Oracle9: ELSA-2024-12159: kernel Important Security Update
Summary
[5.15.0-203.146.5.1.el9uek] - Revert "selftests/bpf: Test tail call counting with bpf2bpf and data on stack" (Samasth Norway Ananda) [Orabug: 36277693] - Revert "tcp: fix excessive TLP and RACK timeouts from HZ rounding" (Sherry Yang) [Orabug: 36277684] [5.15.0-203.146.5.el9uek] - i2c: core: Fix atomic xfer check for non-preempt config (Benjamin Bara) - keys, dns: Fix missing size check of V1 server-list header (Edward Adam Davis) - wifi: iwlwifi: pcie: don't synchronize IRQs from IRQ (Johannes Berg) - tracing/kprobes: Fix symbol counting logic by looking at modules as well (Andrii Nakryiko) [5.15.0-203.146.4.el9uek] - rds: Handle pages in use when purging an RDS Message (HÃ¥kon Bugge) [Orabug: 36054361] - rds: ib: Consolidate per-cpu free list for siblings (HÃ¥kon Bugge) [Orabug: 35904643] - rds: ib: Make sure per-cpu recv cache structure is cache-line aligned (HÃ¥kon Bugge) [Orabug: 35904643] - sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185206] [5.15.0-203.146.3.el9uek] - thermal/of: Initialize trip points separately (Daniel Lezcano) [Orabug: 36178522] - thermal/of: Use thermal trips stored in the thermal zone (Daniel Lezcano) [Orabug: 36178522] - uek-container: strip symbols from vmlinux (Boris Ostrovsky) [Orabug: 36170888] - KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36155235] - nvme-tcp: don't access released socket during error recovery (Akinobu Mita) [Orabug: 36127728] - vhost-vdpa: fix use after free in vhost_vdpa_probe() (Dan Carpenter) [Orabug: 36072714] - vdpa_sim_blk: allocate the buffer zeroed (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim: implement .reset_map support (Si-Wei Liu) [Orabug: 36072714] - vdpa/mlx5: implement .reset_map driver op (Si-Wei Liu) [Orabug: 36072714] - vhost-vdpa: clean iotlb map during reset for older userspace (Si-Wei Liu) [Orabug: 36072714] - vdpa: introduce .compat_reset operation callback (Si-Wei Liu) [Orabug: 36072714] - vhost-vdpa: introduce IOTLB_PERSIST backend feature bit (Si-Wei Liu) [Orabug: 36072714] - vhost-vdpa: reset vendor specific mapping to initial state in .release (Si-Wei Liu) [Orabug: 36072714] - vdpa: introduce .reset_map operation callback (Si-Wei Liu) [Orabug: 36072714] - vdpa: Update sysfs ABI documentation (Shawn.Shao) [Orabug: 36072714] - mlx5_vdpa: offer VHOST_BACKEND_F_ENABLE_AFTER_DRIVER_OK (Eugenio Pérez) [Orabug: 36072714] - vdpa/mlx5: Update cvq iotlb mapping on ASID change (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Make iotlb helper functions more generic (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Enable hw support for vq descriptor mapping (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Expose descriptor group mkey hw capability (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Introduce mr for vq descriptor (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Improve mr update flow (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Move mr mutex out of mr struct (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Allow creation/deletion of any given mr struct (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Rename mr destroy functions (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Collapse "dvq" mr add/delete functions (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Take cvq iotlb lock during refresh (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Decouple cvq iotlb handling from hw mapping code (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Create helper function for dma mappings (Dragos Tatulea) [Orabug: 36072714] - vhost-vdpa: uAPI to get dedicated descriptor group id (Si-Wei Liu) [Orabug: 36072714] - vhost-vdpa: introduce descriptor group backend feature (Si-Wei Liu) [Orabug: 36072714] - vdpa: introduce dedicated descriptor group for virtqueue (Si-Wei Liu) [Orabug: 36072714] - vdpa/mlx5: Fix firmware error on creation of 1k VQs (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Fix double release of debugfs entry (Dragos Tatulea) [Orabug: 36072714] - vdpa_sim: offer VHOST_BACKEND_F_ENABLE_AFTER_DRIVER_OK (Eugenio Pérez) [Orabug: 36072714] - vdpa: add get_backend_features vdpa operation (Eugenio Pérez) [Orabug: 36072714] - vdpa: accept VHOST_BACKEND_F_ENABLE_AFTER_DRIVER_OK backend feature (Eugenio Pérez) [Orabug: 36072714] - vdpa: add VHOST_BACKEND_F_ENABLE_AFTER_DRIVER_OK flag (Eugenio Pérez) [Orabug: 36072714] - vdpa/mlx5: Remove unused function declarations (Yue Haibing) [Orabug: 36072714] - vdpa/mlx5: Delete control vq iotlb in destroy_mr only when necessary (Eugenio Pérez) [Orabug: 36072714] - vdpa/mlx5: Fix mr->initialized semantics (Dragos Tatulea) [Orabug: 36072714] - vdpa/mlx5: Correct default number of queues when MQ is on (Dragos Tatulea) [Orabug: 36072714] - virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() (Gal Pressman) [Orabug: 36072714] - vdpa: Enable strict validation for netlinks ops (Dragos Tatulea) [Orabug: 36072714] - vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check (Lin Ma) [Orabug: 36072714] - vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check (Lin Ma) [Orabug: 36072714] - vdpa: Add features attr to vdpa_nl_policy for nlattr length check (Lin Ma) [Orabug: 36072714] - virtio-vdpa: Fix unchecked call to NULL set_vq_affinity (Dragos Tatulea) [Orabug: 36072714] - vhost_vdpa: tell vqs about the negotiated (Shannon Nelson) [Orabug: 36072714] - vdpa/mlx5: Fix hang when cvq commands are triggered during device unregister (Dragos Tatulea) [Orabug: 36072714] - vhost: use kzalloc() instead of kmalloc() followed by memset() (Prathu Baronia) [Orabug: 36072714] - vhost_vdpa: fix unmap process in no-batch mode (Cindy Lu) [Orabug: 36072714] - vdpa_sim: move buffer allocation in the devices (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim_blk: add support for discard and write-zeroes (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim_blk: use dev_dbg() to print errors (Stefano Garzarella) [Orabug: 36072714] - vringh: address kdoc warnings (Simon Horman) [Orabug: 36072714] - vdpa: address kdoc warnings (Simon Horman) [Orabug: 36072714] - vdpa_sim: add support for user VA (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim: replace the spinlock with a mutex to protect the state (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim: use kthread worker (Stefano Garzarella) [Orabug: 36072714] - vdpa_sim: make devices agnostic for work management (Stefano Garzarella) [Orabug: 36072714] - vringh: support VA with iotlb (Stefano Garzarella) [Orabug: 36072714] - fix 'direction' argument of iov_iter_{init,bvec}() (Al Viro) [Orabug: 36072714] - vringh: define the stride used for translation (Stefano Garzarella) [Orabug: 36072714] - vringh: replace kmap_atomic() with kmap_local_page() (Stefano Garzarella) [Orabug: 36072714] - vhost-vdpa: use bind_mm/unbind_mm device callbacks (Stefano Garzarella) [Orabug: 36072714] - vdpa: add bind_mm/unbind_mm callbacks (Stefano Garzarella) [Orabug: 36072714] - vringh: fix typos in the vringh_init_* documentation (Stefano Garzarella) [Orabug: 36072714] - virtio-vdpa: Support interrupt affinity spreading mechanism (Xie Yongji) [Orabug: 36072714] - vdpa: Add set/get_vq_affinity callbacks in vdpa_config_ops (Xie Yongji) [Orabug: 36072714] - vdpa/mlx5: Avoid losing link state updates (Eli Cohen) [Orabug: 36072714] - vdpa_sim_net: complete the initialization before register the device (Stefano Garzarella) [Orabug: 36072714] - vdpa/mlx5: Add and remove debugfs in setup/teardown driver (Eli Cohen) [Orabug: 36072714] - vdpa/mlx5: Add RX counters to debugfs (Eli Cohen) [Orabug: 36072714] - vdpa/mlx5: Add debugfs subtree (Eli Cohen) [Orabug: 36072714] - rds: Remove RDS FMR Code (William Kucharski) [Orabug: 35445338] [5.15.0-203.146.2.el9uek] - LTS version: v5.15.146 (Vijayendra Suman) - bpf: Fix prog_array_map_poke_run map poke update (Jiri Olsa) - device property: Allow const parameter to dev_fwnode() (Andy Shevchenko) - dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata() (Mikulas Patocka) - ring-buffer: Fix slowpath of interrupted event (Steven Rostedt (Google)) - netfilter: nf_tables: skip set commit for deleted/destroyed sets (Pablo Neira Ayuso) - ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() (Namjae Jeon) - ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (Steven Rostedt (Google)) - tracing: Fix blocked reader of snapshot buffer (Steven Rostedt (Google)) - ring-buffer: Fix wake ups when buffer_percent is set to 100 (Steven Rostedt (Google)) - mm/filemap: avoid buffered read/write race to read inconsistent data (Baokun Li) - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg (Hyunwoo Kim) - smb: client: fix OOB in smbCalcSize() (Paulo Alcantara) - smb: client: fix OOB in SMB2_query_info_init() (Paulo Alcantara) - iio: imu: adis16475: add spi_device_id table (Nuno Sa) - spi: Introduce spi_get_device_match_data() helper (Andy Shevchenko) - device property: Add const qualifier to device_get_match_data() parameter (Andy Shevchenko) - net: usb: ax88179_178a: avoid failed operations when device is disconnected (Jose Ignacio Tornos Martinez) - net: usb: ax88179_178a: wol optimizations (Justin Chen) - net: usb: ax88179_178a: clean up pm calls (Justin Chen) - usb: fotg210-hcd: delete an incorrect bounds test (Dan Carpenter) - ARM: dts: Fix occasional boot hang for am3 usb (Tony Lindgren) - ksmbd: fix wrong allocation size update in smb2_open() (Namjae Jeon) - ksmbd: avoid duplicate opinfo_put() call on error of smb21_lease_break_ack() (Namjae Jeon) - ksmbd: lazy v2 lease break on smb2_write() (Namjae Jeon) - ksmbd: send v2 lease break notification for directory (Namjae Jeon) - ksmbd: downgrade RWH lease caching state to RH for directory (Namjae Jeon) - ksmbd: set v2 lease capability (Namjae Jeon) - ksmbd: set epoch in create context v2 lease (Namjae Jeon) - ksmbd: have a dependency on cifs ARC4 (Namjae Jeon) - fuse: share lookup state between submount and its parent (Krister Johansen) - x86/alternatives: Sync core before enabling interrupts (Thomas Gleixner) - KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (Marc Zyngier) - lib/vsprintf: Fix %pfwf when current node refcount == 0 (Herve Codina) - gpio: dwapb: mask/unmask IRQ when disable/enale it (xiongxin) - bus: ti-sysc: Flush posted write only after srst_udelay (Tony Lindgren) - tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (Steven Rostedt (Google)) - scsi: core: Always send batch on reset or error handling command (Alexander Atanasov) - dt-bindings: nvmem: mxs-ocotp: Document fsl,ocotp (Fabio Estevam) - net: ks8851: Fix TX stall caused by TX buffer overrun (Ronald Wahl) - net: rfkill: gpio: set GPIO direction (Rouven Czerwinski) - net: 9p: avoid freeing uninit memory in p9pdu_vreadf (Fedor Pchelkin) - Input: soc_button_array - add mapping for airplane mode button (Christoffer Sandberg) - Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (Xiao Yao) - Bluetooth: L2CAP: Send reject on command corrupted request (Frédéric Danis) - Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (Luiz Augusto von Dentz) - USB: serial: option: add Quectel RM500Q R13 firmware support (Reinhard Speyerer) - USB: serial: option: add Foxconn T99W265 with new baseline (Slark Xiao) - USB: serial: option: add Quectel EG912Y module support (Alper Ak) - USB: serial: ftdi_sio: update Actisense PIDs constant names (Mark Glover) - wifi: cfg80211: fix certs build to not depend on file order (Johannes Berg) - wifi: cfg80211: Add my certificate (Chen-Yu Tsai) - ALSA: usb-audio: Increase delay in MOTU M quirk (Jeremie Knuesel) - iio: triggered-buffer: prevent possible freeing of wrong buffer (David Lechner) - iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (Wadim Egorov) - iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (Javier Carrasco) - scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (Wei Yongjun) - Input: ipaq-micro-keys - add error handling for devm_kmemdup (Haoran Liu) - iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (Su Hui) - interconnect: Treat xlate() returning NULL node as an error (Mike Tipton) - smb: client: fix OOB in smb2_query_reparse_point() (Paulo Alcantara) - smb: client: fix NULL deref in asn1_ber_decoder() (Paulo Alcantara) - drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (Ville Syrjälä) - drm/i915: Relocate intel_atomic_setup_scalers() (Ville Syrjälä) - drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (Luca Coelho) - ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE (Namjae Jeon) - gpiolib: cdev: add gpio_device locking wrapper around gpio_ioctl() (Kent Gibson) - pinctrl: at91-pio4: use dedicated lock class for IRQ (Alexis Lothoré) - i2c: aspeed: Handle the coalesced stop conditions with the start conditions. (Quan Nguyen) - ASoC: hdmi-codec: fix missing report for jack initial status (Jerome Brunet) - afs: Fix use-after-free due to get/remove race in volume tree (David Howells) - afs: Use refcount_t rather than atomic_t (David Howells) - afs: Fix overwriting of result of DNS query (David Howells) - keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (David Howells) - net: check dev->gso_max_size in gso_features_check() (Eric Dumazet) - afs: Fix dynamic root lookup DNS check (David Howells) - afs: Fix the dynamic root's d_delete to always delete unused dentries (David Howells) - net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() (Liu Jian) - net: mana: select PAGE_POOL (Yury Norov) - net/rose: fix races in rose_kill_by_device() (Eric Dumazet) - ethernet: atheros: fix a memleak in atl1e_setup_ring_resources (Zhipeng Lu) - net: sched: ife: fix potential use-after-free (Eric Dumazet) - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (Rahul Rameshbabu) - net/mlx5: Fix fw tracer first block check (Moshe Shemesh) - net/mlx5e: fix a potential double-free in fs_udp_create_groups (Dinghao Liu) - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list() (Shifeng Li) - Revert "net/mlx5e: fix double free of encap_header" (Vlad Buslov) - Revert "net/mlx5e: fix double free of encap_header in update funcs" (Vlad Buslov) - wifi: mac80211: mesh_plink: fix matches_local logic (Johannes Berg) - wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (Johannes Berg) - s390/vx: fix save/restore of fpu kernel context (Heiko Carstens) - reset: Fix crash when freeing non-existent optional resets (Geert Uytterhoeven) - ARM: OMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (Kunwu Chan) - LTS version: v5.15.145 (Vijayendra Suman) - kasan: disable kasan_non_canonical_hook() for HW tags (Arnd Bergmann) - tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols (Francis Laniel) - Revert "drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers" (Amit Pundir) - Revert "drm/bridge: lt9611uxc: Register and attach our DSI device at probe" (Amit Pundir) - Revert "drm/bridge: lt9611uxc: fix the race in the error path" (Amit Pundir) - ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error (Namjae Jeon) - ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId (Namjae Jeon) - ksmbd: release interim response after sending status pending response (Namjae Jeon) - ksmbd: move oplock handling after unlock parent dir (Namjae Jeon) - ksmbd: separately allocate ci per dentry (Namjae Jeon) - ksmbd: fix possible deadlock in smb2_open (Namjae Jeon) - ksmbd: prevent memory leak on error return (Zongmin Zhou) - ksmbd: handle malformed smb1 message (Namjae Jeon) - ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked() (Namjae Jeon) - ksmbd: no need to wait for binded connection termination at logoff (Namjae Jeon) - ksmbd: add support for surrogate pair conversion (Namjae Jeon) - ksmbd: fix missing RDMA-capable flag for IPoIB device in ksmbd_rdma_capable_netdev() (Kangjing Huang) - ksmbd: fix recursive locking in vfs helpers (Marios Makassikis) - ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr() (Namjae Jeon) - ksmbd: reorganize ksmbd_iov_pin_rsp() (Namjae Jeon) - ksmbd: Remove unused field in ksmbd_user struct (Cheng-Han Wu) - ksmbd: fix potential double free on smb2_read_pipe() error path (Namjae Jeon) - ksmbd: fix Null pointer dereferences in ksmbd_update_fstate() (Namjae Jeon) - ksmbd: fix wrong error response status by using set_smb2_rsp_status() (Namjae Jeon) - ksmbd: fix race condition between tree conn lookup and disconnect (Namjae Jeon) - ksmbd: fix race condition from parallel smb2 lock requests (Namjae Jeon) - ksmbd: fix race condition from parallel smb2 logoff requests (Namjae Jeon) - ksmbd: fix race condition with fp (Namjae Jeon) - ksmbd: fix race condition between session lookup and expire (Namjae Jeon) - ksmbd: check iov vector index in ksmbd_conn_write() (Namjae Jeon) - ksmbd: return invalid parameter error response if smb2 request is invalid (Namjae Jeon) - ksmbd: fix passing freed memory 'aux_payload_buf' (Namjae Jeon) - ksmbd: remove unneeded mark_inode_dirty in set_info_sec() (Namjae Jeon) - ksmbd: remove experimental warning (Steve French) - ksmbd: add missing calling smb2_set_err_rsp() on error (Namjae Jeon) - ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() (Namjae Jeon) - ksmbd: Fix one kernel-doc comment (Yang Li) - ksmbd: reduce descriptor size if remaining bytes is less than request size (Namjae Jeon) - ksmbd: fix force create mode' and force directory mode' (Atte Heikkilä) - ksmbd: fix wrong interim response on compound (Namjae Jeon) - ksmbd: add support for read compound (Namjae Jeon) - ksmbd: switch to use kmemdup_nul() helper (Yang Yingliang) - ksmbd: fix out of bounds in init_smb2_rsp_hdr() (Namjae Jeon) - ksmbd: validate session id and tree id in compound request (Namjae Jeon) - ksmbd: check if a mount point is crossed during path lookup (Namjae Jeon) - ksmbd: Fix unsigned expression compared with zero (Wang Ming) - ksmbd: Replace one-element array with flexible-array member (Gustavo A. R. Silva) - ksmbd: Use struct_size() helper in ksmbd_negotiate_smb_dialect() (Gustavo A. R. Silva) - ksmbd: add missing compound request handing in some commands (Namjae Jeon) - ksmbd: fix out of bounds read in smb2_sess_setup (Namjae Jeon) - ksmbd: Replace the ternary conditional operator with min() (Lu Hongfei) - ksmbd: use kvzalloc instead of kvmalloc (Namjae Jeon) - ksmbd: Change the return value of ksmbd_vfs_query_maximal_access to void (Lu Hongfei) - ksmbd: return a literal instead of 'err' in ksmbd_vfs_kern_path_locked() (Namjae Jeon) - ksmbd: use kzalloc() instead of __GFP_ZERO (Namjae Jeon) - ksmbd: remove unused ksmbd_tree_conn_share function (Namjae Jeon) - ksmbd: add mnt_want_write to ksmbd vfs functions (Namjae Jeon) - ksmbd: validate smb request protocol id (Namjae Jeon) - ksmbd: check the validation of pdu_size in ksmbd_conn_handler_loop (Namjae Jeon) - ksmbd: fix posix_acls and acls dereferencing possible ERR_PTR() (Namjae Jeon) - ksmbd: fix out-of-bound read in parse_lease_state() (Namjae Jeon) - ksmbd: fix out-of-bound read in deassemble_neg_contexts() (Namjae Jeon) - ksmbd: call putname after using the last component (Namjae Jeon) - ksmbd: fix UAF issue from opinfo->conn (Namjae Jeon) - ksmbd: fix multiple out-of-bounds read during context decoding (Kuan-Ting Chen) - ksmbd: fix uninitialized pointer read in smb2_create_link() (Namjae Jeon) - ksmbd: fix uninitialized pointer read in ksmbd_vfs_rename() (Namjae Jeon) - ksmbd: fix racy issue under cocurrent smb2 tree disconnect (Namjae Jeon) - ksmbd: fix racy issue from smb2 close and logoff with multichannel (Namjae Jeon) - ksmbd: block asynchronous requests when making a delay on session setup (Namjae Jeon) - ksmbd: destroy expired sessions (Namjae Jeon) - ksmbd: fix racy issue from session setup and logoff (Namjae Jeon) - ksmbd: fix racy issue from using ->d_parent and ->d_name (Namjae Jeon) - fs: introduce lock_rename_child() helper (Al Viro) - ksmbd: remove unused compression negotiate ctx packing (David Disseldorp) - ksmbd: avoid duplicate negotiate ctx offset increments (David Disseldorp) - ksmbd: set NegotiateContextCount once instead of every inc (David Disseldorp) - ksmbd: avoid out of bounds access in decode_preauth_ctxt() (David Disseldorp) - ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr (Namjae Jeon) - ksmbd: delete asynchronous work from list (Namjae Jeon) - ksmbd: remove unused is_char_allowed function (Tom Rix) - ksmbd: fix wrong signingkey creation when encryption is AES256 (Namjae Jeon) - ksmbd: fix possible memory leak in smb2_lock() (Hangyu Hua) - ksmbd: Fix parameter name and comment mismatch (Jiapeng Chong) - ksmbd: Fix spelling mistake "excceed" -> "exceeded" (Colin Ian King) - ksmbd: update Kconfig to note Kerberos support and fix indentation (Steve French) - ksmbd: Remove duplicated codes (Dawei Li) - ksmbd: fix typo, syncronous->synchronous (Dawei Li) - ksmbd: Implements sess->rpc_handle_list as xarray (Dawei Li) - ksmbd: Implements sess->ksmbd_chann_list as xarray (Dawei Li) - ksmbd: send proper error response in smb2_tree_connect() (Marios Makassikis) - ksmbd: Convert to use sysfs_emit()/sysfs_emit_at() APIs (ye xingchen) - ksmbd: Fix resource leak in smb2_lock() (Marios Makassikis) - ksmbd: use F_SETLK when unlocking a file (Jeff Layton) - ksmbd: set SMB2_SESSION_FLAG_ENCRYPT_DATA when enforcing data encryption for this share (Namjae Jeon) - ksmbd: replace one-element arrays with flexible-array members (Gustavo A. R. Silva) - ksmbd: validate share name from share config response (Atte Heikkilä) - ksmbd: call ib_drain_qp when disconnected (Namjae Jeon) - ksmbd: make utf-8 file name comparison work in __caseless_lookup() (Atte Heikkilä) - ksmbd: hide socket error message when ipv6 config is disable (Namjae Jeon) - ksmbd: reduce server smbdirect max send/receive segment sizes (Tom Talpey) - ksmbd: decrease the number of SMB3 smbdirect server SGEs (Tom Talpey) - ksmbd: set NTLMSSP_NEGOTIATE_SEAL flag to challenge blob (Namjae Jeon) - ksmbd: fix encryption failure issue for session logoff response (Namjae Jeon) - ksmbd: fill sids in SMB_FIND_FILE_POSIX_INFO response (Namjae Jeon) - ksmbd: set file permission mode to match Samba server posix extension behavior (Namjae Jeon) - ksmbd: change security id to the one samba used for posix extension (Namjae Jeon) - ksmbd: casefold utf-8 share names and fix ascii lowercase conversion (Atte Heikkilä) - ksmbd: remove generic_fillattr use in smb2_open() (Namjae Jeon) - ksmbd: constify struct path (Al Viro) - ksmbd: don't open-code %pD (Al Viro) - ksmbd: don't open-code file_path() (Al Viro) - ksmbd: remove unnecessary generic_fillattr in smb2_open (Hyunchul Lee) - ksmbd: request update to stale share config (Atte Heikkilä) - ksmbd: use wait_event instead of schedule_timeout() (Namjae Jeon) - ksmbd: remove unused ksmbd_share_configs_cleanup function (Namjae Jeon) - ksmbd: remove duplicate flag set in smb2_write (Hyunchul Lee) - ksmbd: smbd: Remove useless license text when SPDX-License-Identifier is already used (Christophe JAILLET) - ksmbd: smbd: relax the count of sges required (Hyunchul Lee) - ksmbd: smbd: fix connection dropped issue (Hyunchul Lee) - ksmbd: Fix some kernel-doc comments (Yang Li) - ksmbd: fix wrong smbd max read/write size check (Namjae Jeon) - ksmbd: smbd: handle multiple Buffer descriptors (Hyunchul Lee) - ksmbd: smbd: change the return value of get_sg_list (Hyunchul Lee) - ksmbd: smbd: simplify tracking pending packets (Hyunchul Lee) - ksmbd: smbd: introduce read/write credits for RDMA read/write (Hyunchul Lee) - ksmbd: smbd: change prototypes of RDMA read/write related functions (Hyunchul Lee) - ksmbd: validate length in smb2_write() (Namjae Jeon) - ksmbd: remove filename in ksmbd_file (Namjae Jeon) - smb3: fix ksmbd bigendian bug in oplock break, and move its struct to smbfs_common (Steve French) - ksmbd: replace usage of found with dedicated list iterator variable (Jakob Koschel) - ksmbd: Remove a redundant zeroing of memory (Christophe JAILLET) - ksmbd: shorten experimental warning on loading the module (Steve French) - ksmbd: store fids as opaque u64 integers (Paulo Alcantara (SUSE)) - ksmbd: use netif_is_bridge_port (Tobias Klauser) - ksmbd: add support for key exchange (Namjae Jeon) - ksmbd: smbd: validate buffer descriptor structures (Hyunchul Lee) - ksmbd: smbd: fix missing client's memory region invalidation (Hyunchul Lee) - ksmbd: add smb-direct shutdown (Namjae Jeon) - ksmbd: smbd: change the default maximum read/write, receive size (Hyunchul Lee) - ksmbd: smbd: create MR pool (Hyunchul Lee) - ksmbd: smbd: call rdma_accept() under CM handler (Hyunchul Lee) - ksmbd: set 445 port to smbdirect port by default (Namjae Jeon) - ksmbd: register ksmbd ib client with ib_register_client() (Hyunchul Lee) - ksmbd: Fix smb2_get_name() kernel-doc comment (Yang Li) - ksmbd: Delete an invalid argument description in smb2_populate_readdir_entry() (Yang Li) - ksmbd: Fix smb2_set_info_file() kernel-doc comment (Yang Li) - ksmbd: Fix buffer_check_err() kernel-doc comment (Yang Li) - ksmbd: set both ipv4 and ipv6 in FSCTL_QUERY_NETWORK_INTERFACE_INFO (Namjae Jeon) - ksmbd: Remove unused fields from ksmbd_file struct definition (Marios Makassikis) - ksmbd: Remove unused parameter from smb2_get_name() (Marios Makassikis) - ksmbd: use oid registry functions to decode OIDs (Hyunchul Lee) - ksmbd: change LeaseKey data type to u8 array (Namjae Jeon) - ksmbd: remove smb2_buf_length in smb2_transform_hdr (Namjae Jeon) - ksmbd: remove smb2_buf_length in smb2_hdr (Namjae Jeon) - ksmbd: remove md4 leftovers (Namjae Jeon) - ksmbd: Remove redundant 'flush_workqueue()' calls (Christophe JAILLET) - ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon() (Ralph Boehme) - LTS version: v5.15.144 (Vijayendra Suman) - r8152: fix the autosuspend doesn't work (Hayes Wang) - r8152: remove rtl_vendor_mode function (Hayes Wang) - r8152: avoid to change cfg for all devices (Hayes Wang) - powerpc/ftrace: Fix stack teardown in ftrace_no_trace (Naveen N Rao) - powerpc/ftrace: Create a dummy stackframe to fix stack unwind (Naveen N Rao) - RDMA/irdma: Prevent zero-length STAG registration (Christopher Bednarz) [Orabug: 36155612] {CVE-2023-25775} - USB: gadget: core: adjust uevent timing on gadget unbind (Roy Luo) - ring-buffer: Do not try to put back write_stamp (Steven Rostedt (Google)) - ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (Steven Rostedt (Google)) - ring-buffer: Fix writing to the buffer with max_data_size (Steven Rostedt (Google)) - ring-buffer: Have saved event hold the entire event (Steven Rostedt (Google)) - ring-buffer: Do not update before stamp when switching sub-buffers (Steven Rostedt (Google)) - tracing: Update snapshot buffer on resize if it is allocated (Steven Rostedt (Google)) - ring-buffer: Fix memory leak of free page (Steven Rostedt (Google)) - drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (Alex Deucher) - team: Fix use-after-free when an option instance allocation fails (Florent Revest) - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (James Houghton) - ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS (Baokun Li) - soundwire: stream: fix NULL pointer dereference for multi_link (Krzysztof Kozlowski) - btrfs: do not allow non subvolume root targets for snapshot (Josef Bacik) - HID: hid-asus: add const to read-only outgoing usb buffer (Denis Benato) - net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (Lech Perczak) - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation (Linus Torvalds) - HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad (Aoba K) - HID: hid-asus: reset the backlight brightness level on resume (Denis Benato) - HID: add ALWAYS_POLL quirk for Apple kb (Oliver Neukum) - HID: glorious: fix Glorious Model I HID report (Brett Raye) - platform/x86: intel_telemetry: Fix kernel doc descriptions (Andy Shevchenko) - bcache: avoid NULL checking to c->root in run_cache_set() (Coly Li) - bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (Coly Li) - bcache: remove redundant assignment to variable cur_idx (Colin Ian King) - bcache: avoid oversize memory allocation by small stripe_size (Coly Li) - blk-cgroup: bypass blkcg_deactivate_policy after destroying (Ming Lei) - blk-throttle: fix lockdep warning of "cgroup_mutex or RCU read lock required!" (Ming Lei) - stmmac: dwmac-loongson: Add architecture dependency (Jean Delvare) - usb: aqc111: check packet for fixup for true limit (Oliver Neukum) - drm/mediatek: Add spinlock for setting vblank event in atomic_begin (Jason-JH.Lin) - PCI: loongson: Limit MRRS to 256 (Jiaxun Yang) - ALSA: hda/realtek: Apply mute LED quirk for HP15-db (Hartmut Knaack) - ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (Kai Vehmanen) - ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB (Kai Vehmanen) - fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (Hangyu Hua) - net: atlantic: fix double free in ring reinit logic (Igor Russkikh) - appletalk: Fix Use-After-Free in atalk_ioctl (Hyunwoo Kim) - net: stmmac: Handle disabled MDIO busses from devicetree (Andrew Halaney) - net: stmmac: use dev_err_probe() for reporting mdio bus registration failure (Rasmus Villemoes) - dpaa2-switch: fix size of the dma_unmap (Ioana Ciornei) - vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (Nikolay Kuratov) - sign-file: Fix incorrect return values check (Yusong Gao) - stmmac: dwmac-loongson: Make sure MDIO is initialized before use (Yanteng Si) - net: ena: Fix XDP redirection error (David Arinzon) - net: ena: Fix xdp drops handling due to multibuf packets (David Arinzon) - net: ena: Destroy correct number of xdp queues upon failure (David Arinzon) - net: Remove acked SYN flag from packet in the transmit queue correctly (Dong Chenchen) - qed: Fix a potential use-after-free in qed_cxt_tables_alloc (Dinghao Liu) - net/rose: Fix Use-After-Free in rose_ioctl (Hyunwoo Kim) - atm: Fix Use-After-Free in do_vcc_ioctl (Hyunwoo Kim) - octeontx2-af: Update RSS algorithm index (Hariprasad Kelam) - octeontx2-pf: Fix promisc mcam entry action (Hariprasad Kelam) - octeontx2-af: fix a use-after-free in rvu_nix_register_reporters (Zhipeng Lu) - net: fec: correct queue selection (Radu Bulie) - net: vlan: introduce skb_vlan_eth_hdr() (Vladimir Oltean) - atm: solos-pci: Fix potential deadlock on &tx_queue_lock (Chengfeng Ye) - atm: solos-pci: Fix potential deadlock on &cli_queue_lock (Chengfeng Ye) - qca_spi: Fix reset behavior (Stefan Wahren) - qca_debug: Fix ethtool -G iface tx behavior (Stefan Wahren) - qca_debug: Prevent crash on TX ring changes (Stefan Wahren) - HID: lenovo: Restrict detection of patched firmware only to USB cptkbd (Mikhail Khvainitski) - afs: Fix refcount underflow from error handling race (David Howells) - ksmbd: fix memory leak in smb2_lock() (Zizhi Wo) - MIPS: Loongson64: Handle more memory types passed from firmware (Jiaxun Yang) - memblock: allow to specify flags with memblock_add_node() (David Hildenbrand) - mm/memory_hotplug: handle memblock_add_node() failures in add_memory_resource() (David Hildenbrand) - netfilter: nf_tables: fix 'exist' matching on bigendian arches (Florian Westphal) - r8152: add vendor/device ID pair for ASUS USB-C2500 (Kelly Kane) - r8152: add vendor/device ID pair for D-Link DUB-E250 (Antonio Napolitano) - r8152: add USB device driver for config selection (Bjørn Mork) - LTS version: v5.15.143 (Jack Vogel) - devcoredump: Send uevent once devcd is ready (Mukesh Ojha) - devcoredump : Serialize devcd_del work (Mukesh Ojha) - smb: client: fix potential NULL deref in parse_dfs_referrals() (Paulo Alcantara) - cifs: Fix non-availability of dedup breaking generic/304 (David Howells) - Revert "btrfs: add dmesg output for first mount and last unmount of a filesystem" (Greg Kroah-Hartman) - MIPS: Loongson64: Enable DMA noncoherent support (Jiaxun Yang) - MIPS: Loongson64: Reserve vgabios memory on boot (Jiaxun Yang) - KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (Sean Christopherson) - KVM: s390/mm: Properly reset no-dat (Claudio Imbrenda) - x86/CPU/AMD: Check vendor in the AMD microcode callback (Borislav Petkov (AMD)) - serial: 8250_omap: Add earlycon support for the AM654 UART controller (Ronald Wahl) - serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (Ronald Wahl) - serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (Ronald Wahl) - serial: sc16is7xx: address RX timeout interrupt errata (Daniel Mack) - ARM: PL011: Fix DMA support (Arnd Bergmann) - usb: typec: class: fix typec_altmode_put_partner to put plugs (RD Babiera) - Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1" (Mathias Nyman) - parport: Add support for Brainboxes IX/UC/PX parallel cards (Cameron Williams) - usb: gadget: f_hid: fix report descriptor allocation (Konstantin Aladyshev) - drm/amdgpu: correct the amdgpu runtime dereference usage count (Prike Liang) - drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (Srinivasan Shanmugam) - gpiolib: sysfs: Fix error handling on failed export (Boerge Struempfel) - arm64: dts: mt8183: kukui: Fix underscores in node names (Hsin-Yi Wang) - arm64: dts: mediatek: add missing space before { (Krzysztof Kozlowski) - arm64: dts: mediatek: mt8183: Move thermal-zones to the root node (AngeloGioacchino Del Regno) - arm64: dts: mediatek: align thermal zone node names with dtschema (Krzysztof Kozlowski) - tools headers UAPI: Sync linux/perf_event.h with the kernel sources (Namhyung Kim) - docs/process/howto: Replace C89 with C11 (Akira Yokosawa) - platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (Hans de Goede) - netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) - io_uring/af_unix: disable sending io_uring over sockets (Pavel Begunkov) - mm: fix oops when filemap_map_pmd() without prealloc_pte (Hugh Dickins) - r8169: fix rtl8125b PAUSE frames blasting when suspended (ChunHao Lin) - tracing: Stop current tracer when resizing buffer (Steven Rostedt (Google)) - tracing: Set actual size after ring buffer resize (Zheng Yejian) - ring-buffer: Force absolute timestamp on discard of event (Steven Rostedt (Google)) - misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (Su Hui) - misc: mei: client.c: return negative error code in mei_cl_write (Su Hui) - coresight: etm4x: Remove bogous __exit annotation for some functions (Uwe Kleine-König) - coresight: etm4x: Make etm4_remove_dev() return void (Uwe Kleine-König) - kallsyms: Make kallsyms_on_each_symbol generally available (Jiri Olsa) - binder: fix memory leaks of spam and pending work (Carlos Llamas) - arm64: dts: mediatek: mt8183: Fix unit address for scp reserved memory (AngeloGioacchino Del Regno) - arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names (AngeloGioacchino Del Regno) - arm64: dts: mediatek: mt8183-kukui-jacuzzi: fix dsi unnecessary cells properties (Eugen Hristev) - arm64: dts: mediatek: mt7622: fix memory node warning check (Eugen Hristev) - platform/surface: aggregator: fix recv_buf() return value (Francesco Dolcini) - regmap: fix bogus error on regcache_sync success (Matthias Reichl) - packet: Move reference count in packet_sock to atomic_long_t (Daniel Borkmann) - tracing: Fix a possible race when disabling buffered events (Petr Pavlu) - tracing: Fix incomplete locking when disabling buffered events (Petr Pavlu) - tracing: Disable snapshot buffer when stopping instance tracers (Steven Rostedt (Google)) - tracing: Always update snapshot buffer size (Steven Rostedt (Google)) - checkstack: fix printed address (Heiko Carstens) - nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (Ryusuke Konishi) - nilfs2: fix missing error check for sb_set_blocksize call (Ryusuke Konishi) - ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5 (Bin Li) - ALSA: pcm: fix out-of-bounds in snd_pcm_state_names (Jason Zhang) - ALSA: usb-audio: Add Pioneer DJM-450 mixer controls (Sarah Grant) - io_uring: fix mutex_unlock with unreferenced ctx (Pavel Begunkov) - nvme-pci: Add sleep quirk for Kingston drives (Georg Gottleuber) - kprobes: consistent rcu api usage for kretprobe holder (JP Kobryn) - md: don't leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (Yu Kuai) - md: introduce md_ro_state (Ye Bin) - riscv: fix misaligned access handling of C.SWSP and C.SDSP (Clément Léger) - ARM: dts: imx28-xea: Pass the 'model' property (Fabio Estevam) - ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt (Philipp Zabel) - ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (Kunwu Chan) - scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (Dinghao Liu) - tracing: Fix a warning when allocating buffered events fails (Petr Pavlu) - ARM: dts: imx6ul-pico: Describe the Ethernet PHY clock (Fabio Estevam) - arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (Nathan Rossi) - arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (Peng Fan) - RDMA/irdma: Avoid free the non-cqp_request scratch (Shifeng Li) - RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz (Mike Marciniszyn) - ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate (Dinghao Liu) - hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (Christophe JAILLET) - hwmon: (acpi_power_meter) Fix 4.29 MW bug (Armin Wolf) - RDMA/bnxt_re: Correct module description string (Kalesh AP) - RDMA/rtrs-clt: Remove the warnings for req in_use check (Jack Wang) - RDMA/rtrs-clt: Fix the max_send_wr setting (Jack Wang) - RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (Md Haris Iqbal) - RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (Md Haris Iqbal) - RDMA/rtrs-srv: Check return values while processing info request (Md Haris Iqbal) - RDMA/rtrs-clt: Start hb after path_up (Jack Wang) - RDMA/rtrs-srv: Do not unconditionally enable irq (Jack Wang) - arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (Alex Bee) - RDMA/irdma: Add wait for suspend on SQD (Mustafa Ismail) - RDMA/irdma: Do not modify to SQD on error (Mustafa Ismail) - RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (Junxian Huang) - tee: optee: Fix supplicant based device enumeration (Sumit Garg) - drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group (Ido Schimmel) - net: add missing kdoc for struct genl_multicast_group::flags (Jakub Kicinski) - psample: Require 'CAP_NET_ADMIN' when joining "packets" group (Ido Schimmel) - bpf: sockmap, updating the sg structure should also update curr (John Fastabend) - tcp: do not accept ACK of bytes we never sent (Eric Dumazet) - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket (Phil Sutter) - netfilter: nf_tables: validate family when identifying table via handle (Pablo Neira Ayuso) - netfilter: nf_tables: bail out on mismatching dynset and set expressions (Pablo Neira Ayuso) [Orabug: 36155544] {CVE-2023-6622} - octeontx2-af: Update Tx link register range (Rahul Bhansali) - net: hns: fix fake link up on xge port (Yonglong Liu) - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (Shigeru Yoshida) - ionic: Fix dim work handling in split interrupt mode (Brett Creeley) - ionic: fix snprintf format length warning (Shannon Nelson) - net: bnxt: fix a potential use-after-free in bnxt_init_tc (Dinghao Liu) - i40e: Fix unexpected MFS warning message (Ivan Vecera) - octeontx2-af: fix a use-after-free in rvu_npa_register_reporters (Zhipeng Lu) - net: stmmac: fix FPE events losing (Jianheng Zhang) - arcnet: restoring support for multiple Sohard Arcnet cards (Thomas Reichinger) - platform/mellanox: Check devm_hwmon_device_register_with_groups() return value (Kunwu Chan) - platform/mellanox: Add null pointer checks for devm_kasprintf() (Kunwu Chan) - mlxbf-bootctl: correctly identify secure boot with development keys (David Thompson) - r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (Douglas Anderson) - r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (Douglas Anderson) - r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (Douglas Anderson) - r8152: Add RTL8152_INACCESSIBLE checks to more loops (Douglas Anderson) - r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (Douglas Anderson) - hv_netvsc: rndis_filter needs to select NLS (Randy Dunlap) - octeontx2-af: Check return value of nix_get_nixlf before using nixlf (Subbaraya Sundeep) - octeontx2-pf: Add missing mutex lock in otx2_get_pauseparam (Subbaraya Sundeep) - ipv6: fix potential NULL deref in fib6_add() (Eric Dumazet) - platform/x86: wmi: Skip blocks with zero instances (Armin Wolf) - platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (Mario Limonciello) - of: dynamic: Fix of_reconfig_get_state_change() return value documentation (Luca Ceresoli) - platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (Hans de Goede) - platform/x86: asus-wmi: Simplify tablet-mode-switch handling (Hans de Goede) - platform/x86: asus-wmi: Simplify tablet-mode-switch probing (Hans de Goede) - platform/x86: asus-wmi: Add support for ROG X13 tablet mode (Luke D. Jones) - platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (Luke D. Jones) - drm/amdgpu: correct chunk_ptr to a pointer to chunk. (YuanShang) - kconfig: fix memory leak from range properties (Masahiro Yamada) - tg3: Increment tx_dropped in tg3_tso_bug() (Alex Pakhunov) - tg3: Move the [rt]x_dropped counters to tg3_napi (Alex Pakhunov) - netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test (Jozsef Kadlecsik) - i2c: designware: Fix corrupted memory seen in the ISR (Jan Bottorff) - vdpa/mlx5: preserve CVQ vringh index (Steve Sistare) - LTS version: v5.15.142 (Jack Vogel) - iomap: update ki_pos a little later in iomap_dio_complete (Christoph Hellwig) - r8169: fix deadlock on RTL8125 in jumbo mtu mode (Heiner Kallweit) - r8169: disable ASPM in case of tx timeout (Heiner Kallweit) - mmc: sdhci-sprd: Fix vqmmc not shutting down after the card was pulled (Wenchao Chen) - mmc: core: add helpers mmc_regulator_enable/disable_vqmmc (Heiner Kallweit) - iommu/vt-d: Make context clearing consistent with context mapping (Lu Baolu) - iommu/vt-d: Omit devTLB invalidation requests when TES=0 (Lu Baolu) - cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily (Christoph Niedermaier) - cpufreq: imx6q: don't warn for disabling a non-existing frequency (Christoph Niedermaier) - smb3: fix caching of ctime on setxattr (Steve French) - fs: add ctime accessors infrastructure (Jeff Layton) - fbdev: stifb: Make the STI next font pointer a 32-bit signed offset (Helge Deller) - ASoC: SOF: sof-pci-dev: Fix community key quirk detection (Mark Hasemeyer) - ASoC: SOF: sof-pci-dev: don't use the community key on APL Chromebooks (Pierre-Louis Bossart) - ASoC: SOF: sof-pci-dev: add parameter to override topology filename (Pierre-Louis Bossart) - ASoC: SOF: sof-pci-dev: use community key on all Up boards (Pierre-Louis Bossart) - ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede) - smb3: fix touch -h of symlink (Steve French) - selftests/resctrl: Move _GNU_SOURCE define into Makefile (Ilpo Järvinen) - selftests/resctrl: Add missing SPDX license to Makefile (Shaopeng Tan) - perf intel-pt: Fix async branch flags (Adrian Hunter) - net: ravb: Stop DMA in case of failures on ravb_open() (Claudiu Beznea) - net: ravb: Start TX queues after HW initialization succeeded (Claudiu Beznea) - net: ravb: Use pm_runtime_resume_and_get() (Claudiu Beznea) - net: ravb: Check return value of reset_control_deassert() (Claudiu Beznea) - ravb: Fix races between ravb_tx_timeout_work() and net related ops (Yoshihiro Shimoda) - r8169: prevent potential deadlock in rtl8169_close (Heiner Kallweit) - octeontx2-pf: Fix adding mbox work queue entry when num_vfs > 64 (Geetha sowjanya) - net: stmmac: xgmac: Disable FPE MMC interrupts (Furong Xu) - octeontx2-af: Fix possible buffer overflow (Elena Salomatkina) - selftests/net: ipsec: fix constant out of range (Willem de Bruijn) - uapi: propagate __struct_group() attributes to the container union (Dmitry Antipov) - dpaa2-eth: increase the needed headroom to account for alignment (Ioana Ciornei) - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet (Zhengchao Shao) - usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (Niklas Neronin) - USB: core: Change configuration warnings to notices (Alan Stern) - hv_netvsc: fix race of netvsc and VF register_netdevice (Haiyang Zhang) - rcu: Avoid tracing a few functions executed in stop machine (Patrick Wang) - vlan: move dev_put into vlan_dev_uninit (Xin Long) - vlan: introduce vlan_dev_free_egress_priority (Xin Long) - Input: xpad - add HyperX Clutch Gladiate Support (Max Nguyen) - btrfs: make error messages more clear when getting a chunk map (Filipe Manana) - btrfs: send: ensure send_fd is writable (Jann Horn) - btrfs: fix off-by-one when checking chunk map includes logical address (Filipe Manana) - btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod() (Bragatheswaran Manickavel) - btrfs: add dmesg output for first mount and last unmount of a filesystem (Qu Wenruo) - parisc: Drop the HP-UX ENOSYM and EREMOTERELEASE error codes (Helge Deller) - powerpc: Don't clobber f0/vs0 during fp|altivec register save (Timothy Pearson) - iommu/vt-d: Add MTL to quirk list to skip TE disabling (Abdul Halim, Mohd Syazwan) - bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (Markus Weippert) - dm verity: don't perform FEC for failed readahead IO (Wu Bo) - dm-verity: align struct dm_verity_fec_io properly (Mikulas Patocka) - ALSA: hda/realtek: Add supported ALC257 for ChromeOS (Kailang Yang) - ALSA: hda/realtek: Headset Mic VREF to 100% (Kailang Yang) - ALSA: hda: Disable power-save on KONTRON SinglePC (Takashi Iwai) - mmc: block: Be sure to wait while busy in CQE error recovery (Adrian Hunter) - mmc: block: Do not lose cache flush during CQE error recovery (Adrian Hunter) - mmc: block: Retry commands in CQE error recovery (Adrian Hunter) - mmc: cqhci: Fix task clearing in CQE error recovery (Adrian Hunter) - mmc: cqhci: Warn of halt or task clear failure (Adrian Hunter) - mmc: cqhci: Increase recovery halt timeout (Adrian Hunter) - firewire: core: fix possible memory leak in create_units() (Yang Yingliang) - pinctrl: avoid reload of p state in list iteration (Maria Yu) - LTS version: v5.15.141 (Jack Vogel) - io_uring: fix off-by one bvec index (Keith Busch) - USB: dwc3: qcom: fix wakeup after probe deferral (Johan Hovold) - USB: dwc3: qcom: fix software node leak on probe errors (Johan Hovold) - usb: dwc3: set the dma max_seg_size (Ricardo Ribalda) - usb: dwc3: Fix default mode initialization (Alexander Stein) - USB: dwc2: write HCINT with INTMASK applied (Oliver Neukum) - usb: typec: tcpm: Skip hard reset when in error recovery (Badhri Jagan Sridharan) - USB: serial: option: don't claim interface 4 for ZTE MF290 (Lech Perczak) - USB: serial: option: fix FM101R-GL defines (Puliang Lu) - USB: serial: option: add Fibocom L7xx modules (Victor Fragoso) - usb: cdnsp: Fix deadlock issue during using NCM gadget (Pawel Laszczak) - bcache: fixup lock c->root error (Mingzhe Zou) - bcache: fixup init dirty data errors (Mingzhe Zou) - bcache: prevent potential division by zero error (Rand Deeb) - bcache: check return value from btree_node_alloc_replacement() (Coly Li) - dm-delay: fix a race between delay_presuspend and delay_bio (Mikulas Patocka) - hv_netvsc: Mark VF as slave before exposing it to user-mode (Long Li) - hv_netvsc: Fix race of register_netdevice_notifier and VF register (Haiyang Zhang) - USB: serial: option: add Luat Air72*U series products (Asuna Yang) - s390/dasd: protect device queue against concurrent access (Jan Höppner) - io_uring/fs: consider link->flags when getting path for LINKAT (Charles Mirabile) - bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (Mingzhe Zou) - md: fix bi_status reporting in md_end_clone_io (Song Liu) - bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (Coly Li) - swiotlb-xen: provide the "max_mapping_size" method (Keith Busch) - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (Hans de Goede) - proc: sysctl: prevent aliased sysctls from getting passed to init (Krister Johansen) - ext4: make sure allocate pending entry not fail (Zhang Yi) - ext4: fix slab-use-after-free in ext4_es_insert_extent() (Baokun Li) - ext4: using nofail preallocation in ext4_es_insert_extent() (Baokun Li) - ext4: using nofail preallocation in ext4_es_insert_delayed_block() (Baokun Li) - ext4: using nofail preallocation in ext4_es_remove_extent() (Baokun Li) - ext4: use pre-allocated es in __es_remove_extent() (Baokun Li) - ext4: use pre-allocated es in __es_insert_extent() (Baokun Li) - ext4: factor out __es_alloc_extent() and __es_free_extent() (Baokun Li) - ext4: add a new helper to check if es must be kept (Baokun Li) - media: qcom: camss: Fix csid-gen2 for test pattern generator (Andrey Konovalov) - media: qcom: camss: Fix set CSI2_RX_CFG1_VC_MODE when VC is greater than 3 (Bryan O'Donoghue) - media: camss: sm8250: Virtual channels for CSID (Milen Mitkov) - media: camss: Replace hard coded value with parameter (Souptick Joarder (HPE)) - MIPS: KVM: Fix a build warning about variable set but not used (Huacai Chen) - lockdep: Fix block chain corruption (Peter Zijlstra) - USB: dwc3: qcom: fix ACPI platform device leak (Johan Hovold) - USB: dwc3: qcom: fix resource leaks on probe deferral (Johan Hovold) - nvmet: nul-terminate the NQNs passed in the connect command (Christoph Hellwig) - afs: Fix file locking on R/O volumes to operate in local mode (David Howells) - afs: Return ENOENT if no cell DNS record can be found (David Howells) - net: axienet: Fix check for partial TX checksum (Samuel Holland) - amd-xgbe: propagate the correct speed and duplex status (Raju Rangoju) - amd-xgbe: handle the corner-case during tx completion (Raju Rangoju) - amd-xgbe: handle corner-case during sfp hotplug (Raju Rangoju) - octeontx2-pf: Fix ntuple rule creation to direct packet to VF with higher Rx queue than its PF (Suman Ghosh) - arm/xen: fix xen_vcpu_info allocation alignment (Stefano Stabellini) - net/smc: avoid data corruption caused by decline (D. Wythe) - net: usb: ax88179_178a: fix failed operations during ax88179_reset (Jose Ignacio Tornos Martinez) - ipv4: Correct/silence an endian warning in __ip_do_redirect (Kunwu Chan) - HID: fix HID device resource race between HID core and debugging support (Charles Yi) - HID: core: store the unique system identifier in hid_device (Benjamin Tissoires) - drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (Jonas Karlman) - ata: pata_isapnp: Add missing error check for devm_ioport_map() (Chen Ni) - octeontx2-pf: Fix memory leak during interface down (Suman Ghosh) - wireguard: use DEV_STATS_INC() (Eric Dumazet) - drm/panel: simple: Fix Innolux G101ICE-L01 timings (Marek Vasut) - drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (Marek Vasut) - drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (Xuxin Xiong) - drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (Shuijing Li) - afs: Make error on cell lookup failure consistent with OpenAFS (David Howells) - afs: Fix afs_server_list to be cleaned up with RCU (David Howells) - LTS version: v5.15.140 (Jack Vogel) - driver core: Release all resources during unbind before updating device links (Saravana Kannan) - Input: xpad - add VID for Turtle Beach controllers (Vicki Pfau) - powerpc/powernv: Fix fortify source warnings in opal-prd.c (Michael Ellerman) - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid (Jens Axboe) - drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox (Lewis Huang) - drm/amdgpu: fix error handling in amdgpu_bo_list_get() (Christian König) - drm/amdgpu: don't use ATRM for external devices (Alex Deucher) - drm/i915: Fix potential spectre vulnerability (Kunwu Chan) - drm/amd/pm: Handle non-terminated overdrive commands. (Bas Nieuwenhuizen) - ext4: add missed brelse in update_backups (Kemeng Shi) - ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (Kemeng Shi) - ext4: correct the start block of counting reserved clusters (Zhang Yi) - ext4: correct return value of ext4_convert_meta_bg (Kemeng Shi) - ext4: correct offset of gdb backup in non meta_bg group to update_backups (Kemeng Shi) - ext4: apply umask if ACL support is disabled (Max Kellermann) - Revert "net: r8169: Disable multicast filter for RTL8168H and RTL8107E" (Heiner Kallweit) - media: qcom: camss: Fix missing vfe_lite clocks check (Bryan O'Donoghue) - media: qcom: camss: Fix VFE-17x vfe_disable_output() (Bryan O'Donoghue) - media: qcom: camss: Fix vfe_get() error jump (Bryan O'Donoghue) - media: qcom: camss: Fix pm_domain_on sequence in probe (Bryan O'Donoghue) - mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER (Victor Shih) - r8169: fix network lost after resume on DASH systems (ChunHao Lin) - mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (Roman Gushchin) - mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2 (Victor Shih) - riscv: kprobes: allow writing to x0 (Nam Cao) - nfsd: fix file memleak on client_opens_release (Mahmoud Adam) - media: ccs: Correctly initialise try compose rectangle (Sakari Ailus) - media: venus: hfi: add checks to handle capabilities from firmware (Vikash Garodia) - media: venus: hfi: fix the check to handle session buffer requirement (Vikash Garodia) - media: venus: hfi_parser: Add check to keep the number of codecs within range (Vikash Garodia) - media: sharp: fix sharp encoding (Sean Young) - media: lirc: drop trailing space from scancode transmit (Sean Young) - f2fs: avoid format-overflow warning (Su Hui) - i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (Heiner Kallweit) - net: phylink: initialize carrier state at creation (Klaus Kudielka) - net: dsa: lan9303: consequently nested-lock physical MDIO (Alexander Sverdlin) - net: ethtool: Fix documentation of ethtool_sprintf() (Andrew Lunn) - s390/ap: fix AP bus crash on early config change callback invocation (Harald Freudenberger) - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) - lsm: fix default return value for inode_getsecctx (Ondrej Mosnacek) - lsm: fix default return value for vm_enough_memory (Ondrej Mosnacek) - Revert "i2c: pxa: move to generic GPIO recovery" (Robert Marko) - powerpc/pseries/ddw: simplify enable_ddw() (Alexey Kardashevskiy) - arm64: dts: qcom: ipq6018: Fix tcsr_mutex register size (Vignesh Viswanathan) - arm64: dts: qcom: ipq6018: switch TCSR mutex to MMIO (Krzysztof Kozlowski) - ksmbd: fix slab out of bounds write in smb_inherit_dacl() (Namjae Jeon) - Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (Guan Wentao) - Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (Masum Reza) - bluetooth: Add device 13d3:3571 to device tables (Larry Finger) - bluetooth: Add device 0bda:887b to device tables (Larry Finger) - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (Artem Lukyanov) - cpufreq: stats: Fix buffer overflow detection in trans_stats() (Christian Marangi) - regmap: Ensure range selector registers are updated after cache sync (Mark Brown) - tty: serial: meson: fix hard LOCKUP on crtscts mode (Pavel Krasavin) - serial: meson: Use platform_get_irq() to get the interrupt (Lad Prabhakar) - ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (Chandradeep Dey) - ALSA: hda/realtek - Add Dell ALC295 to pin fall back table (Kailang Yang) - ALSA: info: Fix potential deadlock at disconnection (Takashi Iwai) - xhci: Enable RPM on controllers that support low-power states (Basavaraj Natikar) - parisc/pgtable: Do not drop upper 5 address bits of physical address (Helge Deller) - parisc: Prevent booting 64-bit kernels on PA1.x machines (Helge Deller) - i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen (Frank Li) - i3c: master: svc: fix check wrong status register in irq handler (Frank Li) - i3c: master: svc: fix ibi may not return mandatory data byte (Frank Li) - i3c: master: svc: fix wrong data return when IBI happen during start frame (Frank Li) - i3c: master: svc: fix race condition in ibi work thread (Frank Li) - i3c: master: cdns: Fix reading status register (Joshua Yeong) - mtd: cfi_cmdset_0001: Byte swap OTP info (Linus Walleij) - mm/memory_hotplug: use pfn math in place of direct struct page manipulation (Zi Yan) - mm/cma: use nth_page() in place of direct struct page manipulation (Zi Yan) - s390/cmma: fix detection of DAT pages (Heiko Carstens) - dmaengine: stm32-mdma: correct desc prep when channel running (Alain Volmat) - mcb: fix error handling for different scenarios when parsing (Sanjuán GarcÃa, Jorge) - tracing: Have the user copy of synthetic event address use correct context (Steven Rostedt (Google)) - i2c: core: Run atomic i2c xfer when !preemptible (Benjamin Bara) - kernel/reboot: emergency_restart: Set correct system_state (Benjamin Bara) - quota: explicitly forbid quota files from being encrypted (Eric Biggers) - jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (Zhihao Cheng) - ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix (Krzysztof Kozlowski) - selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests (Ilpo Järvinen) - selftests/resctrl: Remove duplicate feature check from CMT test (Ilpo Järvinen) - netfilter: nf_tables: split async and sync catchall in two functions (Pablo Neira Ayuso) - netfilter: nf_tables: remove catchall element in GC sync path (Pablo Neira Ayuso) [Orabug: 36028059] {CVE-2023-6111} - PCI: keystone: Don't discard .probe() callback (Uwe Kleine-König) - PCI: keystone: Don't discard .remove() callback (Uwe Kleine-König) - KEYS: trusted: Rollback init_trusted() consistently (Jarkko Sakkinen) - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (Herve Codina) - mmc: meson-gx: Remove setting of CMD_CFG_ERROR (Rong Chen) - wifi: ath11k: fix htt pktlog locking (Johan Hovold) - wifi: ath11k: fix dfs radar event locking (Johan Hovold) - wifi: ath11k: fix temperature event locking (Johan Hovold) - ima: detect changes to the backing overlay file (Mimi Zohar) - ima: annotate iint mutex to avoid lockdep false positive warnings (Amir Goldstein) - ACPI: FPDT: properly handle invalid FPDT subtables (Vasily Khoruzhick) - firmware: qcom_scm: use 64-bit calling convention only when client is 64-bit (Kathiravan Thirumoorthy) - btrfs: don't arbitrarily slow down delalloc if we're committing (Josef Bacik) - rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects (Catalin Marinas) - PM: hibernate: Clean up sync_read handling in snapshot_write_next() (Brian Geffon) - PM: hibernate: Use __get_safe_page() rather than touching the list (Brian Geffon) - arm64: dts: qcom: ipq6018: Fix hwlock index for SMEM (Vignesh Viswanathan) - rcu/tree: Defer setting of jiffies during stall reset (Joel Fernandes (Google)) - svcrdma: Drop connection after an RDMA Read error (Chuck Lever) - wifi: wilc1000: use vmm_table as array in wilc struct (Ajay Singh) - PCI: exynos: Don't discard .remove() callback (Uwe Kleine-König) - PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common() (Heiner Kallweit) - mmc: sdhci_am654: fix start loop index for TAP value parsing (Nitin Yadav) - mmc: vub300: fix an error code (Dan Carpenter) - clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks (Kathiravan Thirumoorthy) - clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks (Kathiravan Thirumoorthy) - clk: socfpga: Fix undefined behavior bug in struct stratix10_clock_data (Gustavo A. R. Silva) - parisc/pdc: Add width field to struct pdc_model (Helge Deller) - arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer (Nathan Chancellor) - ACPI: resource: Do IRQ override on TongFang GMxXGxx (Werner Sembach) - watchdog: move softlockup_panic back to early_param (Krister Johansen) - PCI/sysfs: Protect driver's D3cold preference from user space (Lukas Wunner) - hvc/xen: fix event channel handling for secondary consoles (David Woodhouse) - hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (David Woodhouse) - hvc/xen: fix console unplug (David Woodhouse) - tty/sysrq: replace smp_processor_id() with get_cpu() (Muhammad Usama Anjum) - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() (Paul Moore) - audit: don't take task_lock() in audit_exe_compare() code path (Paul Moore) - KVM: x86: Ignore MSR_AMD64_TW_CFG access (Maciej S. Szmigiero) - KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space (Nicolas Saenz Julienne) - x86/cpu/hygon: Fix the CPU topology evaluation for real (Pu Wen) - crypto: x86/sha - load modules based on CPU features (Roxana Nicolescu) - scsi: qla2xxx: Fix system crash due to bad pointer access (Quinn Tran) - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (Chandrakanth patil) - bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (Shung-Hsi Yu) - bpf: Fix check_stack_write_fixed_off() to correctly spill imm (Hao Sun) - randstruct: Fix gcc-plugin performance mode to stay in group (Kees Cook) - powerpc/perf: Fix disabling BHRB and instruction sampling (Nicholas Piggin) - media: venus: hfi: add checks to perform sanity on queue pointers (Vikash Garodia) - i915/perf: Fix NULL deref bugs with drm_dbg() calls (Harshit Mogalapalli) - xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (Li Zetao) - xfs: fix memory leak in xfs_errortag_init (Zeng Heng) - xfs: fix exception caused by unexpected illegal bestcount in leaf dir (Guo Xuenan) - xfs: avoid a UAF when log intent item recovery fails (Darrick J. Wong) - xfs: fix inode reservation space for removing transaction (hexiaole) - xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (Chandan Babu R) - xfs: fix intermittent hang during quotacheck (Darrick J. Wong) - xfs: don't leak memory when attr fork loading fails (Darrick J. Wong) - xfs: fix use-after-free in xattr node block inactivation (Darrick J. Wong) - xfs: flush inode gc workqueue before clearing agi bucket (Zhang Yi) - xfs: prevent a UAF when log IO errors race with unmount (Darrick J. Wong) - xfs: use invalidate_lock to check the state of mmap_lock (Kaixu Xia) - xfs: convert buf_cancel_table allocation to kmalloc_array (Darrick J. Wong) - xfs: don't leak xfs_buf_cancel structures when recovery fails (Darrick J. Wong) - xfs: refactor buffer cancellation table allocation (Darrick J. Wong) - cifs: fix check of rc in function generate_smb3signingkey (Ekaterina Esina) - cifs: spnego: add ';' in HOST_KEY_LEN (Anastasia Belova) - tools/power/turbostat: Enable the C-state Pre-wake printing (Chen Yu) - tools/power/turbostat: Fix a knl bug (Zhang Rui) - macvlan: Don't propagate promisc change to lower dev in passthru (Vlad Buslov) - net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors (Rahul Rameshbabu) - net/mlx5e: Reduce the size of icosq_str (Saeed Mahameed) - net/mlx5e: Fix pedit endianness (Vlad Buslov) - net/mlx5e: fix double free of encap_header in update funcs (Gavin Li) - net/mlx5e: fix double free of encap_header (Dust Li) - net: stmmac: fix rx budget limit check (Baruch Siach) - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (Dan Carpenter) - netfilter: nf_tables: add and use BE register load-store helpers (Florian Westphal) - netfilter: nf_tables: use the correct get/put helpers (Florian Westphal) - netfilter: nf_conntrack_bridge: initialize err to 0 (Linkui Xiao) - af_unix: fix use-after-free in unix_stream_read_actor() (Eric Dumazet) - net: ethernet: cortina: Fix MTU max setting (Linus Walleij) - net: ethernet: cortina: Handle large frames (Linus Walleij) - net: ethernet: cortina: Fix max RX frame define (Linus Walleij) - bonding: stop the device in bond_setup_by_slave() (Eric Dumazet) - ptp: annotate data-race around q->head and q->tail (Eric Dumazet) - xen/events: fix delayed eoi list handling (Juergen Gross) - ppp: limit MRU to 64K (Willem de Bruijn) - tipc: Fix kernel-infoleak due to uninitialized TLV value (Shigeru Yoshida) - net: hns3: fix VF wrong speed and duplex issue (Jijie Shao) - net: hns3: fix VF reset fail issue (Jijie Shao) - net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() (Yonglong Liu) - net: hns3: fix incorrect capability bit display for copper port (Jian Shen) - net: hns3: add barrier in vf mailbox reply process (Yonglong Liu) - net: hns3: add byte order conversion for PF to VF mailbox message (Jie Wang) - net: hns3: refine the definition for struct hclge_pf_to_vf_msg (Jian Shen) - net: hns3: fix add VLAN fail issue (Jian Shen) - tty: Fix uninit-value access in ppp_sync_receive() (Shigeru Yoshida) - ipvlan: add ipvlan_route_v6_outbound() helper (Eric Dumazet) - net: set SOCK_RCU_FREE before inserting socket into hashtable (Stanislav Fomichev) - gfs2: Silence "suspicious RCU usage in gfs2_permission" warning (Andreas Gruenbacher) - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (felix) - NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (Olga Kornievskaia) - SUNRPC: Add an IS_ERR() check back to where it was (Dan Carpenter) - SUNRPC: ECONNRESET might require a rebind (Trond Myklebust) - media: cec: meson: always include meson sub-directory in Makefile (Marek Szyprowski) - media: cadence: csi2rx: Unregister v4l2 async notifier (Pratyush Yadav) - sched/core: Optimize in_task() and in_interrupt() a bit (Finn Thain) - tracing/perf: Add interrupt_context_level() helper (Steven Rostedt (VMware)) - tracing: Reuse logic from perf's get_recursion_context() (Steven Rostedt (VMware)) - wifi: iwlwifi: Use FW rate for non-data frames (Miri Korenblit) - pwm: Fix double shift bug (Dan Carpenter) - drm/amdgpu: fix software pci_unplug on some chips (Vitaly Prosyak) - drm/qxl: prevent memory leak (Zongmin Zhou) - ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (Tony Lindgren) - i2c: dev: copy userspace array safely (Philipp Stanner) - kgdb: Flush console before entering kgdb on panic (Douglas Anderson) - drm/amd/display: Avoid NULL dereference of timing generator (Wayne Lin) - media: imon: fix access to invalid resource for the second interface (Takashi Iwai) - media: ccs: Fix driver quirk struct documentation (Sakari Ailus) - media: cobalt: Use FIELD_GET() to extract Link Width (Ilpo Järvinen) - gfs2: fix an oops in gfs2_permission (Al Viro) - gfs2: ignore negated quota changes (Bob Peterson) - media: vivid: avoid integer overflow (Hans Verkuil) - media: gspca: cpia1: shift-out-of-bounds in set_flicker (Rajeshwar R Shinde) - i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data. (Billy Tsai) - virtio-blk: fix implicit overflow on virtio_max_dma_size (zhenwei pi) - i2c: sun6i-p2wi: Prevent potential division by zero (Axel Lin) - i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler (Jarkko Nikula) - 9p: v9fs_listxattr: fix %s null argument warning (Dominique Martinet) - 9p/trans_fd: Annotate data-racy writes to file::f_flags (Marco Elver) - usb: gadget: f_ncm: Always set current gadget in ncm_bind() (Hardik Gajjar) - tty: vcc: Add check for kstrdup() in vcc_probe() (Yi Yang) - exfat: support handle zero-size directory (Yuezhang Mo) - HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W (Jiri Kosina) - PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk (Bjorn Helgaas) - misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller (Yoshihiro Shimoda) - PCI: Disable ATS for specific Intel IPU E2000 devices (Bartosz Pawlowski) - PCI: Extract ATS disabling to a helper function (Bartosz Pawlowski) - PCI: Use FIELD_GET() to extract Link Width (Ilpo Järvinen) - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao) - atm: iphase: Do PCI error checks on own line (Ilpo Järvinen) - PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields (Ilpo Järvinen) - ALSA: hda: Fix possible null-ptr-deref when assigning a stream (Cezary Rojewski) - ARM: 9320/1: fix stack depot IRQ stack filter (Vincent Whitchurch) - HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround (Mikhail Khvainitski) - jfs: fix array-index-out-of-bounds in diAlloc (Manas Ghandat) - jfs: fix array-index-out-of-bounds in dbFindLeaf (Manas Ghandat) - fs/jfs: Add validity check for db_maxag and db_agpref (Juntong Deng) - fs/jfs: Add check for negative db_l2nbperpage (Juntong Deng) - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (Tyrel Datwyler) - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (Yihang Li) - RDMA/hfi1: Use FIELD_GET() to extract Link Width (Ilpo Järvinen) - crypto: pcrypt - Fix hungtask for PADATA_RESET (Lu Jialin) - ASoC: soc-card: Add storage for PCI SSID (Richard Fitzgerald) - selftests/efivarfs: create-read: fix a resource leak (zhujun2) - arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (Laurentiu Tudor) - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (Qu Huang) - drm/amdkfd: Fix shift out-of-bounds issue (Jesse Zhang) - drm/panel: st7703: Pick different reset sequence (Ondrej Jirman) - drm/amdgpu/vkms: fix a possible null pointer dereference (Ma Ke) - drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (Ma Ke) - drm/panel: fix a possible null pointer dereference (Ma Ke) - drm/amdgpu: Fix potential null pointer derefernce (Stanley.Yang) - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (Mario Limonciello) - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (Mario Limonciello) - drm/msm/dp: skip validity check for DP CTS EDID checksum (Jani Nikula) - drm: vmwgfx_surface.c: copy user-array safely (Philipp Stanner) - kernel: watch_queue: copy user-array safely (Philipp Stanner) - kernel: kexec: copy user-array safely (Philipp Stanner) - string.h: add array-wrappers for (v)memdup_user() (Philipp Stanner) - drm/amd/display: use full update for clip size increase of large plane source (Wenjing Liu) - drm/amdkfd: Fix a race condition of vram buffer unref in svm code (Xiaogang Chen) - drm/komeda: drop all currently held locks if deadlock happens (baozhu.liu) - platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (Olli Asikainen) - Bluetooth: Fix double free in hci_conn_cleanup (ZhengHan Wang) - Bluetooth: btusb: Add date->evt_skb is NULL check (youwan Wang) - wifi: ath10k: Don't touch the CE interrupt registers after power up (Douglas Anderson) - net: annotate data-races around sk->sk_dst_pending_confirm (Eric Dumazet) - net: annotate data-races around sk->sk_tx_queue_mapping (Eric Dumazet) - wifi: ath10k: fix clang-specific fortify warning (Dmitry Antipov) - wifi: ath9k: fix clang-specific fortify warnings (Dmitry Antipov) - bpf: Detect IP == ksym.end as part of BPF program (Kumar Kartikeya Dwivedi) - atl1c: Work around the DMA RX overflow issue (Sieng-Piaw Liew) - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (Ping-Ke Shih) - wifi: mac80211_hwsim: fix clang-specific fortify warning (Dmitry Antipov) - x86/mm: Drop the 4 MB restriction on minimal NUMA node memory size (Mike Rapoport (IBM)) - workqueue: Provide one lock class key per work_on_cpu() callsite (Frederic Weisbecker) - clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware (Ronald Wahl) - clocksource/drivers/timer-imx-gpt: Fix potential memory leak (Jacky Bai) - perf/core: Bail out early if the request AUX area is out of bound (Shuai Xue) - locking/ww_mutex/test: Fix potential workqueue corruption (John Stultz) - LTS version: v5.15.139 (Jack Vogel) - btrfs: use u64 for buffer sizes in the tree search ioctls (Filipe Manana) - Revert "mmc: core: Capture correct oemid-bits for eMMC cards" (Dominique Martinet) - tracing/kprobes: Fix the order of argument descriptions (Yujie Liu) - fbdev: fsl-diu-fb: mark wr_reg_wa() static (Arnd Bergmann) - fbdev: imsttfb: fix a resource leak in probe (Dan Carpenter) - fbdev: imsttfb: Fix error path of imsttfb_probe() (Helge Deller) - spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (Amit Kumar Mahapatra) - ASoC: hdmi-codec: register hpd callback on component probe (Jerome Brunet) - drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE (Erik Kurzinger) - netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (Florian Westphal) - netfilter: nft_redir: use struct nf_nat_range2 throughout and deduplicate eval call-backs (Jeremy Sowden) - netfilter: xt_recent: fix (increase) ipv6 literal buffer length (Maciej Å»enczykowski) - i2c: iproc: handle invalid slave state (Roman Bacik) - r8169: respect userspace disabling IFF_MULTICAST (Heiner Kallweit) - blk-core: use pr_warn_ratelimited() in bio_check_ro() (Yu Kuai) - block: remove unneeded return value of bio_check_ro() (Miaohe Lin) - tg3: power down device only on SYSTEM_POWER_OFF (George Shuklin) - net/smc: put sk reference if close work was canceled (D. Wythe) - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc (D. Wythe) - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT (D. Wythe) - selftests: pmtu.sh: fix result checking (Hangbin Liu) - net: stmmac: xgmac: Enable support for multiple Flexible PPS outputs (Furong Xu) - Fix termination state for idr_for_each_entry_ul() (NeilBrown) - net: r8169: Disable multicast filter for RTL8168H and RTL8107E (Patrick Thompson) - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. (Kuniyuki Iwashima) - dccp: Call security_inet_conn_request() after setting IPv4 addresses. (Kuniyuki Iwashima) - octeontx2-pf: Fix holes in error code (Ratheesh Kannoth) - octeontx2-pf: Fix error codes (Ratheesh Kannoth) - bpf: Check map->usercnt after timer->timer is assigned (Hou Tao) - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (Shigeru Yoshida) - hsr: Prevent use after free in prp_create_tagged_frame() (Dan Carpenter) - llc: verify mac len before reading mac header (Willem de Bruijn) - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (Dan Carpenter) - pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume (Florian Fainelli) - pwm: sti: Reduce number of allocations and drop usage of chip_data (Uwe Kleine-König) - regmap: prevent noinc writes from clobbering cache (Ben Wolsieffer) - media: cedrus: Fix clock/reset sequence (Jernej Skrabec) - media: vidtv: mux: Add check and kfree for kstrdup (Jiasheng Jiang) - media: vidtv: psi: Add check for kstrdup (Jiasheng Jiang) - media: s3c-camif: Avoid inappropriate kfree() (Katya Orlova) - media: bttv: fix use after free error due to btv->timeout timer (Zheng Wang) - media: i2c: max9286: Fix some redundant of_node_put() calls (Christophe JAILLET) - pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() (Yang Yingliang) - pcmcia: ds: fix refcount leak in pcmcia_device_add() (Yang Yingliang) - pcmcia: cs: fix possible hung task and memory leak pccardd() (Yang Yingliang) - rtc: pcf85363: fix wrong mask/val parameters in regmap_update_bits call (Javier Carrasco) - cxl/mem: Fix shutdown order (Dan Williams) - i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs (Dinghao Liu) - 9p/net: fix possible memory leak in p9_check_errors() (Hangyu Hua) - perf hist: Add missing puts to hist__account_cycles (Ian Rogers) - perf machine: Avoid out of bounds LBR memory read (Ian Rogers) - usb: host: xhci-plat: fix possible kernel oops while resuming (Sergey Shtylyov) - xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (Basavaraj Natikar) - powerpc/pseries: fix potential memory leak in init_cpu_associativity() (Wang Yufen) - powerpc/imc-pmu: Use the correct spinlock initializer. (Sebastian Andrzej Siewior) - powerpc/xive: Fix endian conversion size (Benjamin Gray) - powerpc/40x: Remove stale PTE_ATOMIC_UPDATES macro (Christophe Leroy) - modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host (Masahiro Yamada) - powerpc: Only define __parse_fpscr() when required (Christophe Leroy) - f2fs: fix to initialize map.m_pblk in f2fs_precache_extents() (Chao Yu) - dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() (Christophe JAILLET) - USB: usbip: fix stub_dev hub disconnect (Jonas Blixt) - tools: iio: iio_generic_buffer ensure alignment (Matti Vaittinen) - misc: st_core: Do not call kfree_skb() under spin_lock_irqsave() (Jinjie Ruan) - dmaengine: ti: edma: handle irq_of_parse_and_map() errors (Dan Carpenter) - usb: chipidea: Simplify Tegra DMA alignment code (MichaÅ MirosÅaw) - usb: chipidea: Fix DMA overwrite for Tegra (MichaÅ MirosÅaw) - usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (Jia-Ju Bai) - dmaengine: idxd: Register dsa_bus_type before registering idxd sub-drivers (Fenghua Yu) - livepatch: Fix missing newline character in klp_resolve_symbols() (Zheng Yejian) - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (Yi Yang) - f2fs: compress: fix to avoid redundant compress extension (Chao Yu) - f2fs: compress: fix to avoid use-after-free on dic (Chao Yu) - leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu' (Christophe JAILLET) - leds: pwm: Don't disable the PWM when the LED should be off (Uwe Kleine-König) - leds: turris-omnia: Do not use SMBUS calls (Marek Behún) - leds: turris-omnia: Drop unnecessary mutex locking (Marek Behún) - mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs (Hans de Goede) - mfd: dln2: Fix double put in dln2_probe (Dinghao Liu) - mfd: core: Ensure disabled devices are skipped without aborting (Herve Codina) - mfd: core: Un-constify mfd_cell.of_reg (MichaÅ MirosÅaw) - ASoC: ams-delta.c: use component after check (Kuninori Morimoto) - crypto: qat - fix deadlock in backlog processing (Giovanni Cabiddu) - padata: Fix refcnt handling in padata_free_shell() (WangJinchao) - ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails (Cezary Rojewski) - HID: logitech-hidpp: Move get_wireless_feature_index() check to hidpp_connect_event() (Hans de Goede) - HID: logitech-hidpp: Revert "Don't restart communication if not necessary" (Hans de Goede) - HID: logitech-hidpp: Don't restart IO, instead defer hid_connect() only (Hans de Goede) - HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk (Bastien Nocera) - Revert "HID: logitech-hidpp: add a module parameter to keep firmware gestures" (Bastien Nocera) - sh: bios: Revive earlyprintk support (Geert Uytterhoeven) - hid: cp2112: Fix IRQ shutdown stopping polling for all IRQs on chip (Danny Kaehn) - RDMA/hfi1: Workaround truncation compilation error (Leon Romanovsky) - scsi: ufs: core: Leave space for '- ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe (Zhang Shurong) - RDMA/hns: The UD mode can only be configured with DCQCN (Luoyouming) - RDMA/hns: Fix signed-unsigned mixed comparisons (Chengchang Tang) - RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (Chengchang Tang) - IB/mlx5: Fix rdma counter binding for RAW QP (Patrisious Haddad) - ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not described (Kuninori Morimoto) - ext4: move 'ix' sanity check to corrent position (Gou Hao) - ARM: 9321/1: memset: cast the constant byte to unsigned char (Kursad Oney) - hid: cp2112: Fix duplicate workqueue initialization (Danny Kaehn) - crypto: qat - increase size of buffers (Giovanni Cabiddu) - crypto: caam/jr - fix Chacha20 + Poly1305 self test failure (Gaurav Jain) - crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure (Gaurav Jain) - nd_btt: Make BTT lanes preemptible (Tomas Glozar) - libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (Chen Ni) - scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (Tyrel Datwyler) - RDMA/core: Use size_{add,sub,mul}() in calls to struct_size() (Gustavo A. R. Silva) - hwrng: geode - fix accessing registers (Jonas Gorski) - crypto: hisilicon/hpre - Fix a erroneous check after snprintf() (Christophe JAILLET) - selftests/resctrl: Ensure the benchmark commands fits to its array (Ilpo Järvinen) - selftests/pidfd: Fix ksft print formats (Maciej Wieczor-Retman) - arm64: dts: imx8mn: Add sound-dai-cells to micfil node (Adam Ford) - arm64: dts: imx8mm: Add sound-dai-cells to micfil node (Adam Ford) - arm64: dts: imx8qm-ss-img: Fix jpegenc compatible entry (Fabio Estevam) - clk: scmi: Free scmi_clk allocated when the clocks with invalid info are skipped (Sudeep Holla) - firmware: arm_ffa: Assign the missing IDR allocation ID to the FFA device (Sudeep Holla) - firmware: ti_sci: Mark driver as non removable (Dhruva Gole) - soc: qcom: llcc: Handle a second device without data corruption (Uwe Kleine-König) - ARM: dts: qcom: mdm9615: populate vsdcc fixed regulator (Krzysztof Kozlowski) - arm64: dts: qcom: apq8016-sbc: Add missing ADV7533 regulators (Stephan Gerhold) - ARM64: dts: marvell: cn9310: Use appropriate label for spi1 pins (Chris Packham) - arm64: dts: qcom: sdm845-mtp: fix WiFi configuration (Dmitry Baryshkov) - arm64: dts: qcom: sc7280: Add missing LMH interrupts (Konrad Dybcio) - arm64: dts: qcom: msm8992-libra: drop duplicated reserved memory (Krzysztof Kozlowski) - arm64: dts: qcom: msm8916: Fix iommu local address range (Gaurav Kohli) - ARM: dts: renesas: blanche: Fix typo in GP_11_2 pin name (Geert Uytterhoeven) - perf: hisi: Fix use-after-free when register pmu fails (Junhao He) - drm: mediatek: mtk_dsi: Fix NO_EOT_PACKET settings/handling (AngeloGioacchino Del Regno) - drm/msm/dsi: use msm_gem_kernel_put to free TX buffer (Dmitry Baryshkov) - xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (Marek Marczykowski-Górecki) - drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map() (Dan Carpenter) - drm/bridge: lt9611uxc: fix the race in the error path (Dmitry Baryshkov) - drm/bridge: lt9611uxc: Register and attach our DSI device at probe (Maxime Ripard) - drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers (Maxime Ripard) - drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() (Christophe JAILLET) - drm/mediatek: Fix iommu fault during crtc enabling (Jason-JH.Lin) - drm/mediatek: Fix iommu fault by swapping FBs after updating plane state (Jason-JH.Lin) - drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (Xiaogang Chen) - drm/bridge: tc358768: Fix bit updates (Tomi Valkeinen) - drm/bridge: tc358768: Disable non-continuous clock mode (Dmitry Osipenko) - drm/bridge: tc358768: Fix use of uninitialized variable (Tomi Valkeinen) - drm/bridge: lt8912b: Add missing drm_bridge_attach call (Tomi Valkeinen) - drm/bridge: lt8912b: Manually disable HPD only if it was enabled (Tomi Valkeinen) - drm/bridge: lt8912b: Fix crash on bridge detach (Tomi Valkeinen) - drm/bridge: lt8912b: Fix bridge_detach (Tomi Valkeinen) - drm/bridge: lt8912b: Add hot plug detection (Stefan Eichenberger) - drm/bridge: lt8912b: Register and attach our DSI device at probe (Maxime Ripard) - drm/bridge: lt8912b: Switch to devm MIPI-DSI helpers (Maxime Ripard) - drm/mipi-dsi: Create devm device attachment (Maxime Ripard) - drm/mipi-dsi: Create devm device registration (Maxime Ripard) - drm/radeon: possible buffer overflow (Konstantin Meskhidze) - drm/rockchip: vop: Fix call to crtc reset helper (Jonas Karlman) - drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs (Jonas Karlman) - hwmon: (coretemp) Fix potentially truncated sysfs attribute name (Zhang Rui) - hwmon: (axi-fan-control) Fix possible NULL pointer dereference (Dragos Bogdan) - platform/x86: wmi: Fix opening of char device (Armin Wolf) - platform/x86: wmi: remove unnecessary initializations (Barnabás PÅcze) - platform/x86: wmi: Fix probe failure when failing to register WMI devices (Armin Wolf) - clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM (Varadarajan Narayanan) - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data (Jiasheng Jiang) - clk: npcm7xx: Fix incorrect kfree (Jonathan Neuschäfer) - clk: ti: fix double free in of_ti_divider_clk_setup() (Dan Carpenter) - clk: ti: change ti_clk_register[_omap_hw]() API (Dario Binacchi) - clk: ti: Update component clocks to use ti_dt_clk_name() (Tony Lindgren) - clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name() (Tony Lindgren) - clk: ti: Add ti_dt_clk_name() helper to use clock-output-names (Tony Lindgren) - clk: keystone: pll: fix a couple NULL vs IS_ERR() checks (Dan Carpenter) - spi: nxp-fspi: use the correct ioremap function (Han Xu) - clk: renesas: rzg2l: Fix computation formula (Claudiu Beznea) - clk: renesas: rzg2l: Use FIELD_GET() for PLL register fields (Claudiu Beznea) - clk: renesas: rzg2l: Simplify multiplication/shift logic (Geert Uytterhoeven) - clk: imx: imx8qxp: Fix elcdif_pll clock (Robert Chiras) - clk: imx: imx8mq: correct error handling path (Peng Fan) - clk: imx: Select MXC_CLK for CLK_IMX8QXP (Abel Vesa) - clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src (Danila Tikhonov) - clk: qcom: mmcc-msm8998: Fix the SMMU GDSC (Konrad Dybcio) - clk: qcom: mmcc-msm8998: Don't check halt bit on some branch clks (Konrad Dybcio) - clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies (Devi Priya) - spi: tegra: Fix missing IRQ check in tegra_slink_probe() (Zhang Shurong) - regmap: debugfs: Fix a erroneous check after snprintf() (Christophe JAILLET) - ipvlan: properly track tx_errors (Eric Dumazet) - net: add DEV_STATS_READ() helper (Eric Dumazet) - ipv6: avoid atomic fragment on GSO packets (Yan Zhai) - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() (Christophe JAILLET) - wifi: iwlwifi: empty overflow queue during flush (Miri Korenblit) - wifi: iwlwifi: pcie: synchronize IRQs before NAPI (Johannes Berg) - wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (Gregory Greenman) - iwlwifi: pcie: adjust to Bz completion descriptor (Johannes Berg) - tcp: fix cookie_init_timestamp() overflows (Eric Dumazet) - chtls: fix tp->rcv_tstamp initialization (Eric Dumazet) - r8169: fix rare issue with broken rx after link-down on RTL8125 (Heiner Kallweit) - r8169: use tp_to_dev instead of open code (Juhee Kang) - thermal: core: prevent potential string overflow (Dan Carpenter) - netfilter: nf_tables: Drop pointless memset when dumping rules (Phil Sutter) - PM / devfreq: rockchip-dfi: Make pmu regmap mandatory (Sascha Hauer) - can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds (Marc Kleine-Budde) - can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (Marc Kleine-Budde) - can: dev: can_restart(): don't crash kernel if carrier is OK (Marc Kleine-Budde) - wifi: rtlwifi: fix EDCA limit set by BT coexistence (Dmitry Antipov) - tcp_metrics: do not create an entry from tcp_init_metrics() (Eric Dumazet) - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() (Eric Dumazet) - tcp_metrics: add missing barriers on delete (Eric Dumazet) - wifi: mt76: mt7603: improve stuck beacon handling (Felix Fietkau) - mt76: pass original queue id from __mt76_tx_queue_skb to the driver (Felix Fietkau) - mt76: add support for overriding the device used for DMA mapping (Felix Fietkau) - mt76: dma: use kzalloc instead of devm_kzalloc for txwi (Felix Fietkau) - wifi: mt76: mt7603: rework/fix rx pse hang check (Felix Fietkau) - wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (Jinjie Ruan) - net: spider_net: Use size_add() in call to struct_size() (Gustavo A. R. Silva) - tipc: Use size_add() in calls to struct_size() (Gustavo A. R. Silva) - mlxsw: Use size_mul() in call to struct_size() (Gustavo A. R. Silva) - gve: Use size_add() in call to struct_size() (Gustavo A. R. Silva) - tcp: call tcp_try_undo_recovery when an RTOd TFO SYNACK is ACKed (Aananth V) - udp: add missing WRITE_ONCE() around up->encap_rcv (Eric Dumazet) - selftests/bpf: Correct map_fd to data_fd in tailcalls (Leon Hwang) - selftests/bpf: Test tail call counting with bpf2bpf and data on stack (Jakub Sitnicki) - i40e: fix potential memory leaks in i40e_remove() (Andrii Staikov) - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (Chen Yu) - pstore/platform: Add check for kstrdup (Jiasheng Jiang) - x86/boot: Fix incorrect startup_gdt_descr.size (Yuntao Wang) - x86/sev-es: Allow copy_from_kernel_nofault() in earlier boot (Adam Dunlap) - x86: Share definition of __is_canonical_address() (Adrian Hunter) - futex: Don't include process MM in futex key on no-MMU (Ben Wolsieffer) - x86/srso: Fix SBPB enablement for (possible) future fixed HW (Josh Poimboeuf) - writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs (Jingbo Xu) - vfs: fix readahead(2) on block devices (Reuben Hawkins) - sched: Fix stop_one_cpu_nowait() vs hotplug (Peter Zijlstra) - sched/uclamp: Ignore (util == 0) optimization in feec() when p_util_max = 0 (Qais Yousef) - iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (David Howells) - LTS version: v5.15.138 (Jack Vogel) - ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection (Mark Hasemeyer) - misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support (Siddharth Vadapalli) - tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks (Cameron Williams) - tty: 8250: Add support for Intashield IX cards (Cameron Williams) - tty: 8250: Add support for additional Brainboxes PX cards (Cameron Williams) - tty: 8250: Fix up PX-803/PX-857 (Cameron Williams) - tty: 8250: Fix port count of PX-257 (Cameron Williams) - tty: 8250: Add support for Intashield IS-100 (Cameron Williams) - tty: 8250: Add support for Brainboxes UP cards (Cameron Williams) - tty: 8250: Add support for additional Brainboxes UC cards (Cameron Williams) - tty: 8250: Remove UC-257 and UC-431 (Cameron Williams) - tty: n_gsm: fix race condition in status line change on dead connections (Daniel Starke) - usb: raw-gadget: properly handle interrupted requests (Andrey Konovalov) - usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (Jimmy Hu) - usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (LihaSika) - PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (Vicki Pfau) - drm/amd: Disable ASPM for VI w/ all Intel systems (Mario Limonciello) - drm/amd: Move helper for dynamic speed switch check out of smu13 (Mario Limonciello) - can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (Oliver Hartkopp) - can: isotp: isotp_bind(): do not validate unused address information (Oliver Hartkopp) - can: isotp: add local echo tx processing and tx without FC (Oliver Hartkopp) - can: isotp: handle wait_event_interruptible() return values (Oliver Hartkopp) - can: isotp: check CAN address family in isotp_bind() (Oliver Hartkopp) - can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting (Oliver Hartkopp) - can: isotp: set max PDU size to 64 kByte (Oliver Hartkopp) - powerpc/mm: Fix boot crash with FLATMEM (Michael Ellerman) - r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() (Douglas Anderson) - r8152: Check for unplug in rtl_phy_patch_request() (Douglas Anderson) - net: chelsio: cxgb4: add an error code check in t4_load_phy_fw (Su Hui) - platform/mellanox: mlxbf-tmfifo: Fix a warning message (Liming Sun) - scsi: mpt3sas: Fix in error path (Tomas Henzl) - fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() (Jorge Maidana) - drm/ttm: Reorder sys manager cleanup step (Karolina Stolarek) - ASoC: rt5650: fix the wrong result of key button (Shuming Fan) - netfilter: nfnetlink_log: silence bogus compiler warning (Florian Westphal) - spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0 (William A. Kennington III) - fs/ntfs3: Avoid possible memory leak (Su Hui) - fs/ntfs3: Fix directory element type detection (Gabriel Marcano) - fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame() (Konstantin Komarov) - fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr() (Konstantin Komarov) - fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN) (Konstantin Komarov) - fs/ntfs3: Write immediately updated ntfs state (Konstantin Komarov) - fs/ntfs3: Add ckeck in ni_update_parent() (Konstantin Komarov) - fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (Arnd Bergmann) - Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport (Dmitry Torokhov) - powerpc/85xx: Fix math emulation exception (Christophe Leroy) - dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe (Zhang Shurong) - irqchip/stm32-exti: add missing DT IRQ flag translation (Ben Wolsieffer) - irqchip/riscv-intc: Mark all INTC nodes as initialized (Anup Patel) - net: sched: cls_u32: Fix allocation size in u32_init() (Gustavo A. R. Silva) - ASoC: simple-card: fixup asoc_simple_probe() error handling (Kuninori Morimoto) - x86: Fix .brk attribute in linker script (Juergen Gross) - rpmsg: Fix possible refcount leak in rpmsg_register_device_override() (Hangyu Hua) - rpmsg: glink: Release driver_override (Bjorn Andersson) - rpmsg: Fix calling device_lock() on non-initialized device (Krzysztof Kozlowski) - rpmsg: Fix kfree() of static memory on setting driver_override (Krzysztof Kozlowski) - rpmsg: Constify local variable in field store macro (Krzysztof Kozlowski) - driver: platform: Add helper for safer setting of driver_override (Krzysztof Kozlowski) - objtool/x86: add missing embedded_insn check (John Sperbeck) - ext4: avoid overlapping preallocations due to overflow (Baokun Li) - ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow (Baokun Li) - ext4: add two helper functions extent_logical_end() and pa_logical_end() (Baokun Li) - x86/mm: Fix RESERVE_BRK() for older binutils (Josh Poimboeuf) - x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility (Thomas Gleixner) - gve: Fix GFP flags when allocing pages (Shailend Chand) - iio: afe: rescale: Accept only offset channels (Linus Walleij) - iio: afe: rescale: add offset support (Liam Beguin) - iio: afe: rescale: expose scale processing function (Liam Beguin) - iio: afe: rescale: reorder includes (Liam Beguin) - clk: Sanitize possible_parent_show to Handle Return Value of of_clk_get_parent_name (Alessandro Carminati) - sparc32: fix a braino in fault handling in csum_and_copy_..._user() (Al Viro) - perf/core: Fix potential NULL deref (Peter Zijlstra) - nvmem: imx: correct nregs for i.MX6UL (Peng Fan) - nvmem: imx: correct nregs for i.MX6SLL (Peng Fan) - nvmem: imx: correct nregs for i.MX6ULL (Peng Fan) - misc: fastrpc: Clean buffers on remote invocation failures (Ekansh Gupta) - tracing/kprobes: Fix the description of variable length arguments (Yujie Liu) - i2c: stm32f7: Fix PEC handling in case of SMBUS transfers (Alain Volmat) - i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() (Herve Codina) - i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() (Herve Codina) - i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() (Herve Codina) - iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale (Robert Hancock) - iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds (Robert Hancock) - iio: exynos-adc: request second interupt only when touchscreen mode is used (Marek Szyprowski) - kasan: print the original fault addr when access invalid shadow (Haibo Li) - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (Ivan Vecera) - gtp: fix fragmentation needed check with gso (Pablo Neira Ayuso) - gtp: uapi: fix GTPA_MAX (Pablo Neira Ayuso) - tcp: fix wrong RTO timeout when received SACK reneging (Fred Chen) - r8152: Release firmware if we have an error in probe (Douglas Anderson) - r8152: Cancel hw_phy_work if we have an error in probe (Douglas Anderson) - r8152: Run the unload routine if we have errors during probe (Douglas Anderson) - r8152: Increase USB control msg timeout to 5000ms as per spec (Douglas Anderson) - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (Shigeru Yoshida) - net: ieee802154: adf7242: Fix some potential buffer overflow in adf7242_stats_show() (Christophe JAILLET) - igc: Fix ambiguity in the ethtool advertising (Sasha Neftin) - neighbour: fix various data-races (Eric Dumazet) - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (Mateusz Palczewski) - treewide: Spelling fix in comment (Kunwu Chan) - r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 (Mirsad Goran Todorovac) - r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 (Mirsad Goran Todorovac) - r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx (Mirsad Goran Todorovac) - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() (Lukasz Majczak) - vsock/virtio: initialize the_virtio_vsock before using VQs (Alexandru Matei) - vsock/virtio: add support for device suspend/resume (Stefano Garzarella) - vsock/virtio: factor our the code to initialize and delete VQs (Stefano Garzarella) - drm/i915/pmu: Check if pmu is closed before stopping event (Umesh Nerlige Ramappa) - nfsd: lock_rename() needs both directories to live on the same fs (Al Viro) - mm/migrate: fix do_pages_move for compat pointers (Gregory Price) - mm/page_alloc: correct start page when guard page debug is enabled (Kemeng Shi) - vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (Eric Auger) - virtio_balloon: Fix endless deflation and inflation on arm64 (Gavin Shan) - mcb-lpc: Reallocate memory region to avoid memory overlapping (RodrÃguez Barbarin, José Javier) - mcb: Return actual parsed size when reading chameleon table (RodrÃguez Barbarin, José Javier) - mptcp: more conservative check for zero probes (Paolo Abeni) - tcp: cleanup tcp_remove_empty_skb() use (Eric Dumazet) - tcp: remove dead code from tcp_sendmsg_locked() (Eric Dumazet) - pinctrl: qcom: lpass-lpi: fix concurrent register updates (Krzysztof Kozlowski) - ASoC: codecs: wcd938x: fix runtime PM imbalance on remove (Johan Hovold) - ASoC: codecs: wcd938x: fix resource leaks on bind errors (Johan Hovold) - LTS version: v5.15.137 (Jack Vogel) - xfrm6: fix inet6_dev refcount underflow problem (Zhang Changzhong) - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name (Kees Cook) - Bluetooth: hci_sock: fix slab oob read in create_monitor_event (Edward AD) - phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins (Tony Lindgren) - phy: mapphone-mdm6600: Fix runtime PM for remove (Tony Lindgren) - phy: mapphone-mdm6600: Fix runtime disable on probe (Tony Lindgren) - serial: 8250: omap: Move uart_write() inside PM section (Geert Uytterhoeven) - ASoC: pxa: fix a memory leak in probe() (Dan Carpenter) - gpio: vf610: set value before the direction to avoid a glitch (Haibo Chen) - platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events (Hans de Goede) - platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e (Hans de Goede) - platform/surface: platform_profile: Propagate error if profile registration fails (Armin Wolf) - s390/cio: fix a memleak in css_alloc_subchannel (Dinghao Liu) - selftests/ftrace: Add new test case which checks non unique symbol (Francis Laniel) - s390/pci: fix iommu bitmap allocation (Niklas Schnelle) - perf: Disallow mis-matched inherited group reads (Peter Zijlstra) - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (Puliang Lu) - USB: serial: option: add entry for Sierra EM9191 with new firmware (Benoît Monin) - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (Fabio Porcedda) - nvme-rdma: do not try to stop unallocated queues (Maurizio Lombardi) - nvme-pci: add BOGUS_NID for Intel 0a54 device (Keith Busch) - ACPI: irq: Fix incorrect return value in acpi_register_gsi() (Sunil V L) - pNFS: Fix a hang in nfs4_evict_inode() (Trond Myklebust) - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()" (Andy Shevchenko) - mmc: core: Capture correct oemid-bits for eMMC cards (Avri Altman) - mmc: core: sdio: hold retuning if sdio in 1-bit mode (Haibo Chen) - mmc: mtk-sd: Use readl_poll_timeout_atomic in msdc_reset_hw (Pablo Sun) - mtd: physmap-core: Restore map_rom fallback (Geert Uytterhoeven) - mtd: spinand: micron: correct bitmask for ecc status (Martin Kurbanov) - mtd: rawnand: arasan: Ensure program page operations are successful (Miquel Raynal) - mtd: rawnand: marvell: Ensure program page operations are successful (Miquel Raynal) - mtd: rawnand: pl353: Ensure program page operations are successful (Miquel Raynal) - mtd: rawnand: qcom: Unmap the right resource upon probe failure (Bibek Kumar Patro) - net: fix ifname in netlink ntf during netns move (Jakub Kicinski) - net: move from strlcpy with unused retval to strscpy (Wolfram Sang) - net: introduce a function to check if a netdev name is in use (Antoine Tenart) - Bluetooth: hci_event: Fix using memcmp when comparing keys (Luiz Augusto von Dentz) - net/mlx5: Handle fw tracer change ownership event based on MTRC (Maher Sanalla) - platform/x86: touchscreen_dmi: Add info for the Positivo C4128B (Renan Guilherme Lebre Ramos) - HID: multitouch: Add required quirk for Synaptics 0xcd7e device (Rahul Rameshbabu) - btrfs: error out when reallocating block for defrag using a stale transaction (Filipe Manana) - btrfs: error when COWing block from a root that is being deleted (Filipe Manana) - btrfs: error out when COWing block using a stale transaction (Filipe Manana) - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c (Josef Bacik) - drm: panel-orientation-quirks: Add quirk for One Mix 2S (Kai Uwe Broulik) - ipv4/fib: send notify when delete source address routes (Hangbin Liu) - sky2: Make sure there is at least one frag_addr available (Kees Cook) - regulator/core: Revert "fix kobject release warning and memory leak in regulator_register()" (MichaÅ MirosÅaw) - wifi: cfg80211: avoid leaking stack data into trace (Benjamin Berg) - wifi: mac80211: allow transmitting EAPOL frames with tainted key (Wen Gong) - wifi: cfg80211: Fix 6GHz scan configuration (Ilan Peer) - Bluetooth: hci_core: Fix build warnings (Luiz Augusto von Dentz) - Bluetooth: Avoid redundant authentication (Ying Hsu) - Bluetooth: btusb: add shutdown function for QCA6174 (Rocky Liao) - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event (Ma Ke) - wifi: iwlwifi: Ensure ack flag is properly cleared. (Ben Greear) - wifi: mwifiex: Sanity check tlv_len and tlv_bitmap_len (Gustavo A. R. Silva) - tracing: relax trace_event_eval_update() execution with cond_resched() (Clément Léger) - ata: libata-eh: Fix compilation warning in ata_eh_link_report() (Damien Le Moal) - ata: libata-core: Fix compilation warning in ata_dev_config_ncq() (Damien Le Moal) - gpio: timberdale: Fix potential deadlock on &tgpio->lock (Chengfeng Ye) - overlayfs: set ctime when setting mtime and atime (Jeff Layton) - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter (Heiner Kallweit) - btrfs: initialize start_slot in btrfs_log_prealloc_extents (Josef Bacik) - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (Filipe Manana) - fs-writeback: do not requeue a clean inode having skipped pages (Chunhai Guo) - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone (Tony Lindgren) - ksmbd: not allow to open file if delelete on close bit is set (Namjae Jeon) - nfp: flower: avoid rmmod nfp crash issues (Yanguo Li) - mctp: perform route lookups under a RCU read-side lock (Jeremy Kerr) - mctp: Allow local delivery to the null EID (Jeremy Kerr) - powerpc/47x: Fix 47x syscall return crash (Michael Ellerman) - powerpc/32s: Do kuep_lock() and kuep_unlock() in assembly (Christophe Leroy) - powerpc/32s: Remove capability to disable KUEP at boottime (Christophe Leroy) - drm/atomic-helper: relax unregistered connector check (Simon Ser) - perf/x86/lbr: Filter vsyscall addresses (JP Kobryn) - iio: adc: ad7192: Correct reference voltage (Alisa-Dariana Roman) - iio: cros_ec: fix an use-after-free in cros_ec_sensors_push_data() (Tzung-Bi Shih) - iio: core: introduce iio_device_{claim|release}_buffer_mode() APIs (Nuno Sá) - iio: core: Hide read accesses to iio_dev->currentmode (Miquel Raynal) - iio: Un-inline iio_buffer_enabled() (Miquel Raynal) - serial: 8250_omap: Fix errors with no_console_suspend (Tony Lindgren) - serial: 8250: omap: Fix imprecise external abort for omap_8250_pm() (Tony Lindgren) - selftests/mm: fix awk usage in charge_reserved_hugetlb.sh and hugetlb_reparenting_test.sh that may cause error (Juntong Deng) - net: pktgen: Fix interface flags printing (Gavrilov Ilia) - netfilter: nf_tables: revert do not remove elements if set backend implements .abort (Pablo Neira Ayuso) - netfilter: nf_tables: do not remove elements if set backend implements .abort (Pablo Neira Ayuso) - netfilter: nft_set_rbtree: .deactivate fails if element has expired (Pablo Neira Ayuso) - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (Geert Uytterhoeven) - bonding: Return pointer to data after pull on skb (Jiri Wiesner) - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register() (Jinjie Ruan) - i40e: prevent crash on probe if hw registers have invalid values (Michal Schmidt) - net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (Dan Carpenter) - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (Eric Dumazet) - tun: prevent negative ifindex (Eric Dumazet) - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb (Eric Dumazet) - tcp: fix excessive TLP and RACK timeouts from HZ rounding (Neal Cardwell) - net: rfkill: gpio: prevent value glitch during probe (Josua Mayer) - net: ipv6: fix return value check in esp_remove_trailer (Ma Ke) - net: ipv4: fix return value check in esp_remove_trailer (Ma Ke) - xfrm: interface: use DEV_STATS_INC() (Eric Dumazet) - xfrm: fix a data-race in xfrm_gen_index() (Eric Dumazet) - qed: fix LL2 RX buffer allocation (Manish Chopra) - ASoC: codecs: wcd938x: fix unbind tear down order (Johan Hovold) - ASoC: codecs: wcd938x: drop bogus bind error handling (Johan Hovold) - ASoC: codecs: wcd938x-sdw: fix runtime PM imbalance on probe errors (Johan Hovold) - ASoC: codecs: wcd938x-sdw: fix use after free on driver unbind (Johan Hovold) - drm/i915: Retry gtt fault when out of fence registers (Ville Syrjälä) - netfilter: nft_payload: fix wrong mac header matching (Florian Westphal) - fs/ntfs3: fix deadlock in mark_as_free_ex (Konstantin Komarov) - fs/ntfs3: fix panic about slab-out-of-bounds caused by ntfs_list_ea() (Zeng Heng) - fs/ntfs3: Fix possible null-pointer dereference in hdr_find_e() (Ziqi Zhao) - tcp: check mptcp-level constraints for backlog coalescing (Paolo Abeni) - x86/sev: Check for user-space IOIO pointing to kernel space (Joerg Roedel) [Orabug: 35959905] {CVE-2023-46813} - x86/sev: Check IOBM for IOIO exceptions from user-space (Joerg Roedel) [Orabug: 35959905] {CVE-2023-46813} - x86/sev: Disable MMIO emulation from user mode (Borislav Petkov (AMD)) - KVM: x86: Mask LVTPC when handling a PMI (Jim Mattson) - regmap: fix NULL deref on lookup (Johan Hovold) - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() (Krzysztof Kozlowski) - ice: reset first in crash dump kernels (Jesse Brandeburg) - ice: fix over-shifted variable (Jesse Brandeburg) - Bluetooth: avoid memcmp() out of bounds warning (Arnd Bergmann) - Bluetooth: hci_event: Fix coding style (Luiz Augusto von Dentz) - Bluetooth: vhci: Fix race when opening vhci device (Arkadiusz Bokowy) - Bluetooth: Fix a refcnt underflow problem for hci_conn (Ziyang Xuan) - Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) [Orabug: 35959595] {CVE-2020-26555} - Bluetooth: hci_event: Ignore NULL link key (Lee, Chun-Yi) - xfs: don't expose internal symlink metadata buffers to the vfs (Darrick J. Wong) - Documentation: sysctl: align cells in second content column (Bagas Sanjaya) - lib/Kconfig.debug: do not enable DEBUG_PREEMPT by default (Hyeonggon Yoo) - LTS version: v5.15.136 (Jack Vogel) - eth: remove remaining copies of the NAPI_POLL_WEIGHT define (Jakub Kicinski) - usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Cañuelo) - arm64: armv8_deprecated: fix unused-function error (Ren Zhijie) - arm64: armv8_deprecated: rework deprected instruction handling (Mark Rutland) - arm64: armv8_deprecated: move aarch32 helper earlier (Mark Rutland) - arm64: armv8_deprecated move emulation functions (Mark Rutland) - arm64: armv8_deprecated: fold ops into insn_emulation (Mark Rutland) - arm64: rework EL0 MRS emulation (Mark Rutland) - arm64: factor insn read out of call_undef_hook() (Mark Rutland) - arm64: factor out EL1 SSBS emulation hook (Mark Rutland) - arm64: split EL0/EL1 UNDEF handlers (Mark Rutland) - arm64: allow kprobes on EL0 handlers (Mark Rutland) - arm64: rework BTI exception handling (Mark Rutland) - arm64: rework FPAC exception handling (Mark Rutland) - arm64: consistently pass ESR_ELx to die() (Mark Rutland) - arm64: die(): pass 'err' as long (Mark Rutland) - arm64: report EL1 UNDEFs better (Mark Rutland) - powerpc/64e: Fix wrong test in __ptep_test_and_clear_young() (Christophe Leroy) - powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE (Christophe Leroy) - dmaengine: mediatek: Fix deadlock caused by synchronize_irq() (Duoming Zhou) - dmaengine: idxd: use spin_lock_irqsave before wait_event_lock_irq (Rex Zhang) - x86/alternatives: Disable KASAN in apply_alternatives() (Kirill A. Shutemov) - usb: cdnsp: Fixes issue with dequeuing not queued requests (Pawel Laszczak) - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call (Krishna Kurapati) - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (Piyush Mehta) - counter: microchip-tcb-capture: Fix the use of internal GCLK logic (Dharma Balasubiramani) - pinctrl: avoid unsafe code pattern in find_pinctrl() (Dmitry Torokhov) - cgroup: Remove duplicates in cgroup v1 tasks file (Michal Koutný) - tee: amdtee: fix use-after-free vulnerability in amdtee_close_session (Rijo Thomas) - Input: goodix - ensure int GPIO is in input for gpio_count == 1 && gpio_int_idx == 0 case (Hans de Goede) - Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (Szilard Fabian) - Input: xpad - add PXN V900 support (Matthias Berndt) - Input: psmouse - fix fast_reconnect function for PS/2 mode (Jeffery Miller) - Input: powermate - fix use-after-free in powermate_config_complete (Javier Carrasco) - ceph: fix type promotion bug on 32bit systems (Dan Carpenter) - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (Xiubo Li) - libceph: use kernel_connect() (Jordan Rife) - thunderbolt: Check that lane 1 is in CL0 before enabling lane bonding (Mika Westerberg) - thunderbolt: Workaround an IOMMU fault on certain systems with Intel Maple Ridge (Mika Westerberg) - mcb: remove is_added flag from mcb_device struct (Jorge Sanjuan Garcia) - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (Borislav Petkov (AMD)) - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA (Hans de Goede) - drm/amd/display: Don't set dpms_off for seamless boot (Daniel Miess) - drm/amdgpu: add missing NULL check (Christian König) - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug (Alexander Zangerl) - iio: pressure: dps310: Adjust Timeout Settings (Lakshmi Yadlapati) - iio: pressure: bmp280: Fix NULL pointer exception (Phil Elwell) - usb: musb: Modify the "HWVers" register address (Xingxing Luo) - usb: musb: Get the musb_qh poniter after musb_giveback (Xingxing Luo) - usb: dwc3: Soft reset phy on probe for host (Thinh Nguyen) - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (Javier Carrasco) - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (Wesley Cheng) - xhci: Keep interrupt disabled in initialization until host is running. (Hongyu Xie) - dmaengine: stm32-mdma: abort resume if no ongoing transfer (Amelie Delaunay) - media: mtk-jpeg: Fix use after free bug due to uncanceled work (Zheng Wang) - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() (Waiman Long) - nfc: nci: assert requested protocol is valid (Jeremy Cline) - pinctrl: renesas: rzn1: Enable missing PINMUX (Ralph Siemsen) - net/smc: Fix pos miscalculation in statistics (Nils Hoppmann) - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (Eric Dumazet) - net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp (Will Mortensen) - ixgbe: fix crash with empty VF macvlan list (Dan Carpenter) - net: phy: mscc: macsec: reject PN update requests (Radu Pirea (NXP OSS)) - net: macsec: indicate next pn update when offloading (Radu Pirea (NXP OSS)) - bpf: Fix verifier log for async callback return values (David Vernet) - drm/vmwgfx: fix typo of sizeof argument (Konstantin Meskhidze) - riscv, bpf: Sign-extend return values (Björn Töpel) - riscv, bpf: Factor out emit_call for kernel and bpf context (Pu Lehui) - xen-netback: use default TX queue size for vifs (Roger Pau Monne) - eth: remove copies of the NAPI_POLL_WEIGHT define (Jakub Kicinski) - mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type (Dan Carpenter) - ieee802154: ca8210: Fix a potential UAF in ca8210_probe (Dinghao Liu) - ravb: Fix use-after-free issue in ravb_tx_timeout_work() (Yoshihiro Shimoda) [Orabug: 35959875] {CVE-2023-35827} - ravb: Fix up dma_free_coherent() call in ravb_remove() (Yoshihiro Shimoda) - drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow (Abhinav Kumar) - drm/msm/dsi: fix irq_of_parse_and_map() error checking (Dan Carpenter) - drm/msm/dsi: skip the wait for video mode done if not applicable (Abhinav Kumar) - drm/msm/dp: do not reinitialize phy unless retry during link training (Kuogee Hsieh) - KEYS: trusted: Remove redundant static calls usage (Sumit Garg) - KEYS: trusted: allow use of kernel RNG for key material (Ahmad Fatoum) - ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset (WhaleChang) - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (Hans de Goede) - platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section mismatch warning (Uwe Kleine-König) - platform/x86: think-lmi: Fix reference leak (Armin Wolf) - of: overlay: Reorder struct fragment fields kerneldoc (Geert Uytterhoeven) - perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 (Jing Zhang) - RDMA/cxgb4: Check skb value for failure to allocate (Artem Chernyshev) - RDMA/srp: Do not call scsi_done() from srp_abort() (Bart Van Assche) - scsi: ib_srp: Call scsi_done() directly (Bart Van Assche) - scsi: core: Rename scsi_mq_done() into scsi_done() and export it (Bart Van Assche) - iommu/vt-d: Avoid memory allocation in iommu_suspend() (Zhang Rui) [5.15.0-203.135.1.el9uek] - uek-rpm: Enable CONFIG_IPV6_SEG6_BPF in UEK7U2 (Harshit Mogalapalli) [Orabug: 35972825] - rds: ib: Make changes to fr_state global visible (HÃ¥kon Bugge) [Orabug: 35739203] - x86/cpu: Add Xeon Emerald Rapids to list of CPUs that support PPIN (Tony Luck) [Orabug: 35853636] - EDAC/i10nm: Add Intel Emerald Rapids server support (Qiuxu Zhuo) [Orabug: 35853636] - intel_idle: add Emerald Rapids Xeon support (Artem Bityutskiy) [Orabug: 35853636] - powercap: intel_rapl: add support for Emerald Rapids (Zhang Rui) [Orabug: 35853636] - perf/x86/intel/cstate: Add Emerald Rapids (Kan Liang) [Orabug: 35853636] - perf/x86/cstate: Add SAPPHIRERAPIDS_X CPU support (Zhang Rui) [Orabug: 35853636] - perf/x86/cstate: Add Raptor Lake support (Kan Liang) [Orabug: 35853636] - perf/x86/rapl: Add support for Intel Emerald Rapids (Zhang Rui) [Orabug: 35853636] - perf/x86/rapl: Add support for Intel Meteor Lake (Zhang Rui) [Orabug: 35853636] - perf/x86/rapl: Add support for Intel Raptor Lake (Zhang Rui) [Orabug: 35853636] - perf/x86/rapl: Add support for Intel AlderLake-N (Zhang Rui) [Orabug: 35853636] - platform/x86: intel-uncore-freq: add Emerald Rapids support (Artem Bityutskiy) [Orabug: 35853636] - platform/x86/intel/uncore-freq: Move to uncore-frequency folder (Srinivas Pandruvada) [Orabug: 35853636] - x86/cpu: Add CPU model numbers for Meteor Lake (Tony Luck) [Orabug: 35853636] - x86/cpu: Add new Raptor Lake CPU model number (Tony Luck) [Orabug: 35853636] - x86/cpu: Add new Alderlake and Raptorlake CPU model numbers (Tony Luck) [Orabug: 35853636] - x86/cpu: Drop spurious underscore from RAPTOR_LAKE #define (Tony Luck) [Orabug: 35853636] - x86/cpu: Add Raptor Lake to Intel family (Tony Luck) [Orabug: 35853636] - eth: bnxt: handle invalid Tx completions more gracefully (Jakub Kicinski) [Orabug: 36075753] - bonding: move IFLA_ARP_ALLSLAVES to the end of the enum list (Venkat Venkatsubra) [Orabug: 36083015] - bonding: add new option ns_ip6_target (Hangbin Liu) [Orabug: 36083015] - bonding: add new parameter ns_targets (Hangbin Liu) [Orabug: 36083015] - bonding: add extra field for bond_opt_value (Hangbin Liu) [Orabug: 36083015] - Bonding: split bond_handle_vlan from bond_arp_send (Hangbin Liu) [Orabug: 36083015] - ipv6: separate ndisc_ns_create() from ndisc_send_ns() (Hangbin Liu) [Orabug: 36083015] - uek-rpm: update all arch and OL kABI files for new symbols (Yifei Liu) [Orabug: 36090167] - xfs: try to avoid allocation blocking on busy extents (Mark Tinguely) [Orabug: 36096907] - iommu/amd: Do not flush IRTE when only updating isRun and destination fields (Suravee Suthikulpanit) [Orabug: 36101188] - tcp: Tunables for TCP delayed ack (min and max) timers (Venkat Venkatsubra) [Orabug: 36114420] - tcp: fix ambiguity for SACKed TLP retransmits with RTT < min_rtt (Neal Cardwell) [Orabug: 36114420] - vhost-scsi: add parentheses to macro of VHOST_SCSI_MAX_VQ (Dongli Zhang) [Orabug: 36119640]
SRPMs
https://oss.oracle.com:443/ol9/SRPMS-updates//kernel-uek-5.15.0-203.146.5.1.el9uek.src.rpm
x86_64
aarch64
bpftool-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-core-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-debug-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-debug-core-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-devel-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-doc-5.15.0-203.146.5.1.el9uek.noarch.rpm kernel-uek-modules-5.15.0-203.146.5.1.el9uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-203.146.5.1.el9uek.aarch64.rpm
i386
