Accepted linux-signed-amd64 4.19.177+1 (source) into proposed-updates->stable-new, proposed-updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 03 Mar 2021 13:48:46 +0100
Source: linux-signed-amd64
Architecture: source
Version: 4.19.177+1
Distribution: buster-proposed-updates
Urgency: medium
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 linux-signed-amd64 (4.19.177+1) buster; urgency=medium
 .
   * Sign kernel from linux 4.19.177-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.172
     - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
     - dm integrity: conditionally disable "recalculate" feature
     - writeback: Drop I_DIRTY_TIME_EXPIRE
     - fs: fix lazytime expiration handling in __writeback_single_inode()
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.173
     - nbd: freeze the queue while we're adding connections (CVE-2021-3348)
     - ACPI: sysfs: Prefer "compatible" modalias
     - kernel: kexec: remove the lock operation of system_transition_mutex
     - xen/privcmd: allow fetching resource sizes
     - ALSA: hda/via: Apply the workaround generically for Clevo machines
     - media: rc: ensure that uevent can be read directly after rc device
       register
     - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
     - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem
       family
     - PM: hibernate: flush swap writer after marking
     - [x86] KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
       intel_arch_events[]
     - [x86] KVM: get smi pending status correctly
     - leds: trigger: fix potential deadlock with libata
     - mt7601u: fix kernel crash unplugging the device
     - mt7601u: fix rx buffer refcounting
     - xen-blkfront: allow discard-* nodes to be optional
     - [armhf] imx: build suspend-imx6.S with arm instruction set
     - netfilter: nft_dynset: add timeout extension to template
     - xfrm: Fix oops in xfrm_replay_advance_bmp
     - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
     - RDMA/cxgb4: Fix the reported max_recv_sge value
     - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
     - iwlwifi: pcie: use jiffies for memory read spin time limit
     - iwlwifi: pcie: reschedule in long-running memory reads
     - mac80211: pause TX while changing interface type
     - net/mlx5: Fix memory leak on flow table creation error flow
     - can: dev: prevent potential information leak in can_fill_info()
     - [amd64] iommu/vt-d: Gracefully handle DMAR units with no supported
       address widths
     - [amd64] iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not
       built
     - rxrpc: Fix memory leak in rxrpc_lookup_local
     - NFC: fix resource leak when target index is invalid
     - NFC: fix possible resource leak
     - team: protect features update by RCU to avoid deadlock
     - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.174
     - [armhf] net: dsa: bcm_sf2: put device node before return
     - ACPI: thermal: Do not call acpi_thermal_check() directly
     - sysctl: handle overflow in proc_get_long
     - net_sched: gen_estimator: support large ewma log
     - [x86] platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron
       7352
     - [x86] __always_inline __{rd,wr}msr()
     - scsi: scsi_transport_srp: Don't block target in failfast state
     - scsi: libfc: Avoid invoking response handler twice if ep is already
       completed
     - mac80211: fix fast-rx encryption check
     - [ppc64el] scsi: ibmvfc: Set default timeout to avoid crash during
       migration
     - objtool: Don't fail on missing symbol table
     - kthread: Extract KTHREAD_IS_PER_CPU
     - workqueue: Restrict affinity change to rescuer
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.175
     - USB: serial: cp210x: add pid/vid for WSDA-200-USB
     - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
     - USB: serial: option: Adding support for Cinterion MV31
     - Input: i8042 - unbreak Pegatron C15B
     - rxrpc: Fix deadlock around release of dst cached on udp tunnel
     - net: lapb: Copy the skb before sending a packet
     - [arm64,armhf] net: mvpp2: TCAM entry enable should be written after SRAM
       data
     - memblock: do not start bottom-up allocations with kernel_end
     - USB: gadget: legacy: fix an error code in eth_bind()
     - USB: usblp: don't call usb_set_interface if there's a single alt
     - [arm*] usb: dwc2: Fix endpoint direction check in ep_from_windex
     - [arm64,armhf] usb: dwc3: fix clock issue during resume in OTG mode
     - ovl: fix dentry leak in ovl_get_redirect
     - mac80211: fix station rate table updates on assoc
     - kretprobe: Avoid re-registration of the same kretprobe earlier
     - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
     - xhci: fix bounce buffer usage for non-sg list case
     - cifs: report error instead of invalid when revalidating a dentry fails
     - smb3: Fix out-of-bounds bug in SMB2_negotiate()
     - mmc: core: Limit retries when analyse of SDIO tuples fails
     - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
     - [x86] KVM: SVM: Treat SVM as unsupported when running as an SEV guest
     - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
     - mm: hugetlb: fix a race between freeing and dissolving the page
     - mm: hugetlb: fix a race between isolating and freeing page
     - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
     - mm: thp: fix MADV_REMOVE deadlock on shmem THP
     - [x86] build: Disable CET instrumentation in the kernel
     - [x86] apic: Add extra serialization for non-serializing MSRs
     - Input: xpad - sync supported devices with fork on GitHub
     - [amd64] iommu/vt-d: Do not use flush-queue when caching-mode is on
     - md: Set prev_flush_start and flush_bio in an atomic way
     - net: ip_tunnel: fix mtu calculation
     - [arm64,armhf] net: dsa: mv88e6xxx: override existent unicast portvec in
       port_fdb_add
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.176
     - tracing/kprobe: Fix to support kretprobe events on unloaded modules
     - block: fix NULL pointer dereference in register_disk
     - fgraph: Initialize tracing_graph_pause at task creation
     - af_key: relax availability checks for skb size calculation
     - regulator: core: avoid regulator_resolve_supply() race condition
     - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
     - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
     - iwlwifi: pcie: fix context info memory leak
     - iwlwifi: mvm: guard against device removal in reprobe
     - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
     - SUNRPC: Handle 0 length opaque XDR object data properly
     - lib/string: Add strscpy_pad() function
     - include/trace/events/writeback.h: fix -Wstringop-truncation warnings
     - memcg: fix a crash in wb_workfn when a device disappears
     - [x86] Fix unsynchronized access to sev members through
       svm_register_enc_region
     - block: don't hold q->sysfs_lock in elevator_init_mq
     - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue
     - squashfs: add more sanity checks in id lookup
     - squashfs: add more sanity checks in inode lookup
     - squashfs: add more sanity checks in xattr id lookup
     - regulator: core: enable power when setting up constraints
     - regulator: core: Clean enabling always-on regulators + their supplies
     - regulator: Fix lockdep warning resolving supplies
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.177
     - tracing: Do not count ftrace events in top level enable output
     - tracing: Check length before giving out the filter buffer
     - [armhf] xen: Don't probe xenbus as part of an early initcall
     - [x86] platform/x86: hp-wmi: Disable tablet-mode reporting by default
     - ovl: perform vfs_getxattr() with mounter creds
     - cap: fix conversions on getxattr
     - ovl: skip getxattr of security labels
     - bfq-iosched: Revert "bfq: Fix computation of shallow depth"
     - [armel,armhf] ensure the signal page contains defined contents
     - [armel,armhf] kexec: fix oops after TLB are invalidated
     - mt76: dma: fix a possible memory leak in mt76_add_fragment()
     - bpf: Check for integer overflow when using roundup_pow_of_two()
     - netfilter: xt_recent: Fix attempt to update deleted entry
     - netfilter: flowtable: fix tcp and udp header checksum update
     - xen/netback: avoid race in xenvif_rx_ring_slots_available()
     - [arm64,armhf] net: stmmac: set TxQ mode back to DCB after disabling CBS
     - netfilter: conntrack: skip identical origin tuple in same zone only
     - [arm64] net: hns3: add a check for queue_id in hclge_reset_vf_queue()
     - [arm64] usb: dwc3: ulpi: fix checkpatch warning
     - [arm64] usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based
       one
     - net: fix iteration for sctp transport seq_files
     - net/vmw_vsock: improve locking in vsock_connect_timeout()
     - net: watchdog: hold device global xmit lock during tx disable
     - vsock/virtio: update credit only if socket is not closed
     - vsock: fix locking in vsock_shutdown()
     - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
     - ovl: expand warning in ovl_d_real()
     - [x86] KVM: SEV: fix double locking due to incorrect backport
     - [x86] Xen/x86: don't bail early from clear_foreign_p2m_mapping()
       (CVE-2021-26932)
     - [x86] Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
       (CVE-2021-26932)
     - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
       (CVE-2021-26932)
     - Xen/gntdev: correct error checking in gntdev_map_grant_pages()
       (CVE-2021-26932)
     - [armhf] xen/arm: don't ignore return errors from set_phys_to_machine
       (CVE-2021-26932)
     - xen-blkback: don't "handle" error by BUG() (CVE-2021-26931)
     - xen-netback: don't "handle" error by BUG() (CVE-2021-26931)
     - xen-scsiback: don't "handle" error by BUG() (CVE-2021-26931)
     - xen-blkback: fix error handling in xen_blkbk_map() (CVE-2021-26930)
     - scsi: qla2xxx: Fix crash during driver load on big endian machines
     - kvm: check tlbs_dirty directly
 .
   [ Salvatore Bonaccorso ]
   * [rt] Update to 4.19.173-rt72
   * certs: Rotate to use the "Debian Secure Boot Signer 2021 - linux"
     certificate
   * Bump ABI to 15
Checksums-Sha1:
 6a6e6871c847ae783042ee82b3c140e53d8d9397 7929 linux-signed-amd64_4.19.177+1.dsc
 d050207f73c296b6d27e3674656993d25e7b62d6 2602748 linux-signed-amd64_4.19.177+1.tar.xz
Checksums-Sha256:
 cfa9185542980e2f2dd422dcb74c7f08dad637b954a4f67617a15b744793a7bc 7929 linux-signed-amd64_4.19.177+1.dsc
 e6795579af5ac7eac5d40386315380ef52c5fc84505731d9fab6035a1217fde6 2602748 linux-signed-amd64_4.19.177+1.tar.xz
Files:
 cdfdf9a69541ddb45e3f3efe653b1884 7929 kernel optional linux-signed-amd64_4.19.177+1.dsc
 749363ea28e8c37bb97351803ed503e8 2602748 kernel optional linux-signed-amd64_4.19.177+1.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmBGI6YACgkQi0FRiLdO
NzbVTw/+J2dkpL4ocZU0Wh2by25F4Qy5CQa/UGz9Gs710rpTEAcaQ5v43vR86R0V
L8D4W309XVHqkRCVUYh8KHZY8ZEtPAnyVKRWOKSxySG4l4ZMi1WUOJtLjpmHNGAS
L+Uj+bUJV0Q4WNa7pGUUPYOK6F7inVnmCVzPLdWa9zCcwCzvYc0hu3eg/9Dj7SoU
ozrG2uIaG3TKoiOkEKh7F++1SdLqjzR3jmXJ7+SUc2R3ffLKxCxDfO1SV0hXDzDA
FG5sZINCTbRd2mBaNWrqLqslGHCQyHwXazfYNKKlSlm/YB3LBMBfP1SybTHWTXGG
AOXomnhGqgGOcFSp4ewZVFkgd6qyliCiwc9Rp+6LoBXpAOLWaoM5IwQtviOwgWrx
VjQgOupod1S76QNh0imqVXlVMs7NWl2PDUN2kACJF1Umsn5IiHtkoxDXewQGhNjM
AX9FZS2jsN5CjBs+HAUrnW9/2u/Hdnp9hizXGfd/5wbulqzfVnfPd7CyPzlu/Bci
mx+INZNP2gW4P0miUjCjps8e1OLfKDDDGTvx19Amu5IVfSqNoADONZ5S7ayYFwRQ
ej/okQKmvZlZevZJjzKLHSE1reTaU5UPMMLLMZU/iNHgNMgEk4jXh7i+rAV4eRcx
5D5oymuBVv1rMCU2xf5vkfxdViJRG12wrLvlbcUDIVWtEKPkPow=
=J0e8
-----END PGP SIGNATURE-----