openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:0716-1
Rating:             important
References:         #1043990 #1055117 #1065729 #1152457 #1152489 
                    #1156395 #1167260 #1168838 #1174416 #1174426 
                    #1178089 #1179243 #1179825 #1179851 #1180846 
                    #1181161 #1182613 #1182999 #1183063 #1183203 
                    #1183289 #1184208 #1184209 #1184436 #1184514 
                    #1184650 #1184724 #1184728 #1184730 #1184731 
                    #1184736 #1184737 #1184738 #1184740 #1184741 
                    #1184742 #1184760 #1184811 #1184893 #1184934 
                    #1184942 #1184957 #1184969 #1184984 #1185041 
                    #1185113 #1185233 #1185244 #1185269 #1185365 
                    #1185454 #1185472 #1185491 #1185549 #1185586 
                    #1185587 #1185606 
Cross-References:   CVE-2021-29155 CVE-2021-29650
CVSS scores:
                    CVE-2021-29155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-29155 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-29650 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-29650 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    openSUSE Leap 15.2
______________________________________________________________________________

   An update that solves two vulnerabilities and has 55 fixes
   is now available.

Description:



   The openSUSE Leap 15.2 kernel was updated to receive various security and
   bugfixes.

   The following security bugs were fixed:

   - CVE-2021-29650: The netfilter subsystem allowed attackers to cause a
     denial of service (panic) because net/netfilter/x_tables.c and
     include/linux/netfilter/x_tables.h lack a full memory barrier upon the
     assignment of a new table value, aka CID-175e476b8cdf (bnc#1184208).
   - CVE-2021-29155: kernel/bpf/verifier.c performs undesirable out-of-bounds
     speculation on pointer arithmetic, leading to side-channel attacks that
     defeat Spectre mitigations and obtain sensitive information from kernel
     memory. Specifically, for sequences of pointer arithmetic operations,
     the pointer modification performed by the first operation is not
     correctly accounted for when restricting subsequent operations
     (bnc#1184942).

   The following non-security bugs were fixed:

   - ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes).
   - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
     (git-fixes).
   - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
     (git-fixes).
   - ALSA: hda/cirrus: Add Headphone and Headset MIC Volume Control
     (git-fixes).
   - ALSA: hda/cirrus: Add error handling into CS8409 I2C functions
     (git-fixes).
   - ALSA: hda/cirrus: Add jack detect interrupt support from CS42L42
     companion codec (git-fixes).
   - ALSA: hda/cirrus: Add support for CS8409 HDA bridge and CS42L42
     companion codec (git-fixes).
   - ALSA: hda/cirrus: Cleanup patch_cirrus.c code (git-fixes).
   - ALSA: hda/cirrus: Fix CS42L42 Headset Mic volume control name
     (git-fixes).
   - ALSA: hda/cirrus: Make CS8409 driver more generic by using fixups
     (git-fixes).
   - ALSA: hda/cirrus: Set Initial DMIC volume for Bullseye to -26 dB
     (git-fixes).
   - ALSA: hda/cirrus: Use CS8409 filter to fix abnormal sounds on Bullseye
     (git-fixes).
   - ALSA: hda/realtek - Headset Mic issue on HP platform (git-fixes).
   - ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx (git-fixes).
   - ALSA: hda/realtek: GA503 use same quirks as GA401 (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 HP quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
     (git-fixes).
   - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC662 quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes).
   - ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
     (git-fixes).
   - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill
     devices (git-fixes).
   - ALSA: hda/realtek: fix mic boost on Intel NUC 8 (git-fixes).
   - ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops (git-fixes).
   - ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes).
   - ALSA: usb-audio: Add DJM450 to Pioneer format quirk (git-fixes).
   - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes).
   - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
     (git-fixes).
   - ALSA: usb-audio: Configure Pioneer DJM-850 samplerate (git-fixes).
   - ALSA: usb-audio: DJM-750: ensure format is set (git-fixes).
   - ALSA: usb-audio: Explicitly set up the clock selector (git-fixes).
   - ALSA: usb-audio: Fix Pioneer DJM devices URB_CONTROL request direction
     to set samplerate (git-fixes).
   - ALSA: usb-audio: Fix implicit sync clearance at stopping stream
     (git-fixes).
   - ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails
     (git-fixes).
   - ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
     (git-fixes).
   - ASoC: SOF: Intel: HDA: fix core status verification (git-fixes).
   - ASoC: SOF: Intel: hda: remove unnecessary parentheses (git-fixes).
   - ASoC: ak5558: Fix s/show/slow/ typo (git-fixes).
   - ASoC: ak5558: correct reset polarity (git-fixes).
   - ASoC: samsung: tm2_wm5110: check of of_parse return value (git-fixes).
   - ASoC: simple-card: fix possible uninitialized single_cpu local variable
     (git-fixes).
   - HID: alps: fix error return code in alps_input_configured() (git-fixes).
   - HID: google: add don USB id (git-fixes).
   - HID: plantronics: Workaround for double volume key presses (git-fixes).
   - HID: wacom: Assign boolean values to a bool variable (git-fixes).
   - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of
     devices (git-fixes).
   - Input: i8042 - fix Pegatron C15B ID entry (git-fixes).
   - Input: nspire-keypad - enable interrupts only when opened (git-fixes).
   - Input: s6sy761 - fix coordinate read bit shift (git-fixes).
   - KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
     (bsc#1156395).
   - KVM: PPC: Make the VMX instruction emulation routines static
     (bsc#1156395).
   - KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (bsc#1152489).
   - Move upstreamed i915 fix into sorted section
   - PCI/AER: Add RCEC AER error injection support (bsc#1174426).
   - PCI/AER: Add pcie_walk_rcec() to RCEC AER handling (bsc#1174426).
   - PCI/AER: Clear AER status from Root Port when resetting Downstream Port
     (bsc#1174426).
   - PCI/AER: Specify the type of Port that was reset (bsc#1174426).
   - PCI/AER: Use "aer" variable for capability offset (bsc#1174426).
   - PCI/AER: Write AER Capability only when we control it (bsc#1174426).
   - PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() (bsc#1174426).
   - PCI/ERR: Add pcie_link_rcec() to associate RCiEPs (bsc#1174426).
   - PCI/ERR: Avoid negated conditional for clarity (bsc#1174426).
   - PCI/ERR: Bind RCEC devices to the Root Port driver (bsc#1174426).
   - PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
     (bsc#1174426).
   - PCI/ERR: Clear AER status only when we control AER (bsc#1174426).
   - PCI/ERR: Clear PCIe Device Status errors only if OS owns AER
     (bsc#1174426).
   - PCI/ERR: Clear status of the reporting device (bsc#1174426).
   - PCI/ERR: Recover from RCEC AER errors (bsc#1174426).
   - PCI/ERR: Recover from RCiEP AER errors (bsc#1174426).
   - PCI/ERR: Rename reset_link() to reset_subordinates() (bsc#1174426).
   - PCI/ERR: Retain status from error notification (bsc#1174426).
   - PCI/ERR: Simplify by computing pci_pcie_type() once (bsc#1174426).
   - PCI/ERR: Simplify by using pci_upstream_bridge() (bsc#1174426).
   - PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() (bsc#1174426).
   - PCI/PME: Add pcie_walk_rcec() to RCEC PME handling (bsc#1174426).
   - PCI/portdrv: Report reset for frozen channel (bsc#1174426).
   - PCI: designware-ep: Fix the Header Type check (git-fixes).
   - PCI: tegra: Fix ASPM-L1SS advertisement disable code (git-fixes).
   - PCI: tegra: Move "dbi" accesses to post common DWC initialization
     (git-fixes).
   - PM: runtime: Add documentation for pm_runtime_resume_and_get()
     (git-fixes).
   - Revert "USB: cdc-acm: fix rounding error in TIOCSSERIAL" (git-fixes).
   - Revert "bcache: Kill btree_io_wq" (git-fixes).
   - Revert "dm cache: fix arm link errors with inline" (git-fixes).
   - USB: CDC-ACM: fix poison/unpoison imbalance (bsc#1184984).
   - USB: CDC-ACM: fix poison/unpoison imbalance (git-fixes).
   - USB: cdc-acm: fix TIOCGSERIAL implementation (git-fixes).
   - USB: cdc-acm: fix unprivileged TIOCCSERIAL (git-fixes).
   - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
     (git-fixes).
   - USB: serial: ark3116: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: f81232: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: f81534: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: fix return value for unsupported ioctls (git-fixes).
   - USB: serial: mos7720: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: opticon: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: quatech2: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: ssu100: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: usb_wwan: fix TIOCGSERIAL implementation (git-fixes).
   - USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions (git-fixes).
   - USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes).
   - arm: dts: add imx7d pcf2127 fix to blacklist
   - ata: libahci_platform: fix IRQ check (git-fixes).
   - ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
     (git-fixes).
   - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
     (git-fixes).
   - backlight: journada720: Fix Wmisleading-indentation warning (git-fixes).
   - blkcg: fix memleak for iolatency (git-fixes).
   - block, bfq: set next_rq to waker_bfqq->next_rq in waker injection
     (bsc#1168838).
   - block: recalculate segment count for multi-segment discards correctly
     (bsc#1184724).
   - block: rsxx: select CONFIG_CRC32 (git-fixes).
   - bluetooth: eliminate the potential race condition when removing the HCI
     controller (git-fixes).
   - bnxt_en: reverse order of TX disable and carrier off (git-fixes).
   - bsg: free the request before return error code (git-fixes).
   - btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1185549).
   - btrfs: fix race between swap file activation and snapshot creation
     (bsc#1185587).
   - btrfs: fix race between writes to swap files and scrub (bsc#1185586).
   - btrfs: track qgroup released data in own variable in
     insert_prealloc_file_extent (bsc#1185549).
   - bus: qcom: Put child node before return (git-fixes).
   - cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes).
   - clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes).
   - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1
     GHz (git-fixes).
   - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to
     L0 (git-fixes).
   - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM
     clock (git-fixes).
   - clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE (git-fixes).
   - clk: uniphier: Fix potential infinite loop (git-fixes).
   - clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
     (git-fixes).
   - coresight: etm4x: Fix issues on trcseqevr access (git-fixes).
   - coresight: etm4x: Fix save and restore of TRCVMIDCCTLR1 register
     (git-fixes).
   - coresight: tmc-etr: Fix barrier packet insertion for perf buffer
     (git-fixes).
   - cpufreq: Kconfig: fix documentation links (git-fixes).
   - cpufreq: armada-37xx: Fix determining base CPU frequency (git-fixes).
   - cpufreq: armada-37xx: Fix driver cleanup when registration failed
     (git-fixes).
   - cpufreq: armada-37xx: Fix setting TBG parent for load levels (git-fixes).
   - cpufreq: armada-37xx: Fix the AVS value for load L1 (git-fixes).
   - crypto: arm/curve25519 - Move '.fpu' after '.arch' (git-fixes).
   - crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
     (git-fixes).
   - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
     cxgb4 and ulds (git-fixes).
   - cxgb4: avoid collecting SGE_QBASE regs during traffic (git-fixes).
   - dm era: Fix bitset memory leaks (git-fixes).
   - dm era: Recover committed writeset after crash (git-fixes).
   - dm era: Reinitialize bitset cache before digesting a new writeset
     (git-fixes).
   - dm era: Update in-core bitset after committing the metadata (git-fixes).
   - dm era: Use correct value size in equality function of writeset tree
     (git-fixes).
   - dm era: Verify the data block size hasn't changed (git-fixes).
   - dm era: only resize metadata in preresume (git-fixes).
   - dm integrity: fix error reporting in bitmap mode after creation
     (git-fixes).
   - dm ioctl: fix error return code in target_message (git-fixes).
   - dm mpath: fix racey management of PG initialization (git-fixes).
   - dm raid: fix discard limits for raid1 (git-fixes).
   - dm writecache: fix the maximum number of arguments (git-fixes).
   - dm writecache: handle DAX to partitions on persistent memory correctly
     (git-fixes).
   - dm writecache: remove BUG() and fail gracefully instead (git-fixes).
   - dm zoned: select CONFIG_CRC32 (git-fixes).
   - dm: eliminate potential source of excessive kernel log noise (git-fixes).
   - dm: fix bug with RCU locking in dm_blk_report_zones (git-fixes).
   - dm: remove invalid sparse __acquires and __releases annotations
     (git-fixes).
   - dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes).
   - dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
     (git-fixes).
   - dpaa_eth: Use random MAC address when none is given (bsc#1184811).
   - dpaa_eth: copy timestamp fields to new skb in A-050385 workaround
     (git-fixes).
   - dpaa_eth: fix the RX headroom size alignment (git-fixes).
   - dpaa_eth: update the buffer layout for non-A050385 erratum scenarios
     (git-fixes).
   - drivers: net: xgene: Fix the order of the arguments of
     'alloc_etherdev_mqs()' (git-fixes).
   - drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes).
   - drm/ast: AST2500 fixups (bsc#1174416).
   - drm/ast: Add 25MHz refclk support (bsc#1174416).
   - drm/ast: Add support for 1152x864 mode (bsc#1174416).
   - drm/ast: Add support for AIP200 (bsc#1174416).
   - drm/ast: Correct mode table for AST2500 precatch (bsc#1174416).
   - drm/ast: Disable VGA decoding while driver is active (bsc#1174416).
   - drm/ast: Disable screen on register init (bsc#1174416).
   - drm/ast: Fix P2A config detection (bsc#1174416).
   - drm/ast: Fix register access in non-P2A mode for DP501 (bsc#1174416).
   - drm/ast: Keep MISC fields when enabling VGA (bsc#1174416).
   - drm/ast: drm/ast: Fix boot address for AST2500 (bsc#1174416).
   - drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes).
   - drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes).
   - drm/msm: Fix a5xx/a6xx timestamps (git-fixes).
   - drm/omap: fix misleading indentation in pixinc() (git-fixes).
   - drm/radeon: fix copy of uninitialized variable back to userspace
     (git-fixes).
   - drm/tegra: dc: Do not set PLL clock to 0Hz (git-fixes).
   - e1000e: Fix duplicate include guard (git-fixes).
   - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes).
   - e1000e: add rtnl_lock() to e1000_reset_task (git-fixes).
   - enetc: Let the hardware auto-advance the taprio base-time of 0
     (git-fixes).
   - enetc: Workaround for MDIO register access issue (git-fixes).
   - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
     (git-fixes).
   - ext4: do not try to set xattr into ea_inode if value is empty
     (bsc#1184730).
   - ext4: find old entry again if failed to rename whiteout (bsc#1184742).
   - ext4: fix potential error in ext4_do_update_inode (bsc#1184731).
   - ext4: fix potential htree index checksum corruption (bsc#1184728).
   - firmware: qcom-scm: Fix QCOM_SCM configuration (git-fixes).
   - fnic: use scsi_host_busy_iter() to traverse commands (bsc#1179851).
   - fotg210-udc: Complete OUT requests on short packets (git-fixes).
   - fotg210-udc: Do not DMA more than the buffer can take (git-fixes).
   - fotg210-udc: Fix DMA on EP0 for length > max packet size (git-fixes).
   - fotg210-udc: Fix EP0 IN requests bigger than two packets (git-fixes).
   - fotg210-udc: Mask GRP2 interrupts we do not handle (git-fixes).
   - fotg210-udc: Remove a dubious condition leading to fotg210_done
     (git-fixes).
   - fs/jfs: fix potential integer overflow on shift of a int (bsc#1184741).
   - fs: direct-io: fix missing sdio->boundary (bsc#1184736).
   - fsl/fman: reuse set_mac_address() in dtsec init() (bsc#1184811).
   - fsl/fman: tolerate missing MAC address in device tree (bsc#1184811).
   - gpio: omap: Save and restore sysconfig (git-fixes).
   - gpio: sysfs: Obey valid_mask (git-fixes).
   - i2c: cadence: add IRQ check (git-fixes).
   - i2c: emev2: add IRQ check (git-fixes).
   - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
     (git-fixes).
   - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
     (git-fixes).
   - i2c: jz4780: add IRQ check (git-fixes).
   - i2c: omap: fix reference leak when pm_runtime_get_sync fails (git-fixes).
   - i2c: sh7760: add IRQ check (git-fixes).
   - i2c: sh7760: fix IRQ error path (git-fixes).
   - i2c: sprd: fix reference leak when pm_runtime_get_sync fails (git-fixes).
   - i40e: Add zero-initialization of AQ command structures (git-fixes).
   - i40e: Added Asym_Pause to supported link modes (git-fixes).
   - i40e: Fix add TC filter for IPv6 (git-fixes).
   - i40e: Fix addition of RX filters after enabling FW LLDP agent
     (git-fixes).
   - i40e: Fix display statistics for veb_tc (git-fixes).
   - i40e: Fix endianness conversions (git-fixes).
   - i40e: Fix flow for IPv6 next header (extension header) (git-fixes).
   - i40e: Fix kernel oops when i40e driver removes VF's (git-fixes).
   - i40e: Fix overwriting flow control settings during driver loading
     (git-fixes).
   - i40e: Fix sparse errors in i40e_txrx.c (git-fixes).
   - i40e: Fix sparse warning: missing error code 'err' (git-fixes).
   - i40e: fix the panic when running bpf in xdpdrv mode (git-fixes).
   - ibmvnic: avoid calling napi_disable() twice (bsc#1065729).
   - ibmvnic: clean up the remaining debugfs data structures (bsc#1065729).
   - ibmvnic: correctly use dev_consume/free_skb_irq (jsc#SLE-17268
     jsc#SLE-17043 bsc#1179243 ltc#189290 git-fixes).
   - ibmvnic: improve failover sysfs entry (bsc#1043990 ltc#155681 git-fixes).
   - ibmvnic: print adapter state as a string (bsc#1152457 ltc#174432
     git-fixes).
   - ibmvnic: print reset reason as a string (bsc#1152457 ltc#174432
     git-fixes).
   - ibmvnic: queue reset work in system_long_wq (bsc#1152457 ltc#174432
     git-fixes).
   - ibmvnic: remove duplicate napi_schedule call in do_reset function
     (bsc#1065729).
   - ibmvnic: remove duplicate napi_schedule call in open function
     (bsc#1065729).
   - ice: Account for port VLAN in VF max packet size calculation (git-fixes).
   - ice: Cleanup fltr list in case of allocation issues (git-fixes).
   - ice: Fix for dereference of NULL pointer (git-fixes).
   - ice: Increase control queue timeout (git-fixes).
   - ice: prevent ice_open and ice_stop during reset (git-fixes).
   - igb: Fix duplicate include guard (git-fixes).
   - igb: check timestamp validity (git-fixes).
   - igc: Fix Pause Frame Advertising (git-fixes).
   - igc: Fix Supported Pause Frame Link Setting (git-fixes).
   - igc: reinit_locked() should be called with rtnl_lock (git-fixes).
   - iio:accel:adis16201: Fix wrong axis assignment that prevents loading
     (git-fixes).
   - ima: Free IMA measurement buffer after kexec syscall (git-fixes).
   - interconnect: core: fix error return code of icc_link_destroy()
     (git-fixes).
   - iopoll: introduce read_poll_timeout macro (git-fixes).
   - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
     (git-fixes).
   - irqchip/ls-extirq: Add LS1043A, LS1088A external interrupt support
     (bsc#1185233).
   - irqchip/ls-extirq: add IRQCHIP_SKIP_SET_WAKE to the irqchip flags
     (bsc#1185233).
   - irqchip: Add support for Layerscape external interrupt lines
     (bsc#1185233).
   - isofs: release buffer head before return (bsc#1182613).
   - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (git-fixes).
   - jffs2: fix use after free in jffs2_sum_write_data() (bsc#1184740).
   - kABI: Fix kABI caused by fixes for bsc#1174426 (bsc#1174426).
   - kABI: cover up change in struct kvm_arch (bsc#1184969).
   - kABI: powerpc/pseries: Add shutdown() to vio_driver and vio_bus
     (bsc#1184209 ltc#190917).
   - kernel/smp: make csdlock timeout depend on boot parameter (bsc#1180846).
   - libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
     (bsc#1185269).
   - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace
     labels (bsc#1185269).
   - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
     (bsc#1184969 git-fixes).
   - libnvdimm/security: ensure sysfs poll thread woke up and fetch updated
     attr (git-fixes).
   - liquidio: Fix unintented sign extension of a left shift of a u16
     (git-fixes).
   - locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
     (bsc#1185041).
   - mac80211: bail out if cipher schemes are invalid (git-fixes).
   - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
     (git-fixes).
   - macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes).
   - media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes).
   - media: m88rs6000t: avoid potential out-of-bounds reads on arrays
     (git-fixes).
   - media: mantis: remove orphan mantis_core.c (git-fixes).
   - media: omap4iss: return error code when omap4iss_get() failed
     (git-fixes).
   - media: platform: sunxi: sun6i-csi: fix error return code of
     sun6i_video_start_streaming() (git-fixes).
   - media: staging/intel-ipu3: Fix memory leak in imu_fmt (git-fixes).
   - media: staging/intel-ipu3: Fix race condition during set_fmt (git-fixes).
   - media: staging/intel-ipu3: Fix set_fmt error handling (git-fixes).
   - media: v4l2-ctrls.c: fix race condition in hdl->requests list
     (git-fixes).
   - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
     (git-fixes).
   - memory: pl353: fix mask of ECC page_size config register (git-fixes).
   - mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
     (git-fixes).
   - mfd: stm32-timers: Avoid clearing auto reload register (git-fixes).
   - misc: lis3lv02d: Fix false-positive WARN on various HP models
     (git-fixes).
   - misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes).
   - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
     (git-fixes).
   - mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes).
   - mm: memcontrol: fix cpuhotplug statistics flushing (bsc#1185606).
   - mmc: core: Correct descriptions in mmc_of_parse() (git-fixes).
   - mmc: cqhci: Add cqhci_deactivate() (git-fixes).
   - mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes).
   - mmc: sdhci-of-arasan: Add missed checks for devm_clk_register()
     (git-fixes).
   - mmc: sdhci-of-dwcmshc: fix rpmb access (git-fixes).
   - mmc: sdhci-of-dwcmshc: implement specific set_uhs_signaling (git-fixes).
   - mmc: sdhci-of-esdhc: make sure delay chain locked for HS400 (git-fixes).
   - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
   - mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
     controllers (git-fixes).
   - mmc: sdhci: Use Auto CMD Auto Select only when v4_mode is true
     (git-fixes).
   - mmc: uniphier-sd: Fix a resource leak in the remove function (git-fixes).
   - mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
     (git-fixes).
   - mt7601u: fix always true expression (git-fixes).
   - mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
     (git-fixes).
   - mtd: rawnand: atmel: Update ecc_stats.corrected counter (git-fixes).
   - mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC (git-fixes).
   - mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() (git-fixes).
   - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init (git-fixes).
   - mtd: rawnand: qcom: Return actual error code instead of -ENODEV
     (git-fixes).
   - mtd: require write permissions for locking and badblock ioctls
     (git-fixes).
   - mtd: spi-nor: Rename "n25q512a" to "mt25qu512a (n25q512a)" (bsc#1167260).
   - mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two (bsc#1167260).
   - mtd: spinand: core: add missing MODULE_DEVICE_TABLE() (git-fixes).
   - nbd: fix a block_device refcount leak in nbd_release (git-fixes).
   - net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (git-fixes).
   - net/mlx4_en: update moderation when config reset (git-fixes).
   - net/mlx5: Do not request more than supported EQs (git-fixes).
   - net/mlx5e: Do not match on Geneve options in case option masks are all
     zero (git-fixes).
   - net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes).
   - net/mlx5e: Fix ethtool indication of connector type (git-fixes).
   - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
     (jsc#SLE-8464).
   - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
     (git-fixes).
   - net: atlantic: fix out of range usage of active_vlans array (git-fixes).
   - net: atlantic: fix potential error handling (git-fixes).
   - net: atlantic: fix use after free kasan warn (git-fixes).
   - net: dsa: felix: implement port flushing on .phylink_mac_link_down
     (git-fixes).
   - net: enetc: remove bogus write to SIRXIDR from enetc_setup_rxbdr
     (git-fixes).
   - net: enetc: take the MDIO lock only once per NAPI poll cycle (git-fixes).
   - net: geneve: check skb is large enough for IPv4/IPv6 header (git-fixes).
   - net: geneve: modify IP header check in geneve6_xmit_skb and
     geneve_xmit_skb (git-fixes).
   - net: hns3: Remove un-necessary 'else-if' in the hclge_reset_event()
     (git-fixes).
   - net: hns3: clear VF down state bit before request link status
     (git-fixes).
   - net: hns3: fix bug when calculating the TCAM table info (git-fixes).
   - net: hns3: fix query vlan mask value error for flow director (git-fixes).
   - net: ll_temac: Add more error handling of dma_map_single() calls
     (git-fixes).
   - net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure
     (git-fixes).
   - net: ll_temac: Fix race condition causing TX hang (git-fixes).
   - net: ll_temac: Handle DMA halt condition caused by buffer underrun
     (git-fixes).
   - net: phy: intel-xway: enable integrated led functions (git-fixes).
   - net: phy: marvell: fix m88e1011_set_downshift (git-fixes).
   - net: phy: marvell: fix m88e1111_set_downshift (git-fixes).
   - net: smc911x: Adjust indentation in smc911x_phy_configure (git-fixes).
   - net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter
     (git-fixes).
   - net: stmmac: xgmac: fix missing IFF_MULTICAST checki in
     dwxgmac2_set_filter (git-fixes).
   - net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
     (git-fixes).
   - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
     (git-fixes).
   - nfc: pn533: prevent potential memory corruption (git-fixes).
   - nfp: flower: ignore duplicate merge hints from FW (git-fixes).
   - node: fix device cleanups in error handling code (git-fixes).
   - null_blk: fix passing of REQ_FUA flag in null_handle_rq (git-fixes).
   - nvme-fabrics: reject I/O to offline device (bsc#1181161).
   - nvme-multipath: reset bdev to ns head when failover (bsc#178378
     bsc#1182999).
   - nvme-tcp: fix possible hang when failing to set io queues (bsc#1181161).
   - nvme: add 'kato' sysfs attribute (bsc#1179825).
   - nvme: sanitize KATO setting (bsc#1179825).
   - ocfs2: fix a use after free on error (bsc#1184738).
   - pata_arasan_cf: fix IRQ check (git-fixes).
   - pata_ipx4xx_cf: fix IRQ check (git-fixes).
   - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
     unconditionally (git-fixes).
   - pinctrl: Ingenic: Add missing pins to the JZ4770 MAC MII group
     (git-fixes).
   - pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes).
   - pinctrl: lewisburg: Update number of pins in community (git-fixes).
   - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards
     with critclk_systems DMI table (git-fixes).
   - powerepc/book3s64/hash: Align start/end address correctly with bolt
     mapping (bsc#1184957).
   - powerpc/64s: Fix pte update for kernel memory on radix (bsc#1055117
     git-fixes).
   - powerpc/asm-offsets: GPR14 is not needed either (bsc#1065729).
   - powerpc/eeh: Fix EEH handling for hugepages in ioremap space
     (bsc#1156395).
   - powerpc/fadump: Mark fadump_calculate_reserve_size as __init
     (bsc#1065729).
   - powerpc/mm: Add cond_resched() while removing hpte mappings (bsc#1183289
     ltc#191637).
   - powerpc/papr_scm: Fix build error due to wrong printf specifier
     (bsc#1184969).
   - powerpc/papr_scm: Implement support for H_SCM_FLUSH hcall (bsc#1184969).
   - powerpc/perf: Fix PMU constraint check for EBB events (bsc#1065729).
   - powerpc/prom: Mark identical_pvr_fixup as __init (bsc#1065729).
   - powerpc/pseries: Add shutdown() to vio_driver and vio_bus (bsc#1184209
     ltc#190917).
   - powerpc/time: Enable sched clock for irqtime (bsc#1156395).
   - regmap: set debugfs_name to NULL after it is freed (git-fixes).
   - regulator: Avoid a double 'of_node_get' in
     'regulator_of_get_init_node()' (git-fixes).
   - reintroduce cqhci_suspend for kABI (git-fixes).
   - reiserfs: update reiserfs_xattrs_initialized() condition (bsc#1184737).
   - rsi: Use resume_noirq for SDIO (git-fixes).
   - rsxx: remove extraneous 'const' qualifier (git-fixes).
   - rtc: ds1307: Fix wday settings for rx8130 (git-fixes).
   - rtc: fsl-ftm-alarm: add MODULE_TABLE() (bsc#1185454).
   - rtc: fsl-ftm-alarm: avoid struct rtc_time conversions (bsc#1185454).
   - rtc: fsl-ftm-alarm: enable acpi support (bsc#1185454).
   - rtc: fsl-ftm-alarm: fix freeze(s2idle) failed to wake (bsc#1185454).
   - rtc: fsl-ftm-alarm: report alarm to core (bsc#1185454).
   - rtc: fsl-ftm-alarm: switch to ktime_get_real_seconds (bsc#1185454).
   - rtc: fsl-ftm-alarm: switch to rtc_time64_to_tm/rtc_tm_to_time64
     (bsc#1185454).
   - rtc: fsl-ftm-alarm: update acpi device id (bsc#1185454).
   - rtc: pcf2127: add alarm support (bsc#1185233).
   - rtc: pcf2127: add pca2129 device id (bsc#1185233).
   - rtc: pcf2127: add tamper detection support (bsc#1185233).
   - rtc: pcf2127: add watchdog feature support (bsc#1185233).
   - rtc: pcf2127: bugfix: watchdog build dependency (bsc#1185233).
   - rtc: pcf2127: cleanup register and bit defines (bsc#1185233).
   - rtc: pcf2127: convert to devm_rtc_allocate_device (bsc#1185233).
   - rtc: pcf2127: fix a bug when not specify interrupts property
     (bsc#1185233).
   - rtc: pcf2127: fix alarm handling (bsc#1185233).
   - rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (bsc#1185233).
   - rtc: pcf2127: handle boot-enabled watchdog feature (bsc#1185233).
   - rtc: pcf2127: let the core handle rtc range (bsc#1185233).
   - rtc: pcf2127: move watchdog initialisation to a separate function
     (bsc#1185233).
   - rtc: pcf2127: only use watchdog when explicitly available (bsc#1185233).
   - rtc: pcf2127: properly set flag WD_CD for rtc chips(pcf2129, pca2129)
     (bsc#1185233).
   - rtc: pcf2127: remove unnecessary #ifdef (bsc#1185233).
   - rtc: pcf2127: set regmap max_register (bsc#1185233).
   - rtc: pcf2127: watchdog: handle nowayout feature (bsc#1185233).
   - rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes).
   - rtw88: Fix array overrun in rtw_get_tx_power_params() (git-fixes).
   - sata_mv: add IRQ checks (git-fixes).
   - scsi: block: Fix a race in the runtime power management code (git-fixes).
   - scsi: core: Only return started requests from scsi_host_find_tag()
     (bsc#1179851).
   - scsi: core: add scsi_host_busy_iter() (bsc#1179851).
   - scsi: lpfc: Copyright updates for 12.8.0.9 patches (bsc#1185472).
   - scsi: lpfc: Eliminate use of LPFC_DRIVER_NAME in lpfc_attr.c
     (bsc#1185472).
   - scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (bsc#1185365).
   - scsi: lpfc: Fix NMI crash during rmmod due to circular hbalock
     dependency (bsc#1185472).
   - scsi: lpfc: Fix a bunch of kernel-doc issues (bsc#1185472).
   - scsi: lpfc: Fix a bunch of kernel-doc misdemeanours (bsc#1185472).
   - scsi: lpfc: Fix a bunch of misnamed functions (bsc#1185472).
   - scsi: lpfc: Fix a few incorrectly named functions (bsc#1185472).
   - scsi: lpfc: Fix a typo (bsc#1185472).
   - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
     response (bsc#1185472).
   - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
     (bsc#1185472).
   - scsi: lpfc: Fix formatting and misspelling issues (bsc#1185472).
   - scsi: lpfc: Fix gcc -Wstringop-overread warning (bsc#1185472).
   - scsi: lpfc: Fix illegal memory access on Abort IOCBs (bsc#1183203).
   - scsi: lpfc: Fix incorrect naming of __lpfc_update_fcf_record()
     (bsc#1185472).
   - scsi: lpfc: Fix incorrectly documented function
     lpfc_debugfs_commonxripools_data() (bsc#1185472).
   - scsi: lpfc: Fix kernel-doc formatting issue (bsc#1185472).
   - scsi: lpfc: Fix lack of device removal on port swaps with PRLIs
     (bsc#1185472).
   - scsi: lpfc: Fix lpfc_hdw_queue attribute being ignored (bsc#1185472).
   - scsi: lpfc: Fix missing FDMI registrations after Mgmt Svc login
     (bsc#1185472).
   - scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
     (bsc#1185472).
   - scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
     (bsc#1185472).
   - scsi: lpfc: Fix silent memory allocation failure in
     lpfc_sli4_bsg_link_diag_test() (bsc#1185472).
   - scsi: lpfc: Fix some error codes in debugfs (bsc#1185472).
   - scsi: lpfc: Fix use-after-free on unused nodes after port swap
     (bsc#1185472).
   - scsi: lpfc: Fix various trivial errors in comments and log messages
     (bsc#1185472).
   - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
     (bsc#1185472).
   - scsi: lpfc: Standardize discovery object logging format (bsc#1185472).
   - scsi: lpfc: Update lpfc version to 12.8.0.9 (bsc#1185472).
   - scsi: qla2xxx: Add H:C:T info in the log message for fc ports
     (bsc#1185491).
   - scsi: qla2xxx: Add error counters to debugfs node (bsc#1185491).
   - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
     (bsc#1185491).
   - scsi: qla2xxx: Assign boolean values to a bool variable (bsc#1185491).
   - scsi: qla2xxx: Check kzalloc() return value (bsc#1185491).
   - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
     (bsc#1185491).
   - scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (bsc#1185491).
   - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted
     (bsc#1185491).
   - scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (bsc#1185491).
   - scsi: qla2xxx: Fix IOPS drop seen in some adapters (bsc#1185491).
   - scsi: qla2xxx: Fix RISC RESET completion polling (bsc#1185491).
   - scsi: qla2xxx: Fix a couple of misdocumented functions (bsc#1185491).
   - scsi: qla2xxx: Fix a couple of misnamed functions (bsc#1185491).
   - scsi: qla2xxx: Fix broken #endif placement (bsc#1185491).
   - scsi: qla2xxx: Fix crash in PCIe error handling (bsc#1185491).
   - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (bsc#1185491).
   - scsi: qla2xxx: Fix endianness annotations (bsc#1185491).
   - scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp()
     (bsc#1185491).
   - scsi: qla2xxx: Fix mailbox Ch erroneous error (bsc#1185491).
   - scsi: qla2xxx: Fix mailbox recovery during PCIe error (bsc#1185491).
   - scsi: qla2xxx: Fix some incorrect formatting/spelling issues
     (bsc#1185491).
   - scsi: qla2xxx: Fix some memory corruption (bsc#1185491).
   - scsi: qla2xxx: Fix stuck session (bsc#1185491).
   - scsi: qla2xxx: Fix use after free in bsg (bsc#1185491).
   - scsi: qla2xxx: Implementation to get and manage host, target stats and
     initiator port (bsc#1185491).
   - scsi: qla2xxx: Move some messages from debug to normal log level
     (bsc#1185491).
   - scsi: qla2xxx: Remove redundant NULL check (bsc#1185491).
   - scsi: qla2xxx: Remove unnecessary NULL check (bsc#1185491).
   - scsi: qla2xxx: Remove unneeded if-null-free check (bsc#1185491).
   - scsi: qla2xxx: Replace __qla2x00_marker()'s missing underscores
     (bsc#1185491).
   - scsi: qla2xxx: Reserve extra IRQ vectors (bsc#1184436).
   - scsi: qla2xxx: Reuse existing error handling path (bsc#1185491).
   - scsi: qla2xxx: Simplify if statement (bsc#1185491).
   - scsi: qla2xxx: Simplify qla8044_minidump_process_control() (bsc#1185491).
   - scsi: qla2xxx: Simplify the calculation of variables (bsc#1185491).
   - scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (bsc#1185491).
   - scsi: qla2xxx: Update default AER debug mask (bsc#1185491).
   - scsi: qla2xxx: Update version to 10.02.00.105-k (bsc#1185491).
   - scsi: qla2xxx: Update version to 10.02.00.106-k (bsc#1185491).
   - scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1185491).
   - scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe
     (bsc#1185491).
   - scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value
     (bsc#1185491).
   - scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089).
   - scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089).
   - scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089).
   - selftests/powerpc: Add pkey helpers for rights (bsc#1184934 ltc#191460).
   - selftests/powerpc: Add test for execute-disabled pkeys (bsc#1184934
     ltc#191460).
   - selftests/powerpc: Add test for pkey siginfo verification (bsc#1184934
     ltc#191460).
   - selftests/powerpc: Add wrapper for gettid (bsc#1184934 ltc#191460).
   - selftests/powerpc: Fix L1D flushing tests for Power10 (bsc#1184934
     ltc#191460).
   - selftests/powerpc: Fix exit status of pkey tests (bsc#1184934
     ltc#191460).
   - selftests/powerpc: Fix pkey syscall redefinitions (bsc#1184934
     ltc#191460).
   - selftests/powerpc: Move pkey helpers to headers (bsc#1184934 ltc#191460).
   - selftests/powerpc: refactor entry and rfi_flush tests (bsc#1184934
     ltc#191460).
   - series.conf: cleanup
   - series.conf: cleanup
   - series.conf: cleanup
   - soc: aspeed: fix a ternary sign expansion bug (git-fixes).
   - soc: qcom: mdt_loader: Detect truncated read of segments (git-fixes).
   - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes).
   - soundwire: bus: Fix device found flag correctly (git-fixes).
   - soundwire: stream: fix memory leak in stream config error path
     (git-fixes).
   - spi: Introduce dspi_slave_abort() function for NXP's dspi SPI driver
     (bsc#1167260).
   - spi: fsl-dspi: fix NULL pointer dereference (bsc#1167260).
   - spi: fsl-dspi: fix use-after-free in remove path (bsc#1167260).
   - spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1167260).
   - spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
     (git-fixes).
   - spi: spi-fsl-dspi: Accelerate transfers using larger word size if
     possible (bsc#1167260).
   - spi: spi-fsl-dspi: Add comments around dspi_pop_tx and dspi_push_rx
     functions (bsc#1167260).
   - spi: spi-fsl-dspi: Add support for LS1028A (bsc#1167260).
   - spi: spi-fsl-dspi: Adding shutdown hook (bsc#1167260).
   - spi: spi-fsl-dspi: Always use the TCFQ devices in poll mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Avoid NULL pointer in dspi_slave_abort for non-DMA
     mode (bsc#1167260).
   - spi: spi-fsl-dspi: Avoid reading more data than written in EOQ mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Change usage pattern of SPI_MCR_* and SPI_CTAR_*
     macros (bsc#1167260).
   - spi: spi-fsl-dspi: Convert TCFQ users to XSPI FIFO mode (bsc#1167260).
   - spi: spi-fsl-dspi: Convert the instantiations that support it to DMA
     (bsc#1167260).
   - spi: spi-fsl-dspi: Demistify magic value in SPI_SR_CLEAR (bsc#1167260).
   - spi: spi-fsl-dspi: Do not access reserved fields in SPI_MCR
     (bsc#1167260).
   - spi: spi-fsl-dspi: Do not mask off undefined bits (bsc#1167260).
   - spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix bits-per-word acceleration in DMA mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix code alignment (bsc#1167260).
   - spi: spi-fsl-dspi: Fix external abort on interrupt in resume or exit
     paths (bsc#1167260).
   - spi: spi-fsl-dspi: Fix interrupt-less DMA mode taking an XSPI code path
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix little endian access to PUSHR CMD and TXDATA
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix race condition in TCFQ/EOQ interrupt
     (bsc#1167260).
   - spi: spi-fsl-dspi: Fix typos (bsc#1167260).
   - spi: spi-fsl-dspi: Free DMA memory with matching function (bsc#1167260).
   - spi: spi-fsl-dspi: Implement .max_message_size method for EOQ mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Initialize completion before possible interrupt
     (bsc#1167260).
   - spi: spi-fsl-dspi: LS2080A and LX2160A support XSPI mode (bsc#1167260).
   - spi: spi-fsl-dspi: Make bus-num property optional (bsc#1167260).
   - spi: spi-fsl-dspi: Move dspi_interrupt above dspi_transfer_one_message
     (bsc#1167260).
   - spi: spi-fsl-dspi: Move invariant configs out of
     dspi_transfer_one_message (bsc#1167260).
   - spi: spi-fsl-dspi: Optimize dspi_setup_accel for lowest interrupt count
     (bsc#1167260).
   - spi: spi-fsl-dspi: Parameterize the FIFO size and DMA buffer size
     (bsc#1167260).
   - spi: spi-fsl-dspi: Protect against races on dspi->words_in_flight
     (bsc#1167260).
   - spi: spi-fsl-dspi: Reduce indentation in dspi_release_dma()
     (bsc#1167260).
   - spi: spi-fsl-dspi: Reduce indentation level in dspi_interrupt
     (bsc#1167260).
   - spi: spi-fsl-dspi: Remove impossible to reach error check (bsc#1167260).
   - spi: spi-fsl-dspi: Remove pointless assignment of master->transfer to
     NULL (bsc#1167260).
   - spi: spi-fsl-dspi: Remove unused chip->void_write_data (bsc#1167260).
   - spi: spi-fsl-dspi: Remove unused defines and includes (bsc#1167260).
   - spi: spi-fsl-dspi: Remove unused initialization of 'ret' in dspi_probe
     (bsc#1167260).
   - spi: spi-fsl-dspi: Rename fifo_{read,write} and {tx,cmd}_fifo_write
     (bsc#1167260).
   - spi: spi-fsl-dspi: Replace interruptible wait queue with a simple
     completion (bsc#1167260).
   - spi: spi-fsl-dspi: Replace legacy spi_master names with spi_controller
     (bsc#1167260).
   - spi: spi-fsl-dspi: Simplify bytes_per_word gymnastics (bsc#1167260).
   - spi: spi-fsl-dspi: Take software timestamp in dspi_fifo_write
     (bsc#1167260).
   - spi: spi-fsl-dspi: Use BIT() and GENMASK() macros (bsc#1167260).
   - spi: spi-fsl-dspi: Use EOQ for last word in buffer even for XSPI mode
     (bsc#1167260).
   - spi: spi-fsl-dspi: Use dma_request_chan() instead
     dma_request_slave_channel() (bsc#1167260).
   - spi: spi-fsl-dspi: Use poll mode in case the platform IRQ is missing
     (bsc#1167260).
   - spi: spi-fsl-dspi: Use reverse Christmas tree declaration order
     (bsc#1167260).
   - spi: spi-fsl-dspi: Use specific compatible strings for all SoC
     instantiations (bsc#1167260).
   - spi: spi-fsl-dspi: delete EOQ transfer mode (bsc#1167260).
   - spi: spi-fsl-dspi: fix DMA mapping (bsc#1167260).
   - spi: spi-fsl-dspi: fix native data copy (bsc#1167260).
   - spi: spi-fsl-dspi: remove git-fixes Remove git-fixes. Prepare to update
     the driver. References: bsc#1167260
   - spi: spi-fsl-dspi: set ColdFire to DMA mode (bsc#1167260).
   - spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
     (bsc#1167260).
   - spi: spi-ti-qspi: Free DMA resources (git-fixes).
   - staging: fwserial: fix TIOCGSERIAL implementation (git-fixes).
   - staging: fwserial: fix TIOCSSERIAL implementation (git-fixes).
   - staging: fwserial: fix TIOCSSERIAL jiffies conversions (git-fixes).
   - staging: fwserial: fix TIOCSSERIAL permission check (git-fixes).
   - staging: rtl8192u: Fix potential infinite loop (git-fixes).
   - thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has
     changed (git-fixes).
   - usb: Remove dev_err() usage after platform_get_irq() (git-fixes).
   - usb: dwc2: Fix hibernation between host and device modes (git-fixes).
   - usb: dwc2: Fix host mode hibernation exit with remote wakeup flow
     (git-fixes).
   - usb: dwc2: Fix session request interrupt handler (git-fixes).
   - usb: dwc3: Switch to use device_property_count_u32() (git-fixes).
   - usb: dwc3: Update soft-reset wait polling rate (git-fixes).
   - usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes).
   - usb: dwc3: keystone: use devm_platform_ioremap_resource() to simplify
     code (git-fixes).
   - usb: dwc3: meson-g12a: use devm_platform_ioremap_resource() to simplify
     code (git-fixes).
   - usb: gadget: Fix double free of device descriptor pointers (git-fixes).
   - usb: gadget: aspeed: fix dma map failure (git-fixes).
   - usb: gadget: pch_udc: Check for DMA mapping error (git-fixes).
   - usb: gadget: pch_udc: Check if driver is present before calling
     ->setup() (git-fixes).
   - usb: gadget: pch_udc: Move pch_udc_init() to satisfy kernel doc
     (git-fixes).
   - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
     (git-fixes).
   - usb: gadget: pch_udc: Revert d3cb25a12138 completely (git-fixes).
   - usb: gadget: r8a66597: Add missing null check on return from
     platform_get_resource (git-fixes).
   - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
     (git-fixes).
   - usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
     (git-fixes).
   - usb: typec: tcpm: Honour pSnkStdby requirement during negotiation
     (git-fixes).
   - veth: Store queue_mapping independently of XDP prog presence (git-fixes).
   - vfio/pci: Add missing range check in vfio_pci_mmap (git-fixes).
   - virt_wifi: Return micros for BSS TSF values (git-fixes).
   - vxlan: move debug check after netdev unregister (git-fixes).
   - workqueue: Move the position of debug_work_activate() in __queue_work()
     (bsc#1184893).
   - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
     (bsc#1152489).
   - x86/insn: Add some Intel instructions to the opcode map (bsc#1184760).
   - x86/insn: Add some more Intel instructions to the opcode map
     (bsc#1184760).
   - x86/microcode: Check for offline CPUs before requesting new microcode
     (bsc#1152489).
   - x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
     (bsc#1152489).
   - x86/platform/uv: Set section block size for hubless architectures
     (bsc#1152489).
   - x86/reboot: Force all cpus to exit VMX root if VMX is supported
     (bsc#1152489).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:

      zypper in -t patch openSUSE-2021-716=1



Package List:

   - openSUSE Leap 15.2 (x86_64):

      kernel-debug-5.3.18-lp152.75.1
      kernel-debug-debuginfo-5.3.18-lp152.75.1
      kernel-debug-debugsource-5.3.18-lp152.75.1
      kernel-debug-devel-5.3.18-lp152.75.1
      kernel-debug-devel-debuginfo-5.3.18-lp152.75.1
      kernel-default-5.3.18-lp152.75.1
      kernel-default-base-5.3.18-lp152.75.1.lp152.8.32.1
      kernel-default-base-rebuild-5.3.18-lp152.75.1.lp152.8.32.1
      kernel-default-debuginfo-5.3.18-lp152.75.1
      kernel-default-debugsource-5.3.18-lp152.75.1
      kernel-default-devel-5.3.18-lp152.75.1
      kernel-default-devel-debuginfo-5.3.18-lp152.75.1
      kernel-kvmsmall-5.3.18-lp152.75.1
      kernel-kvmsmall-debuginfo-5.3.18-lp152.75.1
      kernel-kvmsmall-debugsource-5.3.18-lp152.75.1
      kernel-kvmsmall-devel-5.3.18-lp152.75.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.75.1
      kernel-obs-build-5.3.18-lp152.75.1
      kernel-obs-build-debugsource-5.3.18-lp152.75.1
      kernel-obs-qa-5.3.18-lp152.75.1
      kernel-preempt-5.3.18-lp152.75.1
      kernel-preempt-debuginfo-5.3.18-lp152.75.1
      kernel-preempt-debugsource-5.3.18-lp152.75.1
      kernel-preempt-devel-5.3.18-lp152.75.1
      kernel-preempt-devel-debuginfo-5.3.18-lp152.75.1
      kernel-syms-5.3.18-lp152.75.1

   - openSUSE Leap 15.2 (noarch):

      kernel-devel-5.3.18-lp152.75.1
      kernel-docs-5.3.18-lp152.75.1
      kernel-docs-html-5.3.18-lp152.75.1
      kernel-macros-5.3.18-lp152.75.1
      kernel-source-5.3.18-lp152.75.1
      kernel-source-vanilla-5.3.18-lp152.75.1


References:

   https://www.suse.com/security/cve/CVE-2021-29155.html
   https://www.suse.com/security/cve/CVE-2021-29650.html
   https://bugzilla.suse.com/1043990
   https://bugzilla.suse.com/1055117
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1152457
   https://bugzilla.suse.com/1152489
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1167260
   https://bugzilla.suse.com/1168838
   https://bugzilla.suse.com/1174416
   https://bugzilla.suse.com/1174426
   https://bugzilla.suse.com/1178089
   https://bugzilla.suse.com/1179243
   https://bugzilla.suse.com/1179825
   https://bugzilla.suse.com/1179851
   https://bugzilla.suse.com/1180846
   https://bugzilla.suse.com/1181161
   https://bugzilla.suse.com/1182613
   https://bugzilla.suse.com/1182999
   https://bugzilla.suse.com/1183063
   https://bugzilla.suse.com/1183203
   https://bugzilla.suse.com/1183289
   https://bugzilla.suse.com/1184208
   https://bugzilla.suse.com/1184209
   https://bugzilla.suse.com/1184436
   https://bugzilla.suse.com/1184514
   https://bugzilla.suse.com/1184650
   https://bugzilla.suse.com/1184724
   https://bugzilla.suse.com/1184728
   https://bugzilla.suse.com/1184730
   https://bugzilla.suse.com/1184731
   https://bugzilla.suse.com/1184736
   https://bugzilla.suse.com/1184737
   https://bugzilla.suse.com/1184738
   https://bugzilla.suse.com/1184740
   https://bugzilla.suse.com/1184741
   https://bugzilla.suse.com/1184742
   https://bugzilla.suse.com/1184760
   https://bugzilla.suse.com/1184811
   https://bugzilla.suse.com/1184893
   https://bugzilla.suse.com/1184934
   https://bugzilla.suse.com/1184942
   https://bugzilla.suse.com/1184957
   https://bugzilla.suse.com/1184969
   https://bugzilla.suse.com/1184984
   https://bugzilla.suse.com/1185041
   https://bugzilla.suse.com/1185113
   https://bugzilla.suse.com/1185233
   https://bugzilla.suse.com/1185244
   https://bugzilla.suse.com/1185269
   https://bugzilla.suse.com/1185365
   https://bugzilla.suse.com/1185454
   https://bugzilla.suse.com/1185472
   https://bugzilla.suse.com/1185491
   https://bugzilla.suse.com/1185549
   https://bugzilla.suse.com/1185586
   https://bugzilla.suse.com/1185587
   https://bugzilla.suse.com/1185606