Unbreakable Enterprise kernel security update

[4.14.35-2047.508.3]

• fuse: fix live lock in fuse_iget() (Amir Goldstein) [Orabug: 33396682] {CVE-2021-28950}
• block: workaround to avoid self-deadlock in del_gendisk (Junxiao Bi) [Orabug: 33392821]
• net: bonding: add new option arp_allslaves for arp_ip_target (Venkat Venkatsubra) [Orabug: 33352735]
  [4.14.35-2047.508.2]
• KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33360245]
• Revert uek-rpm: mark /etc/ld.so.conf.d/ files as %config (aloktiw) [Orabug: 33359680]
• net/mlx5: Rate limit errors in command interface (Leon Romanovsky) [Orabug: 33305503]
• Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33292634] {CVE-2021-3573}
• Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33292634]
• Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33292634] {CVE-2021-3564}
• IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134287]
• IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134287]
• uek-rpm: Add dm-cache-smq.ko module (John Donnelly) [Orabug: 29198153]
  [4.14.35-2047.508.1]
• RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33324346]
• net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33329032]
• ip: Manual backport of pskb_inet_may_pull() (Hakon Bugge) [Orabug: 33329032]
• Revert Revert net: geneve: check skb is large enough for IPv4/IPv6 header (Hakon Bugge) [Orabug: 33329032]
• ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Tso) [Orabug: 33327179] {CVE-2021-40490}
• uek-rpm: add CONFIG_PVPANIC_PCI to aarch64 (Mihai Carabas) [Orabug: 33155642]
• misc/pvpanic: fix set driver data (Mihai Carabas) [Orabug: 33155642]
• misc/pvpanic-pci: Allow automatic loading (Eric Auger) [Orabug: 33155642]
• misc/pvpanic: Remove some dead-code (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic: Make pvpanic_probe() resource managed (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic-mmio: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic-mmio: Fix error handling in pvpanic_mmio_probe() (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic-pci: Use GFP_KERNEL instead of GFP_ATOMIC (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic-pci: Fix error handling in pvpanic_pci_probe() (Christophe JAILLET) [Orabug: 33155642]
• misc/pvpanic: Make some symbols static (YueHaibing) [Orabug: 33155642]
• misc/pvpanic: fix return value check in pvpanic_pci_probe() (Qiheng Lin) [Orabug: 33155642]
• misc/pvpanic: add PCI driver (Mihai Carabas) [Orabug: 33155642]
• misc/pvpanic: probe multiple instances (Mihai Carabas) [Orabug: 33155642]
• misc/pvpanic: split-up generic and platform dependent code (Mihai Carabas) [Orabug: 33155642]
• misc/pvpanic: Export module FDT device table (Shile Zhang) [Orabug: 33155642]
• misc: pvpanic: sysfs_emit uses should have a newline (Joe Perches) [Orabug: 33155642]
• misc: pvpanic: introduce events device attribue (zhenwei pi) [Orabug: 33155642]
• misc: pvpanic: introduce device capability (zhenwei pi) [Orabug: 33155642]
• misc: pvpanic: Check devm_ioport_map() for NULL (Andy Shevchenko) [Orabug: 33155642]
• misc: pvpanic: Replace OF headers by mod_devicetable.h (Andy Shevchenko) [Orabug: 33155642]
• misc: pvpanic: Combine ACPI and platform drivers (Andy Shevchenko) [Orabug: 33155642]
• misc: pvpanic: Use devm_platform_ioremap_resource() (Wang ShaoBo) [Orabug: 33155642]
• driver core: platform: Introduce platform_get_mem_or_io() (Andy Shevchenko) [Orabug: 33155642]
• misc: pvpanic: move bit definition to uapi header file (zhenwei pi) [Orabug: 33155642]
• misc: pvpanic: fix warning implicit declaration (Anders Roxell) [Orabug: 33155642]
• misc/pvpanic: resolve compile errors for arch=um (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: fix a NULL vs IS_ERR() check (Dan Carpenter) [Orabug: 33155642]
• misc/pvpanic: remove a redundant comma (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: convert to SPDX license tags (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: change header file sort style (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: remove unnecessary header file (Peng Hao) [Orabug: 33155642]
• misc/pvpanic : break dependency on ACPI (Peng Hao) [Orabug: 33155642]
• misc/pvpanic : grouping ACPI related stuff (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: add support to get pvpanic device info FDT (Peng Hao) [Orabug: 33155642]
• dt-bindings: misc/pvpanic: add document for pvpanic-mmio (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: add MMIO support (Peng Hao) [Orabug: 33155642]
• misc/pvpanic: simplify the code using acpi_dev_resource_io (Peng Hao) [Orabug: 33155642]
• pvpanic: move pvpanic to misc as common driver (Peng Hao) [Orabug: 33155642]
• fuse: fix bad inode (Miklos Szeredi) [Orabug: 32769032] {CVE-2020-36322}
• Linux 4.14.243 (Greg Kroah-Hartman)
• spi: mediatek: Fix fifo transfer (Guenter Roeck)
• Revert watchdog: iTCO_wdt: Account for rebooting on second timeout (Greg Kroah-Hartman)
• KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped() (Sean Christopherson)
• KVM: do not assume PTE is writable after follow_pfn (Paolo Bonzini)
• Revert Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Greg Kroah-Hartman)
• net: Fix zero-copy head len calculation. (Pravin B Shelar)
• qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() (Jia He)
• r8152: Fix potential PM refcount imbalance (Takashi Iwai)
• regulator: rt5033: Fix n_voltages settings for BUCK and LDO (Axel Lin)
• btrfs: mark compressed range uptodate only if all bio succeed (Goldwyn Rodrigues)
• Linux 4.14.242 (Greg Kroah-Hartman)
• Revert perf map: Fix dso->nsinfo refcounting (Arnaldo Carvalho de Melo)
• can: hi311x: fix a signedness bug in hi3110_cmd() (Dan Carpenter)
• sis900: Fix missing pci_disable_device() in probe and remove (Wang Hai)
• tulip: windbond-840: Fix missing pci_disable_device() in probe and remove (Wang Hai)
• sctp: fix return value check in __sctp_rcv_asconf_lookup (Marcelo Ricardo Leitner)
• net/mlx5: Fix flow table chaining (Maor Gottlieb)
• net: llc: fix skb_over_panic (Pavel Skripkin)
• mlx4: Fix missing error code in mlx4_load_one() (Jiapeng Chong)
• tipc: fix sleeping in tipc accept routine (Hoang Le)
• netfilter: nft_nat: allow to specify layer 4 protocol NAT only (Pablo Neira Ayuso)
• netfilter: conntrack: adjust stop timestamp to real expiry value (Florian Westphal)
• cfg80211: Fix possible memory leak in function cfg80211_bss_update (Nguyen Dinh Phi)
• x86/asm: Ensure asm/proto.h can be included stand-alone (Jan Kiszka)
• nfc: nfcsim: fix use after free during module unload (Krzysztof Kozlowski)
• NIU: fix incorrect error return, missed in previous revert (Paul Jakma)
• can: esd_usb2: fix memory leak (Pavel Skripkin)
• can: ems_usb: fix memory leak (Pavel Skripkin)
• can: usb_8dev: fix memory leak (Pavel Skripkin)
• can: mcba_usb_start(): add missing urb->transfer_dma initialization (Pavel Skripkin)
• can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (Ziyang Xuan)
• x86/kvm: fix vcpu-id indexed array sizes (Juergen Gross)
• gro: ensure frag0 meets IP header alignment (Eric Dumazet)
• virtio_net: Do not pull payload in skb->head (Eric Dumazet)
• ARM: dts: versatile: Fix up interrupt controller node names (Sudeep Holla)
• hfs: add lock nesting notation to hfs_find_init (Desmond Cheong Zhi Xi)
• hfs: fix high memory mapping in hfs_bnode_read (Desmond Cheong Zhi Xi)
• hfs: add missing clean-up in hfs_fill_super (Desmond Cheong Zhi Xi)
• sctp: move 198 addresses from unusable to private scope (Xin Long)
• net: annotate data race around sk_ll_usec (Eric Dumazet)
• net/802/garp: fix memleak in garp_request_join() (Yang Yingliang)
• net/802/mrp: fix memleak in mrp_request_join() (Yang Yingliang)
• workqueue: fix UAF in pwq_unbound_release_workfn() (Yang Yingliang)
• af_unix: fix garbage collect vs MSG_PEEK (Miklos Szeredi)
• net: split out functions related to registering inflight socket files (Jens Axboe)
• KVM: x86: determine if an exception has an error code only when injecting it. (Maxim Levitsky)
• selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c (Greg Kroah-Hartman)
  [4.14.35-2047.508.0]
• Linux 4.14.241 (Greg Kroah-Hartman)
• xhci: add xhci_get_virt_ep() helper (Mathias Nyman)
• spi: spi-fsl-dspi: Fix a resource leak in an error handling path (Christophe JAILLET)
• btrfs: compression: dont try to compress if we dont have enough pages (David Sterba)
• iio: accel: bma180: Fix BMA25x bandwidth register values (Stephan Gerhold)
• iio: accel: bma180: Use explicit member assignment (Linus Walleij)
• net: bcmgenet: ensure EXT_ENERGY_DET_MASK is clear (Doug Berger)
• drm: Return -ENOTTY for non-drm ioctls (Charles Baylis)
• selftest: use mmap instead of posix_memalign to allocate memory (Peter Collingbourne)
• ixgbe: Fix packet corruption due to missing DMA sync (Markus Boehme)
• media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (Gustavo A. R. Silva)
• tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33198436] {CVE-2021-3679}
• usb: dwc2: gadget: Fix sending zero length packet in DDMA mode. (Minas Harutyunyan)
• USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (John Keeping)
• USB: serial: cp210x: fix comments for GE CS1000 (Ian Ray)
• USB: serial: option: add support for u-blox LARA-R6 family (Marco De Marco)
• usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (Yoshihiro Shimoda)
• usb: max-3421: Prevent corruption of freed memory (Mark Tomlinson)
• USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (Julian Sikorski)
• usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (Mathias Nyman)
• KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Nicholas Piggin)
• xhci: Fix lost USB 2 remote wake (Mathias Nyman)
• ALSA: sb: Fix potential ABBA deadlock in CSP driver (Takashi Iwai)
• s390/ftrace: fix ftrace_update_ftrace_func implementation (Vasily Gorbik)
• Revert MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei)
• proc: Avoid mixing integer types in mem_rw() (Marcelo Henrique Cerri)
• Revert USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (Vincent Palatin)
• spi: cadence: Correct initialisation of runtime PM again (Marek Vasut)
• scsi: target: Fix protect handling in WRITE SAME(32) (Dmitry Bogdanov)
• scsi: iscsi: Fix iface sysfs attr detection (Mike Christie)
• netrom: Decrease sock refcount when sock timers expire (Nguyen Dinh Phi)
• net: decnet: Fix sleeping inside in af_decnet (Yajun Deng)
• net: fix uninit-value in caif_seqpkt_sendmsg (Ziyang Xuan)
• s390/bpf: Perform r1 range checking before accessing jit->seen_reg[r1] (Colin Ian King)
• liquidio: Fix unintentional sign extension issue on left shift of u16 (Colin Ian King)
• spi: mediatek: fix fifo rx mode (Peter Hess)
• perf probe-file: Delete namelist in del_events() on the error path (Riccardo Mancini)
• perf test bpf: Free obj_buf (Riccardo Mancini)
• perf lzma: Close lzma stream on exit (Riccardo Mancini)
• perf probe: Fix dso->nsinfo refcounting (Riccardo Mancini)
• perf map: Fix dso->nsinfo refcounting (Riccardo Mancini)
• igb: Check if num of q_vectors is smaller than max before array access (Aleksandr Loktionov)
• iavf: Fix an error handling path in iavf_probe() (Christophe JAILLET)
• e1000e: Fix an error handling path in e1000_probe() (Christophe JAILLET)
• fm10k: Fix an error handling path in fm10k_probe() (Christophe JAILLET)
• igb: Fix an error handling path in igb_probe() (Christophe JAILLET)
• ixgbe: Fix an error handling path in ixgbe_probe() (Christophe JAILLET)
• igb: Fix use-after-free error during reset (Vinicius Costa Gomes)
• ipv6: tcp: drop silly ICMPv6 packet too big messages (Eric Dumazet)
• tcp: annotate data races around tp->mtu_info (Eric Dumazet)
• dma-buf/sync_file: Dont leak fences on merge failure (Jason Ekstrand)
• net: validate lwtstate->data before returning from skb_tunnel_info() (Taehee Yoo)
• net: send SYNACK packet with accepted fwmark (Alexander Ovechkin)
• net: ti: fix UAF in tlan_remove_one (Pavel Skripkin)
• net: qcom/emac: fix UAF in emac_remove (Pavel Skripkin)
• net: moxa: fix UAF in moxart_mac_probe (Pavel Skripkin)
• net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (Florian Fainelli)
• net: bridge: sync fdb to new unicast-filtering ports (Wolfgang Bumiller)
• netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (Vasily Averin)
• net: ipv6: fix return value of ip6_skb_dst_mtu (Vadim Fedorenko)
• sched/fair: Fix CFS bandwidth hrtimer expiry type (Odin Ugedal)
• scsi: libfc: Fix array index out of bound exception (Javed Hasan)
• scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 (Colin Ian King)
• rtc: max77686: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski)
• kbuild: mkcompile_h: consider timestamp if KBUILD_BUILD_TIMESTAMP is set (Matthias Maennich)
• thermal/core: Correct function name thermal_zone_device_unregister() (Yang Yingliang)
• arm64: dts: ls208xa: remove bus-num from dspi node (Mian Yousaf Kaukab)
• arm64: dts: juno: Update SCPI nodes as per the YAML schema (Sudeep Holla)
• ARM: dts: stm32: fix RCC node name on stm32f429 MCU (Alexandre Torgue)
• ARM: imx: pm-imx5: Fix references to imx5_cpu_suspend_info (Jonathan Neuschafer)
• ARM: dts: imx6: phyFLEX: Fix UART hardware flow control (Primoz Fiser)
• ARM: dts: BCM63xx: Fix NAND nodes names (Rafal Milecki)
• ARM: NSP: dts: fix NAND nodes names (Rafal Milecki)
• ARM: Cygnus: dts: fix NAND nodes names (Rafal Milecki)
• ARM: brcmstb: dts: fix NAND nodes names (Rafal Milecki)
• reset: ti-syscon: fix to_ti_syscon_reset_data macro (Philipp Zabel)
• arm64: dts: rockchip: Fix power-controller node names for rk3328 (Elaine Zhang)
• ARM: dts: rockchip: Fix power-controller node names for rk3288 (Elaine Zhang)
• ARM: dts: rockchip: Fix the timer clocks order (Ezequiel Garcia)
• arm64: dts: rockchip: fix pinctrl sleep nodename for rk3399.dtsi (Johan Jonker)
• ARM: dts: rockchip: fix pinctrl sleep nodename for rk3036-kylin and rk3288 (Johan Jonker)
• ARM: dts: gemini: add device_type on pci (Corentin Labbe)
• Linux 4.14.240 (Greg Kroah-Hartman)
• net: bridge: multicast: fix PIM hello router port marking race (Nikolay Aleksandrov)
• MIPS: vdso: Invalid GIC access through VDSO (Martin Facknitz)
• mips: disable branch profiling in boot/decompress.o (Randy Dunlap)
• mips: always link byteswap helpers into decompressor (Arnd Bergmann)
• scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe() (Christophe JAILLET)
• ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (Aswath Govindraju)
• memory: fsl_ifc: fix leak of private memory on probe failure (Krzysztof Kozlowski)
• memory: fsl_ifc: fix leak of IO mapping on probe failure (Krzysztof Kozlowski)
• reset: bail if try_module_get() fails (Philipp Zabel)
• ARM: dts: BCM5301X: Fixup SPI binding (Rafal Milecki)
• ARM: dts: r8a7779, marzen: Fix DU clock names (Geert Uytterhoeven)
• rtc: fix snprintf() checking in is_rtc_hctosys() (Dan Carpenter)
• memory: atmel-ebi: add missing of_node_put for loop iteration (Krzysztof Kozlowski)
• ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (Krzysztof Kozlowski)
• ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (Krzysztof Kozlowski)
• reset: a10sr: add missing of_match_table reference (Krzysztof Kozlowski)
• hexagon: use common DISCARDS macro (Nathan Chancellor)
• NFSv4/pNFS: Dont call _nfs4_pnfs_v3_ds_connect multiple times (Trond Myklebust)
• ALSA: isa: Fix error return code in snd_cmi8330_probe() (Zhen Lei)
• x86/fpu: Limit xstate copy size in xstateregs_set() (Thomas Gleixner)
• ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (Zhihao Cheng)
• nfs: fix acl memory leak of posix_acl_create() (Gao Xiang)
• watchdog: aspeed: fix hardware timeout calculation (Tao Ren)
• um: fix error return code in winch_tramp() (Zhen Lei)
• um: fix error return code in slip_open() (Zhen Lei)
• power: supply: rt5033_battery: Fix device tree enumeration (Stephan Gerhold)
• PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (Krzysztof Wilczynski)
• f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs (Chao Yu)
• virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33209273] {CVE-2021-38160}
• virtio_net: Fix error handling in virtnet_restore() (Xie Yongji)
• virtio-blk: Fix memory leak among suspend/resume procedure (Xie Yongji)
• ACPI: video: Add quirk for the Dell Vostro 3350 (Hans de Goede)
• ACPI: AMBA: Fix resource name in /proc/iomem (Liguang Zhang)
• pwm: tegra: Dont modify HW state in .remove callback (Uwe Kleine-Konig)
• power: supply: ab8500: add missing MODULE_DEVICE_TABLE (Zou Wei)
• power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (Zou Wei)
• NFS: nfs_find_open_context() may only select open files (Trond Myklebust)
• ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (Jeff Layton)
• orangefs: fix orangefs df output. (Mike Marshall)
• x86/fpu: Return proper error codes from user access functions (Thomas Gleixner)
• watchdog: iTCO_wdt: Account for rebooting on second timeout (Jan Kiszka)
• watchdog: Fix possible use-after-free by calling del_timer_sync() (Zou Wei)
• watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (Zou Wei)
• watchdog: Fix possible use-after-free in wdt_startup() (Zou Wei)
• ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1 (Nick Desaulniers)
• power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (Bixuan Cui)
• power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (Krzysztof Kozlowski)
• power: supply: ab8500: Avoid NULL pointers (Linus Walleij)
• pwm: spear: Dont modify HW state in .remove callback (Uwe Kleine-Konig)
• lib/decompress_unlz4.c: correctly handle zero-padding around initrds. (Dimitri John Ledkov)
• i2c: core: Disable client irq on reboot/shutdown (Dmitry Torokhov)
• intel_th: Wait until port is in reset before programming it (Alexander Shishkin)
• staging: rtl8723bs: fix macro value for 2.4Ghz only device (Fabio Aiuto)
• ALSA: hda: Add IRQ check for platform_get_irq() (Jiajun Cao)
• backlight: lm3630a: Fix return code of .update_status() callback (Uwe Kleine-Konig)
• powerpc/boot: Fixup device-tree on little endian (Benjamin Herrenschmidt)
• usb: gadget: hid: fix error return code in hid_bind() (Yang Yingliang)
• usb: gadget: f_hid: fix endianness issue with descriptors (Ruslan Bilovol)
• ALSA: bebob: add support for ToneWeal FW66 (Takashi Sakamoto)
• ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (Zhen Lei)
• selftests/powerpc: Fix no_handler EBB selftest (Athira Rajeev)
• ALSA: ppc: fix error return code in snd_pmac_probe() (Yang Yingliang)
• gpio: zynq: Check return value of pm_runtime_get_sync (Srinivas Neeli)
• powerpc/ps3: Add dma_mask to ps3_dma_region (Geoff Levand)
• ALSA: sb: Fix potential double-free of CSP mixer elements (Takashi Iwai)
• s390/sclp_vt220: fix console name to match device (Valentin Vidic)
• mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (Zou Wei)
• scsi: qedi: Fix null ref during abort handling (Mike Christie)
• scsi: iscsi: Fix shost->max_id use (Mike Christie)
• scsi: iscsi: Add iscsi_cls_conn refcount helpers (Mike Christie)
• fs/jfs: Fix missing error code in lmLogInit() (Jiapeng Chong)
• tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (Christophe JAILLET)
• scsi: core: Cap scsi_host cmd_per_lun at can_queue (John Garry)
• scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (James Smart)
• scsi: lpfc: Fix Unexpected timeout error in direct attach topology (James Smart)
• w1: ds2438: fixing bug that would always get page0 (Luiz Sampaio)
• Revert ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto)
• misc/libmasm/module: Fix two use after free in ibmasm_init_one (Lv Yunlong)
• tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (Sherry Sun)
• PCI: aardvark: Fix kernel panic during PIO transfer (Pali Rohar)
• PCI: aardvark: Dont rely on jiffies while holding spinlock (Remi Pommarel)
• tracing: Do not reference char * as a string in histograms (Steven Rostedt (VMware))
• scsi: core: Fix bad pointer dereference when ehandler kthread is invalid (Tyrel Datwyler)
• KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run() (Lai Jiangshan)
• KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled (Sean Christopherson)
• smackfs: restrict bytes count in smk_set_cipso() (Tetsuo Handa)
• jfs: fix GPF in diFree (Pavel Skripkin)
• media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (Benjamin Drung)
• media: gspca/sunplus: fix zero-length control requests (Johan Hovold)
• media: gspca/sq905: fix control-request direction (Johan Hovold)
• media: zr364xx: fix memory leak in zr364xx_start_readpipe (Pavel Skripkin)
• media: dtv5100: fix control-request directions (Johan Hovold)
• dm btree remove: assign new_root only when removal succeeds (Hou Tao)
• ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe (Lv Yunlong)
• tracing: Simplify & fix saved_tgids logic (Paul Burton)
• seq_buf: Fix overflow in seq_buf_putmem_hex() (Yun Zhou)
• power: supply: ab8500: Fix an old bug (Linus Walleij)
• ipmi/watchdog: Stop watchdog timer when the current action is none (Petr Pavlu)
• qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (Nathan Chancellor)
• ASoC: tegra: Set driver_name=tegra for all machine drivers (Dmitry Osipenko)
• cpu/hotplug: Cure the cpusets trainwreck (Thomas Gleixner)
• ata: ahci_sunxi: Disable DIPM (Timo Sigurdsson)
• mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (Christian Lohle)
• mmc: core: clear flags before allowing to retune (Wolfram Sang)
• mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (Al Cooper)
• pinctrl/amd: Add device HID for new AMD GPIO controller (Maximilian Luz)
• drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (Jing Xiangfeng)
• usb: gadget: f_fs: Fix setting of device and driver data cross-references (Andrew Gabbasov)
• powerpc/barrier: Avoid collision with clangs __lwsync macro (Nathan Chancellor)
• mac80211: fix memory corruption in EAPOL handling (Davis Mosenkovs)
• fuse: reject internal errno (Miklos Szeredi)
• bdi: Do not use freezable workqueue (Mika Westerberg)
• fscrypt: dont ignore minor_hash when hash is 0 (Eric Biggers)
• sctp: add size validation when walking chunks (Marcelo Ricardo Leitner)
• sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33198408] {CVE-2021-3655}
• Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc. (Tim Jiang)
• Bluetooth: Shutdown controller after workqueues are flushed or cancelled (Kai-Heng Feng)
• Bluetooth: Fix the HCI to MGMT status conversion table (Yu Liu)
• wireless: wext-spy: Fix out-of-bounds warning (Gustavo A. R. Silva)
• sfc: error code if SRIOV cannot be disabled (inigo Huguet)
• sfc: avoid double pci_remove of VFs (inigo Huguet)
• iwlwifi: mvm: dont change band on bound PHY contexts (Johannes Berg)
• RDMA/rxe: Dont overwrite errno from ib_umem_get() (Xiao Yang)
• vsock: notify server to shutdown when client has pending signal (Longpeng(Mike))
• atm: nicstar: register the interrupt handler in the right place (Zheyu Ma)
• atm: nicstar: use dma_free_coherent instead of kfree (Zheyu Ma)
• MIPS: add PMD table accounting into MIPSpmd_alloc_one (Huang Pei)
• cw1200: add missing MODULE_DEVICE_TABLE (Zou Wei)
• wl1251: Fix possible buffer overflow in wl1251_cmd_scan (Lee Gibson)
• wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (Tony Lindgren)
• xfrm: Fix error reporting in xfrm_state_construct. (Steffen Klassert)
• selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC (Minchan Kim)
• fjes: check return value after calling platform_get_resource() (Yang Yingliang)
• net: micrel: check return value after calling platform_get_resource() (Yang Yingliang)
• net: bcmgenet: check return value after calling platform_get_resource() (Yang Yingliang)
• virtio_net: Remove BUG() to avoid machine dead (Xianting Tian)
• dm space maps: dont reset space map allocation cursor when committing (Joe Thornber)
• RDMA/cxgb4: Fix missing error code in create_qp() (Jiapeng Chong)
• ipv6: use prandom_u32() for ID generation (Willy Tarreau)
• clk: tegra: Ensure that PLLU configuration is applied properly (Dmitry Osipenko)
• clk: renesas: r8a77995: Add ZA2 clock (Kuninori Morimoto)
• e100: handle eeprom as little endian (Jesse Brandeburg)
• udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti)
• drm/virtio: Fix double free on probe failure (Xie Yongji)
• reiserfs: add check for invalid 1st journal block (Pavel Skripkin)
• net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT (Sebastian Andrzej Siewior)
• atm: nicstar: Fix possible use-after-free in nicstar_cleanup() (Zou Wei)
• mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei)
• atm: iphase: fix possible use-after-free in ia_module_exit() (Zou Wei)
• hugetlb: clear huge pte during flush function on mips platform (Bibo Mao)
• net: pch_gbe: Use proper accessors to BE data in pch_ptp_match() (Andy Shevchenko)
• drm/amd/amdgpu/sriov disable all ip hw status by default (Jack Zhang)
• drm/zte: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann)
• drm/mxsfb: Dont select DRM_KMS_FB_HELPER (Thomas Zimmermann)
• mmc: vub3000: fix control-request direction (Johan Hovold)
• selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random (Dave Hansen)
• mm/huge_memory.c: dont discard hugepage if other processes are mapping it (Miaohe Lin)
• leds: ktd2692: Fix an error handling path (Christophe JAILLET)
• leds: as3645a: Fix error return code in as3645a_parse_node() (Zhen Lei)
• configfs: fix memleak in configfs_release_bin_file (Chung-Chiang Cheng)
• extcon: max8997: Add missing modalias string (Marek Szyprowski)
• extcon: sm5502: Drop invalid register write in sm5502_reg_data (Stephan Gerhold)
• phy: ti: dm816x: Fix the error handling path in dm816x_usb_phy_probe() (Christophe JAILLET)
• scsi: mpt3sas: Fix error return value in _scsih_expander_add() (Zhen Lei)
• of: Fix truncation of memory sizes on 32-bit platforms (Geert Uytterhoeven)
• ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (Richard Fitzgerald)
• staging: gdm724x: check for overflow in gdm_lte_netif_rx() (Dan Carpenter)
• staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (Dan Carpenter)
• iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (Andy Shevchenko)
• s390: appldata depends on PROC_SYSCTL (Randy Dunlap)
• scsi: FlashPoint: Rename si_flags field (Randy Dunlap)
• tty: nozomi: Fix the error handling path of nozomi_card_init() (Christophe JAILLET)
• char: pcmcia: error out if num_bytes_read is greater than 4 in set_protocol() (Yu Kuai)
• Input: hil_kbd - fix error return code in hil_dev_connect() (Zhen Lei)
• ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (Yang Yingliang)
• iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (Jonathan Cameron)
• iio: adis_buffer: do not return ints in irq handlers (Nuno Sa)
• mwifiex: re-fix for unaligned accesses (Arnd Bergmann)
• tty: nozomi: Fix a resource leak in an error handling function (Christophe JAILLET)
• net: sched: fix warning in tcindex_alloc_perfect_hash (Pavel Skripkin)
• writeback: fix obtain a reference to a freeing memcg css (Muchun Song)
• Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (Luiz Augusto von Dentz)
• Revert ibmvnic: remove duplicate napi_schedule call in open function (Dany Madden)
• i40e: Fix error handling in i40e_vsi_open (Dinghao Liu)
• net: bcmgenet: Fix attaching to PYH failed on RPi 4B (Jian-Hong Pan)
• vxlan: add missing rcu_read_lock() in neigh_reduce() (Eric Dumazet)
• pkt_sched: sch_qfq: fix qfq_change_class() error path (Eric Dumazet)
• net: ethernet: ezchip: fix error handling (Pavel Skripkin)
• net: ethernet: ezchip: fix UAF in nps_enet_remove (Pavel Skripkin)
• net: ethernet: aeroflex: fix UAF in greth_of_remove (Pavel Skripkin)
• samples/bpf: Fix the error return code of xdp_redirects main() (Wang Hai)
• netfilter: nft_exthdr: check for IPv6 packet before further processing (Pablo Neira Ayuso)
• netlabel: Fix memory leak in netlbl_mgmt_add_common (Liu Shixin)
• ath10k: Fix an error code in ath10k_add_interface() (Yang Li)
• brcmsmac: mac80211_if: Fix a resource leak in an error handling path (Christophe JAILLET)
• wireless: carl9170: fix LEDS build errors & warnings (Randy Dunlap)
• drm: qxl: ensure surf.data is ininitialized (Colin Ian King)
• RDMA/rxe: Fix failure during driver load (Kamal Heib)
• ehea: fix error return code in ehea_restart_qps() (Zhen Lei)
• drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (Yang Yingliang)
• net: pch_gbe: Propagate error from devm_gpio_request_one() (Andy Shevchenko)
• ocfs2: fix snprintf() checking (Dan Carpenter)
• ACPI: sysfs: Fix a buffer overrun problem with description_show() (Krzysztof Wilczynski)
• crypto: nx - Fix RCU warning in nx842_OF_upd_status (Herbert Xu)
• spi: spi-sun6i: Fix chipselect/clock bug (Mirko Vogt)
• btrfs: clear log tree recovering status if starting transaction fails (David Sterba)
• hwmon: (max31790) Fix fan speed reporting for fan7…12 (Guenter Roeck)
• hwmon: (max31722) Remove non-standard ACPI device IDs (Guenter Roeck)
• media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (Dillon Min)
• mmc: usdhi6rol0: fix error return code in usdhi6_probe() (Zhen Lei)
• media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (Gustavo A. R. Silva)
• media: tc358743: Fix error return code in tc358743_probe_of() (Zhen Lei)
• media: exynos4-is: Fix a use after free in isp_video_release (Lv Yunlong)
• pata_ep93xx: fix deferred probing (Sergey Shtylyov)
• crypto: ccp - Fix a resource leak in an error handling path (Christophe JAILLET)
• pata_octeon_cf: avoid WARN_ON() in ata_host_activate() (Sergey Shtylyov)
• media: I2C: change RST to RSET to fix multiple build errors (Randy Dunlap)
• pata_rb532_cf: fix deferred probing (Sergey Shtylyov)
• sata_highbank: fix deferred probing (Sergey Shtylyov)
• crypto: ux500 - Fix error return code in hash_hw_final() (Zhen Lei)
• crypto: ixp4xx - dma_unmap the correct address (Corentin Labbe)
• media: s5p_cec: decrement usage count if disabled (Mauro Carvalho Chehab)
• ia64: mca_drv: fix incorrect array size calculation (Arnd Bergmann)
• HID: wacom: Correct base usage for capacitive ExpressKey status bits (Jason Gerecke)
• ACPI: tables: Add custom DSDT file as makefile prerequisite (Richard Fitzgerald)
• platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (Jiapeng Chong)
• ACPI: bus: Call kobject_put() in acpi_init() error path (Hanjun Guo)
• ACPICA: Fix memory leak caused by _CID repair function (Erik Kaneda)
• fs: dlm: fix memory leak when fenced (Alexander Aring)
• random32: Fix implicit truncation warning in prandom_seed_state() (Richard Fitzgerald)
• fs: dlm: cancel work sync othercon (Alexander Aring)
• block_dump: remove block_dump feature in mark_inode_dirty() (zhangyi (F))
• ACPI: EC: Make more Asus laptops use ECDT _GPE (Chris Chiu)
• lib: vsprintf: Fix handling of number field widths in vsscanf (Richard Fitzgerald)
• hv_utils: Fix passing zero to PTR_ERR warning (YueHaibing)
• ACPI: processor idle: Fix up C-state latency if not ordered (Mario Limonciello)
• HID: do not use down_interruptible() when unbinding devices (Dmitry Torokhov)
• regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (Axel Lin)
• btrfs: disable build on platforms having page size 256K (Christophe Leroy)
• btrfs: abort transaction if we fail to update the delayed inode (Josef Bacik)
• btrfs: fix error handling in __btrfs_update_delayed_inode (Josef Bacik)
• media: siano: fix device register error path (Mauro Carvalho Chehab)
• media: dvb_net: avoid speculation from net slot (Mauro Carvalho Chehab)
• crypto: shash - avoid comparing pointers to exported functions under CFI (Ard Biesheuvel)
• mmc: via-sdmmc: add a check against NULL pointer dereference (Zheyu Ma)
• media: dvd_usb: memory leak in cinergyt2_fe_attach (Dongliang Mu)
• media: st-hva: Fix potential NULL pointer dereferences (Evgeny Novikov)
• media: bt8xx: Fix a missing check bug in bt878_probe (Zheyu Ma)
• media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (Lv Yunlong)
• media: em28xx: Fix possible memory leak of em28xx struct (Igor Matheus Andrade Torrente)
• crypto: qat - remove unused macro in FW loader (Jack Xu)
• crypto: qat - check return code of qat_hal_rd_rel_reg() (Jack Xu)
• media: pvrusb2: fix warning in pvr2_i2c_core_done (Anirudh Rayabharam)
• media: cobalt: fix race condition in setting HPD (Hans Verkuil)
• media: cpia2: fix memory leak in cpia2_usb_probe (Pavel Skripkin)
• crypto: nx - add missing MODULE_DEVICE_TABLE (Bixuan Cui)
• spi: omap-100k: Fix the length judgment problem (Tian Tao)
• spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (Jay Fang)
• spi: spi-loopback-test: Fix tx_buf might be rx_buf (Jay Fang)
• spi: Make of_register_spi_device also set the fwnode (Charles Keepax)
• fuse: check connected before queueing on fpq->io (Miklos Szeredi)
• seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (Yun Zhou)
• rsi: Assign beacon rate settings to the correct rate_info descriptor field (Marek Vasut)
• ssb: sdio: Dont overwrite const buffer if block_write fails (Michael Buesch)
• ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (Pali Rohar)
• serial_cs: remove wrong GLOBETROTTER.cis entry (Ondrej Zary)
• serial_cs: Add Option International GSM-Ready 56K/ISDN modem (Ondrej Zary)
• serial: sh-sci: Stop dmaengine transfer in sci_stop_tx() (Yoshihiro Shimoda)
• iio: ltr501: ltr501_read_ps(): add missing endianness conversion (Oliver Lang)
• iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (Oliver Lang)
• iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (Marc Kleine-Budde)
• rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (Martin Fuzzey)
• s390/cio: dont call css_wait_for_slow_path() inside a lock (Vineeth Vijayan)
• SUNRPC: Should wake up the privileged task firstly. (Zhang Xiaoxu)
• SUNRPC: Fix the batch tasks count wraparound. (Zhang Xiaoxu)
• can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (Stephane Grosjean)
• can: gw: synchronize rcu operations before removing gw job entry (Oliver Hartkopp)
• ext4: fix avefreec in find_group_orlov (Pan Dong)
• ext4: remove check for zero nr_to_scan in ext4_es_scan() (Zhang Yi)
• ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (Zhang Yi)
• ext4: fix kernel infoleak via ext4_extent_header (Anirudh Rayabharam)
• ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (Zhang Yi)
• btrfs: clear defrag status of a root if starting transaction fails (David Sterba)
• btrfs: send: fix invalid path for unlink operations after parent orphanization (Filipe Manana)
• ARM: dts: at91: sama5d4: fix pinctrl muxing (Ludovic Desroches)
• iov_iter_fault_in_readable() should do nothing in xarray case (Al Viro)
• ntfs: fix validity check for file name attribute (Desmond Cheong Zhi Xi)
• USB: cdc-acm: blacklist Heimann USB Appset device (Hannu Hartikainen)
• usb: gadget: eem: fix echo command packet response issue (Linyu Yuan)
• net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (Pavel Skripkin)
• Input: usbtouchscreen - fix control-request directions (Johan Hovold)
• media: dvb-usb: fix wrong definition (Pavel Skripkin)
• ALSA: usb-audio: fix rate on Ozone Z90 USB headset (Daehwan Jung)
• arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33309109]
• Revert ‘net: geneve: check skb is large enough for IPv4/IPv6 header’ (Somasundaram Krishnasamy) [Orabug: 33307212]