The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg in the bluetooth stack . - CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. - CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest . - CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users could use this flaw to starve the resources causing denial of service . - CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files . - CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by invalid id . - CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post . - CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling . - CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf-greater than or equal to len value exceeding the buffer size in drivers/char/virtio_console.c - CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault . - CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service by removing a MAX-3421 USB device in certain situations . - CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer . - CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed remote attackers to cause a denial of service by sending heavy network traffic for about ten minutes . - CVE-2021-38166: Fixed an integer overflow and out-of-bounds write when many elements are placed in a single bucket in kernel/bpf/hashtab.c . - CVE-2021-38209: Fixed allowed observation of changes in any net namespace via net/netfilter/nf_conntrack_standalone.c . - CVE-2021-38206: Fixed NULL pointer dereference in the radiotap parser inside the mac80211 subsystem . - CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory . - CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory . - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks . - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases . The following non-security bugs were fixed: - ACPI: NFIT: Fix support for virtual SPA ranges . - ACPI: processor: Clean up acpi_processor_evaluate_cst - ACPI: processor: Export acpi_processor_evaluate_cst - ACPI: processor: Export function to claim _CST control - ACPI: processor: Introduce acpi_processor_evaluate_cst - ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR - ALSA: hda - fix the "Capture Switch" value change notifications . - ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10 . - ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms . - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically . - ALSA: hda/realtek - Add ALC285 HP init procedure . - ALSA: hda/realtek - Add type for ALC287 . - ALSA: hda/realtek: Change device names for quirks to barebone names . - ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop . - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 . - ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8 . - ALSA: hda/realtek: add mic quirk for Acer SF314-42 . - ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx series . - ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC . - ALSA: hda/via: Apply runtime PM workaround for ASUS B23E . - ALSA: hda: Add quirk for ASUS Flow x13 . - ALSA: hda: Fix hang during shutdown due to link reset . - ALSA: hda: Release controller display power during shutdown/reboot . - ALSA: pcm: Fix mmap breakage without explicit buffer setup . - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl . - ALSA: seq: Fix racy deletion of subscriber . - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 . - ALSA: usb-audio: Avoid unnecessary or invalid connector selection at resume . - ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC . - ALSA: usb-audio: Fix superfluous autosuspend recovery . - ALSA: usb-audio: fix incorrect clock source setting . - ASoC: Intel: Skylake: Fix module resource and format selection . - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs . - ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 . - ASoC: SOF: Intel: hda-ipc: fix reply size checking . - ASoC: amd: Fix reference to PCM buffer address . - ASoC: component: Remove misplaced prefix handling in pin control functions . - ASoC: cs42l42: Correct definition of ADC Volume control . - ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J . - ASoC: cs42l42: Fix LRCLK frame start edge . - ASoC: cs42l42: Fix inversion of ADC Notch Switch control . - ASoC: cs42l42: Remove duplicate control for WNF filter frequency . - ASoC: intel: atom: Fix breakage for PCM buffer address setup . - ASoC: intel: atom: Fix reference to PCM buffer address . - ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe . - ASoC: rt5682: Adjust headset volume button threshold . - ASoC: rt5682: Adjust headset volume button threshold again . - ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend . - ASoC: ti: j721e-evm: Check for not initialized parent_clk_id . - ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking during startup . - ASoC: tlv320aic31xx: Fix jack detection after suspend . - ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits . - ASoC: uniphier: Fix reference to PCM buffer address . - ASoC: wcd9335: Disable irq on slave ports in the remove function . - ASoC: wcd9335: Fix a double irq free in the remove function . - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function . - ASoC: xilinx: Fix reference to PCM buffer address . - Avoid double printing SUSE specific flags in mod-greater than or equal to taint . - Bluetooth: add timeout sanity check to hci_inquiry . - Bluetooth: btusb: Fix a unspported condition to set available debug features . - Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS . - Bluetooth: defer cleanup of resources in hci_unregister_dev . - Bluetooth: fix repeated calls to sco_sock_kill . - Bluetooth: hidp: use correct wait queue when removing ctrl_wait . - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow . - Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd . - Bluetooth: sco: prevent information leak in sco_conn_defer_accept . - Drop two intel_int0002_vgpio patches that cause Oops - KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4 . - KVM: VMX: Enable machine check support for 32bit targets . - KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path . - KVM: VMX: Extend VMXs #AC interceptor to handle split lock #AC in guest . - KVM: nVMX: Handle split-lock #AC exceptions that happen in L2 . - KVM: nVMX: Really make emulated nested preemption timer pinned . - KVM: nVMX: Reset the segment cache when stuffing guest segs . - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 . - KVM: nVMX: Sync unsync"d vmcs02 state to vmcs12 on migration . - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit . - KVM: x86: Emulate split-lock access as a write in emulator . - KVM: x86: bit 8 of non-leaf PDPEs is not reserved . - NFS: Correct size calculation for create reply length . - NFSv4.1: Do not rebind to the same source port when - NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times . - NFSv4: Initialise connection to the server in nfs4_alloc_client . - PCI/MSI: Correct misleading comments . - PCI/MSI: Do not set invalid bits in MSI mask . - PCI/MSI: Enable and mask MSI-X early . - PCI/MSI: Enforce MSI[X] entry updates to be visible . - PCI/MSI: Enforce that MSI-X table entry is masked for update . - PCI/MSI: Mask all unused MSI-X entries . - PCI/MSI: Skip masking MSI-X on Xen PV . - PCI/MSI: Use msi_mask_irq in pci_msi_shutdown . - PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI . - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently . - PCI: PM: Enable PME if it can be signaled from D3cold . - RDMA/bnxt_re: Fix stats counters . - SUNRPC: "Directory with parent "rpc_clnt" already present!" . - SUNRPC: Fix the batch tasks count wraparound . - SUNRPC: Should wake up the privileged task firstly . - SUNRPC: defer slow parts of rpc_free_client to a workqueue . - SUNRPC: fix use-after-free in rpc_free_client_work . - SUNRPC: improve error response to over-size gss credential . - SUNRPC: prevent port reuse on transports which do not request it . - USB: core: Avoid WARNings for 0-length descriptor requests . - USB: serial: ch341: fix character loss at high transfer rates . - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 . - USB: serial: option: add Telit FD980 composition 0x1056 . - USB: usbtmc: Fix RCU stall warning . - USB:ehci:fix Kunpeng920 ehci hardware problem . - VMCI: fix NULL pointer dereference when unmapping queue pair . - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point . - ath9k: Clear key cache explicitly on disabling hardware . - ath: Use safer key clearing with key cache entries . - bcma: Fix memory leak for internally-handled cores . - bdi: Do not use freezable workqueue . - blk-iolatency: error out if blk_get_queue failed in iolatency_set_limit . - blk-mq-sched: Fix blk_mq_sched_alloc_tags error handling . - blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled . - blk-wbt: make sure throttle is enabled properly . - block: fix trace completion for chained bio . - bnxt_en: Validate vlan protocol ID on RX packets . - brcmfmac: pcie: fix oops on failure to resume and reprobe . - btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk . - btrfs: add a trace class for dumping the current ENOSPC state . - btrfs: add a trace point for reserve tickets . - btrfs: adjust the flush trace point to include the source . - btrfs: check reclaim_size in need_preemptive_reclaim . - btrfs: factor out create_chunk . - btrfs: factor out decide_stripe_size . - btrfs: factor out gather_device_info . - btrfs: factor out init_alloc_chunk_ctl . - btrfs: fix btrfs_calc_reclaim_metadata_size calculation . - btrfs: fix deadlock with concurrent chunk allocations involving system chunks . - btrfs: handle invalid profile in chunk allocation . - btrfs: implement space clamping for preemptive flushing . - btrfs: improve preemptive background space flushing . - btrfs: introduce a FORCE_COMMIT_TRANS flush operation . - btrfs: introduce alloc_chunk_ctl . - btrfs: introduce chunk allocation policy . - btrfs: make flush_space take a enum btrfs_flush_state instead of int . - btrfs: move the chunk_mutex in btrfs_read_chunk_tree . - btrfs: parameterize dev_extent_min for chunk allocation . - btrfs: refactor find_free_dev_extent_start . - btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing . - btrfs: rename need_do_async_reclaim . - btrfs: rework btrfs_calc_reclaim_metadata_size . - btrfs: rework chunk allocation to avoid exhaustion of the system chunk array . - btrfs: rip out btrfs_space_info::total_bytes_pinned . - btrfs: rip the first_ticket_bytes logic from fail_all_tickets . - btrfs: simplify the logic in need_preemptive_flushing . - btrfs: tracepoints: convert flush states to using EM macros . - btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags . - can: ti_hecc: Fix memleak in ti_hecc_probe . - can: usb: esd_usb2: esd_usb2_rx_event: fix the interchange of the CAN RX and TX error counters . - ceph: clean up and optimize ceph_check_delayed_caps . - ceph: reduce contention in ceph_check_delayed_caps . - ceph: take snap_empty_lock atomically with snaprealm refcount change . - cfg80211: Fix possible memory leak in function cfg80211_bss_update . - cifs: Remove unused inline function is_sysvol_or_netlogon . - cifs: avoid starvation when refreshing dfs cache . - cifs: constify get_normalized_path properly . - cifs: do not cargo-cult strndup . - cifs: do not send tree disconnect to ipc shares . - cifs: do not share tcp servers with dfs mounts . - cifs: do not share tcp sessions of dfs connections . - cifs: fix check of dfs interlinks . - cifs: fix path comparison and hash calc . - cifs: get rid of @noreq param in __dfs_cache_find . - cifs: handle different charsets in dfs cache . - cifs: keep referral server sessions alive . - cifs: missing null pointer check in cifs_mount . - cifs: prevent NULL deref in cifs_compose_mount_options . - cifs: set a minimum of 2 minutes for refreshing dfs cache . - clk: fix leak on devm_clk_bulk_get_all unwind . - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs . - cpuidle: Allow idle states to be disabled by default - cpuidle: Consolidate disabled state checks - cpuidle: Drop disabled field from struct cpuidle_state - cpuidle: Fix cpuidle_driver_state_disabled - cpuidle: Introduce cpuidle_driver_state_disabled for driver quirks - crypto: ccp - Annotate SEV Firmware file names . - crypto: qat - use proper type for vf_mask . - crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit . - device-dax: Fix default return code of range_parse . - dm integrity: fix missing goto in bitmap_flush_interval error handling . - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails . - dm verity: fix DM_VERITY_OPTS_MAX value . - dmaengine: idxd: fix setup sequence for MSIXPERM table . - dmaengine: imx-dma: configure the generic DMA type to make it work . - dmaengine: imx-dma: configure the generic DMA type to make it work . - dmaengine: imx-sdma: remove duplicated sdma_load_context . - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available . - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe . - dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers . - drivers/block/null_blk/main: Fix a double free in null_init . - drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X . - drm/amd/display: Fix comparison error in dcn21 DML . - drm/amd/display: Fix max vstartup calculation for modes with borders . - drm/amd/display: Remove invalid assert for ODM + MPC case . - drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work . - drm/amd/display: workaround for hard hang on HPD on native DP . - drm/amdgpu/acp: Make PM domain really work . - drm/amdgpu/display: fix DMUB firmware version info . - drm/amdgpu/display: only enable aux backlight control for OLED panels . - drm/amdgpu: do not enable baco on boco platforms in runpm . - drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir . - drm/dp_mst: Fix return code on sideband message failure . - drm/i915/dg1: gmbus pin mapping . - drm/i915/dg1: provide port/phy mapping for vbt . - drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH + CML combos . - drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH + CML combos . - drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings . - drm/i915/gen9_bc: Recognize TGP PCH + CML combos . - drm/i915/rkl: new rkl ddc map for different PCH . - drm/i915: Add VBT AUX CH H and I . - drm/i915: Add VBT DVO ports H and I . - drm/i915: Add more AUX CHs to the enum . - drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6 . - drm/i915: Correct SFC_DONE register offset . - drm/i915: Introduce HPD_PORT_TCless thanngreater than or equal to . - drm/i915: Move hpd_pin setup to encoder init . - drm/i915: Nuke the redundant TC/TBT HPD bit defines . - drm/i915: Only access SFC_DONE when media domain is not fused off . - drm/meson: fix colour distortion from HDR set during vendor u-boot . - drm/msi/mdp4: populate priv-greater than or equal to kms in mdp4_kms_init . - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs . - drm/msm/dsi: Fix some reference counted resource leaks . - drm/msm: Fix error return code in msm_drm_init . - drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences . - drm/of: free the iterator object on failure . - drm/of: free the right object . - drm/panfrost: Fix missing clk_disable_unprepare on error in panfrost_clk_init . - drm/prime: fix comment on PRIME Helpers . - ext4: cleanup in-core orphan list if ext4_truncate failed to get a transaction handle . - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit . - ext4: fix avefreec in find_group_orlov . - ext4: fix kernel infoleak via ext4_extent_header . - ext4: fix potential htree corruption when growing large_dir directories . - ext4: remove check for zero nr_to_scan in ext4_es_scan . - ext4: return error code when ext4_fill_flex_info fails . - ext4: use ext4_grp_locked_error in mb_find_extent . - fanotify: fix copy_event_to_user fid error clean up . - firmware_loader: fix use-after-free in firmware_fallback_sysfs . - firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback . - fixup "rpm: support gz and zst compression methods" . - fpga: altera-freeze-bridge: Address warning about unused variable . - fpga: dfl: fme: Fix cpu hotplug issue in performance reporting . - fpga: dfl: fme: Fix cpu hotplug issue in performance reporting . - fpga: xiilnx-spi: Address warning about unused variable . - fpga: zynqmp-fpga: Address warning about unused variable . - gpio: eic-sprd: break loop when getting NULL device resource . - gpio: tqmx86: really make IRQ optional . - i2c: dev: zero out array used for i2c reads from userspace . - i2c: highlander: add IRQ check . - i2c: iop3xx: fix deferred probing . - i2c: mt65xx: fix IRQ check . - i2c: s3c2410: fix IRQ check . - iio: adc: Fix incorrect exit of for-loop . - iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels . - iio: humidity: hdc100x: Add margin to the conversion time . - intel_idle: Add module parameter to prevent ACPI _CST from being used - intel_idle: Allow ACPI _CST to be used for selected known processors - intel_idle: Annotate init time data structures - intel_idle: Customize IceLake server support - intel_idle: Disable ACPI _CST on Haswell - intel_idle: Fix max_cstate for processor models without C-state tables - intel_idle: Ignore _CST if control cannot be taken from the platform - intel_idle: Refactor intel_idle_cpuidle_driver_init - intel_idle: Use ACPI _CST for processor models without C-state tables - iommu/amd: Fix extended features logging . - iommu/amd: Move Stoney Ridge check to detect_ivrs . - iommu/arm-smmu-v3: Decrease the queue size of evtq and priq . - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK . - iommu/dma: Fix IOVA reserve dma ranges . - iommu/dma: Fix compile warning in 32-bit builds . - iommu/vt-d: Check for allocation failure in aux_detach_device . - iommu/vt-d: Define counter explicitly as unsigned int . - iommu/vt-d: Do not set then clear private data in prq_event_thread . - iommu/vt-d: Fix sysfs leak in alloc_iommu . - iommu/vt-d: Force to flush iotlb before creating superpage . - iommu/vt-d: Global devTLB flush when present context entry changed . - iommu/vt-d: Invalidate PASID cache when root/context entry changed . - iommu/vt-d: Reject unsupported page request modes . - ionic: add handling of larger descriptors . - ionic: add new queue features to interface . - ionic: aggregate Tx byte counting calls . - ionic: block actions during fw reset . - ionic: change mtu after queues are stopped . - ionic: check for link after netdev registration . - ionic: code cleanup details . - ionic: fix sizeof usage . - ionic: fix unchecked reference . - ionic: fix up dim accounting for tx and rx . - ionic: generic tx skb mapping . - ionic: implement Rx page reuse . - ionic: make all rx_mode work threadsafe . - ionic: move rx_page_alloc and free . - ionic: optimize fastpath struct usage . - ionic: protect adminq from early destroy . - ionic: rebuild debugfs on qcq swap . - ionic: remove intr coalesce update from napi . - ionic: remove some unnecessary oom messages . - ionic: simplify TSO descriptor mapping . - ionic: simplify rx skb alloc . - ionic: simplify the intr_index use in txq_init . - ionic: simplify tx clean . - ionic: simplify use of completion types . - ionic: start queues before announcing link up . - ionic: stop watchdog when in broken state . - ionic: useful names for booleans . - iwlwifi: pnvm: accept multiple HW-type TLVs . - iwlwifi: rs-fw: do not support stbc for HE 160 . - iwlwifi: skip first element in the WTAS ACPI table . - kABI fix of usb_dcd_config_params . - kABI: Fix kABI after fixing vcpu-id indexed arrays . - kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server - kabi fix for SUNRPC: defer slow parts of rpc_free_client to a workqueue . - kernel, fs: Introduce and use set_restart_fn and arch_set_restart_data . - kernel-cert-subpackage: Fix certificate location in scriptlets . - leds: trigger: audio: Add an activate callback to ensure the initial brightness is set . - lib/mpi: use kcalloc in mpi_resize . - lib: Add zstd support to decompress . - libata: fix ata_pio_sector for CONFIG_HIGHMEM . - mac80211: Fix insufficient headroom issue for AMSDU . - md/raid10: properly indicate failure when ending a failed write request . - md: revert io stats accounting . - media: TDA1997x: enable EDID support . - media: cxd2880-spi: Fix an error handling path . - media: drivers/media/usb: fix memory leak in zr364xx_probe . - media: dvb-usb: Fix error handling in dvb_usb_i2c_init . - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init . - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr . - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect . - media: go7007: fix memory leak in go7007_usb_probe . - media: go7007: remove redundant initialization . - media: rtl28xxu: fix zero-length control request . - media: stkwebcam: fix memory leak in stk_camera_probe . - media: venus: venc: Fix potential null pointer dereference on pointer fmt . - media: videobuf2-core: dequeue if start_streaming fails . - media: zr364xx: fix memory leaks in probe . - media: zr364xx: propagate errors from zr364xx_start_readpipe . - misc: atmel-ssc: lock with mutex instead of spinlock . - misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp . - mm/thp: unmap_mapping_page to fix THP truncate_cleanup_page . - mm/vmscan: fix infinite loop in drop_slab_node . - mm: fix memory_failure handling of dax-namespace metadata . - mm: swap: properly update readahead statistics in unuse_pte_range . - mmc: dw_mmc: Fix hang on data CRC error . - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config . - mmc: moxart: Fix issue with uninitialized dma_slave_config . - mmc: sdhci-iproc: Cap min clock frequency on BCM2711 . - mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711 . - mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards . - nbd: Aovid double completion of a request . - nbd: Fix NULL pointer in flush_workqueue . - net/mlx5: Add ts_cqe_to_dest_cqn related bits - net/mlx5: Properly convey driver version to firmware . - net/mlx5e: Add missing capability check for uplink follow - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 . - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext . - net: stmmac: free tx skb buffer in stmmac_resume . - net: usb: lan78xx: do not modify phy_device state concurrently - nfs: fix acl memory leak of posix_acl_create . - nvme-multipath: revalidate paths during rescan - nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth . - nvme-pci: fix NULL req in completion handler . - nvme-pci: limit maximum queue depth to 4095 . - nvme-pci: use unsigned for io queue depth . - nvme-tcp: Do not reset transport on data digest errors . - nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data . - nvme: avoid possible double fetch in handling CQE . - nvme: code command_id with a genctr for use-after-free validation . - nvme: only call synchronize_srcu when clearing current path . - nvmet: use NVMET_MAX_NAMESPACES to set nn value . - ocfs2: fix snprintf checking . - ocfs2: fix zero out valid data . - ocfs2: initialize ip_next_orphan . - ocfs2: issue zeroout to EOF blocks . - ovl: allow upperdir inside lowerdir . - ovl: expand warning in ovl_d_real . - ovl: fix missing revert_creds on error path . - ovl: perform vfs_getxattr with mounter creds . - ovl: skip getxattr of security labels . - params: lift param_set_uint_minmax to common code . - pcmcia: i82092: fix a null pointer dereference bug . - perf/x86/amd: Do not touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest . - pinctrl: tigerlake: Fix GPIO mapping for newer version of software . - platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables . - post.sh: detect /usr mountpoint too - power: supply: max17042: handle fails of reading status register . - powerpc/cacheinfo: Improve diagnostics about malformed cache lists . - powerpc/cacheinfo: Lookup cache by dt node and thread-group id . - powerpc/cacheinfo: Remove the redundant get_shared_cpu_map . - powerpc/cacheinfo: Use name at unit instead of full DT path in debug messages . - powerpc/papr_scm: Make "perf_stats" invisible if perf-stats unavailable . - powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible . - powerpc/pseries: Fix regression while building external modules . This changes a GPL symbol to general symbol which is kABI change but not kABI break. - powerpc/pseries: Fix update of LPAR security flavor after LPM . - powerpc/smp: Make some symbols static . - powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings . - powerpc: Fix is_kvm_guest / kvm_para_available . - regulator: rt5033: Fix n_voltages settings for BUCK and LDO . - regulator: vctrl: Avoid lockdep warning in enable/disable ops . - regulator: vctrl: Use locked regulator_get_voltage in probe path . - rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. - rpm/kernel-obs-build.spec.in: make builds reproducible - rpm/kernel-source.rpmlintrc: ignore new include/config files In 5.13, since 0e0345b77ac4, config files have no longer .h suffix. Adapt the zero-length check. Based on Martin Liska"s change. - rq-qos: fix missed wake-ups in rq_qos_throttle try two . - rsi: fix an error code in rsi_probe . - rsi: fix error code in rsi_load_9116_firmware . - s390/ap: Fix hanging ioctl caused by wrong msg counter . - s390/boot: fix use of expolines in the DMA code . - scsi: blkcg: Add app identifier support for blkcg . - scsi: blkcg: Fix application ID config options . - scsi: cgroup: Add cgroup_get_from_id . - scsi: core: Add scsi_prot_ref_tag helper . - scsi: ibmvfc: Do not wait for initial device scan . - scsi: libfc: Fix array index out of bound exception . - scsi: lpfc: Add 256 Gb link speed support . - scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters . - scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions . - scsi: lpfc: Clear outstanding active mailbox during PCI function reset . - scsi: lpfc: Copyright updates for 12.8.0.11 patches . - scsi: lpfc: Copyright updates for 14.0.0.0 patches . - scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes . - scsi: lpfc: Discovery state machine fixes for LOGO handling . - scsi: lpfc: Enable adisc discovery after RSCN by default . - scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi routine . - scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling . - scsi: lpfc: Fix NVMe support reporting in log message . - scsi: lpfc: Fix build error in lpfc_scsi.c . - scsi: lpfc: Fix cq_id truncation in rq create . - scsi: lpfc: Fix function description comments for vmid routines . - scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request . - scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted . - scsi: lpfc: Fix target reset handler from falsely returning FAILURE . - scsi: lpfc: Improve firmware download logging . - scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling . - scsi: lpfc: Move initialization of phba-greater than or equal to poll_list earlier to avoid crash . - scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF . - scsi: lpfc: Remove redundant assignment to pointer pcmd . - scsi: lpfc: Remove redundant assignment to pointer temp_hdr . - scsi: lpfc: Remove use of kmalloc in trace event logging . - scsi: lpfc: Revise Topology and RAS support checks for new adapters . - scsi: lpfc: Skip issuing ADISC when node is in NPR state . - scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path . - scsi: lpfc: Update lpfc version to 12.8.0.11 . - scsi: lpfc: Update lpfc version to 14.0.0.0 . - scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support . - scsi: lpfc: Use list_move_tail instead of list_del/list_add_tail . - scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread . - scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc . - scsi: lpfc: vmid: Add support for VMID in mailbox command . - scsi: lpfc: vmid: Append the VMID to the wqe before sending . - scsi: lpfc: vmid: Functions to manage VMIDs . - scsi: lpfc: vmid: Implement CT commands for appid . - scsi: lpfc: vmid: Implement ELS commands for appid . - scsi: lpfc: vmid: Introduce VMID in I/O path . - scsi: lpfc: vmid: Timeout implementation for VMID . - scsi: lpfc: vmid: VMID parameter initialization . - scsi: mpt3sas: Fix ReplyPostFree pool allocation . - scsi: qla2xxx: Add heartbeat check . - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword . - scsi: qla2xxx: Fix spelling mistakes "allloc" -greater than or equal to "alloc" . - scsi: qla2xxx: Fix use after free in debug code . - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port . - scsi: qla2xxx: Remove duplicate declarations . - scsi: qla2xxx: Remove redundant assignment to rval . - scsi: qla2xxx: Remove redundant continue statement in a for-loop . - scsi: qla2xxx: Remove redundant initialization of variable num_cnt . - scsi: qla2xxx: Remove unused variable "status" . - scsi: qla2xxx: Update version to 10.02.00.107-k . - scsi: qla2xxx: Use list_move_tail instead of list_del/list_add_tail . - scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI . - scsi: qla2xxx: edif: Add authentication pass + fail bsgs . - scsi: qla2xxx: edif: Add detection of secure device . - scsi: qla2xxx: edif: Add doorbell notification for app . - scsi: qla2xxx: edif: Add encryption to I/O path . - scsi: qla2xxx: edif: Add extraction of auth_els from the wire . - scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs . - scsi: qla2xxx: edif: Add key update . - scsi: qla2xxx: edif: Add send, receive, and accept for auth_els . - scsi: qla2xxx: edif: Add start + stop bsgs . - scsi: qla2xxx: edif: Increment command and completion counts . - scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state . - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal . - scsi: zfcp: Report port fc_security as unknown early during remote cable pull . - serial: 8250: Mask out floating 16/32-bit bus bits . - serial: 8250_mtk: fix uart corruption issue when rx power off . - serial: 8250_pci: Avoid irq sharing for MSI interrupts . - serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver . - serial: tegra: Only print FIFO error message when an error occurs . - slimbus: messaging: check for valid transaction id . - slimbus: messaging: start transaction ids from 1 instead of zero . - slimbus: ngd: reset dma setup during runtime pm . - soc: aspeed: lpc-ctrl: Fix boundary check for mmap . - soc: aspeed: p2a-ctrl: Fix boundary check for mmap . - soc: ixp4xx/qmgr: fix invalid __iomem access . - soc: ixp4xx/qmgr: fix invalid __iomem access . - soc: ixp4xx: fix printing resources . - soc: ixp4xx: fix printing resources . - soc: qcom: rpmhpd: Use corner in power_off . - soc: qcom: smsm: Fix missed interrupts if state changes while masked . - spi: imx: mx51-ecspi: Fix CONFIGREG delay comment . - spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation . - spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay . - spi: mediatek: Fix fifo transfer . - spi: meson-spicc: fix memory leak in meson_spicc_remove . - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config . - spi: spi-pic32: Fix issue with uninitialized dma_slave_config . - spi: sprd: Fix the wrong WDG_LOAD_VAL . - spi: stm32h7: fix full duplex irq handler handling . - staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb . - staging: rtl8712: get rid of flush_scheduled_work . - staging: rtl8723bs: Fix a resource leak in sd_int_dpc . - staging: rtl8723bs: Fix a resource leak in sd_int_dpc . - tracing / histogram: Fix NULL pointer dereference on strcmp on NULL event name . - tracing / histogram: Give calculation hist_fields a size . - tracing: Reject string operand in the histogram expression . - tty: serial: fsl_lpuart: fix the wrong mapbase value . - ubifs: Fix error return code in alloc_wbufs . - ubifs: Fix memleak in ubifs_init_authentication . - ubifs: Only check replay with inode type to judge if inode linked . - ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode . - ubifs: journal: Fix error return code in ubifs_jnl_write_inode . - usb: bdc: Fix an error handling path in "bdc_probe" when no suitable DMA config is available . - usb: dwc3: Disable phy suspend after power-on reset . - usb: dwc3: Separate field holding multiple properties . - usb: dwc3: Stop active transfers before halting the controller . - usb: dwc3: Use clk_bulk_prepare_enable . - usb: dwc3: Use devres to get clocks . - usb: dwc3: core: do not do suspend for device mode if already suspended . - usb: dwc3: debug: Remove newline printout . - usb: dwc3: gadget: Check MPS of the request length . - usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set . - usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable . - usb: dwc3: gadget: Disable gadget IRQ during pullup disable . - usb: dwc3: gadget: Do not send unintended link state change . - usb: dwc3: gadget: Do not setup more than requested . - usb: dwc3: gadget: Fix dwc3_calc_trbs_left . - usb: dwc3: gadget: Fix handling ZLP . - usb: dwc3: gadget: Give back staled requests . - usb: dwc3: gadget: Handle ZLP for sg requests . - usb: dwc3: gadget: Prevent EP queuing while stopping transfers . - usb: dwc3: gadget: Properly track pending and queued SG . - usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup . - usb: dwc3: gadget: Set BESL config parameter . - usb: dwc3: gadget: Set link state to RX_Detect on disconnect . - usb: dwc3: gadget: Stop EP0 transfers during pullup disable . - usb: dwc3: gadget: Workaround Mirosoft"s BESL check . - usb: dwc3: meson-g12a: add IRQ check . - usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init . - usb: dwc3: of-simple: add a shutdown . - usb: dwc3: st: Add of_dev_put in probe function . - usb: dwc3: st: Add of_node_put before return in probe function . - usb: dwc3: support continuous runtime PM with dual role . - usb: ehci-orion: Handle errors of clk_prepare_enable in probe . - usb: gadget: Export recommended BESL values . - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers . - usb: gadget: f_hid: fixed NULL pointer dereference . - usb: gadget: f_hid: idle uses the highest byte for duration . - usb: gadget: mv_u3d: request_irq after initializing UDC . - usb: gadget: udc: at91: add IRQ check . - usb: gadget: udc: renesas_usb3: Fix soc_device_match abuse . - usb: host: ohci-tmio: add IRQ check . - usb: host: xhci-rcar: Do not reload firmware after the completion . - usb: mtu3: fix the wrong HS mult value . - usb: mtu3: use @mult for HS isoc or intr . - usb: phy: fsl-usb: add IRQ check . - usb: phy: tahvo: add IRQ check . - usb: phy: twl6030: add IRQ checks . - usr: Add support for zstd compressed initramfs . - virt_wifi: fix error on connect . - wireguard: allowedips: allocate nodes in kmem_cache . - wireguard: allowedips: free empty intermediate nodes when removing single node . - wireguard: allowedips: remove nodes in O . - writeback: fix obtain a reference to a freeing memcg css . - x86/fpu: Limit xstate copy size in xstateregs_set . - x86/fpu: Make init_fpstate correct with optimized XSAVE . - x86/fpu: Reset state for all signal restore failures . - x86/kvm: fix vcpu-id indexed array sizes . - x86/sev: Make sure IRQs are disabled while GHCB is active . - x86/sev: Split up runtime #VC handler for correct state tracking . - x86/sev: Use "SEV: " prefix for messages from sev.c . - x86/signal: Detect and prevent an alternate signal stack overflow . - x86/split_lock: Provide handle_guest_split_lock . - xen/events: Fix race in set_evtchn_to_irq . - xprtrdma: Pad optimization, revisited . Special Instructions and Notes: Please reboot the system after installing this update.