Package "linux-xilinx-zynqmp"

  linux-xilinx-zynqmp (5.15.0-1025.29) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1025.29 -proposed tracker (LP: #2036376)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/d2023.10.10)

  * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
    - [Config] updateconfigs for BLK_DEV_SX8

  * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
    - [Config] updateconfigs for DECNET

  * CVE-2023-42755
    - [Config] remove NET_CLS_RSVP and NET_CLS_RSVP6

  * Please enable Renesas RZ platform serial installer (LP: #2022361)
    - [Config] Mark sh-sci as built-in

  * Jammy update: v5.15.107 upstream stable release (LP: #2023320)
    - [Config] updateconfigs for ns module merger

  * Jammy update: v5.15.105 upstream stable release (LP: #2023230)
    - [Config] updateconfigs for SERIAL_8250_ASPEED_VUART

  * Add K24 device tree (LP: #2040354)
    - SAUCE: arm64: zynqmp: Add K24 device trees
    - SAUCE: arm64: dts: Build dtbs for k24 carrier board

  * K26 QSPI MTD Definition Correction (LP: #2032972)
    - arm64: zynqmp: Fix User MTD partition size

  * Move experimental ubuntu drivers to staging (LP: #2036370)
    - ubuntu/staging: Move out of tree Xilinx drivers into staging directory
    - modpost: Add staging flag to drivers in ubuntu/staging

  * [kr260] Kernel snap does not boot (LP: #2028505)
    - Fix kernel snap to support KR260

  [ Ubuntu: 5.15.0-88.98 ]

  * jammy/linux: 5.15.0-88.98 -proposed tracker (LP: #2038055)
  * CVE-2023-4244
    - netfilter: nf_tables: don't skip expired elements during walk
    - netfilter: nf_tables: adapt set backend to use GC transaction API
    - netfilter: nft_set_hash: mark set element as dead when deleting from packet
      path
    - netfilter: nf_tables: GC transaction API to avoid race with control plane
    - netfilter: nf_tables: remove busy mark and gc batch API
    - netfilter: nf_tables: don't fail inserts if duplicate has expired
    - netfilter: nf_tables: fix kdoc warnings after gc rework
    - netfilter: nf_tables: fix GC transaction races with netns and netlink event
      exit path
    - netfilter: nf_tables: GC transaction race with netns dismantle
    - netfilter: nf_tables: GC transaction race with abort path
    - netfilter: nf_tables: use correct lock to protect gc_list
    - netfilter: nf_tables: defer gc run if previous batch is still pending
    - netfilter: nft_dynset: disallow object maps
    - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
  * CVE-2023-42756
    - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
  * CVE-2023-4623
    - net/sched: sch_hfsc: Ensure inner classes have fsc curve
  * PCI BARs larger than 128GB are disabled (LP: #2037403)
    - PCI: Support BAR sizes up to 8TB
  * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
    - ALSA: hda/realtek - ALC287 I2S speaker platform support
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
  * Jammy update: v5.15.126 upstream stable release (LP: #2037593)
    - io_uring: gate iowait schedule on having pending requests
    - perf: Fix function pointer case
    - net/mlx5: Free irqs only on shutdown callback
    - arm64: errata: Add workaround for TSB flush failures
    - arm64: errata: Add detection for TRBE write to out-of-range
    - [Config] updateconfigs for ARM64_ERRATUM_ and
      ARM64_WORKAROUND_TSB_FLUSH_FAILURE
    - iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
    - iommu/arm-smmu-v3: Document MMU-700 erratum 2812531
    - iommu/arm-smmu-v3: Add explicit feature for nesting
    - iommu/arm-smmu-v3: Document nesting-related errata
    - arm64: dts: imx8mn-var-som: add missing pull-up for onboard PHY reset pinmux
    - word-at-a-time: use the same return type for has_zero regardless of
      endianness
    - KVM: s390: fix sthyi error handling
    - wifi: cfg80211: Fix return value in scan logic
    - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
    - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
    - bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing
    - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length
    - net: dsa: fix value check in bcm_sf2_sw_probe()
    - perf test uprobe_from_different_cu: Skip if there is no gcc
    - net: sched: cls_u32: Fix match key mis-addressing
    - mISDN: hfcpci: Fix potential deadlock on &hc->lock
    - qed: Fix kernel-doc warnings
    - qed: Fix scheduling in a tasklet while getting stats
    - net: annotate data-races around sk->sk_max_pacing_rate
    - net: add missing READ_ONCE(sk->sk_rcvlowat) annotation
    - net: add missing READ_ONCE(sk->sk_sndbuf) annotation
    - net: add missing READ_ONCE(sk->sk_rcvbuf) annotation
    - net: add missing data-race annotations around sk->sk_peek_off
    - net: add missing data-race annotation for sk_ll_usec
    - net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
    - bpf, cpumap: Handle skb as well when clean up ptr_ring
    - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire
    - net: ll_temac: Switch to use dev_err_probe() helper
    - net: ll_temac: fix error checking of irq_of_parse_and_map()
    - net: korina: handle clk prepare error in korina_probe()
    - net: netsec: Ignore 'phy-mode' on SynQuacer in DT mode
    - net: dcb: choose correct policy to parse DCB_ATTR_BCN
    - s390/qeth: Don't call dev_close/dev_open (DOWN/UP)
    - ip6mr: Fix skb_under_panic in ip6mr_cache_report()
    - vxlan: Fix nexthop hash size
    - net/mlx5: fs_core: Make find_closest_ft more generic
    - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio
    - prestera: fix fallback to previous version on same major version
    - tcp_metrics: fix addr_same() helper
    - tcp

  linux-xilinx-zynqmp (5.15.0-1024.28) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1024.28 -proposed tracker (LP: #2036376)

  * K26 QSPI MTD Definition Correction (LP: #2032972)
    - arm64: zynqmp: Fix User MTD partition size

  * Move experimental ubuntu drivers to staging (LP: #2036370)
    - ubuntu/staging: Move out of tree Xilinx drivers into staging directory
    - modpost: Add staging flag to drivers in ubuntu/staging

  * [kr260] Kernel snap does not boot (LP: #2028505)
    - Fix kernel snap to support KR260

  [ Ubuntu: 5.15.0-84.93 ]

  * jammy/linux: 5.15.0-84.93 -proposed tracker (LP: #2034202)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * CVE-2023-4569
    - netfilter: nf_tables: deactivate catchall elements in next generation
  * CVE-2023-40283
    - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
  * CVE-2023-20588
    - x86/bugs: Increase the x86 bugs vector size to two u32s
    - x86/CPU/AMD: Do not leak quotient data after a division by 0
    - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
  * CVE-2023-4128
    - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-
      free
    - net/sched: cls_route: No longer copy tcf_result on update to avoid use-
      after-free

  [ Ubuntu: 5.15.0-83.92 ]

  * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
  * libgnutls report "trap invalid opcode" when trying to install packages over
    https (LP: #2031093)
    - [Config]: disable CONFIG_GDS_FORCE_MITIGATION

  [ Ubuntu: 5.15.0-81.90 ]

  * jammy/linux: 5.15.0-81.90 -proposed tracker (LP: #2030422)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - [Packaging] resync getabis
    - debian/dkms-versions -- update from kernel-versions (main/2023.08.07)
  * CVE-2022-40982
    - x86/mm: Initialize text poking earlier
    - x86/mm: fix poking_init() for Xen PV guests
    - x86/mm: Use mm_alloc() in poking_init()
    - mm: Move mm_cachep initialization to mm_init()
    - init: Provide arch_cpu_finalize_init()
    - x86/cpu: Switch to arch_cpu_finalize_init()
    - ARM: cpu: Switch to arch_cpu_finalize_init()
    - sparc/cpu: Switch to arch_cpu_finalize_init()
    - um/cpu: Switch to arch_cpu_finalize_init()
    - init: Remove check_bugs() leftovers
    - init: Invoke arch_cpu_finalize_init() earlier
    - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
    - x86/init: Initialize signal frame size late
    - x86/fpu: Remove cpuinfo argument from init functions
    - x86/fpu: Mark init functions __init
    - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
    - x86/xen: Fix secondary processors' FPU initialization
    - x86/speculation: Add Gather Data Sampling mitigation
    - x86/speculation: Add force option to GDS mitigation
    - x86/speculation: Add Kconfig option for GDS
    - KVM: Add GDS_NO support to KVM
    - Documentation/x86: Fix backwards on/off logic about YMM support
    - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
      CONFIG_GDS_FORCE_MITIGATION
  * CVE-2023-3609
    - net/sched: cls_u32: Fix reference counter leak leading to overflow
  * CVE-2023-21400
    - io_uring: ensure IOPOLL locks around deferred work
  * CVE-2023-4015
    - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
      set/chain
    - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
    - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
  * CVE-2023-3995
    - netfilter: nf_tables: disallow rule addition to bound chain via
      NFTA_RULE_CHAIN_ID
  * CVE-2023-3777
    - netfilter: nf_tables: skip bound chain on rule flush
  * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
    (LP: #2015400)
    - loop: do not enforce max_loop hard limit by (new) default
  * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
    - r8152: add USB device driver for config selection
  * Jammy update: v5.15.116 upstream stable release (LP: #2029401)
    - RDMA/bnxt_re: Fix the page_size used during the MR creation
    - RDMA/efa: Fix unsupported page sizes in device
    - RDMA/hns: Fix base address table allocation
    - RDMA/hns: Modify the value of long message loopback slice
    - dmaengine: at_xdmac: Move the free desc to the tail of the desc list
    - dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved()
    - RDMA/bnxt_re: Fix a possible memory leak
    - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
    - iommu/rockchip: Fix unwind goto issue
    - iommu/amd: Don't block updates to GATag if guest mode is on
    - dmaengine: pl330: rename _start to prevent build error
    - riscv: Fix unused variable warning when BUILTIN_DTB is set
    - net/mlx5: fw_tracer, Fix event handling
    - net/mlx5e: Don't attach netdev profile while handling internal error
    - net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
    - netrom: fix info-leak in nr_write_internal()
    - af_packet: Fix data-races of pkt_sk(sk)->num.
    - amd-xgbe: fix the false linkup in xgbe_phy_status
    - mtd: rawnand: ingenic: fix empty stub helper definitions
    - RDMA/irdma: Add SW mechanism to generate completions on error
    - RDMA/irdma: Prevent QP use after free
    - RDMA/irdma: Fix Local Invalidate fencing
    - af_packet: do not use READ_ONCE() in packet_bind()
    - tcp: deny tcp_disconnect() when threads are waiting
    - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
    - net/sched: sch_ingress: Only create under TC_H_INGRESS
    - net/sched: sch_clsact: Only create under TC_H_CLSACT
    - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
    - net/sched: Prohibit regrafting ingress or clsact Qdiscs
    - net: sched: fix NULL pointer dereference in mq

  linux-xilinx-zynqmp (5.15.0-1023.27) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1023.27 -proposed tracker (LP: #2025252)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper

  * Miscellaneous upstream changes
    - drivers:media Ar1335: Add MODULE DEVICE TABLE entry

  [ Ubuntu: 5.15.0-76.83 ]

  * jammy/linux: 5.15.0-76.83 -proposed tracker (LP: #2023905)
  * cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
    - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
  * Some INVLPG implementations can leave Global translations unflushed when
    PCIDs are enabled (LP: #2023220)
    - x86/mm: Avoid incomplete Global INVLPG flushes

  [ Ubuntu: 5.15.0-75.82 ]

  * jammy/linux: 5.15.0-75.82 -proposed tracker (LP: #2023065)
  * Jammy update: v5.15.102 upstream stable release (LP: #2020393)
    - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext"
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] resync getabis
  * fix typo in config-checks invocation (LP: #2020413)
    - [Packaging] fix typo when calling the old config-check
    - [Packaging] fix typo in 4-checks.mk
  * support python < 3.9 with annotations (LP: #2020531)
    - [Packaging] kconfig/annotations.py: support older way of merging dicts

 -- Wen-chien Jesse Sung <email address hidden> Wed, 28 Jun 2023 23:01:40 +0800