init to fix broken usb after resumption
    - usb: chipidea: imx: improve logic if samsung,picophy-* parameter is 0
    - HID: wacom: remove the b

  linux-nvidia-tegra-5.15 (5.15.0-1019.19~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1019.19~20.04.1 -proposed tracker
    (LP: #2041993)

  * CVE-2023-42755
    - [Config] linux-nvidia-tegra-5.15: NET_CLS_RSVP and NET_CLS_RSVP6

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts

  [ Ubuntu: 5.15.0-1019.19 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1019.19 -proposed tracker (LP: #2041991)
  * NVIDIA pull requests 1017-001v3 (LP: #2034622)
    - NVIDIA: SAUCE: thermal: tegra-bpmp: Check if BPMP supports trip points
    - NVIDIA: SAUCE: simplefb: add support to parse fb-memory from DT
    - NVIDIA: SAUCE: memory: tegra: Add bpmp_id and type for nvdla
    - NVIDIA: SAUCE: memory: tegra: Add clients for VI in Tegra234
    - NVIDIA: SAUCE: mailbox: tegra-hsp: Add support for virtualization
    - NVIDIA: SAUCE: memory: tegra: Fix SID override
    - dma-buf: Update obsoluted comments on dma_buf_vmap/vunmap()
    - dma-buf-map: Rename to iosys-map
    - of: Move simple-framebuffer device handling from simplefb to of
    - iosys-map: Add offset to iosys_map_memcpy_to()
    - iosys-map: Add a few more helpers
    - NVIDIA: SAUCE: mtd: spi-nor: support for GD
    - NVIDIA: SAUCE: mmc: host: Apply post auto-tuning correction
    - NVIDIA: SAUCE: fs: eventpoll: Add smp_mb() before waitqueue_active
    - NVIDIA: SAUCE: crypto: tegra: Add Kconfig to support Tegra SE
    - drm/vgem: use shmem helpers
    - NVIDIA: SAUCE: dma-buf-map: Fix-up iosys-map integration
    - NVIDIA: SAUCE: arm64: configs: enable cifs
    - [Config] linux-nvidia-tegra: set CONFIG_CRYPTO_DEV_TEGRA=m
  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6
  * jammy/linux-realtime: 5.15.0-1050.56 -proposed tracker (LP: #2038035)
  * jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
  * CVE-2023-4244
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * PCI BARs larger than 128GB are disabled (LP: #2037403)
    - PCI: Support BAR sizes up to 8TB
  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Jammy update: v5.15.126 upstream stable release (LP: #2037593)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - arm64: errata: Add workaround for TSB flush failures
    - arm64: errata: Add detection for TRBE write to out-of-range
    - [Config] updateconfigs for ARM64_ERRATUM_ and
      ARM64_WORKAROUND_TSB_FLUSH_FAILURE
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix kernel-doc warnings
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: Switch to use dev_err_probe() helper
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_ca

  linux-nvidia-tegra-5.15 (5.15.0-1018.18~20.04.1) focal; urgency=medium

  * focal/linux-nvidia-tegra-5.15: 5.15.0-1018.18~20.04.1 -proposed tracker
    (LP: #2038682)

  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] nvidia-tegra-5.15: remove BLK_DEV_SX8 modules

  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] nvidia-tegra-5.15: remove DECNET modules

  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] nvidia-tegra-5.15: remove sh-sci modules

  [ Ubuntu: 5.15.0-1018.18 ]

  * jammy/linux-nvidia-tegra: 5.15.0-1018.18 -proposed tracker (LP: #2038680)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/d2023.09.14)
  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8
  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] Mark sh-sci as built-in
  * NVIDIA pull requests 1017-001v3 (LP: #2034622)
    - NVIDIA: SAUCE: driver: cpufreq: remove volatile as not needed
    - NVIDIA: SAUCE: config: Disable CONFIG_LOCALVERSION_AUTO
    - NVIDIA: SAUCE: code-owners: Populate OWNERS file
    - NVIDIA: SAUCE: mailbox: tegra-hsp: Add sm ops route_irq & set_irq
    - NVIDIA: SAUCE: arch: arm64: enable HDA_INTEL config
    - NVIDIA: SAUCE: spi: spi-tegra114: retain the spi mode
    - NVIDIA: SAUCE: arm64: config: Enable MTD_UBI
    - NVIDIA: SAUCE: s25fs: Add post-get-map-id fixup for S25FS512S
    - i2c: tegra: Fix i2c-tegra DMA config option processing
    - cpufreq: tegra194: add online/offline hooks
    - NVIDIA: SAUCE: Revert "i2c: tegra: Allocate DMA memory for DMA engine"
    - NVIDIA: SAUCE: arm64: configs: Enable BINFMT_MISC support
    - thermal: tegra-bpmp: Handle errors in BPMP response
    - thermal/drivers/tegra-bpmp: Handle offline zones
    - NVIDIA: SAUCE: arm64: config: recovery_chain: Enable KEXEC configs
    - NVIDIA: SAUCE: iommu: Don't reserve IOVA when address and size are zero
    - NVIDIA: SAUCE: memory: tegra: Add SID override on resume
    - [Config] linux-nvidia-tegra: integrate defconfig changes
  * jammy/linux-realtime: 5.15.0-1048.54 -proposed tracker (LP: #2036555)
  * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
  * 5.15.0-85 live migration regression (LP: #2036675)
    - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
    - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
  * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
    - selftests/bpf: fix static assert compilation issue for test_cls_*.c
  * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
    (LP: #2034447)
    - crypto: rsa-pkcs1pad - Use helper to set reqsize
  * jammy/linux-realtime: 5.15.0-1047.53 -proposed tracker (LP: #2033801)
  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8
  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] Mark sh-sci as built-in
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] enable hihope RZ/G2M serial console
    - [Config] Mark sh-sci as built-in
  * Request backport of xen timekeeping performance improvements (LP: #2033122)
    - x86/xen/time: prefer tsc as clocksource when it is invariant
  * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
    ARM64 (LP: #2033007)
    - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
    - kexec, KEYS: make the code in bzImage64_verify_sig generic
    - arm64: kexec_file: use more system keyrings to verify kernel image signature
  * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
    jammy/fips (LP: #2019880)
    - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
  * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
    (LP: #2019868)
    - selftests/harness: allow tests to be skipped during setup
    - selftests: net: tls: check if FIPS mode is enabled
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164, reverted)
    - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
    - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-20569
    - x86/cpu, kvm: Add support for CPUID_80000021_EAX
    - x86/srso: Add a Speculative RAS Overflow mitigation
    - x86/srso: Add IBPB_BRTYPE support
    - x86/srso: Add SRSO_NO support
    - x86/srso: Add IBPB
    - x86/srso: Add IBPB on VMEXIT
    - x86/srso: Fix return thunks in generated code
    - x86/srso: Tie SBPB bit setting to microcode patch detection
    - x86: fix backwards merge of GDS/SRSO bit
    - x86/srso: Fix build breakage with the LLVM linker
    - x86/cpu: Fix __x86_return_thunk symbol type
    - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
    - x86/alternative: Make custom return thunk unconditional
    - objtool: Add frame-pointer-specific function ignore
    - x86/ibt: Add ANNOTATE_NOENDBR
    - x86/cpu: Clean up SRSO return thunk mess
    - x86/cpu: Rename original retbleed methods
    - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
    - x86/cpu: Cleanup the untrain mess
    - x86/srso: Explain the untraining sequences a bit more
    - x86/static_call: Fix __static_call_fixup()
    - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
    - x86/srso: Disable the mitigatio