Lucene search

K
oraclelinuxOracleLinuxELSA-2021-4356
HistoryNov 16, 2021 - 12:00 a.m.

kernel security, bug fix, and enhancement update

2021-11-1600:00:00
linux.oracle.com
25

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

[4.18.0-348.OL8]

  • Update Oracle Linux certificates (Kevin Lyons)
  • Disable signing for aarch64 (Ilya Okomin)
  • Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  • Update x509.genkey [Orabug: 24817676]
  • Conflict with shim-ia32 and shim-x64 <= 15-11.0.5
    [4.18.0-348]
  • drm/nouveau/fifo/ga102: initialise chid on return from channel creation (Ben Skeggs) [1997878]
  • drm/nouveau/ga102-: support ttm buffer moves via copy engine (Ben Skeggs) [1997878]
  • drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (Ben Skeggs) [1997878]
  • drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences (Ben Skeggs) [1997878]
  • drm/nouveau/disp: power down unused DP links during init (Ben Skeggs) [1997878]
  • drm/nouveau: recognise GA107 (Ben Skeggs) [1997878]
    [4.18.0-347]
  • PCI: Mark TI C667X to avoid bus reset (Alex Williamson) [1975768]
    [4.18.0-346]
  • redhat: switch secureboot kernel image signing to release keys (Bruno Meneguele)
  • CI: handle RT branches in a single config (Veronika Kabatova)
  • CI: Fix RT check branch name (Veronika Kabatova)
  • CI: Drop private CI config (Veronika Kabatova)
  • CI: extend template use (Veronika Kabatova)
  • Revert ‘Merge: mt7921e: enable new Mediatek wireless hardware’ (Bruno Meneguele) [2009501]
  • megaraid_sas: fix concurrent access to ISR between IRQ polling and real interrupt (Tomas Henzl) [2009022]
  • scsi: megaraid_sas: mq_poll support (Tomas Henzl) [2009022]
  • [PATCH v2] scsi: qla2xxx: Suppress unnecessary log messages during login (Nilesh Javali) [1982186]
  • scsi: qla2xxx: Fix excessive messages during device logout (Nilesh Javali) [1982186]
  • PCI: pciehp: Ignore Link Down/Up caused by DPC (Myron Stowe) [1981741]
  • arm64: kpti: Fix ‘kpti=off’ when KASLR is enabled (Mark Salter) [1979731]
  • arm64: Fix CONFIG_ARCH_RANDOM=n build (Mark Salter) [1979731]
  • redhat/configs: aarch64: add CONFIG_ARCH_RANDOM (Mark Salter) [1979731]
  • arm64: Implement archrandom.h for ARMv8.5-RNG (Mark Salter) [1979731]
  • arm64: kconfig: Fix alignment of E0PD help text (Mark Salter) [1979731]
  • arm64: Use register field helper in kaslr_requires_kpti() (Mark Salter) [1979731]
  • arm64: Simplify early check for broken TX1 when KASLR is enabled (Mark Salter) [1979731]
  • arm64: Use a variable to store non-global mappings decision (Mark Salter) [1979731]
  • arm64: Dont use KPTI where we have E0PD (Mark Salter) [1979731]
  • arm64: Factor out checks for KASLR in KPTI code into separate function (Mark Salter) [1979731]
  • redhat/configs: Add CONFIG_ARM64_E0PD (Mark Salter) [1979731]
  • arm64: Add initial support for E0PD (Mark Salter) [1979731]
  • arm64: cpufeature: Export matrix and other features to userspace (Mark Salter) [1980098]
  • arm64: docs: cpu-feature-registers: Document ID_AA64PFR1_EL1 (Mark Salter) [1980098]
  • docs/arm64: cpu-feature-registers: Rewrite bitfields that dont follow [e, s] (Mark Salter) [1980098]
  • docs/arm64: cpu-feature-registers: Documents missing visible fields (Mark Salter) [1980098]
  • arm64: Introduce system_capabilities_finalized() marker (Mark Salter) [1980098]
  • arm64: entry.S: Do not preempt from IRQ before all cpufeatures are enabled (Mark Salter) [1980098]
  • docs/arm64: elf_hwcaps: Document HWCAP_SB (Mark Salter) [1980098]
  • docs/arm64: elf_hwcaps: sort the HWCAP{, 2} documentation by ascending value (Mark Salter) [1980098]
  • arm64: cpufeature: Treat ID_AA64ZFR0_EL1 as RAZ when SVE is not enabled (Mark Salter) [1980098]
  • arm64: cpufeature: Effectively expose FRINT capability to userspace (Mark Salter) [1980098]
  • arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} (Mark Salter) [1980098]
  • arm64: Expose FRINT capabilities to userspace (Mark Salter) [1980098]
  • arm64: Expose ARMv8.5 CondM capability to userspace (Mark Salter) [1980098]
  • docs: arm64: convert perf.txt to ReST format (Mark Salter) [1980098]
  • docs: arm64: convert docs to ReST and rename to .rst (Mark Salter) [1980098]
  • Documentation/arm64: HugeTLB page implementation (Mark Salter) [1980098]
  • Documentation/arm64/sve: Couple of improvements and typos (Mark Salter) [1980098]
  • arm64: cpufeature: Fix missing ZFR0 in __read_sysreg_by_encoding() (Mark Salter) [1980098]
  • arm64: Expose SVE2 features for userspace (Mark Salter) [1980098]
  • arm64: Advertise ARM64_HAS_DCPODP cpu feature (Mark Salter) [1980098]
  • arm64: add CVADP support to the cache maintenance helper (Mark Salter) [1980098]
  • arm64: Fix minor issues with the dcache_by_line_op macro (Mark Salter) [1980098]
  • arm64: Expose DC CVADP to userspace (Mark Salter) [1980098]
  • arm64: Handle trapped DC CVADP (Mark Salter) [1980098]
  • arm64: HWCAP: encapsulate elf_hwcap (Mark Salter) [1980098]
  • arm64: HWCAP: add support for AT_HWCAP2 (Mark Salter) [1980098]
  • x86/MCE/AMD, EDAC/mce_amd: Add new SMCA bank types (Aristeu Rozanski) [1965331]
  • x86/MCE/AMD, EDAC/mce_amd: Remove struct smca_hwid.xec_bitmap (Aristeu Rozanski) [1965331]
  • EDAC, mce_amd: Print ExtErrorCode and description on a single line (Aristeu Rozanski) [1965331]
    [4.18.0-345]
  • e1000e: Do not take care about recovery NVM checksum (Ken Cox) [1984558]
  • qrtr: disable CONFIG_QRTR for non x86_64 archs (inigo Huguet) [1999642]
  • ceph: fix possible null-pointer dereference in ceph_mdsmap_decode() (Jeff Layton) [1989999]
  • ceph: fix dereference of null pointer cf (Jeff Layton) [1989999]
  • ceph: correctly handle releasing an embedded cap flush (Jeff Layton) [1989999]
  • ceph: take snap_empty_lock atomically with snaprealm refcount change (Jeff Layton) [1989999]
  • ceph: dont WARN if were still opening a session to an MDS (Jeff Layton) [1989999]
  • rbd: dont hold lock_rwsem while running_list is being drained (Jeff Layton) [1989999]
  • rbd: always kick acquire on ‘acquired’ and ‘released’ notifications (Jeff Layton) [1989999]
  • ceph: take reference to req->r_parent at point of assignment (Jeff Layton) [1989999]
  • ceph: eliminate ceph_async_iput() (Jeff Layton) [1989999]
  • ceph: dont take s_mutex in ceph_flush_snaps (Jeff Layton) [1989999]
  • ceph: dont take s_mutex in try_flush_caps (Jeff Layton) [1989999]
  • ceph: dont take s_mutex or snap_rwsem in ceph_check_caps (Jeff Layton) [1989999]
  • ceph: eliminate session->s_gen_ttl_lock (Jeff Layton) [1989999]
  • ceph: allow ceph_put_mds_session to take NULL or ERR_PTR (Jeff Layton) [1989999]
  • ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm (Jeff Layton) [1989999]
  • ceph: add some lockdep assertions around snaprealm handling (Jeff Layton) [1989999]
  • ceph: decoding error in ceph_update_snap_realm should return -EIO (Jeff Layton) [1989999]
  • ceph: add IO size metrics support (Jeff Layton) [1989999]
  • ceph: update and rename __update_latency helper to __update_stdev (Jeff Layton) [1989999]
  • ceph: simplify the metrics struct (Jeff Layton) [1989999]
  • libceph: fix doc warnings in cls_lock_client.c (Jeff Layton) [1989999]
  • libceph: remove unnecessary ret variable in ceph_auth_init() (Jeff Layton) [1989999]
  • libceph: kill ceph_none_authorizer::reply_buf (Jeff Layton) [1989999]
  • ceph: make ceph_queue_cap_snap static (Jeff Layton) [1989999]
  • ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton) [1989999]
  • libceph: set global_id as soon as we get an auth ticket (Jeff Layton) [1989999]
  • libceph: dont pass result into ac->ops->handle_reply() (Jeff Layton) [1989999]
  • ceph: fix error handling in ceph_atomic_open and ceph_lookup (Jeff Layton) [1989999]
  • ceph: must hold snap_rwsem when filling inode for async create (Jeff Layton) [1989999]
  • libceph: Fix spelling mistakes (Jeff Layton) [1989999]
  • libceph: dont set global_id until we get an auth ticket (Jeff Layton) [1989999]
  • libceph: bump CephXAuthenticate encoding version (Jeff Layton) [1989999]
  • ceph: dont allow access to MDS-private inodes (Jeff Layton) [1989999]
  • ceph: fix up some bare fetches of i_size (Jeff Layton) [1989999]
  • ceph: support getting ceph.dir.rsnaps vxattr (Jeff Layton) [1989999]
  • ceph: drop pinned_page parameter from ceph_get_caps (Jeff Layton) [1989999]
  • ceph: fix inode leak on getattr error in __fh_to_dentry (Jeff Layton) [1989999]
  • ceph: only check pool permissions for regular files (Jeff Layton) [1989999]
  • ceph: send opened files/pinned caps/opened inodes metrics to MDS daemon (Jeff Layton) [1989999]
  • ceph: avoid counting the same request twice or more (Jeff Layton) [1989999]
  • ceph: rename the metric helpers (Jeff Layton) [1989999]
  • ceph: fix kerneldoc copypasta over ceph_start_io_direct (Jeff Layton) [1989999]
  • ceph: dont use d_add in ceph_handle_snapdir (Jeff Layton) [1989999]
  • ceph: dont clobber i_snap_caps on non-I_NEW inode (Jeff Layton) [1989999]
  • ceph: fix fall-through warnings for Clang (Jeff Layton) [1989999]
  • net: ceph: Fix a typo in osdmap.c (Jeff Layton) [1989999]
  • ceph: dont allow type or device number to change on non-I_NEW inodes (Jeff Layton) [1989999]
  • ceph: defer flushing the capsnap if the Fb is used (Jeff Layton) [1989999]
  • ceph: allow queueing cap/snap handling after putting cap references (Jeff Layton) [1989999]
  • ceph: clean up inode work queueing (Jeff Layton) [1989999]
  • ceph: fix flush_snap logic after putting caps (Jeff Layton) [1989999]
  • libceph: fix ‘Boolean result is used in bitwise operation’ warning (Jeff Layton) [1989999]
  • new helper: inode_wrong_type() (Jeff Layton) [1989999]
  • kabi: Adding symbol single_release (fs/seq_file.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol single_open (fs/seq_file.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol seq_read (fs/seq_file.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol seq_printf (fs/seq_file.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol seq_lseek (fs/seq_file.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol unregister_chrdev_region (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol cdev_init (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol cdev_del (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol cdev_alloc (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol cdev_add (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol alloc_chrdev_region (fs/char_dev.c) (cestmir Kalina) [1945486]
  • kabi: Adding symbol pcie_capability_read_word (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pcie_capability_read_dword (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pcie_capability_clear_and_set_word (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_write_config_dword (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_write_config_byte (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_set_power_state (drivers/pci/pci.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_read_config_dword (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_read_config_byte (drivers/pci/access.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_irq_vector (drivers/pci/msi.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_get_device (drivers/pci/search.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_free_irq_vectors (drivers/pci/msi.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol pci_alloc_irq_vectors_affinity (drivers/pci/msi.c) (cestmir Kalina) [1945485]
  • kabi: Adding symbol kexec_crash_loaded (kernel/kexec_core.c) (cestmir Kalina) [1945491]
    [4.18.0-344]
  • perf/x86/intel: Fix PEBS-via-PT reload base value for Extended PEBS (Michael Petlan) [1998051]
  • perf/x86/intel/uncore: Fix Add BW copypasta (Michael Petlan) [1998051]
  • perf/x86/intel/uncore: Add BW counters for GT, IA and IO breakdown (Michael Petlan) [1998051]
  • Revert ‘ice: Add initial support framework for LAG’ (Michal Schmidt) [1999016]
  • net: re-initialize slow_gro flag at gro_list_prepare time (Paolo Abeni) [2002367]
  • cxgb4: dont touch blocked freelist bitmap after free (Rahul Lakkireddy) [1998148]
  • cxgb4vf: configure ports accessible by the VF (Rahul Lakkireddy) [1961329]
  • scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (Dick Kennedy) [1976332]
  • scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (Dick Kennedy) [1976332]
  • scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (Dick Kennedy) [1976332]
    [4.18.0-343]
  • rcu: Avoid unneeded function call in rcu_read_unlock() (Waiman Long) [1997500]
  • mt76: connac: do not schedule mac_work if the device is not running (Inigo Huguet) [1956419 1972045]
  • mt7921e: enable module in config (Inigo Huguet) [1956419 1972045]
  • Revert tools/power/cpupower: Read energy_perf_bias from sysfs (Steve Best) [1999926]
  • libnvdimm/namespace: Differentiate between probe mapping and runtime mapping (Jeff Moyer) [1795719]
  • libnvdimm/pfn_dev: Dont clear device memmap area during generic namespace probe (Jeff Moyer) [1795719]
  • perf/x86/intel/uncore: Clean up error handling path of iio mapping (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Fix for iio mapping on Skylake Server (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Generic support for the MMIO type of uncore blocks (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Generic support for the PCI type of uncore blocks (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Rename uncore_notifier to uncore_pci_sub_notifier (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Generic support for the MSR type of uncore blocks (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Parse uncore discovery tables (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Expose an Uncore unit to IIO PMON mapping (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Wrap the max dies calculation into an accessor (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Expose an Uncore unit to PMON mapping (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Validate MMIO address before accessing (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Record the size of mapped area (Michael Petlan) [1837330]
  • perf/x86/intel/uncore: Fix oops when counting IMC uncore events on some TGL (Michael Petlan) [1837330]
  • crypto: qat - remove unused macro in FW loader (Vladis Dronov) [1920086]
  • crypto: qat - check return code of qat_hal_rd_rel_reg() (Vladis Dronov) [1920086]
  • crypto: qat - report an error if MMP file size is too large (Vladis Dronov) [1920086]
  • crypto: qat - check MMP size before writing to the SRAM (Vladis Dronov) [1920086]
  • crypto: qat - return error when failing to map FW (Vladis Dronov) [1920086]
  • crypto: qat - enable detection of accelerators hang (Vladis Dronov) [1920086]
  • crypto: qat - Fix a double free in adf_create_ring (Vladis Dronov) [1920086]
  • crypto: qat - fix error path in adf_isr_resource_alloc() (Vladis Dronov) [1920086]
  • crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (Vladis Dronov) [1920086]
  • crypto: qat - dont release uninitialized resources (Vladis Dronov) [1920086]
  • crypto: qat - fix use of ‘dma_map_single’ (Vladis Dronov) [1920086]
  • crypto: qat - fix unmap invalid dma address (Vladis Dronov) [1920086]
  • crypto: qat - fix spelling mistake: ‘messge’ -> ‘message’ (Vladis Dronov) [1920086]
  • crypto: qat - reduce size of mapped region (Vladis Dronov) [1920086]
  • crypto: qat - change format string and cast ring size (Vladis Dronov) [1920086]
  • crypto: qat - fix potential spectre issue (Vladis Dronov) [1920086]
  • crypto: qat - configure arbiter mapping based on engines enabled (Vladis Dronov) [1920086]
    [4.18.0-342]
  • selftest: netfilter: add test case for unreplied tcp connections (Florian Westphal) [1991523]
  • netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state (Florian Westphal) [1991523]
  • net/sched: store the last executed chain also for clsact egress (Davide Caratti) [1980537]
  • ice: fix Tx queue iteration for Tx timestamp enablement (Ken Cox) [1999743]
  • perf evsel: Add missing cloning of evsel->use_config_name (Michael Petlan) [1838635]
  • perf Documentation: Document intel-hybrid support (Michael Petlan) [1838635]
  • perf tests: Skip ‘perf stat metrics (shadow stat) test’ for hybrid (Michael Petlan) [1838635]
  • perf tests: Support ‘Convert perf time to TSC’ test for hybrid (Michael Petlan) [1838635]
  • perf tests: Support ‘Session topology’ test for hybrid (Michael Petlan) [1838635]
  • perf tests: Support ‘Parse and process metrics’ test for hybrid (Michael Petlan) [1838635]
  • perf tests: Support ‘Track with sched_switch’ test for hybrid (Michael Petlan) [1838635]
  • perf tests: Skip ‘Setup struct perf_event_attr’ test for hybrid (Michael Petlan) [1838635]
  • perf tests: Add hybrid cases for ‘Roundtrip evsel->name’ test (Michael Petlan) [1838635]
  • perf tests: Add hybrid cases for ‘Parse event definition strings’ test (Michael Petlan) [1838635]
  • perf record: Uniquify hybrid event name (Michael Petlan) [1838635]
  • perf stat: Warn group events from different hybrid PMU (Michael Petlan) [1838635]
  • perf stat: Filter out unmatched aggregation for hybrid event (Michael Petlan) [1838635]
  • perf stat: Add default hybrid events (Michael Petlan) [1838635]
  • perf record: Create two hybrid ‘cycles’ events by default (Michael Petlan) [1838635]
  • perf parse-events: Support event inside hybrid pmu (Michael Petlan) [1838635]
  • perf parse-events: Compare with hybrid pmu name (Michael Petlan) [1838635]
  • perf parse-events: Create two hybrid raw events (Michael Petlan) [1838635]
  • perf parse-events: Create two hybrid cache events (Michael Petlan) [1838635]
  • perf parse-events: Create two hybrid hardware events (Michael Petlan) [1838635]
  • perf stat: Uniquify hybrid event name (Michael Petlan) [1838635]
  • perf pmu: Add hybrid helper functions (Michael Petlan) [1838635]
  • perf pmu: Save detected hybrid pmus to a global pmu list (Michael Petlan) [1838635]
  • perf pmu: Save pmu name (Michael Petlan) [1838635]
  • perf pmu: Simplify arguments of __perf_pmu__new_alias (Michael Petlan) [1838635]
  • perf jevents: Support unit value ‘cpu_core’ and ‘cpu_atom’ (Michael Petlan) [1838635]
  • tools headers uapi: Update toolss copy of linux/perf_event.h (Michael Petlan) [1838635]
    [4.18.0-341]
  • mptcp: Only send extra TCP acks in eligible socket states (Paolo Abeni) [1997178]
  • mptcp: fix possible divide by zero (Paolo Abeni) [1997178]
  • mptcp: drop tx skb cache (Paolo Abeni) [1997178]
  • mptcp: fix memory leak on address flush (Paolo Abeni) [1997178]
  • ice: Only lock to update netdev dev_addr (Michal Schmidt) [1995868]
  • ice: restart periodic outputs around time changes (Ken Cox) [1992750]
  • ice: Fix perout start time rounding (Ken Cox) [1992750]
  • net/sched: ets: fix crash when flipping from ‘strict’ to ‘quantum’ (Davide Caratti) [1981184]
  • ovl: prevent private clone if bind mount is not allowed (Miklos Szeredi) [1993131] {CVE-2021-3732}
  • gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) [1997193]
  • gfs2: dont stop reads while withdraw in progress (Bob Peterson) [1997193]
  • gfs2: Mark journal inodes as ‘dont cache’ (Bob Peterson) [1997193]
  • bpf: bpftool: Add -fno-asynchronous-unwind-tables to BPF Clang invocation (Yauheni Kaliuta) [1997124]
  • perf/x86/intel: Apply mid ACK for small core (Michael Petlan) [1838573]
  • perf/x86/intel/lbr: Zero the xstate buffer on allocation (Michael Petlan) [1838573]
  • perf: Fix task context PMU for Hetero (Michael Petlan) [1838573]
  • perf/x86/intel: Fix fixed counter check warning for some Alder Lake (Michael Petlan) [1838573]
  • perf/x86/lbr: Remove cpuc->lbr_xsave allocation from atomic context (Michael Petlan) [1838573]
  • x86/fpu/xstate: Fix an xstate size check warning with architectural LBRs (Michael Petlan) [1838573]
  • perf/x86/rapl: Add support for Intel Alder Lake (Michael Petlan) [1838573]
  • perf/x86/cstate: Add Alder Lake CPU support (Michael Petlan) [1838573]
  • perf/x86/msr: Add Alder Lake CPU support (Michael Petlan) [1838573]
  • perf/x86/intel/uncore: Add Alder Lake support (Michael Petlan) [1838573]
  • perf: Extend PERF_TYPE_HARDWARE and PERF_TYPE_HW_CACHE (Michael Petlan) [1838573]
  • perf/x86/intel: Add Alder Lake Hybrid support (Michael Petlan) [1838573]
  • perf/x86: Support filter_match callback (Michael Petlan) [1838573]
  • perf/x86/intel: Add attr_update for Hybrid PMUs (Michael Petlan) [1838573]
  • perf/x86: Add structures for the attributes of Hybrid PMUs (Michael Petlan) [1838573]
  • perf/x86: Register hybrid PMUs (Michael Petlan) [1838573]
  • perf/x86: Factor out x86_pmu_show_pmu_cap (Michael Petlan) [1838573]
  • perf/x86: Remove temporary pmu assignment in event_init (Michael Petlan) [1838573]
  • perf/x86/intel: Factor out intel_pmu_check_extra_regs (Michael Petlan) [1838573]
  • perf/x86/intel: Factor out intel_pmu_check_event_constraints (Michael Petlan) [1838573]
  • perf/x86/intel: Factor out intel_pmu_check_num_counters (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for extra_regs (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for event constraints (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for hardware cache event (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for unconstrained (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for counters (Michael Petlan) [1838573]
  • perf/x86: Hybrid PMU support for intel_ctrl (Michael Petlan) [1838573]
  • perf/x86/intel: Hybrid PMU support for perf capabilities (Michael Petlan) [1838573]
  • perf/x86: Track pmu in per-CPU cpu_hw_events (Michael Petlan) [1838573]
  • perf/x86/intel/lbr: Support XSAVES for arch LBR read (Michael Petlan) [1838573]
  • perf/x86/intel/lbr: Support XSAVES/XRSTORS for LBR context switch (Michael Petlan) [1838573]
  • x86/fpu/xstate: Add helpers for LBR dynamic supervisor feature (Michael Petlan) [1838573]
  • x86/fpu/xstate: Support dynamic supervisor feature for LBR (Michael Petlan) [1838573]
  • x86/fpu: Use proper mask to replace full instruction mask (Michael Petlan) [1838573]
  • x86/cpu: Add helper function to get the type of the current hybrid CPU (Michael Petlan) [1838573]
  • x86/cpufeatures: Enumerate Intel Hybrid Technology feature bit (Michael Petlan) [1838573]
  • HID: make arrays usage and value to be the same (Benjamin Tissoires) [1974942]
  • ACPI: PM: s2idle: Invert Microsoft UUID entry and exit (David Arcari) [1960440]
  • platform/x86: amd-pmc: Fix undefined reference to __udivdi3 (David Arcari) [1960440]
  • platform/x86: amd-pmc: Fix missing unlock on error in amd_pmc_send_cmd() (David Arcari) [1960440]
  • platform/x86: amd-pmc: Use return code on suspend (David Arcari) [1960440]
  • platform/x86: amd-pmc: Add new acpi id for future PMC controllers (David Arcari) [1960440]
  • platform/x86: amd-pmc: Add support for ACPI ID AMDI0006 (David Arcari) [1960440]
  • platform/x86: amd-pmc: Add support for logging s0ix counters (David Arcari) [1960440]
  • platform/x86: amd-pmc: Add support for logging SMU metrics (David Arcari) [1960440]
  • platform/x86: amd-pmc: call dump registers only once (David Arcari) [1960440]
  • platform/x86: amd-pmc: Fix SMU firmware reporting mechanism (David Arcari) [1960440]
  • platform/x86: amd-pmc: Fix command completion code (David Arcari) [1960440]
  • usb: pci-quirks: disable D3cold on xhci suspend for s2idle on AMD Renoir (David Arcari) [1960440]
  • ACPI: PM: Only mark EC GPE for wakeup on Intel systems (David Arcari) [1960440]
  • ACPI: PM: Adjust behavior for field problems on AMD systems (David Arcari) [1960440]
  • ACPI: PM: s2idle: Add support for new Microsoft UUID (David Arcari) [1960440]
  • ACPI: PM: s2idle: Add support for multiple func mask (David Arcari) [1960440]
  • ACPI: PM: s2idle: Refactor common code (David Arcari) [1960440]
  • ACPI: PM: s2idle: Use correct revision id (David Arcari) [1960440]
  • ACPI: PM: s2idle: Add missing LPS0 functions for AMD (David Arcari) [1960440]
  • lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) [1986138]
    [4.18.0-340]
  • blk-mq: fix is_flush_rq (Ming Lei) [1992700]
  • blk-mq: fix kernel panic during iterating over flush request (Ming Lei) [1992700]
    [4.18.0-339]
  • smb2: fix use-after-free in smb2_ioctl_query_info() (Ronnie Sahlberg) [1952781]
  • dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Mike Snitzer) [1996854]
  • md/raid10: Remove rcu_dereference when it doesnt need rcu lock to protect (Nigel Croxon) [1978115]
  • scsi: csiostor: Mark known unused variable as __always_unused (Raju Rangoju) [1961333]
  • scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() (Raju Rangoju) [1961333]
  • scsi: csiostor: Remove set but not used variable ‘rln’ (Raju Rangoju) [1961333]
  • scsi: csiostor: Return value not required for csio_dfs_destroy (Raju Rangoju) [1961333]
  • scsi: csiostor: Fix NULL check before debugfs_remove_recursive (Raju Rangoju) [1961333]
  • scsi: csiostor: Dont enable IRQs too early (Raju Rangoju) [1961333]
  • scsi: csiostor: Fix spelling typos (Raju Rangoju) [1961333]
  • scsi: csiostor: Prefer pcie_capability_read_word() (Raju Rangoju) [1961333]
  • scsi: target: cxgbit: Unmap DMA buffer before calling target_execute_cmd() (Raju Rangoju) [1961394]
  • net: Use skb_frag_off accessors (Raju Rangoju) [1961394]
  • net: Use skb accessors in network drivers (Raju Rangoju) [1961394]
  • cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in cxgb4 and ulds (Raju Rangoju) [1961394]
  • scsi: libcxgbi: Fix a use after free in cxgbi_conn_xmit_pdu() (Raju Rangoju) [1961394]
  • scsi: libcxgbi: Use kvzalloc instead of opencoded kzalloc/vzalloc (Raju Rangoju) [1961394]
  • scsi: libcxgbi: Remove unnecessary NULL checks for ‘tdata’ pointer (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Remove an unnecessary NULL check for ‘cconn’ pointer (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Clean up a debug printk (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Fix dereference of pointer tdata before it is null checked (Raju Rangoju) [1961394]
  • scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() (Raju Rangoju) [1961394]
  • scsi: libcxgbi: remove unused function to stop warning (Raju Rangoju) [1961394]
  • scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() (Raju Rangoju) [1961394]
  • net/chelsio: Delete drive and module versions (Raju Rangoju) [1961394]
  • chelsio: Replace zero-length array with flexible-array member (Raju Rangoju) [1961394]
  • [netdrv] treewide: prefix header search paths with / (Raju Rangoju) [1961394]
  • libcxgb: fix incorrect ppmax calculation (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Fix TLS dependency (Raju Rangoju) [1961394]
  • [target] treewide: Use fallthrough pseudo-keyword (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Add support for iSCSI segmentation offload (Raju Rangoju) [1961394]
  • [target] treewide: Use sizeof_field() macro (Raju Rangoju) [1961394]
  • [target] treewide: replace ‘—help—’ in Kconfig files with ‘help’ (Raju Rangoju) [1961394]
  • scsi: cxgb4i: Remove superfluous null check (Raju Rangoju) [1961394]
    [4.18.0-338]
  • KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985413] {CVE-2021-3653}
  • KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656) (Jon Maloy) [1985430] {CVE-2021-3656}
  • drm/i915/rkl: Remove require_force_probe protection (Lyude Paul) [1985159]
  • drm/i915/display: support ddr5 mem types (Lyude Paul) [1992233]
  • drm/i915/adl_s: Update ddi buf translation tables (Lyude Paul) [1992233]
  • drm/i915/adl_s: Wa_14011765242 is also needed on A1 display stepping (Lyude Paul) [1992233]
  • drm/i915/adl_s: Extend Wa_1406941453 (Lyude Paul) [1992233]
  • drm/i915: Implement Wa_1508744258 (Lyude Paul) [1992233]
  • drm/i915/adl_s: Fix dma_mask_size to 39 bit (Lyude Paul) [1992233]
  • drm/i915: Add the missing adls vswing tables (Lyude Paul) [1992233]
  • drm/i915: Add Wa_14011060649 (Lyude Paul) [1992233]
  • drm/i915/adl_s: Add Interrupt Support (Lyude Paul) [1992233]
  • drm/amdgpu: add another Renoir DID (Lyude Paul) [1980900]
    [4.18.0-337]
  • net/mlx5: Fix flow table chaining (Amir Tzin) [1987139]
  • openvswitch: fix sparse warning incorrect type (Mark Gray) [1992773]
  • openvswitch: fix alignment issues (Mark Gray) [1992773]
  • openvswitch: update kdoc OVS_DP_ATTR_PER_CPU_PIDS (Mark Gray) [1992773]
  • openvswitch: Introduce per-cpu upcall dispatch (Mark Gray) [1992773]
  • KVM: X86: Expose bus lock debug exception to guest (Paul Lai) [1842322]
  • KVM: X86: Add support for the emulation of DR6_BUS_LOCK bit (Paul Lai) [1842322]
  • scsi: libfc: Fix array index out of bound exception (Chris Leech) [1972643]
  • scsi: libfc: FDMI enhancements (Chris Leech) [1972643]
  • scsi: libfc: Add FDMI-2 attributes (Chris Leech) [1972643]
  • scsi: qedf: Add vendor identifier attribute (Chris Leech) [1972643]
  • scsi: libfc: Initialisation of RHBA and RPA attributes (Chris Leech) [1972643]
  • scsi: libfc: Correct the condition check and invalid argument passed (Chris Leech) [1972643]
  • scsi: libfc: Work around -Warray-bounds warning (Chris Leech) [1972643]
  • scsi: fc: FDMI enhancement (Chris Leech) [1972643]
  • scsi: libfc: Move scsi/fc_encode.h to libfc (Chris Leech) [1972643]
  • scsi: fc: Correct RHBA attributes length (Chris Leech) [1972643]
  • block: return ELEVATOR_DISCARD_MERGE if possible (Ming Lei) [1991976]
  • x86/fpu: Prevent state corruption in __fpu__restore_sig() (Terry Bowman) [1970086]
  • x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer (Terry Bowman) [1970086]
  • x86/pkru: Write hardware init value to PKRU when xstate is init (Terry Bowman) [1970086]
  • x86/process: Check PF_KTHREAD and not current->mm for kernel threads (Terry Bowman) [1970086]
  • x86/fpu: Add address range checks to copy_user_to_xstate() (Terry Bowman) [1970086]
  • selftests/x86: Test signal frame XSTATE header corruption handling (Terry Bowman) [1970086]
  • Bump DRM backport version to 5.12.14 (Lyude Paul) [1944405]
  • drm/i915: Use the correct max source link rate for MST (Lyude Paul) [1944405 1966599]
  • drm/dp_mst: Use Extended Base Receiver Capability DPCD space (Lyude Paul) [1944405 1966599]
  • drm/i915/display: Defeature PSR2 for RKL and ADL-S (Lyude Paul) [1944405]
  • drm/i915/adl_s: ADL-S platform Update PCI ids for Mobile BGA (Lyude Paul) [1944405]
  • drm/amdgpu: wait for moving fence after pinning (Lyude Paul) [1944405]
  • drm/radeon: wait for moving fence after pinning (Lyude Paul) [1944405]
  • drm/nouveau: wait for moving fence after pinning v2 (Lyude Paul) [1944405]
  • radeon: use memcpy_to/fromio for UVD fw upload (Lyude Paul) [1944405]
  • drm/amd/amdgpu:save psp ring wptr to avoid attack (Lyude Paul) [1944405]
  • drm/amd/display: Fix potential memory leak in DMUB hw_init (Lyude Paul) [1944405]
  • drm/amdgpu: refine amdgpu_fru_get_product_info (Lyude Paul) [1944405]
  • drm/amd/display: Allow bandwidth validation for 0 streams. (Lyude Paul) [1944405]
  • drm: Lock pointer access in drm_master_release() (Lyude Paul) [1944405]
  • drm: Fix use-after-free read in drm_getunique() (Lyude Paul) [1944405]
  • drm/amdgpu: make sure we unpin the UVD BO (Lyude Paul) [1944405]
  • drm/amdgpu: Dont query CE and UE errors (Lyude Paul) [1944405]
  • drm/amdgpu/jpeg3: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amdgpu/jpeg2.5: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amdgpu/vcn3: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (Lyude Paul) [1944405]
  • drm/i915/selftests: Fix return value check in live_breadcrumbs_smoketest() (Lyude Paul) [1944405]
  • drm/amdgpu: stop touching sched.ready in the backend (Lyude Paul) [1944405]
  • drm/amd/amdgpu: fix a potential deadlock in gpu reset (Lyude Paul) [1944405]
  • drm/amdgpu: Fix a use-after-free (Lyude Paul) [1944405]
  • drm/amd/amdgpu: fix refcount leak (Lyude Paul) [1944405]
  • drm/amd/display: Disconnect non-DP with no EDID (Lyude Paul) [1944405]
  • drm/amdgpu/jpeg2.0: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amdkfd: correct sienna_cichlid SDMA RLC register offset error (Lyude Paul) [1944405]
  • drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate (Lyude Paul) [1944405]
  • drm/amd/pm: correct MGpuFanBoost setting (Lyude Paul) [1944405]
  • drm/i915: Reenable LTTPR non-transparent LT mode for DPCD_REV<1.4 (Lyude Paul) [1944405]
  • drm/i915/gt: Disable HiZ Raw Stall Optimization on broken gen7 (Lyude Paul) [1944405]
  • dma-buf: fix unintended pin/unpin warnings (Lyude Paul) [1944405]
  • drm/amdgpu: update sdma golden setting for Navi12 (Lyude Paul) [1944405]
  • drm/amdgpu: update gc golden setting for Navi12 (Lyude Paul) [1944405]
  • drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang (Lyude Paul) [1944405]
  • drm/amdgpu: Fix GPU TLB update error when PAGE_SIZE > AMDGPU_PAGE_SIZE (Lyude Paul) [1944405]
  • drm/radeon: use the dummy page for GART if needed (Lyude Paul) [1944405]
  • drm/amd/display: Use the correct max downscaling value for DCN3.x family (Lyude Paul) [1944405]
  • drm/i915/gem: Pin the L-shape quirked object as unshrinkable (Lyude Paul) [1944405]
  • drm/ttm: Do not add non-system domain BO into swap list (Lyude Paul) [1944405]
  • drm/amd/display: Fix two cursor duplication when using overlay (Lyude Paul) [1944405]
  • amdgpu/pm: Prevent force of DCEFCLK on NAVI10 and SIENNA_CICHLID (Lyude Paul) [1944405]
  • drm/i915/display: fix compiler warning about array overrun (Lyude Paul) [1944405]
  • drm/i915: Fix crash in auto_retire (Lyude Paul) [1944405]
  • drm/i915/overlay: Fix active retire callback alignment (Lyude Paul) [1944405]
  • drm/i915: Read C0DRB3/C1DRB3 as 16 bits again (Lyude Paul) [1944405]
  • drm/i915/gt: Fix a double free in gen8_preallocate_top_level_pdp (Lyude Paul) [1944405]
  • drm/i915/dp: Use slow and wide link training for everything (Lyude Paul) [1944405]
  • drm/i915: Avoid div-by-zero on gen2 (Lyude Paul) [1944405]
  • drm/amd/display: Initialize attribute for hdcp_srm sysfs file (Lyude Paul) [1944405]
  • drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (Lyude Paul) [1944405]
  • drm/radeon: Avoid power table parsing memory leaks (Lyude Paul) [1944405]
  • drm/radeon: Fix off-by-one power_state index heap overwrite (Lyude Paul) [1944405]
  • drm/amdgpu: Add mem sync flag for IB allocated by SA (Lyude Paul) [1944405]
  • drm/amd/display: add handling for hdcp2 rx id list validation (Lyude Paul) [1944405]
  • drm/amd/display: fixed divide by zero kernel crash during dsc enablement (Lyude Paul) [1944405]
  • drm/amd/display: Force vsync flip when reconfiguring MPCC (Lyude Paul) [1944405]
  • arm64: enable tlbi range instructions (Jeremy Linton) [1861872]
  • arm64: tlb: Use the TLBI RANGE feature in arm64 (Jeremy Linton) [1861872]
  • arm64: tlb: Detect the ARMv8.4 TLBI RANGE feature (Jeremy Linton) [1861872]
  • arm64/cpufeature: Add remaining feature bits in ID_AA64ISAR0 register (Jeremy Linton) [1861872]
  • arm64: tlbflush: Ensure start/end of address range are aligned to stride (Jeremy Linton) [1861872]
  • arm64: Detect the ARMv8.4 TTL feature (Jeremy Linton) [1861872]
  • arm64: tlbi: Set MAX_TLBI_OPS to PTRS_PER_PTE (Jeremy Linton) [1861872]
    [4.18.0-336]
  • bpf: Fix integer overflow involving bucket_size (Jiri Olsa) [1992588]
  • bpf: Fix leakage due to insufficient speculative store bypass mitigation (Jiri Olsa) [1992588]
  • bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Jiri Olsa) [1992588]
  • bpf: Fix OOB read when printing XDP link fdinfo (Jiri Olsa) [1992588]
  • bpf, test: fix NULL pointer dereference on invalid expected_attach_type (Jiri Olsa) [1992588]
  • bpf: Fix tail_call_reachable rejection for interpreter when jit failed (Jiri Olsa) [1992588]
  • bpf: Track subprog poke descriptors correctly and fix use-after-free (Jiri Olsa) [1992588]
  • bpf: Fix null ptr deref with mixed tail calls and subprogs (Jiri Olsa) [1992588]
  • bpf: Fix leakage under speculation on mispredicted branches (Jiri Olsa) [1992588]
  • bpf: Set mac_len in bpf_skb_change_head (Jiri Olsa) [1992588]
  • bpf: Prevent writable memory-mapping of read-only ringbuf pages (Jiri Olsa) [1992588]
  • bpf: Fix alu32 const subreg bound tracking on bitwise operations (Jiri Olsa) [1992588]
  • xsk: Fix broken Tx ring validation (Jiri Olsa) [1992588]
  • xsk: Fix for xp_aligned_validate_desc() when len == chunk_size (Jiri Olsa) [1992588]
  • bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (Jiri Olsa) [1992588]
  • bpf: Refcount task stack in bpf_get_task_stack (Jiri Olsa) [1992588]
  • bpf: Use NOP_ATOMIC5 instead of emit_nops(&prog, 5) for BPF_TRAMP_F_CALL_ORIG (Jiri Olsa) [1992588]
  • selftest/bpf: Add a test to check trampoline freeing logic. (Jiri Olsa) [1992588]
  • bpf: Fix fexit trampoline. (Jiri Olsa) [1992588]
  • ftrace: Fix modify_ftrace_direct. (Jiri Olsa) [1992588]
  • ftrace: Add a helper function to modify_ftrace_direct() to allow arch optimization (Jiri Olsa) [1992588]
  • ftrace: Add helper find_direct_entry() to consolidate code (Jiri Olsa) [1992588]
  • bpf: Fix truncation handling for mod32 dst reg wrt zero (Jiri Olsa) [1992588]
  • bpf: Fix an unitialized value in bpf_iter (Jiri Olsa) [1992588]
  • bpf_lru_list: Read double-checked variable once without lock (Jiri Olsa) [1992588]
  • mt76: validate rx A-MSDU subframes (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144}
  • ath11k: Drop multicast fragments (Inigo Huguet) [1991459] {CVE-2020-26145}
  • ath11k: Clear the fragment cache during key install (Inigo Huguet) [1991459] {CVE-2020-24587}
  • ath10k: Validate first subframe of A-MSDU before processing the list (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144}
  • ath10k: Fix TKIP Michael MIC verification for PCIe (Inigo Huguet) [1991459] {CVE-2020-26141}
  • ath10k: drop MPDU which has discard flag set by firmware for SDIO (Inigo Huguet) [1991459] {CVE-2020-24588}
  • ath10k: drop fragments with multicast DA for SDIO (Inigo Huguet) [1991459] {CVE-2020-26145}
  • ath10k: drop fragments with multicast DA for PCIe (Inigo Huguet) [1991459] {CVE-2020-26145}
  • ath10k: add CCMP PN replay protection for fragmented frames for PCIe (Inigo Huguet) [1991459]
  • mac80211: extend protection against mixed key and fragment cache attacks (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587}
  • mac80211: do not accept/forward invalid EAPOL frames (Inigo Huguet) [1991459] {CVE-2020-26139}
  • mac80211: prevent attacks on TKIP/WEP as well (Inigo Huguet) [1991459] {CVE-2020-26141}
  • mac80211: check defrag PN against current frame (Inigo Huguet) [1991459]
  • mac80211: add fragment cache to sta_info (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587}
  • mac80211: drop A-MSDUs on old ciphers (Inigo Huguet) [1991459] {CVE-2020-24588}
  • cfg80211: mitigate A-MSDU aggregation attacks (Inigo Huguet) [1991459] {CVE-2020-24588 CVE-2020-26144}
  • mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Inigo Huguet) [1991459]
  • mac80211: prevent mixed key and fragment cache attacks (Inigo Huguet) [1991459] {CVE-2020-24586 CVE-2020-24587}
  • mac80211: assure all fragments are encrypted (Inigo Huguet) [1991459] {CVE-2020-26147}
  • tipc: call tipc_wait_for_connect only when dlen is not 0 (Xin Long) [1989361]
  • mptcp: remove tech preview warning (Florian Westphal) [1985120]
  • tcp: consistently disable header prediction for mptcp (Florian Westphal) [1985120]
  • selftests: mptcp: fix case multiple subflows limited by server (Florian Westphal) [1985120]
  • selftests: mptcp: turn rp_filter off on each NIC (Florian Westphal) [1985120]
  • selftests: mptcp: display proper reason to abort tests (Florian Westphal) [1985120]
  • mptcp: properly account bulk freed memory (Florian Westphal) [1985120]
  • mptcp: fix ‘masking a bool’ warning (Florian Westphal) [1985120]
  • mptcp: refine mptcp_cleanup_rbuf (Florian Westphal) [1985120]
  • mptcp: use fast lock for subflows when possible (Florian Westphal) [1985120]
  • mptcp: avoid processing packet if a subflow reset (Florian Westphal) [1985120]
  • mptcp: add sk parameter for mptcp_get_options (Florian Westphal) [1985120]
  • mptcp: fix syncookie process if mptcp can not_accept new subflow (Florian Westphal) [1985120]
  • mptcp: fix warning in __skb_flow_dissect() when do syn cookie for subflow join (Florian Westphal) [1985120]
  • mptcp: avoid race on msk state changes (Florian Westphal) [1985120]
  • mptcp: fix 32 bit DSN expansion (Florian Westphal) [1985120]
  • mptcp: fix bad handling of 32 bit ack wrap-around (Florian Westphal) [1985120]
  • tcp: parse mptcp options contained in reset packets (Florian Westphal) [1985120]
  • ionic: count csum_none when offload enabled (Jonathan Toppins) [1991646]
  • ionic: fix up dim accounting for tx and rx (Jonathan Toppins) [1991646]
  • ionic: remove intr coalesce update from napi (Jonathan Toppins) [1991646]
  • ionic: catch no ptp support earlier (Jonathan Toppins) [1991646]
  • ionic: make all rx_mode work threadsafe (Jonathan Toppins) [1991646]
  • dmaengine: idxd: Fix missing error code in idxd_cdev_open() (Jerry Snitselaar) [1990637]
  • dmaengine: idxd: add missing dsa driver unregister (Jerry Snitselaar) [1990637]
  • dmaengine: idxd: add engine ‘struct device’ missing bus type assignment (Jerry Snitselaar) [1990637]
  • dmaengine: idxd: remove MSIX masking for interrupt handlers (Jerry Snitselaar) [1990637]
  • dmaengine: idxd: Use cpu_feature_enabled() (Jerry Snitselaar) [1990637]
  • dmaengine: idxd: enable SVA feature for IOMMU (Jerry Snitselaar) [1990637]
  • dmagenine: idxd: Dont add portal offset in idxd_submit_desc (Jerry Snitselaar) [1990637]
  • ethtool: strset: fix message length calculation (Balazs Nemeth) [1989003]
  • net: add strict checks in netdev_name_node_alt_destroy() (Andrea Claudi) [1859038]
  • net: rtnetlink: fix bugs in rtnl_alt_ifname() (Andrea Claudi) [1859038]
  • net: rtnetlink: add linkprop commands to add and delete alternative ifnames (Andrea Claudi) [1859038]
  • net: check all name nodes in __dev_alloc_name (Andrea Claudi) [1859038]
  • net: fix a leak in register_netdevice() (Andrea Claudi) [1859038]
  • tun: fix memory leak in error path (Andrea Claudi) [1859038]
  • net: propagate errors correctly in register_netdevice() (Andrea Claudi) [1859038]
  • net: introduce name_node struct to be used in hashlist (Andrea Claudi) [1859038]
  • net: procfs: use index hashlist instead of name hashlist (Andrea Claudi) [1859038]
  • configs: Enable CONFIG_CHELSIO_INLINE_CRYPTO (Raju Rangoju) [1961368]
  • cxgb4/ch_ktls: Clear resources when pf4 device is removed (Raju Rangoju) [1961374]
  • ch_ktls: Remove redundant variable result (Raju Rangoju) [1961374]
  • ch_ktls: do not send snd_una update to TCB in middle (Raju Rangoju) [1961374]
  • ch_ktls: tcb close causes tls connection failure (Raju Rangoju) [1961374]
  • ch_ktls: fix device connection close (Raju Rangoju) [1961374]
  • ch_ktls: Fix kernel panic (Raju Rangoju) [1961374]
  • ch_ktls: fix enum-conversion warning (Raju Rangoju) [1961374]
  • net: ethernet: chelsio: inline_crypto: Mundane typos fixed throughout the file chcr_ktls.c (Raju Rangoju) [1961374]
  • ch_ipsec: Remove initialization of rxq related data (Raju Rangoju) [1961388]
  • ch_ktls: fix build warning for ipv4-only config (Raju Rangoju) [1961374]
  • ch_ktls: lock is not freed (Raju Rangoju) [1961374]
  • ch_ktls: stop the txq if reaches threshold (Raju Rangoju) [1961374]
  • ch_ktls: tcb update fails sometimes (Raju Rangoju) [1961374]
  • ch_ktls/cxgb4: handle partial tag alone SKBs (Raju Rangoju) [1961374]
  • ch_ktls: dont free skb before sending FIN (Raju Rangoju) [1961374]
  • ch_ktls: packet handling prior to start marker (Raju Rangoju) [1961374]
  • ch_ktls: Correction in middle record handling (Raju Rangoju) [1961374]
  • ch_ktls: missing handling of header alone (Raju Rangoju) [1961374]
  • ch_ktls: Correction in trimmed_len calculation (Raju Rangoju) [1961374]
  • cxgb4/ch_ktls: creating skbs causes panic (Raju Rangoju) [1961374]
  • ch_ktls: Update cheksum information (Raju Rangoju) [1961374]
  • ch_ktls: Correction in finding correct length (Raju Rangoju) [1961374]
  • cxgb4/ch_ktls: decrypted bit is not enough (Raju Rangoju) [1961374]
  • cxgb4/ch_ipsec: Replace the module name to ch_ipsec from chcr (Raju Rangoju) [1961388]
  • cxgb4/ch_ktls: ktls stats are added at port level (Raju Rangoju) [1961374]
  • ch_ktls: Issue if connection offload fails (Raju Rangoju) [1961374]
  • chelsio/chtls: Re-add dependencies on CHELSIO_T4 to fix modular CHELSIO_T4 (Raju Rangoju) [1961388]
  • chelsio/chtls: CHELSIO_INLINE_CRYPTO should depend on CHELSIO_T4 (Raju Rangoju) [1961388]
  • crypto: chelsio - fix minor indentation issue (Raju Rangoju) [1961368]
  • crypto/chcr: move nic TLS functionality to drivers/net (Raju Rangoju) [1961368]
  • cxgb4/ch_ipsec: Registering xfrmdev_ops with cxgb4 (Raju Rangoju) [1961388]
  • crypto/chcr: Moving chelsios inline ipsec functionality to /drivers/net (Raju Rangoju) [1961368]
  • chelsio/chtls: separate chelsio tls driver from crypto driver (Raju Rangoju) [1961368]
  • crypto: chelsio - Fix some pr_xxx messages (Raju Rangoju) [1961368]
  • crypto: chelsio - Avoid some code duplication (Raju Rangoju) [1961368]
  • crypto: drivers - set the flag CRYPTO_ALG_ALLOCATES_MEMORY (Raju Rangoju) [1961368]
  • crypto: aead - remove useless setting of type flags (Raju Rangoju) [1961368]
  • crypto: Replace zero-length array with flexible-array (Raju Rangoju) [1961368]
  • [Crypto] treewide: replace ‘—help—’ in Kconfig files with ‘help’ (Raju Rangoju) [1961368]
  • Crypto/chcr: Checking cra_refcnt before unregistering the algorithms (Raju Rangoju) [1961368]
  • Crypto/chcr: Calculate src and dst sg lengths separately for dma map (Raju Rangoju) [1961368]
  • Crypto/chcr: Fixes a coccinile check error (Raju Rangoju) [1961368]
  • Crypto/chcr: Fixes compilations warnings (Raju Rangoju) [1961368]
  • crypto/chcr: IPV6 code needs to be in CONFIG_IPV6 (Raju Rangoju) [1961368]
  • crypto: lib/sha1 - remove unnecessary includes of linux/cryptohash.h (Raju Rangoju) [1961368]
  • Crypto/chcr: fix for hmac(sha) test fails (Raju Rangoju) [1961368]
  • Crypto/chcr: fix for ccm(aes) failed test (Raju Rangoju) [1961368]
  • Crypto/chcr: fix ctr, cbc, xts and rfc3686-ctr failed tests (Raju Rangoju) [1961368]
  • crypto: chelsio - remove redundant assignment to variable error (Raju Rangoju) [1961368]
  • chcr: Fix CPU hard lockup (Raju Rangoju) [1961368]
  • crypto: remove CRYPTO_TFM_RES_BAD_KEY_LEN (Raju Rangoju) [1961368]
  • crypto: chelsio - switch to skcipher API (Raju Rangoju) [1961368]
  • crypto: chelsio - Remove VLA usage of skcipher (Raju Rangoju) [1961368]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C