-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 09 Jun 2022 23:37:36 +0200 Source: linux Architecture: source Version: 5.10.120-1 Distribution: bullseye-security Urgency: high Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 1007799 Changes: linux (5.10.120-1) bullseye-security; urgency=high . * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.114 - USB: quirks: add a Realtek card reader - USB: quirks: add STRING quirk for VCOM device - USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS - USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader - USB: serial: option: add support for Cinterion MV32-WA/MV32-WB - USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions - xhci: Enable runtime PM on second Alderlake controller - xhci: stop polling roothubs after shutdown - xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms - iio: dac: ad5592r: Fix the missing return value. - iio: dac: ad5446: Fix read_raw not returning set value - iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() - iio: imu: inv_icm42600: Fix I2C init possible nack - usb: misc: fix improper handling of refcount in uss720_probe() - [arm64,x86] usb: typec: ucsi: Fix reuse of completion structure - [arm64,x86] usb: typec: ucsi: Fix role swapping - usb: gadget: uvc: Fix crash when encoding data for usb request - usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() - [arm64,armhf] usb: dwc3: Try usb-role-switch first in dwc3_drd_init - [arm64,armhf] usb: dwc3: core: Fix tx/rx threshold settings - [arm64,armhf] usb: dwc3: core: Only handle soft-reset in DCTL - [arm64,armhf] usb: dwc3: gadget: Return proper request status - [arm*] usb: phy: generic: Get the vbus supply - [arm64,armhf] serial: imx: fix overrun interrupts in DMA mode - serial: 8250: Also set sticky MCR bits in console restoration - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device - [arm64,armhf] arch_topology: Do not set llc_sibling if llc_id is invalid - hex2bin: make the function hex_to_bin constant-time - hex2bin: fix access beyond string end - iocost: don't reset the inuse weight of under-weighted debtors - video: fbdev: udlfb: properly check endpoint type - iio:imu:bmi160: disable regulator in error path - USB: Fix xhci event ring dequeue pointer ERDP update issue - [armhf] phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe - [armhf] phy: samsung: exynos5250-sata: fix missing device put in probe error paths - [armhf] OMAP2+: Fix refcount leak in omap_gic_of_init - [armhf] bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific - [armhf] phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks - [armhf] dts: am3517-evm: Fix misc pinmuxing - [armhf] dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 - ipvs: correctly print the memory size of ip_vs_conn_tab - [armhf] pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI - [arm64,armhf] net: dsa: Add missing of_node_put() in dsa_port_link_register_of - netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion - bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook - [arm64,armhf] pinctrl: rockchip: fix RK3308 pinmux bits - tcp: md5: incorrect tcp_header_len for incoming connections - [armhf] pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested - tcp: ensure to use the most recently sent skb when filling the rate sample - wireguard: device: check for metadata_dst with skb_valid_dst() - sctp: check asoc strreset_chunk in sctp_generate_reconf_event - [arm64] dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock - [arm64] net: hns3: modify the return code of hclge_get_ring_chain_from_mbx - [arm64] net: hns3: add validity check for message data length - [arm64] net: hns3: add return value for mailbox handling in PF - net/smc: sync err code when tcp connection was refused - ip_gre: Make o_seqno start from 0 in native mode - ip6_gre: Make o_seqno start from 0 in native mode - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT - tcp: make sure treq->af_specific is initialized - [arm64,armhf] bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() - [arm64,armhf] clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() - [arm64] net: bcmgenet: hide status block before TX timestamping - net: phy: marvell10g: fix return value on error - bnx2x: fix napi API usage sequence - [arm64,armhf] net: fec: add missing of_node_put() in fec_enet_init_stop_mode() - ixgbe: ensure IPsec VF<->PF compatibility - tcp: fix F-RTO may not work correctly when receiving DSACK - [x86] ASoC: Intel: soc-acpi: correct device endpoints for max98373 - ext4: fix bug_on in start_this_handle during umount filesystem - [amd64] x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 - cifs: destage any unwritten data to the server before calling copychunk_write - [x86] drivers: net: hippi: Fix deadlock in rr_close() - zonefs: Fix management of open zones - zonefs: Clear inode information flags on inode creation - [x86] drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses - [armhf] net: ethernet: stmmac: fix write to sgmii_adapter_base - [x86] thermal: int340x: Fix attr.show callback prototype - [x86] cpu: Load microcode during restore_processor_state() - tty: n_gsm: fix restart handling via CLD command - tty: n_gsm: fix decoupled mux resource - tty: n_gsm: fix mux cleanup after unregister tty device - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 - tty: n_gsm: fix malformed counter for out of frame data - netfilter: nft_socket: only do sk lookups when indev is available - tty: n_gsm: fix insufficient txframe size - tty: n_gsm: fix wrong DLCI release order - tty: n_gsm: fix missing explicit ldisc flush - tty: n_gsm: fix wrong command retry handling - tty: n_gsm: fix wrong command frame length field encoding - tty: n_gsm: fix reset fifo race condition - tty: n_gsm: fix incorrect UA handling - tty: n_gsm: fix software flow control handling https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.115 - [mips*] Fix CP0 counter erratum detection for R4k CPUs - ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers - ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes - [arm64] mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC - mmc: core: Set HS clock speed before sending HS CMD13 - gpiolib: of: fix bounds check for 'gpio-reserved-ranges' - [x86] KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id - [amd64] iommu/vt-d: Calculate mask for non-aligned flushes - Revert "SUNRPC: attempt AF_LOCAL connect on setup" - firewire: fix potential uaf in outbound_phy_packet_callback() - firewire: remove check of list iterator against head past the loop body - firewire: core: extend card->lock in fw_core_handle_bus_reset - net: stmmac: disable Split Header (SPH) for Intel platforms - genirq: Synchronize interrupt thread startup - ASoC: da7219: Fix change notifications for tone generator frequency - [s390x] dasd: fix data corruption for ESE devices - [s390x] dasd: prevent double format of tracks for ESE devices - [s390x] dasd: Fix read for ESE with blksize < 4k - [s390x] dasd: Fix read inconsistency for ESE DASD devices - can: isotp: remove re-binding of bound socket - nfc: replace improper check device_is_registered() in netlink related functions (CVE-2022-1974) - NFC: netlink: fix sleep in atomic bug when firmware download timeout (CVE-2022-1975) - [arm64,armhf] gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) - hwmon: (adt7470) Fix warning on module removal - [arm*] ASoC: dmaengine: Restore NULL prepare_slave_config() callback - net/mlx5e: Fix trust state reset in reload - net/mlx5e: Don't match double-vlan packets if cvlan is not set - net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release - net/mlx5e: Fix the calling of update_buffer_lossy() API - net/mlx5: Avoid double clear or set of sync reset requested - NFSv4: Don't invalidate inode attributes on delegation return - [arm64,armhf] net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() - [armhf] net: cpsw: add missing of_node_put() in cpsw_probe_dt() - hinic: fix bug of wq out of bound access - bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag - bnxt_en: Fix unnecessary dropping of RX packets - [arm64,armhf] smsc911x: allow using IRQ0 - btrfs: always log symlinks in full mode - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() - [x86] kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU - net/mlx5: Fix slab-out-of-bounds while reading resource dump menu - [x86] kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume - [x86] KVM: x86: Do not change ICR on write to APIC_SELF_IPI - [x86] KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs - [x86] KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised - rcu: Fix callbacks processing time limit retaining cond_resched() - rcu: Apply callbacks processing time limit only on softirq - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (CVE-2022-0494) - dm: interlock pending dm_io and dm_wait_for_bios_completion - [arm64] PCI: aardvark: Clear all MSIs at setup - [arm64] PCI: aardvark: Fix reading MSI interrupt number - mmc: rtsx: add 74 Clocks in power on flow https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.116 - regulator: consumer: Add missing stubs to regulator/consumer.h - block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit - nfp: bpf: silence bitwise vs. logical OR warning - Bluetooth: Fix the creation of hdev->name - mm: fix missing cache flush for all tail pages of compound page - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.117 - batman-adv: Don't skb_split skbuffs with frag_list - iwlwifi: iwl-dbg: Use del_timer_sync() before freeing - hwmon: (tmp401) Add OF device ID table - mac80211: Reset MBSSID parameters upon connection - net: Fix features skip in for_each_netdev_feature() - [arm64] net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted - [arm64] net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups - [arm64] net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 - [arm64] net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters - ipv4: drop dst in multicast routing path - drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() - netlink: do not reset transport header in netlink_recvmsg() - sfc: Use swap() instead of open coding it - net: sfc: fix memory leak due to ptp channel - mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection - nfs: fix broken handling of the softreval mount option - dim: initialize all struct fields - [s390x] ctcm: fix variable dereferenced before check - [s390x] ctcm: fix potential memory leak - [s390x] lcs: fix variable dereferenced before check - net/sched: act_pedit: really ensure the skb is writable - [arm64] net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral - [armhf] net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() - net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending - net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() - gfs2: Fix filesystem block deallocation for short writes - hwmon: (f71882fg) Fix negative temperature - ASoC: max98090: Reject invalid values in custom control put() - ASoC: max98090: Generate notifications on changes for custom control - ASoC: ops: Validate input values in snd_soc_put_volsw_range() - net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT - tcp: resalt the secret every 10 seconds (CVE-2022-1012) - firmware_loader: use kernel credentials when reading firmware - tty: n_gsm: fix mux activation issues in gsm_config() - usb: cdc-wdm: fix reading stuck on device close - USB: serial: pl2303: add device id for HP LM930 Display - USB: serial: qcserial: add support for Sierra Wireless EM7590 - USB: serial: option: add Fibocom L610 modem - USB: serial: option: add Fibocom MA510 modem - ceph: fix setting of xattrs on async created inodes - drm/nouveau/tegra: Stop using iommu_present() - i40e: i40e_main: fix a missing check on list iterator - [amd64,arm64] net: atlantic: always deep reset on pm op, fixing up my null deref regression - cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() - [x86] drm/vmwgfx: Initialize drm_mode_fb_cmd2 - SUNRPC: Clean up scheduling of autoclose - SUNRPC: Prevent immediate close+reconnect - SUNRPC: Don't call connect() more than once on a TCP socket - SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() (CVE-2022-28893) - net: phy: Fix race condition on link status change - [arm*] arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map - ping: fix address binding wrt vrf - usb: gadget: uvc: rename function to be more consistent - usb: gadget: uvc: allow for application to cleanly shutdown - io_uring: always use original task when preparing req identity (CVE-2022-1786) https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.118 - io_uring: always grab file table for deferred statx - floppy: use a statically allocated error counter - [x86] Revert "drm/i915/opregion: check port number bounds for SWSCI display power state" - igc: Remove _I_PHY_ID checking - igc: Remove phy->type checking - igc: Update I226_K device ID - rtc: fix use-after-free on device removal - [arm64] rtc: pcf2127: fix bug when reading alarm registers - Input: add bounds checking to input_set_capability() - nvme-pci: add quirks for Samsung X5 SSDs - gfs2: Disable page faults during lockless buffered reads - [arm64,armhf] rtc: sun6i: Fix time overflow handling - [armhf] crypto: stm32 - fix reference leak in stm32_crc_remove - [amd64] crypto: x86/chacha20 - Avoid spurious jumps to other functions - ALSA: hda/realtek: Enable headset mic on Lenovo P360 - [s390x] pci: improve zpci_dev reference counting - nvme-multipath: fix hang when disk goes live over reconnect - rtc: mc146818-lib: Fix the AltCentury for AMD platforms - fs: fix an infinite loop in iomap_fiemap - drbd: remove usage of list iterator variable after loop - [arm64] platform/chrome: cros_ec_debugfs: detach log reader wq from devm - [armel,armhf] 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() - nilfs2: fix lockdep warnings in page operations for btree nodes - nilfs2: fix lockdep warnings during disk space reclamation - Revert "swiotlb: fix info leak with DMA_FROM_DEVICE" - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" (CVE-2022-0854) - ALSA: usb-audio: Restore Rane SL-1 quirk - [i386] ALSA: wavefront: Proper check of get_user() error - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise - perf: Fix sys_perf_event_open() race against self (CVE-2022-1729) - selinux: fix bad cleanup on error in hashtab_duplicate() - Fix double fget() in vhost_net_set_backend() - PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold - [x86] KVM: x86/mmu: Update number of zapped pages even if page list is stable - [arm64] paravirt: Use RCU read locks to guard stolen_time - [arm64] mte: Ensure the cleared tags are visible before setting the PTE - [arm64] crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ - libceph: fix potential use-after-free on linger ping and resends - drm/dp/mst: fix a possible memory leak in fetch_monitor_name() - dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace - [armhf] pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl - [arm64] net: macb: Increment rx bd head after allocating skb and buffer - net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm - xfrm: Add possibility to set the default to block if we have no policy - net: xfrm: fix shift-out-of-bounce - xfrm: make user policy API complete - xfrm: notify default policy on update - xfrm: fix dflt policy check when there is no policy configured - xfrm: rework default policy structure - xfrm: fix "disable_policy" flag use when arriving from different devices - net/sched: act_pedit: sanitize shift argument before usage - [x86] net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - [x86] net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() - ice: fix possible under reporting of ethtool Tx and Rx statistics - net/qla3xxx: Fix a test in ql_reset_work() - net/mlx5e: Properly block LRO when XDP is enabled - net: af_key: add check for pfkey_broadcast in function pfkey_process - [armhf] 9196/1: spectre-bhb: enable for Cortex-A15 - [armel,armhf] 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 - igb: skip phy status check where unavailable - net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. - [arm*] gpio: mvebu/pwm: Refuse requests with inverted polarity - scsi: qla2xxx: Fix missed DMA unmap for aborted commands - mac80211: fix rx reordering with non explicit / psmp ack policy - nl80211: validate S1G channel width - nl80211: fix locking in nl80211_set_tx_bitrate_mask() - ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() - [amd64,arm64] net: atlantic: fix "frag[0] not initialized" - [amd64,arm64] net: atlantic: reduce scope of is_rsc_complete - [amd64,arm64] net: atlantic: add check for MAX_SKB_FRAGS - [amd64,arm64] net: atlantic: verify hw_head_ lies within TX buffer ring - [arm64] Enable repeat tlbi workaround on KRYO4XX gold CPUs - dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group - afs: Fix afs_getattr() to refetch file status if callback break occurred - include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.119 - lockdown: also lock down previous kgdb use (CVE-2022-21499) - staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() - [x86] KVM: x86: Properly handle APF vs disabled LAPIC situation - [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID (CVE-2022-1789) - tcp: change source port randomizarion at connect() time - secure_seq: use the 64 bits of the siphash for port offset calculation (CVE-2022-1012) - ACPI: sysfs: Make sparse happy about address space in use - ACPI: sysfs: Fix BERT error region memory mapping - random: avoid arch_get_random_seed_long() when collecting IRQ randomness - random: remove dead code left over from blocking pool - MAINTAINERS: co-maintain random.c - MAINTAINERS: add git tree for random.c - crypto: lib/blake2s - Move selftest prototype into header file - crypto: blake2s - define shash_alg structs using macros - [amd64] crypto: x86/blake2s - define shash_alg structs using macros - crypto: blake2s - remove unneeded includes - crypto: blake2s - move update and final logic to internal/blake2s.h - crypto: blake2s - share the "shash" API boilerplate code - crypto: blake2s - optimize blake2s initialization - crypto: blake2s - add comment for blake2s_state fields - crypto: blake2s - adjust include guard naming - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h> - lib/crypto: blake2s: include as built-in - lib/crypto: blake2s: move hmac construction into wireguard - lib/crypto: sha1: re-roll loops to reduce code size - lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI - random: document add_hwgenerator_randomness() with other input functions - random: remove unused irq_flags argument from add_interrupt_randomness() - random: use BLAKE2s instead of SHA1 in extraction - random: do not sign extend bytes for rotation when mixing - random: do not re-init if crng_reseed completes before primary init - random: mix bootloader randomness into pool - random: harmonize "crng init done" messages - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs - random: early initialization of ChaCha constants - random: avoid superfluous call to RDRAND in CRNG extraction - random: don't reset crng_init_cnt on urandom_read() - random: fix typo in comments - random: cleanup poolinfo abstraction - random: cleanup integer types - random: remove incomplete last_data logic - random: remove unused extract_entropy() reserved argument - random: rather than entropy_store abstraction, use global - random: remove unused OUTPUT_POOL constants - random: de-duplicate INPUT_POOL constants - random: prepend remaining pool constants with POOL_ - random: cleanup fractional entropy shift constants - random: access input_pool_data directly rather than through pointer - random: selectively clang-format where it makes sense - random: simplify arithmetic function flow in account() - random: continually use hwgenerator randomness - random: access primary_pool directly rather than through pointer - random: only call crng_finalize_init() for primary_crng - random: use computational hash for entropy extraction - random: simplify entropy debiting - random: use linear min-entropy accumulation crediting - random: always wake up entropy writers after extraction - random: make credit_entropy_bits() always safe - random: remove use_input_pool parameter from crng_reseed() - random: remove batched entropy locking - random: fix locking in crng_fast_load() - random: use RDSEED instead of RDRAND in entropy extraction - random: get rid of secondary crngs - random: inline leaves of rand_initialize() - random: ensure early RDSEED goes through mixer on init - random: do not xor RDRAND when writing into /dev/random - random: absorb fast pool into input pool after fast load - random: use simpler fast key erasure flow on per-cpu keys - random: use hash function for crng_slow_load() - random: make more consistent use of integer types - random: remove outdated INT_MAX >> 6 check in urandom_read() - random: zero buffer after reading entropy from userspace - random: fix locking for crng_init in crng_reseed() - random: tie batched entropy generation to base_crng generation - random: remove ifdef'd out interrupt bench - random: remove unused tracepoints - random: add proper SPDX header - random: deobfuscate irq u32/u64 contributions - random: introduce drain_entropy() helper to declutter crng_reseed() - random: remove useless header comment - random: remove whitespace and reorder includes - random: group initialization wait functions - random: group crng functions - random: group entropy extraction functions - random: group entropy collection functions - random: group userspace read/write functions - random: group sysctl functions - random: rewrite header introductory comment - random: defer fast pool mixing to worker - random: do not take pool spinlock at boot - random: unify early init crng load accounting - random: check for crng_init == 0 in add_device_randomness() - random: pull add_hwgenerator_randomness() declaration into random.h - random: clear fast pool, crng, and batches in cpuhp bring up - random: round-robin registers as ulong, not u32 - random: only wake up writers after zap if threshold was passed - random: cleanup UUID handling - random: unify cycles_t and jiffies usage and types - random: do crng pre-init loading in worker rather than irq - random: give sysctl_random_min_urandom_seed a more sensible value - random: don't let 644 read-only sysctls be written to - random: replace custom notifier chain with standard one - random: use SipHash as interrupt entropy accumulator - random: make consistent usage of crng_ready() - random: reseed more often immediately after booting - random: check for signal and try earlier when generating entropy - random: skip fast_init if hwrng provides large chunk of entropy - random: treat bootloader trust toggle the same way as cpu trust toggle - random: re-add removed comment about get_random_{u32,u64} reseeding - random: mix build-time latent entropy into pool at init - random: do not split fast init input in add_hwgenerator_randomness() - random: do not allow user to keep crng key around on stack - random: check for signal_pending() outside of need_resched() check - random: check for signals every PAGE_SIZE chunk of /dev/[u]random - random: allow partial reads if later user copies fail - random: make random_get_entropy() return an unsigned long - random: document crng_fast_key_erasure() destination possibility - random: fix sysctl documentation nits - init: call time_init() before rand_initialize() - [s390x] define get_cycles macro for arch-override - [powerpc*] define get_cycles macro for arch-override - timekeeping: Add raw clock fallback for random_get_entropy() - [mips*] use fallback for random_get_entropy() instead of just c0 random - [arm*] use fallback for random_get_entropy() instead of zero - [x86] tsc: Use fallback for random_get_entropy() instead of zero - random: insist on random_get_entropy() existing in order to simplify - random: do not use batches when !crng_ready() - random: use first 128 bits of input as fast init - random: do not pretend to handle premature next security model - random: order timer entropy functions below interrupt functions - random: do not use input pool from hard IRQs - random: help compiler out with fast_mix() by using simpler arguments - siphash: use one source of truth for siphash permutations - random: use symbolic constants for crng_init states - random: avoid initializing twice in credit race - random: move initialization out of reseeding hot path - random: remove ratelimiting for in-kernel unseeded randomness - random: use proper jiffies comparison macro - random: handle latent entropy and command line from random_init() - random: credit architectural init the exact amount - random: use static branch for crng_ready() - random: remove extern from functions in header - random: use proper return types on get_random_{int,long}_wait() - random: make consistent use of buf and len - random: move initialization functions out of hot pages - random: move randomize_page() into mm where it belongs - random: unify batched entropy implementations - random: convert to using fops->read_iter() - random: convert to using fops->write_iter() - random: wire up fops->splice_{read,write}_iter() - random: check for signals after page of pool writes - ALSA: ctxfi: Add SB046x PCI ID https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.120 - percpu_ref_init(): clean ->percpu_count_ref on failure - net: af_key: check encryption module availability consistency - nfc: pn533: Fix buggy cleanup order - [armhf] net: ftgmac100: Disable hardware checksum on AST2600 - [x86] i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging - [arm64] drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers - netfilter: nf_tables: disallow non-stateful expression in sets earlier (CVE-2022-1966) - pipe: make poll_usage boolean and annotate its access - pipe: Fix missing lock in pipe_resize_ring() (ZDI-CAN-17291) - cfg80211: set custom regdomain after wiphy registration - assoc_array: Fix BUG_ON during garbage collect - io_uring: don't re-import iovecs from callbacks - io_uring: fix using under-expanded iters - xfs: detect overflows in bmbt records - xfs: show the proper user quota options - xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks - xfs: fix an ABBA deadlock in xfs_rename - xfs: Fix CIL throttle hang when CIL space used going backwards - exfat: check if cluster num is valid - crypto: drbg - prepare for more fine-grained tracking of seeding state - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() - crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() - crypto: drbg - make reseeding from get_random_bytes() synchronous - netfilter: nf_tables: sanitize nft_set_desc_concat_parse() (CVE-2022-1972) - netfilter: conntrack: re-fetch conntrack after insertion - [x86] kvm: Alloc dummy async #PF token outside of raw spinlock - [x86] kvm: use correct GFP flags for preemption disabled - [x86] KVM: x86: avoid calling x86 emulator without a decoded instruction (CVE-2022-1852) - [arm64] crypto: caam - fix i.MX6SX entropy delay value - crypto: ecrdsa - Fix incorrect use of vli_cmp - zsmalloc: fix races between asynchronous zspage free and page migration - Bluetooth: hci_qca: Use del_timer_sync() before freeing - dm integrity: fix error code in dm_integrity_ctr() - dm crypt: make printing of the key constant-time - dm stats: add cond_resched when looping over entries - dm verity: set DM_TARGET_IMMUTABLE feature flag - raid5: introduce MD_BROKEN - HID: multitouch: Add support for Google Whiskers Touchpad - HID: multitouch: add quirks to enable Lenovo X12 trackpoint - tpm: Fix buffer access in tpm2_get_tpm_pt() - docs: submitting-patches: Fix crossref to 'The canonical patch format' - NFS: Memory allocation failures are not server fatal errors - NFSD: Fix possible sleep during nfsd4_release_lockowner() - bpf: Fix potential array overflow in bpf_trampoline_get_progs() - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes . [ Salvatore Bonaccorso ] * [rt] Update to 5.10.115-rt67 * Bump ABI to 15 * [rt] Drop "random: Make it work on rt" . [ Mateusz Łukasik ] * [armhf] drivers/thermal: Enable SUN8I_THERMAL as module (Closes: #1007799) Checksums-Sha1: da931ee79330c9fe27968a55cc020c609852fc1d 197238 linux_5.10.120-1.dsc 05ca743737202facbae6d4a459c5b525b4e45e79 121713740 linux_5.10.120.orig.tar.xz 1c1c44eb8b7d391aa9a3ad20420d98fd18a4cdcd 1507604 linux_5.10.120-1.debian.tar.xz e0fef0e252895840a21a0fda94e4fbf1f3f349b7 6460 linux_5.10.120-1_source.buildinfo Checksums-Sha256: 3b6266370e311ae267aba3032ebaf4648939dd44d80c7b48cd6e0892e130383b 197238 linux_5.10.120-1.dsc 9ae857e7cbd7e1a878cf89b44e4d3f0aa97f205fbe089df2d8b16b87e9aa9de2 121713740 linux_5.10.120.orig.tar.xz cde1e57fd8ad5c20ca6cd2767a5147e73567ca10bac607dd67c7a6d53eee66b2 1507604 linux_5.10.120-1.debian.tar.xz d9e88c9c58e2b75e93a6787570391020b88227a59f788598095f22ed472ac5a5 6460 linux_5.10.120-1_source.buildinfo Files: 1afea319f528f9653c913738dcd66e8d 197238 kernel optional linux_5.10.120-1.dsc 534b96992a3a8a44727a3a9ee0f23076 121713740 kernel optional linux_5.10.120.orig.tar.xz be664013734350878924b8bafe4e3989 1507604 kernel optional linux_5.10.120-1.debian.tar.xz ea42e58358334676e5c8d12888cd8c73 6460 kernel optional linux_5.10.120-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKiaH5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ETyMP/2Q2Th5M4OC/GlwemdjjaB1/e/FRibps hLsr5MaYEuHaxtWjMIZogKpZYdjd0Pe5KbGGW1izrvmlVs1XEUeHfhXDvlcNRYpn 8GvvgTXB++pJ2xECoy9ii7DAokPPfaQkUqDfEgUjmpVDSjDEbiqxeNIyW31Wzu/0 N3iHWopXuGaUcdAoS8vByZtFuBU8PAaDY25lmfDFZ7SCsel21O0mB68nyc7y2ZUo peuAVstzaO7VVUjSWlwQlG32oPnJB3tD49yWoU8GAGWpoWUtqKeZZwUzODS0uz2d 9HDAFMDDBjSpRGF/QZVzBZ82AerjzqdBmWhsLOcvrWWyqWvMqClZ7YeAJD9OGPvz v0K4Vtm9mdX5JIkTmY2SxpWev6nDIiYMUIphuQeER/IFLNYA73WABUjl0ZSgE964 FuflGShUrXq6WdX1pYzkLDreAg1w9YHwKHRfA0Lct86yYvGBZ58mKNJR8JaYPfDH YA6vOv/9nFzYKqHIuqx/DOeZYnmTVFEdjU8iUCSQ+TGjdoZ2QmUfr9tpic0/H6U4 iNTp89XfkM8UV9XleFegy9S8oW6mH8poj6A53QNbqTj3HCOYpzkTpjRvNFXYJ95H FtXpM174mjh3xPvwZQrlJi6dLIvjROclmrqtjY8YsfiB2eG67Ya+bKzAXWZIW1gh OPtjHparu5PI =tCj+ -----END PGP SIGNATURE-----
