Unbreakable Enterprise kernel security update

[5.4.17-2011.5.3uek]

• misc: pvpanic: add crash loaded event (zhenwei pi) [Orabug: 31677096]
• misc: pvpanic: move bit definition to uapi header file (zhenwei pi) [Orabug: 31677096]
• RDMA/netlink: Do not always generate an ACK for some netlink operations (Hakon Bugge) [Orabug: 31666971]
• bnxt_en: Fix statistics counters issue during ifdown with older firmware. (Michael Chan) [Orabug: 31660919]
• bnxt_en: Do not enable legacy TX push on older firmware. (Michael Chan) [Orabug: 31660919]
• bnxt_en: Store the running firmware version code. (Michael Chan) [Orabug: 31660919]
• uek-rpm: Disable secureboot signing for OL7 aarch64 (Somasundaram Krishnasamy) [Orabug: 31645596]
• PCI: pciehp: Fix indefinite wait on sysfs requests (Lukas Wunner) [Orabug: 31580249]
• x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. (Anthony Steinhauser) [Orabug: 31557802] {CVE-2020-10767}
• fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350635] {CVE-2020-10732}
• rds/ib: Make i_{recv,send}_hdrs non-contigious (Hans Westgaard Ry) [Orabug: 31648239]
• uek-rpm: disable CONFIG_CRYPTO_DEV_CAVIUM_ZIP (Dave Kleikamp) [Orabug: 31667368]
• vfio-pci: protect remap_pfn_range() from simultaneous calls (Ankur Arora) [Orabug: 31663628] {CVE-2020-12888} {CVE-2020-12888}
• uek-rpm: drivers: enable VMD PCIe controller (Todd Vierling) [Orabug: 31636283]
• Revert ‘uek-rpm: Move grub boot menu update to posttrans stage.’ (Somasundaram Krishnasamy) [Orabug: 31689621]
• IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31689703]
• certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31689566]
  [5.4.17-2011.5.2uek]
• drm/i915/gt: Correct mistake in cherry-pick (Jack Vogel) [Orabug: 31211659]
• efi/x86: Add TPM related EFI tables to unencrypted mapping checks (Tom Lendacky) [Orabug: 31627285]
• ocfs2: change slot number type s16 to u16 (Junxiao Bi) [Orabug: 31480603]
• ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31480603]
• ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31480603]
• ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug: 31480603]
• ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31480603]
• scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (Dan Carpenter) [Orabug: 31610239]
• scsi: qla2xxx: Keep initiator ports after RSCN (Roman Bolshakov) [Orabug: 31610239]
• scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (Daniel Wagner) [Orabug: 31610239]
• scsi: qla2xxx: Remove return value from qla_nvme_ls() (Daniel Wagner) [Orabug: 31610239]
• scsi: qla2xxx: Remove an unused function (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix endianness annotations in source files (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix endianness annotations in header files (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Use make_handle() instead of open-coding it (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Change {RD,WRT}REG*() function names from upper case into lower case (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix the code that reads from mailbox registers (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Use register names instead of register offsets (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Add more BUILD_BUG_ON() statements (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Simplify the functions for dumping firmware (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix spelling of a variable name (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Make qlafx00_process_aen() return void (Jason Yan) [Orabug: 31610239]
• scsi: qla2xxx: Use true, false for ha->fw_dumped (Jason Yan) [Orabug: 31610239]
• scsi: qla2xxx: Use true, false for need_mpi_reset (Jason Yan) [Orabug: 31610239]
• scsi: qla2xxx: Make qla_set_ini_mode() return void (Jason Yan) [Orabug: 31610239]
• scsi: qla2xxx: Fix failure message in qlt_disable_vha() (Viacheslav Dubeyko) [Orabug: 31610239]
• scsi: qla2xxx: make 1-bit bit-fields unsigned int (Colin Ian King) [Orabug: 31610239]
• scsi: qla2xxx: Fix MPI failure AEN (8200) handling (Arun Easi) [Orabug: 31610239]
• scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Split qla2x00_configure_local_loop() (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix regression warnings (Nilesh Javali) [Orabug: 31610239]
• scsi: qla2xxx: Remove non functional code (Daniel Wagner) [Orabug: 31610239]
• scsi: qla2xxx: Fix I/Os being passed down when FC device is being deleted (Arun Easi) [Orabug: 31610239]
• scsi: qla2xxx: add ring buffer for tracing debug logs (Rajan Shanmugavelu) [Orabug: 31610239]
• scsi: qla2xxx: Update driver version to 10.01.00.25-k (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Set Nport ID for N2N (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Handle NVME status iocb correctly (Arun Easi) [Orabug: 31610239]
• scsi: qla2xxx: Remove restriction of FC T10-PI and FC-NVMe (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Serialize fc_port alloc in N2N (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Fix NPIV instantiation after FW dump (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Fix RDP respond data format (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Force semaphore on flash validation failure (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: add more FW debug information (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Update BPM enablement semantics. (Andrew Vasquez) [Orabug: 31610239]
• scsi: qla2xxx: fix FW resource count values (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Use a dedicated interrupt handler for ‘handshake-required’ ISPs (Andrew Vasquez) [Orabug: 31610239]
• scsi: qla2xxx: Return appropriate failure through BSG Interface (Michael Hernandez) [Orabug: 31610239]
• scsi: qla2xxx: Improved secure flash support messages (Michael Hernandez) [Orabug: 31610239]
• scsi: qla2xxx: Fix FCP-SCSI FC4 flag passing error (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Use FC generic update firmware options routine for ISP27xx (Giridhar Malavali) [Orabug: 31610239]
• scsi: qla2xxx: Avoid setting firmware options twice in 24xx_update_fw_options. (Giridhar Malavali) [Orabug: 31610239]
• scsi: qla2xxx: Add 16.0GT for PCI String (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Convert MAKE_HANDLE() from a define into an inline function (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix sparse warnings triggered by the PCI state checking code (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Suppress endianness complaints in qla2x00_configure_local_loop() (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Simplify the code for aborting SCSI commands (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix sparse warning reported by kbuild bot (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Update driver version to 10.01.00.24-k (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Use QLA_FW_STOPPED macro to propagate flag (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Add fixes for mailbox command (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Fix control flags for login/logout IOCB (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Save rscn_gen for new fcport (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Use correct ISP28xx active FW region (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: Print portname for logging in qla24xx_logio_entry() (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Fix qla2x00_echo_test() based on ISP type (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Correction to selection of loopback/echo test (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Use endian macros to assign static fields in fwdump header (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Fix RDP response size (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Handle cases for limiting RDP response payload length (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add deferred queue for processing ABTS and RDP (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Cleanup ELS/PUREX iocb fields (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Show correct port speed capabilities for RDP command (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Display message for FCE enabled (Himanshu Madhani) [Orabug: 31610239]
• scsi: qla2xxx: Add vendor extended FDMI commands (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add ql2xrdpenable module parameter for RDP (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add vendor extended RDP additions and amendments (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add changes in preparation for vendor extended FDMI/RDP (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add endianizer macro calls to fc host stats (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add sysfs node for D-Port Diagnostics AEN data (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Add beacon LED config sysfs interface (Joe Carnuccio) [Orabug: 31610239]
• scsi: qla2xxx: Check locking assumptions at runtime in qla2x00_abort_srb() (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix a NULL pointer dereference in an error path (Bart Van Assche) [Orabug: 31610239]
• scsi: qla2xxx: Fix warning after FC target reset (Viacheslav Dubeyko) [Orabug: 31610239]
• scsi: qla2xxx: Fix issue with adapters stopping state (Viacheslav Dubeyko) [Orabug: 31610239]
• scsi: qla2xxx: Do not log message when reading port speed via sysfs (Ewan D. Milne) [Orabug: 31610239]
• scsi: qla2xxx: Delete all sessions before unregister local nvme port (Quinn Tran) [Orabug: 31610239]
• scsi: qla2xxx: check UNLOADING before posting async work (Martin Wilck) [Orabug: 31610239]
• scsi: qla2xxx: set UNLOADING before waiting for session deletion (Martin Wilck) [Orabug: 31610239]
• x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (Tony Luck) [Orabug: 31601130]
• uek-rpm: aarch64: Streamline building 4K pages size kernel (Dave Kleikamp) [Orabug: 31500678]
• kernel/relay.c: handle alloc_percpu returning NULL in relay_open (Daniel Axtens) [Orabug: 31183397] {CVE-2019-19462}
  [5.4.17-2011.5.1uek]
• x86/microcode: do not modify sibling mask during late update (Mihai Carabas) [Orabug: 31605044]
• x86/speculation: Prevent rogue cross-process SSBD shutdown (Anthony Steinhauser) [Orabug: 31557900] {CVE-2020-10768}
• x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 31553477]
• x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 31553477]
• USB: pci-quirks: Add Raspberry Pi 4 quirk (Nicolas Saenz Julienne) [Orabug: 31527659]
• PCI: brcmstb: Wait for Raspberry Pis firmware when present (Nicolas Saenz Julienne) [Orabug: 31527659]
• firmware: raspberrypi: Introduce vl805 init routine (Nicolas Saenz Julienne) [Orabug: 31527659]
• soc: bcm2835: Add notify xHCI reset property (Nicolas Saenz Julienne) [Orabug: 31527659]
• PCI: brcmstb: Disable L0s component of ASPM if requested (Jim Quinlan) [Orabug: 31527659]
• PCI: brcmstb: Fix window register offset from 4 to 8 (Jim Quinlan) [Orabug: 31527659]
• PCI: brcmstb: Dont clk_put() a managed clock (Jim Quinlan) [Orabug: 31527659]
• PCI: brcmstb: Assert fundamental reset on initialization (Nicolas Saenz Julienne) [Orabug: 31527659]
• i2c: brcmstb: Fix handling of optional interrupt (Dave Stevenson) [Orabug: 31527659]
• ARM: dts: bcm283x: Disable dsi0 node (Nicolas Saenz Julienne) [Orabug: 31527659]
• pwm: bcm2835: Dynamically allocate base (Florian Fainelli) [Orabug: 31527659]
• ARM: bcm2835_defconfig: Enable fixed-regulator (Nicolas Saenz Julienne) [Orabug: 31527659]
• ARM: dts: bcm2711: Add vmmc regulator in emmc2 (Nicolas Saenz Julienne) [Orabug: 31527659]
• ARM: dts: bcm2711: Update expgpios GPIO labels (Nicolas Saenz Julienne) [Orabug: 31527659]
• i2c: drivers: Use generic definitions for bus frequencies (Andy Shevchenko) [Orabug: 31527659]
• i2c: core: Provide generic definitions for bus frequencies (Andy Shevchenko) [Orabug: 31527659]
• mmc: sdhci: iproc: Add custom set_power() callback for bcm2711 (Nicolas Saenz Julienne) [Orabug: 31527659]
• mmc: sdhci: am654: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
• mmc: sdhci: at91: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
• mmc: sdhci: arasan: Use sdhci_set_power_and_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
• mmc: sdhci: Introduce sdhci_set_power_and_bus_voltage() (Nicolas Saenz Julienne) [Orabug: 31527659]
• irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (Lukas Wunner) [Orabug: 31527659]
• usb: xhci: Enable LPM for VIA LABS VL805 (Nicolas Saenz Julienne) [Orabug: 31527659]
• arm64: bcm2835: Drop select of nonexistent HAVE_ARM_ARCH_TIMER (Geert Uytterhoeven) [Orabug: 31527659]
• ARM: dts: bcm2711: Move emmc2 into its own bus (Nicolas Saenz Julienne) [Orabug: 31527659]
• ARM: dts: bcm2711-rpi-4-b: Add SoC GPIO labels (Stefan Wahren) [Orabug: 31527659]
• ARM: bcm2835_defconfig: add support for Raspberry Pi4 (Marek Szyprowski) [Orabug: 31527659]
• ARM: bcm2835_defconfig: Explicitly restore CONFIG_DEBUG_FS (Stefan Wahren) [Orabug: 31527659]
• ARM: dts: bcm2711: Add pcie0 alias (Nicolas Saenz Julienne) [Orabug: 31527659]
• ARM: dts: bcm283x: Add missing properties to the PWR LED (Stefan Wahren) [Orabug: 31527659]
• PCI: brcmstb: Fix build on 32bit ARM platforms with older compilers (Marek Szyprowski) [Orabug: 31527659]
• net: bcmgenet: Clear ID_MODE_DIS in EXT_RGMII_OOB_CTRL when not needed (Nicolas Saenz Julienne) [Orabug: 31527659]
• net: bcmgenet: reduce severity of missing clock warnings (Jeremy Linton) [Orabug: 31527659]
• pinctrl: bcm2835: Add support for all GPIOs on BCM2711 (Stefan Wahren) [Orabug: 31527659]
• pinctrl: bcm2835: Refactor platform data (Stefan Wahren) [Orabug: 31527659]
• pinctrl: bcm2835: Drop unused define (Stefan Wahren) [Orabug: 31527659]
• dma-contiguous: CMA: give precedence to cmdline (Nicolas Saenz Julienne) [Orabug: 31527659]
• dt-bindings: brcm,avs-ro-thermal: Fix binding check issues (Stefan Wahren) [Orabug: 31527659]
• dt-bindings: Add Broadcom AVS RO thermal (Stefan Wahren) [Orabug: 31527659]
• serial: 8250_bcm2835aux: Document struct bcm2835aux_data (Lukas Wunner) [Orabug: 31527659]
• serial: 8250_bcm2835aux: Use generic remapping code (Lukas Wunner) [Orabug: 31527659]
• serial: 8250_bcm2835aux: Allocate uart_8250_port on stack (Lukas Wunner) [Orabug: 31527659]
• serial: 8250_bcm2835aux: Suppress register_port error on -EPROBE_DEFER (Lukas Wunner) [Orabug: 31527659]
• serial: 8250_bcm2835aux: Suppress clk_get error on -EPROBE_DEFER (Phil Elwell) [Orabug: 31527659]
• spi: bcm2835: Raise maximum number of slaves to 4 (Lukas Wunner) [Orabug: 31527659]
• Bluetooth: hci_bcm: Drive RTS only for BCM43438 (Stefan Wahren) [Orabug: 31527659]
• Bluetooth: hci_bcm: Add device-tree compatible for BCM4329 (Dmitry Osipenko) [Orabug: 31527659]
• iommu/dma: Rationalise types for DMA masks (Robin Murphy) [Orabug: 31527659]
• hwrng: iproc-rng200 - Add support for BCM2711 (Stefan Wahren) [Orabug: 31527659]
• dt-bindings: rng: add BCM2711 RNG compatible (Stefan Wahren) [Orabug: 31527659]
• Bluetooth: hci_bcm: Support pcm params in dts (Abhishek Pandit-Subedi) [Orabug: 31527659]
• Bluetooth: btbcm: Support pcm configuration (Abhishek Pandit-Subedi) [Orabug: 31527659]
• Bluetooth: hci_bcm: Disallow set_baudrate for BCM4354 (Abhishek Pandit-Subedi) [Orabug: 31527659]
• Bluetooth: btbcm: Add entry for BCM4335A0 UART bluetooth (Mohammad Rasim) [Orabug: 31527659]
• Bluetooth: hci_bcm: Add compatible string for BCM43540 (Abhishek Pandit-Subedi) [Orabug: 31527659]
• iommu/dma-iommu: Use the dev->coherent_dma_mask (Tom Murphy) [Orabug: 31527659]
• KEYS: Increase system_extra_certificate size to 8192 bytes (Stephen Brennan) [Orabug: 31512725]
• vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
• vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888} {CVE-2020-12888}
• vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
• vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439668] {CVE-2020-12888}
• vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Sean Christopherson) [Orabug: 31439668] {CVE-2020-12888}
• scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 31595670]
  [5.4.17-2011.5.0uek]
• ctf: support ld --ctf-variables, if available (Nick Alcock) [Orabug: 31535069]
• ctf: adjust to upcoming binutils ctf_link_add_ctf API change (Nick Alcock) [Orabug: 31535069]
• bpf: Fix up bpf_skb_adjust_room helpers skb csum setting (Daniel Borkmann) [Orabug: 31519461]
• aarch64: Enable thermal config for RPi4 (Vijay Kumar) [Orabug: 31518062]
• thermal: Add BCM2711 thermal driver (Stefan Wahren) [Orabug: 31518062]
• x86/mitigations: reset default value for srbds_mitigation (Mihai Carabas) [Orabug: 31515046]
• x86/cpu: clear X86_BUG_SRBDS before late loading (Mihai Carabas) [Orabug: 31515046]
• x86/mitigations: update MSRs on all CPUs for SRBDS (Mihai Carabas) [Orabug: 31515046]
• acpi: disallow loading configfs acpi tables when locked down (Jason A. Donenfeld) [Orabug: 31493185]
• media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351669] {CVE-2019-19054}