Package "linux-azure-6.2"

  linux-azure-6.2 (6.2.0-1005.5~22.04.1) jammy; urgency=medium

  * jammy/linux-azure-6.2: 6.2.0-1005.5~22.04.1 -proposed tracker (LP: #2019836)

  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] azure-6.2: introduce a separate linux-lib-rust package

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/master)

  [ Ubuntu: 6.2.0-1005.5 ]

  * lunar/linux-azure: 6.2.0-1005.5 -proposed tracker (LP: #2019837)
  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] azure: introduce a separate linux-lib-rust package
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/master)
  * Azure: Add PCI pass-thru support to Hyper-V Confidential VMs (LP: #2015369)
    - x86/hyperv: Reorder code to facilitate future work
    - Drivers: hv: Explicitly request decrypted in vmap_pfn() calls
    - x86/mm: Handle decryption/re-encryption of bss_decrypted consistently
    - init: Call mem_encrypt_init() after Hyper-V hypercall init is done
    - x86/hyperv: Change vTOM handling to use standard coco mechanisms
    - swiotlb: Remove bounce buffer remapping for Hyper-V
    - Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages
    - SAUCE: Drivers: hv: vmbus: Revert Dexuan's changes to hv_ringbuffer_init()
    - Drivers: hv: vmbus: Remove second way of mapping ring buffers
    - hv_netvsc: Remove second mapping of send and recv buffers
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - x86/hyperv: Add support for detecting nested hypervisor
    - Drivers: hv: Setup synic registers in case of nested root partition
    - x86/hyperv: Add an interface to do nested hypercalls
    - Drivers: hv: Enable vmbus driver for nested root partition
    - Drivers: hv: Don't remap addresses that are above shared_gpa_boundary
    - PCI: hv: Enable PCI pass-thru devices in Confidential VMs
    - SAUCE: Drivers: hv: vmbus: Hardcode MMIO resources in vmbus_walk_resources()
      when necessary
    - SAUCE: x86/hyperv: Support hypercalls for TDX guests (part 2)
    - Drivers: hv: vmbus: Remove the per-CPU post_msg_page
    - PCI: hv: Replace retarget_msi_interrupt_params with hyperv_pcpu_input_arg
    - x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline
    - arm64/hyperv: Use CPUHP_AP_HYPERV_ONLINE state to fix CPU online sequencing
  * Azure: Enable MANA Jumbo Frame Support reprise (LP: #2018593)
    - net: mana: Rename mana_refill_rxoob and remove some empty lines
    - net: mana: Check if netdev/napi_alloc_frag returns single page
  * Azure: Enable MANA Jumbo Frame Support (LP: #2016898)
    - net: mana: Use napi_build_skb in RX path
    - net: mana: Refactor RX buffer allocation code to prepare for various MTU
    - net: mana: Enable RX path to handle various MTU sizes
    - net: mana: Add support for jumbo frame
  * Azure: Build-in TDX guest driver (LP: #2016995)
    - [Config] Azure: Build in TDX guest driver
  * lunar/linux: 6.2.0-23.23 -proposed tracker (LP: #2019845)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.05.15)
  * Fix flicker display problem on some panels which support PSR2 (LP: #2002968)
    - drm/i915/psr: Add continuous full frame bit together with single
  * Kernel 6.1 bumped the disk consumption on default images by 15%
    (LP: #2015867)
    - [Packaging] introduce a separate linux-lib-rust package
  * Update I915 PSR calculation on Linux 6.2 (LP: #2018655)
    - drm/i915: Fix fast wake AUX sync len
    - drm/i915: Explain the magic numbers for AUX SYNC/precharge length
  * Computer with Intel Atom CPU will not boot with Kernel 6.2.0-20
    (LP: #2017444)
    - [Config]: Disable CONFIG_INTEL_ATOMISP
  * udev fails to make prctl() syscall with apparmor=0 (as used by maas by
    default) (LP: #2016908)
    - SAUCE: (no-up) Stacking v38: Fix prctl() syscall with apparmor=0
  * CVE-2023-32233
    - netfilter: nf_tables: deactivate anonymous set from preparation phase
  * CVE-2023-2612
    - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
  * CVE-2023-31436
    - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
  * CVE-2023-1380
    - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  * 5.19 not reporting cgroups v1 blkio.throttle.io_serviced (LP: #2016186)
    - SAUCE: blk-throttle: Fix io statistics for cgroup v1
  * LSM stacking and AppArmor for 6.2: additional fixes (LP: #2017903)
    - SAUCE: (no-up) apparmor: fix policy_compat perms remap for file dfa
    - SAUCE: (no-up) apparmor: fix profile verification and enable it
    - SAUCE: (no-up) apparmor: fix: add missing failure check in
      compute_xmatch_perms
    - SAUCE: (no-up) apparmor: fix: kzalloc perms tables for shared dfas
  * Lunar update: v6.2.12 upstream stable release (LP: #2017219)
    - Revert "pinctrl: amd: Disable and mask interrupts on resume"
    - drm/amd/display: Pass the right info to drm_dp_remove_payload
    - drm/i915: Workaround ICL CSC_MODE sticky arming
    - ALSA: emu10k1: fix capture interrupt handler unlinking
    - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
    - ALSA: i2c/cs8427: fix iec958 mixer control deactivation
    - ALSA: hda: patch_realtek: add quirk for Asus N7601ZM
    - ALSA: hda/realtek: Add quirks for Lenovo Z13/Z16 Gen2
    - ALSA: firewire-tascam: add missing unwind goto in
      snd_tscm_stream_start_duplex()
    - ALSA: emu10k1: don't create old pass-through playback device on Audigy
    - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
    - ALSA: hda/hdmi: disable KAE for Intel DG2
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
    - Bluetooth: Fix race condit