Unbreakable Enterprise kernel-container security update

[4.14.35-2047.513.2.el7]

• Revert ‘rds/ib: recover rds connection from stuck tx path’ (Nagappan Ramasamy
  Palaniappan) [Orabug: 34124234]
  [4.14.35-2047.513.1.el7]
• mm/page-writeback: Fix performance when BDI’s share of ratio is 0. (Chi Wu) [Orabug: 34050050]
• esp: Fix possible buffer overflow in ESP transformation (Steffen Klassert) [Orabug: 33997301] {CVE-2022-27666}
  [4.14.35-2047.513.0.el7]
• rds: ib: Initialize SG table properly (Hakon Bugge) [Orabug: 34031914]
• rds: ib: Fix racy credit tracepoints (Hakon Bugge) [Orabug: 33980856]
• net/rds: Fix math on error code (Freddy Carrillo) [Orabug: 33945366]
• ice: Add E810-XXV pci device ids to UEK5 (John Donnelly) [Orabug: 33750110]
  [4.14.35-2047.512.6.el7]
• Revert ‘rds/ib: recover rds connection from stuck rx path’ (Rohit Nair)
  [Orabug: 34039271]
  [4.14.35-2047.512.5.el7]
• netfilter: nf_tables: initialize registers in nft_do_chain() (Pablo Neira Ayuso) [Orabug: 34012925] {CVE-2022-1016}
• rds: Fix incorrect initialization order (Hakon Bugge) [Orabug: 33923372]
• btrfs: unlock newly allocated extent buffer after error (Qu Wenruo) [Orabug: 33997138] {CVE-2021-4149}
• sr9700: sanity check for packet length (Oliver Neukum) [Orabug: 33962706] {CVE-2022-26966}
  [4.14.35-2047.512.4.el7]
• Linux 4.14.265 (Greg Kroah-Hartman)
• ext4: fix error handling in ext4_restore_inline_data() (Ritesh Harjani)
• EDAC/xgene: Fix deferred probing (Sergey Shtylyov)
• EDAC/altera: Fix deferred probing (Sergey Shtylyov)
• rtc: cmos: Evaluate century appropriate (Riwen Lu)
• selftests: futex: Use variable MAKE instead of make (Muhammad Usama Anjum)
• nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. (Dai Ngo)
• scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (John Meneghini)
• ASoC: fsl: Add missing error handling in pcm030_fabric_probe (Miaoqian Lin)
• drm/i915/overlay: Prevent divide by zero bugs in scaling (Dan Carpenter)
• net: macsec: Verify that send_sci is on when setting Tx sci explicitly (Lior Nahmanson)
• net: ieee802154: Return meaningful error codes from the netlink helpers (Miquel Raynal)
• net: ieee802154: ca8210: Stop leaking skb’s (Miquel Raynal)
• spi: meson-spicc: add IRQ check in meson_spicc_probe (Miaoqian Lin)
• spi: mediatek: Avoid NULL pointer crash in interrupt (Benjamin Gaignard)
• spi: bcm-qspi: check for valid cs before applying chip select (Kamal Dasu)
• iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (Joerg Roedel)
• iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (Guoqing Jiang)
• RDMA/mlx4: Don’t continue event handler after memory allocation failure (Leon Romanovsky)
• block: bio-integrity: Advance seed correctly for larger interval sizes (Martin K. Petersen)
• drm/nouveau: fix off by one in BIOS boundary checking (Nick Lopez)
• ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (Mark Brown)
• ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (Mark Brown)
• ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (Mark Brown)
• audit: improve audit queue handling when ‘audit=1’ on cmdline (Paul Moore)
• af_packet: fix data-race in packet_setsockopt / packet_setsockopt (Eric Dumazet)
• rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (Eric Dumazet)
• net: amd-xgbe: Fix skb data length underflow (Shyam Sundar S K)
• net: amd-xgbe: ensure to reset the tx_timer_active flag (Raju Rangoju)
• ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (Georgi Valkov)
• netfilter: nat: limit port clash resolution attempts (Florian Westphal)
• netfilter: nat: remove l4 protocol port rovers (Florian Westphal)
• bpf: fix truncated jump targets on heavy expansions (Daniel Borkmann)
• ipv4: raw: lock the socket in raw_bind() (Eric Dumazet)
• yam: fix a memory leak in yam_siocdevprivate() (Hangyu Hua)
• ibmvnic: don’t spin in tasklet (Sukadev Bhattiprolu)
• drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (Jose Exposito)
• drm/msm: Fix wrong size calculation (Xianting Tian)
• net-procfs: show net devices bound packet types (Jianguo Wu)
• NFSv4: nfs_atomic_open() can race when looking up a non-regular file (Trond Myklebust)
• hwmon: (lm90) Reduce maximum conversion rate for G781 (Guenter Roeck)
• ping: fix the sk_bound_dev_if match in ping_lookup (Xin Long)
• net: fix information leakage in /proc/net/ptype (Saeed Mirzamohammadi)
• ipv6_tunnel: Rate limit warning messages (Ido Schimmel)
• scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (John Meneghini)
• rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev (Matthias Kaehlcke)
• rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (Sujit Kautkar)
• i40e: fix unsigned stat widths (Joe Damato)
• i40e: Increase delay to 1 s after global EMP reset (Jedrzej Jagielski)
• lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() (Christophe Leroy)
• powerpc/32: Fix boot failure with GCC latent entropy plugin (Christophe Leroy)
• net: sfp: ignore disabled SFP node (Marek Behun)
• usb: typec: tcpm: Do not disconnect while receiving VBUS off (Badhri Jagan Sridharan)
• USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern)
• usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS (Pavankumar Kondeti)
• usb: common: ulpi: Fix crash in ulpi_match() (Jon Hunter)
• usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (Alan Stern)
• tty: Add support for Brainboxes UC cards. (Cameron Williams)
• tty: n_gsm: fix SW flow control encoding/handling ([email protected])
• serial: stm32: fix software flow control transfer (Valentin Caron)
• netfilter: nft_payload: do not update layer 4 checksum when mangling fragments (Pablo Neira Ayuso)
• PM: wakeup: simplify the output logic of pm_show_wakelocks() (Greg Kroah-Hartman)
• scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (Steffen Maier)
• s390/hypfs: include z/VM guests with access control group set (Vasily Gorbik)
• Bluetooth: refactor malicious adv data check (Brian Gix)
• Linux 4.14.264 (Greg Kroah-Hartman)
• can: bcm: fix UAF of bcm op (Ziyang Xuan)
• Linux 4.14.263 (Greg Kroah-Hartman)
• gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun)
• gianfar: simplify FCS handling and fix memory leak (Andy Spencer)
• drm/ttm/nouveau: don’t call tt destroy callback on alloc failure. (Dave Airlie)
• mips,s390,sh,sparc: gup: Work around the ‘COW can break either way’ issue (Ben Hutchings)
• lib82596: Fix IRQ check in sni_82596_probe (Miaoqian Lin)
• scripts/dtc: dtx_diff: remove broken example from help text (Matthias Schiffer)
• bcmgenet: add WOL IRQ check (Sergey Shtylyov)
• net_sched: restore ‘mpu xxx’ handling (Kevin Bracey)
• dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (Tudor Ambarus)
• dmaengine: at_xdmac: Fix lld view setting (Tudor Ambarus)
• dmaengine: at_xdmac: Print debug message after realeasing the lock (Tudor Ambarus)
• dmaengine: at_xdmac: Don’t start transactions at tx_submit level (Tudor Ambarus)
• libcxgb: Don’t accidentally set RTO_ONLINK in cxgb_find_route() (Guillaume Nault)
• netns: add schedule point in ops_exit_list() (Eric Dumazet)
• net: axienet: fix number of TX ring slots for available check (Robert Hancock)
• net: axienet: Wait for PhyRstCmplt after core reset (Robert Hancock)
• af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (Eric Dumazet)
• parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries (Miaoqian Lin)
• net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module (Tobias Waldekranz)
• powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses (Tobias Waldekranz)
• powerpc/cell: Fix clang -Wimplicit-fallthrough warning (Anders Roxell)
• RDMA/rxe: Fix a typo in opcode name (Chengguang Xu)
• RDMA/hns: Modify the mapping attribute of doorbell to device (Yixing Liu)
• Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (Lukas Bulwahn)
• firmware: Update Kconfig help text for Google firmware (Ben Hutchings)
• drm/radeon: fix error handling in radeon_driver_open_kms (Christian Konig)
• crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (Marek Vasut)
• ext4: don’t use the orphan list when migrating an inode (Theodore Ts’o)
• ext4: Fix BUG_ON in ext4_bread when write quota data (Ye Bin)
• ext4: set csum seed in tmp inode while migrating to extents (Luis Henriques)
• ext4: make sure quota gets properly shutdown on error (Jan Kara)
• iwlwifi: mvm: Increase the scan timeout guard to 30 seconds (Ilan Peer)
• cputime, cpuacct: Include guest time in user time in cpuacct.stat (Andrey Ryabinin)
• serial: Fix incorrect rs485 polarity on uart open (Lukas Wunner)
• ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (Petr Cvachoucek)
• power: bq25890: Enable continuous conversion for ADC at charging (Yauhen Kharuzhy)
• ASoC: mediatek: mt8173: fix device_node leak (Tzung-Bi Shih)
• scsi: sr: Don’t use GFP_DMA (Christoph Hellwig)
• MIPS: Octeon: Fix build errors using clang (Tianjia Zhang)
• i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters (Lakshmi Sowjanya D)
• MIPS: OCTEON: add put_device() after of_find_device_by_node() (Ye Guojin)
• ALSA: seq: Set upper limit of processed events (Takashi Iwai)
• w1: Misuse of get_user()/put_user() reported by sparse (Christophe Leroy)
• i2c: mpc: Correct I2C reset procedure (Joakim Tjernlund)
• powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING (Michael Ellerman)
• i2c: i801: Don’t silently correct invalid transfer size (Heiner Kallweit)
• powerpc/watchdog: Fix missed watchdog reset due to memory ordering race (Nicholas Piggin)
• powerpc/btext: add missing of_node_put (Julia Lawall)
• powerpc/cell: add missing of_node_put (Julia Lawall)
• powerpc/powernv: add missing of_node_put (Julia Lawall)
• powerpc/6xx: add missing of_node_put (Julia Lawall)
• parisc: Avoid calling faulthandler_disabled() twice (John David Anglin)
• serial: core: Keep mctrl register state and cached copy in sync (Lukas Wunner)
• serial: pl010: Drop CR register reset on set_termios (Lukas Wunner)
• net: phy: marvell: configure RGMII delays for 88E1118 (Russell King (Oracle))
• dm space map common: add bounds check to sm_ll_lookup_bitmap() (Joe Thornber)
• dm btree: add a defensive bounds check to insert_at() (Joe Thornber)
• mac80211: allow non-standard VHT MCS-10/11 (Ping-Ke Shih)
• net: mdio: Demote probed message to debug print (Florian Fainelli)
• btrfs: remove BUG_ON(!eie) in find_parent_nodes (Josef Bacik)
• btrfs: remove BUG_ON() in find_parent_nodes() (Josef Bacik)
• ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 (Kirill A. Shutemov)
• ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() (Rafael J. Wysocki)
• ACPICA: Utilities: Avoid deleting the same object twice in a row (Rafael J. Wysocki)
• ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions (Mark Langsdorf)
• jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (Kyeong Yoo)
• um: registers: Rename function names to avoid conflicts and build problems (Randy Dunlap)
• iwlwifi: remove module loading failure message (Johannes Berg)
• iwlwifi: fix leaks/bad data after failed firmware load (Johannes Berg)
• ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream (Zekun Shen)
• usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (Kai-Heng Feng)
• arm64: tegra: Adjust length of CCPLEX cluster MMIO region (Thierry Reding)
• mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO (Ulf Hansson)
• media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang)
• media: igorplugusb: receiver overflow should be reported (Sean Young)
• bpf: Do not WARN in bpf_warn_invalid_xdp_action() (Paolo Abeni)
• net: bonding: debug: avoid printing debug logs when bond is not notifying peers (Suresh Kumar)
• ath10k: Fix tx hanging (Sebastian Gottschall)
• iwlwifi: mvm: synchronize with FW after multicast commands (Johannes Berg)
• media: m920x: don’t use stack on USB reads (Mauro Carvalho Chehab)
• media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang)
• media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. (James Hilliard)
• floppy: Add max size check for user space request (Xiongwei Song)
• usb: uhci: add aspeed ast2600 uhci support (Neal Liu)
• mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (Zekun Shen)
• HSI: core: Fix return freed object in hsi_new_client (Chengfeng Ye)
• gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use (Hans de Goede)
• drm/bridge: megachips: Ensure both bridges are probed before registration (Martyn Welch)
• mlxsw: pci: Add shutdown method in PCI driver (Danielle Ratson)
• media: b2c2: Add missing check in flexcop_pci_isr: (Zheyu Ma)
• HID: apple: Do not reset quirks when the Fn key is not found (Jose Exposito)
• usb: gadget: f_fs: Use stream_open() for endpoint files (Pavankumar Kondeti)
• drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR (Ben Skeggs)
• ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply (Zekun Shen)
• fs: dlm: filter user dlm messages for kernel locks (Alexander Aring)
• Bluetooth: Fix debugfs entry leak in hci_register_dev() (Wei Yongjun)
• RDMA/cxgb4: Set queue pair state when being queried (Kamal Heib)
• mips: bcm63xx: add support for clk_set_parent() (Randy Dunlap)
• mips: lantiq: add support for clk_set_parent() (Randy Dunlap)
• misc: lattice-ecp3-config: Fix task hung when firmware load failed (Wei Yongjun)
• ASoC: samsung: idma: Check of ioremap return value (Jiasheng Jiang)
• iommu/iova: Fix race between FQ timeout and teardown (Xiongfeng Wang)
• dmaengine: pxa/mmp: stop referencing config->slave_id (Arnd Bergmann)
• RDMA/core: Let ib_find_gid() continue search even after empty entry (Avihai Horon)
• scsi: ufs: Fix race conditions related to driver data (Bart Van Assche)
• char/mwave: Adjust io port register size (Kees Cook)
• ALSA: oss: fix compile error when OSS_DEBUG is enabled (Bixuan Cui)
• powerpc/prom_init: Fix improper check of prom_getprop() (Peiwei Hu)
• RDMA/hns: Validate the pkey index (Kamal Heib)
• ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai)
• ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai)
• ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai)
• ext4: avoid trim error on fs with small groups (Jan Kara)
• net: mcs7830: handle usb read errors properly (Pavel Skripkin)
• pcmcia: fix setting of kthread task states (Dominik Brodowski)
• can: xilinx_can: xcan_probe(): check for error irq (Jiasheng Jiang)
• can: softing: softing_startstop(): fix set but not used variable warning (Marc Kleine-Budde)
• tpm: add request_locality before write TPM_INT_ENABLE (Chen Jun)
• spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (Miaoqian Lin)
• fsl/fman: Check for null pointer after calling devm_ioremap (Jiasheng Jiang)
• ppp: ensure minimum packet size in ppp_write() (Eric Dumazet)
• pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (Zhou Qingyang)
• pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (Zhou Qingyang)
• x86/mce/inject: Avoid out-of-bounds write when setting flags (Zhang Zixun)
• usb: ftdi-elan: fix memory leak on device disconnect (Wei Yongjun)
• media: msi001: fix possible null-ptr-deref in msi001_probe() (Wang Hai)
• media: dw2102: Fix use after free (Anton Vasilyev)
• sched/rt: Try to restart rt period timer when rt runtime exceeded (Li Hua)
• media: si2157: Fix ‘warm’ tuner state detection (Robert Schlabbach)
• media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (Zhou Qingyang)
• media: dib8000: Fix a memleak in dib8000_init() (Zhou Qingyang)
• floppy: Fix hang in watchdog when disk is ejected (Tasos Sahanidis)
• serial: amba-pl011: do not request memory region twice (Lino Sanfilippo)
• drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (Zhou Qingyang)
• drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (Zhou Qingyang)
• arm64: dts: qcom: msm8916: fix MMC controller aliases (Dmitry Baryshkov)
• netfilter: bridge: add support for pppoe filtering (Florian Westphal)
• media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (Dafna Hirschfeld)
• tty: serial: atmel: Call dma_async_issue_pending() (Tudor Ambarus)
• tty: serial: atmel: Check return code of dmaengine_submit() (Tudor Ambarus)
• crypto: qce - fix uaf on qce_ahash_register_one (Chengfeng Ye)
• media: dmxdev: fix UAF when dvb_register_device() fails (Wang Hai)
• Bluetooth: stop proccessing malicious adv data (Pavel Skripkin)
• media: em28xx: fix memory leak in em28xx_init_dev (Dongliang Mu)
• wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (Bryan O’Donoghue)
• clk: bcm-2835: Remove rounding up the dividers (Maxime Ripard)
• clk: bcm-2835: Pick the closest clock rate (Maxime Ripard)
• Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (Wang Hai)
• PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (Yifeng Li)
• shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode (Gang Li)
• can: softing_cs: softingcs_probe(): fix memleak on registration failure (Johan Hovold)
• media: stk1160: fix control-message timeouts (Johan Hovold)
• media: pvrusb2: fix control-message timeouts (Johan Hovold)
• media: redrat3: fix control-message timeouts (Johan Hovold)
• media: dib0700: fix undefined behavior in tuner shutdown (Michael Kuron)
• media: s2255: fix control-message timeouts (Johan Hovold)
• media: cpia2: fix control-message timeouts (Johan Hovold)
• media: em28xx: fix control-message timeouts (Johan Hovold)
• media: mceusb: fix control-message timeouts (Johan Hovold)
• media: flexcop-usb: fix control-message timeouts (Johan Hovold)
• rtc: cmos: take rtc_lock while reading from CMOS (Mateusz Jonczyk)
• nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() (Krzysztof Kozlowski)
• HID: wacom: Avoid using stale array indicies to read contact count (Jason Gerecke)
• HID: wacom: Ignore the confidence flag when a touch is removed (Jason Gerecke)
• HID: uhid: Fix worker destroying device without any protection (Jann Horn)
• Bluetooth: fix init and cleanup of sco_conn.timeout_work (Desmond Cheong Zhi Xi)
• Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi)
• rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (Larry Finger)
• media: uvcvideo: fix division by zero at stream start (Johan Hovold)
• orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (Christophe JAILLET)
• drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (Nathan Chancellor)
• staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (Nathan Chancellor)
• random: fix data race on crng init time (Eric Biggers)
• random: fix data race on crng_node_pool (Eric Biggers)
• can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} (Brian Silverman)
• can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (Marc Kleine-Budde)
• mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (Andy Shevchenko)
• USB: Fix ‘slab-out-of-bounds Write’ bug in usb_hcd_poll_rh_status (Alan Stern)
• USB: core: Fix bug in resuming hub’s handling of wakeup requests (Alan Stern)
• Bluetooth: bfusb: fix division by zero in send path (Johan Hovold)
• Linux 4.14.262 (Greg Kroah-Hartman)
• mISDN: change function names to avoid conflicts (wolfgang huang)
• net: udp: fix alignment problem in udp4_seq_show() (yangxingwu)
• ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao)
• scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (Lixiaokeng)
• ipv6: Do cleanup if attribute validation fails in multipath route (David Ahern)
• ipv6: Continue processing multipath route even if gateway attribute is invalid (David Ahern)
• phonet: refcount leak in pep_sock_accep (Hangyu Hua)
• rndis_host: support Hytera digital radios (Thomas Toye)
• power: reset: ltc2952: Fix use of floating point literals (Nathan Chancellor)
• sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc (Eric Dumazet)
• ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route (David Ahern)
• ipv6: Check attribute length for RTA_GATEWAY in multipath route (David Ahern)
• i40e: Fix incorrect netdev’s real number of RX/TX queues (Jedrzej Jagielski)
• i40e: fix use-after-free in i40e_sync_filters_subtask() (Di Zhu)
• mac80211: initialize variable have_higher_than_11mbit (Tom Rix)
• RDMA/core: Don’t infoleak GRH fields (Leon Romanovsky)
• ieee802154: atusb: fix uninit value in atusb_set_extended_addr (Pavel Skripkin)
• virtio_pci: Support surprise removal of virtio pci device (Parav Pandit)
• tracing: Tag trace_percpu_buffer as a percpu pointer (Naveen N. Rao)
• tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (Naveen N. Rao)
• Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models (Takashi Iwai)
  [4.14.35-2047.512.3.el7]
• lib/timerqueue: Rely on rbtree semantics for next timer (Davidlohr Bueso) [Orabug: 33406086] {CVE-2021-20317}
• rds/ib: Resize CQ if send-/recv-ring-size are changed (Hans Westgaard Ry) [Orabug: 33940520]
• uek-rpm: remove uek-rpm/ol8 (John Donnelly) [Orabug: 33665655]
• uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT (Saeed Mirzamohammadi) [Orabug: 33973455]
• sched: restore the sliding search window for select_idle_cpu() (Libo Chen) [Orabug: 33965297]
• NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) [Orabug: 33958155] {CVE-2022-24448}
• Linux 4.14.261 (Greg Kroah-Hartman)
• sctp: use call_rcu to free endpoint (Xin Long)
• net: fix use-after-free in tw_timer_handler (Muchun Song)
• Input: spaceball - fix parsing of movement data packets (Leo L. Schwab)
• Input: appletouch - initialize work before device registration (Pavel Skripkin)
• binder: fix async_free_space accounting for empty parcels (Todd Kjos)
• usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. (Vincent Pelletier)
• xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. (Mathias Nyman)
• uapi: fix linux/nfc.h userspace compilation errors (Dmitry V. Levin)
• nfc: uapi: use kernel size_t to fix user-space builds (Krzysztof Kozlowski)
• fsl/fman: Fix missing put_device() call in fman_port_probe (Miaoqian Lin)
• NFC: st21nfca: Fix memory leak in device probe and remove (Wei Yongjun)
• net: usb: pegasus: Do not drop long Ethernet frames (Matthias-Christian Ott)
• scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (Dan Carpenter)
• selinux: initialize proto variable in selinux_ip_postroute_compat() (Tom Rix)
• recordmcount.pl: fix typo in s390 mcount regex (Heiko Carstens)
• platform/x86: apple-gmux: use resource_size() with res (Wang Qing)
• HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (Hans de Goede)
• Linux 4.14.260 (Greg Kroah-Hartman)
• phonet/pep: refuse to enable an unbound pipe (Remi Denis-Courmont)
• hamradio: improve the incomplete fix to avoid NPD (Lin Ma)
• hamradio: defer ax25 kfree after unregister_netdev (Lin Ma)
• ax25: NPD bug when detaching AX25 device (Lin Ma)
• hwmon: (lm90) Do not report ‘busy’ status bit as alarm (Guenter Roeck)
• KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state (Sean Christopherson)
• usb: gadget: u_ether: fix race in setting MAC address in setup phase (Marian Postevca)
• f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (Chao Yu)
• ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling (Ard Biesheuvel)
• pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (Fabien Dessenne)
• x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (Andrew Cooper)
• Input: atmel_mxt_ts - fix double free in mxt_read_info_block (Jose Exposito)
• ALSA: drivers: opl3: Fix incorrect use of vp->state (Colin Ian King)
• ALSA: jack: Check the return value of kstrdup() (Xiaoke Wang)
• hwmon: (lm90) Fix usage of CONFIG2 register in detect function (Guenter Roeck)
• sfc: falcon: Check null pointer of rx_queue->page_ring (Jiasheng Jiang)
• drivers: net: smc911x: Check for error irq (Jiasheng Jiang)
• fjes: Check for error irq (Jiasheng Jiang)
• bonding: fix ad_actor_system option setting to default (Fernando Fernandez Mancera)
• net: skip virtio_net_hdr_set_proto if protocol already set (Willem de Bruijn)
• qlcnic: potential dereference null pointer of rx_queue->page_ring (Jiasheng Jiang)
• spi: change clk_disable_unprepare to clk_unprepare (Dongliang Mu)
• HID: holtek: fix mouse probing (Benjamin Tissoires)
• can: kvaser_usb: get CAN clock frequency from device (Jimmy Assarsson)
• net: usb: lan78xx: add Allied Telesis AT29M2-AF (Greg Jesionowski)
• x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33937656] {CVE-2021-26401}
• Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}
• x86/speculation: Fix bug in retpoline mode on AMD with ‘spectre_v2=none’ (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}
• ACPICA: Enable sleep button on ACPI legacy wake (Anchal Agarwal) [Orabug: 33925502]
• ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516}
• ipv4: avoid using shared IP generator for connected sockets (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516}
• lib/iov_iter: initialize ‘flags’ in new pipe_buffer (Max Kellermann) [Orabug: 33910800] {CVE-2022-0847}
• x86/speculation: The choice of retpoline mode is sometimes ignored (Patrick Colp) [Orabug: 33890092]
• udf: Restore i_lenAlloc when inode expansion fails (Jan Kara) [Orabug: 33870267] {CVE-2022-0617}
• udf: Fix NULL ptr deref when converting from inline format (Jan Kara) [Orabug: 33870267] {CVE-2022-0617}
• scsi: libiscsi: Hold back_lock when calling iscsi_complete_task (Gulam Mohamed) [Orabug: 33851182]
• drm/vmwgfx: Fix stale file descriptors on failed usercopy (Mathias Krause) [Orabug: 33840433] {CVE-2022-22942}
• drm/i915: Flush TLBs before releasing backing store (Tvrtko Ursulin) [Orabug: 33835811] {CVE-2022-0330}
• proc/vmcore: fix clearing user buffer by properly using clear_user() (David Hildenbrand) [Orabug: 33832650]
• rds/ib: recover rds connection from stuck rx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820767]
• rds: ib: Make selection of completion_vector QoS aware (Hakon Bugge) [Orabug: 33819408]
• Enable CONFIG_DM_DUST and nano for UEK5 (Gulam Mohamed) [Orabug: 33653698]
• dm dust: use dust block size for badblocklist index (Bryan Gurney) [Orabug: 33653698]
• dm dust: Make dm_dust_init and dm_dust_exit static (YueHaibing) [Orabug: 33653698]
• dm dust: remove redundant unsigned comparison to less than zero (Colin Ian King) [Orabug: 33653698]
• dm: add dust target (Bryan Gurney) [Orabug: 33653698]
• hugetlbfs: flush TLBs correctly after huge_pmd_unshare (Nadav Amit) [Orabug: 33617219] {CVE-2021-4002}
• rds/ib: recover rds connection from stuck tx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820747]
• uek-rpm: Add missing symbols to kabi_lockedlist (Stephen Brennan) [Orabug: 33871558]
  [4.14.35-2047.512.1.el7]
• Revert ‘stable: clamp SUBLEVEL in 4.14’ (Alan Maguire) [Orabug: 33861950]
• tipc: improve size validations for received domain records (Jon Maloy) [Orabug: 33850803] {CVE-2022-0435}
• cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33825688] {CVE-2022-0492}
• blk-stat: delete useless code (Shaohua Li) [Orabug: 33772945]
• DMA/rxe: Update default value of RXE_MAX_PDN (Rao Shoaib) [Orabug: 33676598]
  [4.14.35-2047.512.0.el7]
• bpf: Disallow unprivileged bpf by default (Pawan Gupta) [Orabug: 33734682]
• bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33734682]
• RDMA/rxe: Use correct sizing on buffers holding page DMA addresses (Shiraz Saleem) [Orabug: 33676942]
• hwmon: (k10temp) Add support for Zen3 CPUs (Rahul Rohit) [Orabug: 33782835]
• arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (Ard Biesheuvel) [Orabug: 33787546]
• uek-rpm: Pensando: Enable Elba EDAC (Dave Kleikamp) [Orabug: 33831294]
• dsc-drivers: update for 1.15.9-C-64 (Dave Kleikamp) [Orabug: 33831294]
• drivers/hwmon: Adding support LTC3888 (David Clear) [Orabug: 33831294]
• drivers/edac: Add Elba EDAC support (David Clear) [Orabug: 33831294]
• arm64/configs: Remove CONFIG_PENSANDO_SOC_CAPMEM_HUGEPAGE (David Clear) [Orabug: 33831294]
• drivers/soc/pensando: Add reset cause driver (David Clear) [Orabug: 33831294]
• net/rds: Fix memory leak in __rds_conn_create() on alloc_ordered_workqueue fail (Freddy Carrillo) [Orabug: 33811475]
• x86/smpboot: check cpu_initialized_mask first after returning from schedule() (Dongli Zhang) [Orabug: 33544127]
• Linux 4.14.259 (Greg Kroah-Hartman)
• xen/console: harden hvc_xen against event channel storms (Juergen Gross)
• Input: touchscreen - avoid bitwise vs logical OR warning (Nathan Chancellor)
• ARM: 8800/1: use choice for kernel unwinders (Stefan Agner)
• mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (Nathan Chancellor)
• ARM: 8805/2: remove unneeded naked function usage (Nicolas Pitre)
• net: lan78xx: Avoid unnecessary self assignment (Nathan Chancellor)
• fuse: annotate lock in fuse_reverse_inval_entry() (Miklos Szeredi)
• ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name (Fabio Estevam)
• firmware: arm_scpi: Fix string overflow in SCPI genpd driver (Sudeep Holla)
• net: systemport: Add global locking for descriptor lifecycle (Florian Fainelli)
• libata: if T_LENGTH is zero, dma direction should be DMA_NONE (George Kennedy)
• timekeeping: Really make sure wall_to_monotonic isn’t positive (Yu Liao)
• USB: serial: option: add Telit FN990 compositions (Daniele Palmas)
• PCI/MSI: Mask MSI-X vectors only on success (Stefan Roese)
• PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (Thomas Gleixner)
• USB: gadget: bRequestType is a bitfield, not a enum (Greg Kroah-Hartman)
• sit: do not call ipip6_dev_free() from sit_init_net() (Eric Dumazet)
• net/packet: rx_owner_map depends on pg_vec (Willem de Bruijn)
• ixgbe: set X550 MDIO speed before talking to PHY (Cyril Novikov)
• igbvf: fix double free in ‘igbvf_probe’ (Letu Ren)
• soc/tegra: fuse: Fix bitwise vs. logical OR warning (Nathan Chancellor)
• dmaengine: st_fdma: fix MODULE_ALIAS (Alyssa Ross)
• ARM: socfpga: dts: fix qspi node compatible (Dinh Nguyen)
• x86/sme: Explicitly map new EFI memmap table as encrypted (Tom Lendacky)
• nfsd: fix use-after-free due to delegation race (J. Bruce Fields)
• audit: improve robustness of the audit queue handling (Paul Moore)
• dm btree remove: fix use after free in rebalance_children() (Joe Thornber)
• recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (Jerome Marchand)
• mac80211: send ADDBA requests using the tid/queue of the aggregation session (Felix Fietkau)
• hwmon: (dell-smm) Fix warning on /proc/i8k creation error (Armin Wolf)
• bpf: fix panic due to oob in bpf_prog_test_run_skb (Daniel Borkmann)
• tracing: Fix a kmemleak false positive in tracing_map (Chen Jun)
• net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Harshit Mogalapalli)
• i2c: rk3x: Handle a spurious start completion interrupt flag (Ondrej Jirman)
• parisc/agp: Annotate parisc agp init functions with __init (Helge Deller)
• net/mlx4_en: Update reported link modes for 1/10G (Erik Ekman)
• drm/msm/dsi: set default num_data_lanes (Philip Chen)
• nfc: fix segfault in nfc_genl_dump_devices_done (Tadeusz Struk)
• Linux 4.14.258 (Greg Kroah-Hartman)
• irqchip: nvic: Fix offset for Interrupt Priority Offsets (Vladimir Murzin)
• irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL (Wudi Wang)
• irqchip/armada-370-xp: Fix support for Multi-MSI interrupts (Pali Rohar)
• irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() (Pali Rohar)
• iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (Yang Yingliang)
• iio: adc: axp20x_adc: fix charging current reporting on AXP22x (Evgeny Boger)
• iio: dln2: Check return value of devm_iio_trigger_register() (Lars-Peter Clausen)
• iio: dln2-adc: Fix lockdep complaint (Noralf Tronnes)
• iio: itg3200: Call iio_trigger_notify_done() on error (Lars-Peter Clausen)
• iio: kxsd9: Don’t return error code in trigger handler (Lars-Peter Clausen)
• iio: ltr501: Don’t return error code in trigger handler (Lars-Peter Clausen)
• iio: mma8452: Fix trigger reference couting (Lars-Peter Clausen)
• iio: stk3310: Don’t return error code in interrupt handler (Lars-Peter Clausen)
• iio: trigger: stm32-timer: fix MODULE_ALIAS (Alyssa Ross)
• iio: trigger: Fix reference counting (Lars-Peter Clausen)
• usb: core: config: using bit mask instead of individual bits (Pavel Hofman)
• xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending (Kai-Heng Feng)
• usb: core: config: fix validation of wMaxPacketValue entries (Pavel Hofman)
• USB: gadget: zero allocate endpoint 0 buffers (Greg Kroah-Hartman)
• USB: gadget: detect too-big endpoint 0 requests (Greg Kroah-Hartman)
• net/qla3xxx: fix an error code in ql_adapter_up() (Dan Carpenter)
• net, neigh: clear whole pneigh_entry at alloc time (Eric Dumazet)
• net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() (Joakim Zhang)
• net: altera: set a couple error code in probe() (Dan Carpenter)
• net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (Lee Jones)
• qede: validate non LSO skb length (Manish Chopra)
• block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (Davidlohr Bueso)
• signalfd: use wake_up_pollfree() (Eric Biggers)
• binder: use wake_up_pollfree() (Eric Biggers)
• wait: add wake_up_pollfree() (Eric Biggers)
• libata: add horkage for ASMedia 1092 (Hannes Reinecke)
• can: m_can: Disable and ignore ELO interrupt (Brian Silverman)
• can: pch_can: pch_can_rx_normal: fix use after free (Vincent Mailhol)
• tracefs: Have new files inherit the ownership of their parent (Steven Rostedt (VMware))
• ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() (Takashi Iwai)
• ALSA: pcm: oss: Limit the period size to 16MB (Takashi Iwai)
• ALSA: pcm: oss: Fix negative period/buffer sizes (Takashi Iwai)
• ALSA: ctl: Fix copy of updated id with element read/write (Alan Young)
• mm: bdi: initialize bdi_min_ratio when bdi is unregistered (Manjong Lee)
• IB/hfi1: Correct guard on eager buffer deallocation (Mike Marciniszyn)
• seg6: fix the iif in the IPv6 socket control block (Andrea Mayer)
• nfp: Fix memory leak in nfp_cpp_area_cache_add() (Jianglei Nie)
• bpf: Fix the off-by-two error in range markings (Maxim Mikityanskiy)
• nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (Krzysztof Kozlowski)
• can: sja1000: fix use after free in ems_pcmcia_add_card() (Dan Carpenter)
• HID: check for valid USB device for many HID drivers (Greg Kroah-Hartman)
• HID: wacom: fix problems when device is not a valid USB device (Greg Kroah-Hartman)
• HID: add USB_HID dependancy on some USB HID drivers (Greg Kroah-Hartman)
• HID: add USB_HID dependancy to hid-chicony (Greg Kroah-Hartman)
• HID: add USB_HID dependancy to hid-prodikeys (Greg Kroah-Hartman)
• HID: add hid_is_usb() function to make it simpler for USB detection (Greg Kroah-Hartman)
• Linux 4.14.257 (Greg Kroah-Hartman) {CVE-2021-38199}
• parisc: Mark cr16 CPU clocksource unstable on all SMP machines (Helge Deller)
• serial: core: fix transmit-buffer reset and memleak (Johan Hovold)
• serial: pl011: Add ACPI SBSA UART match id (Pierre Gondois)
• tty: serial: msm_serial: Deactivate RX DMA for polling support (Sven Eckelmann)
• x86/64/mm: Map all kernel memory into trampoline_pgd (Joerg Roedel)
• usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (Badhri Jagan Sridharan)
• xhci: Fix commad ring abort, write all 64 bits to CRCR register. (Mathias Nyman)
• vgacon: Propagate console boot parameters before calling ‘vc_resize’ (Maciej W. Rozycki)
• parisc: Fix ‘make install’ on newer debian releases (Helge Deller)
• parisc: Fix KBUILD_IMAGE for self-extracting kernel (Helge Deller)
• net/smc: Keep smc_close_final rc during active close (Tony Lu)
• net/rds: correct socket tunable error in rds_tcp_tune() (William Kucharski)
• net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of ‘0’ if no IRQ is available (Sven Schuchmann)
• net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() (Zhou Qingyang)
• siphash: use _unaligned version by default (Arnd Bergmann)
• net: mpls: Fix notifications when deleting a device (Benjamin Poirier)
• net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (Zhou Qingyang)
• natsemi: xtensa: fix section mismatch warnings (Randy Dunlap)
• sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (Baokun Li)
• sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (Baokun Li)
• kprobes: Limit max data_size of the kretprobe instances (Masami Hiramatsu)
• vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit (Stephen Suryaputra)
• perf hist: Fix memory leak of a perf_hpp_fmt (Ian Rogers)
• net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock() (Teng Qi)
• net: tulip: de4x5: fix the problem that the array ‘lp->phy[8]’ may be out of bound (zhangyue)
• ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Teng Qi)
• scsi: iscsi: Unblock session then wake up error handler (Mike Christie)
• thermal: core: Reset previous low and high trip during thermal zone init (Manaf Meethalavalappu Pallikunhi)
• btrfs: check-integrity: fix a warning on write caching disabled disk (Wang Yugui)
• s390/setup: avoid using memblock_enforce_memory_limit (Vasily Gorbik)
• platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (Slark Xiao)
• net: return correct error code (liuguoqiang)
• NFSv42: Fix pagecache invalidation after COPY/CLONE (Benjamin Coddington)
• ipc: WARN if trying to remove ipc object which is absent (Alexander Mikhalitsyn)
• shm: extend forced shm destroy to support objects from several IPC nses (Alexander Mikhalitsyn)
• tty: hvc: replace BUG_ON() with negative return value (Juergen Gross)
• xen: sync include/xen/interface/io/ring.h with Xen’s newest version (Juergen Gross)
• fuse: release pipe buf after last use (Miklos Szeredi)
• NFC: add NCI_UNREG flag to eliminate the race (Lin Ma)
• arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (Marek Behun)
• arm64: dts: marvell: armada-37xx: declare PCIe reset pin (Miquel Raynal)
• pinctrl: armada-37xx: Correct PWM pins definitions (Marek Behun)
• pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup (Gregory CLEMENT)
• pinctrl: armada-37xx: Correct mpp definitions (Marek Behun)
• PCI: aardvark: Fix checking for link up via LTSSM state (Pali Rohar)
• PCI: aardvark: Fix link training (Pali Rohar)
• PCI: aardvark: Fix PCIe Max Payload Size setting (Pali Rohar)
• PCI: aardvark: Configure PCIe resources from ‘ranges’ DT property (Pali Rohar)
• PCI: aardvark: Remove PCIe outbound window configuration (Evan Wang)
• PCI: aardvark: Update comment about disabling link training (Pali Rohar)
• PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() (Pali Rohar)
• PCI: aardvark: Fix compilation on s390 (Pali Rohar)
• PCI: aardvark: Don’t touch PCIe registers if no card connected (Pali Rohar)
• PCI: aardvark: Introduce an advk_pcie_valid_device() helper (Thomas Petazzoni)
• PCI: aardvark: Indicate error in ‘val’ when config read fails (Pali Rohar)
• PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros (Pali Rohar)
• PCI: aardvark: Issue PERST via GPIO (Pali Rohar)
• PCI: aardvark: Improve link training (Marek Behun)
• PCI: aardvark: Train link immediately after enabling training (Pali Rohar)
• PCI: aardvark: Wait for endpoint to be ready before training link (Remi Pommarel)
• PCI: aardvark: Fix a leaked reference by adding missing of_node_put() (Wen Yang)
• PCI: aardvark: Fix I/O space page leak (Sergei Shtylyov)
• s390/mm: validate VMA in PGSTE manipulation functions (David Hildenbrand)
• tracing: Check pid filtering when creating events (Steven Rostedt (VMware))
• vhost/vsock: fix incorrect used length reported to the guest (Stefano Garzarella)
• net/smc: Don’t call clcsock shutdown twice when smc shutdown (Tony Lu)
• MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 (Huang Pei)
• tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows (Eric Dumazet)
• net/smc: Ensure the active closing peer first closes clcsock (Tony Lu)
• ipv6: fix typos in __ip6_finish_output() (Eric Dumazet)
• drm/vc4: fix error code in vc4_create_object() (Dan Carpenter)
• scsi: mpt3sas: Fix kernel panic during drive powercycle test (Sreekanth Reddy)
• ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE (Takashi Iwai)
• NFSv42: Don’t fail clone() unless the OP_CLONE operation failed (Trond Myklebust)
• net: ieee802154: handle iftypes as u32 (Alexander Aring)
• ASoC: topology: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai)
• ARM: dts: BCM5301X: Add interrupt properties to GPIO node (Florian Fainelli)
• ARM: dts: BCM5301X: Fix I2C controller interrupt (Florian Fainelli)
• netfilter: ipvs: Fix reuse connection if RS weight is 0 (yangxingwu)
• tracing: Fix pid filtering when triggers are attached (Steven Rostedt (VMware))
• xen: detect uninitialized xenbus in xenbus_init (Stefano Stabellini)
• xen: don’t continue xenstore initialization in case of errors (Stefano Stabellini)
• fuse: fix page stealing (Miklos Szeredi)
• staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (Dan Carpenter)
• HID: wacom: Use ‘Confidence’ flag to prevent reporting invalid contacts (Jason Gerecke)
• media: cec: copy sequence field for the reply (Hans Verkuil)
• ALSA: ctxfi: Fix out-of-range access (Takashi Iwai)
• usb: hub: Fix locking issues with address0_mutex (Mathias Nyman)
• usb: hub: Fix usb enumeration issue due to address0 race (Mathias Nyman)
• USB: serial: option: add Fibocom FM101-GL variants (Mingjie Zhang)
• USB: serial: option: add Telit LE910S1 0x9200 composition (Daniele Palmas)