The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts . - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ . - CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service by modifying a certain e_cpos field . - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted USB device . The following non-security bugs were fixed: - acpi / processor: Fix the return value of acpi_processor_ids_walk . - acpica: Reference Counts: increase max to 0x4000 for large servers . - alsa: hda/realtek - Cannot adjust speaker"s volume on Dell XPS 27 7760 . - arm: 8799/1: mm: fix pci_ioremap_io offset check . - arm: bcm2835: Add GET_THROTTLED firmware property . - arm: exynos: Clear global variable on init error path . - arm: hisi: check of_iomap and fix missing of_node_put . - arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled . - arm: mvebu: declare asm symbols as character arrays in pmsu.c . - ASoC: Intel: Skylake: Reset the controller in probe . - ASoC: rsnd: adg: care clock-frequency size . - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER . - ASoC: rt5514: Fix the issue of the delay volume applied again . - ASoC: sigmadsp: safeload should not have lower byte limit . - ASoC: wm8804: Add ACPI support . - Btrfs: fix file data corruption after cloning a range and fsync . - Btrfs: fix mount failure after fsync due to hard link recreation . - Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting . - cifs: check for STATUS_USER_SESSION_DELETED . - Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. - Disable DRM patches that broke vbox video driver KMP - EDAC, ghes: Add DDR4 and NVDIMM memory types . - EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m . - EDAC, skx_edac: Detect non-volatile DIMMs . - EDAC: Add new memory type for non-volatile DIMMs . - HID: add support for Apple Magic Keyboards . - HID: hid-saitek: Add device ID for RAT 7 Contagion . - HID: hid-sensor-hub: Force logical minimum to 1 for power and report state . - HID: quirks: fix support for Apple Magic Keyboards . - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report . - input: atakbd - fix Atari CapsLock behaviour . - input: atakbd - fix Atari keymap . - kvm/vmx: Optimize vmx_vcpu_run and svm_vcpu_run by marking the RDMSR path as unlikely . - kvm: svm: Add MSR-based feature support for serializing LFENCE . - kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry . - kvm: vmx: raise internal error for exception during invalid protected mode state . - kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR . - kvm: x86: Fix reserved bits check for MOV to CR3 . - kvm: x86: Introduce kvm_get_msr_feature . - kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update . - kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use . - kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled . - kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 . - kvm: vmx: track host_state.loaded using a loaded_vmcs pointer . - kvm: vmx: use local variable for current_vmptr when emulating VMPTRST . - kvm: x86: Add a framework for supporting MSR-based features . - kvm: x86: Do not use kvm_x86_ops- greater than mpx_supported directly . - kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed . - kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm . - kvm: x86: fix #UD address of failed Hyper-V hypercalls . - kvm: x86: fix escape of guest dr6 to the host . - kvm: x86: remove APIC Timer periodic/oneshot spikes . - nfc: trf7970a: fix check of clock frequencies, use instead of || . - nfs: Avoid quadratic search when freeing delegations . - pci: Reprogram bridge prefetch registers on resume . - pci: dwc: Fix scheduling while atomic issues . - pci: hv: Do not wait forever on a device that has disappeared . - pm / Domains: Fix genpd to deal with drivers returning 1 from - greater than prepare . - pm / core: Clear the direct_complete flag on errors . - pm: cpuidle: Fix cpuidle_poll_state_init prototype . - rdma/bnxt_re: Fix system crash during RDMA resource initialization . - Revert "Limit kernel-source build to architectures for which we build binaries" This reverts commit d6435125446d740016904abe30a60611549ae812. - Revert "cdc-acm: implement put_char and flush_chars" . - Revert "drm/amdgpu: Add an ATPX quirk for hybrid laptop" . - Revert "drm/i915/gvt: set max priority for gvt context" . - Revert "gpio: set up initial state from .get_direction" . - Revert "iommu/io-pgtable: Avoid redundant TLB syncs" . - Revert "mwifiex: fix incorrect ht capability problem" . - Revert "mwifiex: handle race during mwifiex_usb_disconnect" . - Revert "pinctrl: sunxi: Do not enforce bias disable " . - Revert "slab: __GFP_ZERO is incompatible with a constructor" This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree. - Revert "ubifs: xattr: Do not operate on deleted inodes" . - Squashfs: Compute expected length from inode size rather than block length . - usb: Add quirk to support DJI CineSSD . - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller . - usb: fix error handling in usb_driver_claim_interface . - usb: handle NULL config in usb_find_alt_setting . - usb: remove LPM management from usb_driver_claim_interface . - usb: serial: simple: add Motorola Tetra MTP6550 id . - usb: yurex: Check for truncation in yurex_read . - usb: yurex: Fix buffer over-read in yurex_write . - Use upstream version of pci-hyperv patch - acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle . - aio: fix io_destroy vs. lookup_ioctx race . - apparmor: Check buffer bounds when mapping permissions mask . - apparmor: Fix failure to audit context info in build_change_hat . - apparmor: Fully initialize aa_perms struct when answering userspace query . - apparmor: fix mediation of prlimit . - apparmor: fix memory leak when deduping profile load . - apparmor: fix ptrace read check . - asix: Check for supported Wake-on-LAN modes . - ath10k: fix kernel panic issue during pci probe . - ath10k: fix scan crash due to incorrect length calculation . - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait . - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock . - audit: fix use-after-free in audit_add_watch . - batman-adv: Avoid probe ELP information leak . - batman-adv: Fix multicast TT issues with bogus ROAM flags . - batman-adv: Fix segfault when writing to sysfs elp_interval . - batman-adv: Fix segfault when writing to throughput_override . - batman-adv: Prevent duplicated gateway_node entry . - batman-adv: Prevent duplicated global TT entry . - batman-adv: Prevent duplicated nc_node entry . - batman-adv: Prevent duplicated softif_vlan entry . - batman-adv: Prevent duplicated tvlv handler . - batman-adv: fix backbone_gw refcount on queue_work failure . - batman-adv: fix hardif_neigh refcount on queue_work failure . - bdi: Fix another oops in wb_workfn . - bdi: Preserve kabi when adding cgwb_release_mutex . - be2net: Fix memory leak in be_cmd_get_profile_config . - be2net: remove unused old AIC info . - be2net: remove unused old custom busy-poll fields . - blk-mq: I/O and timer unplugs are inverted in blktrace . - blkdev_report_zones_ioctl: Use vmalloc to allocate large buffers . - block, bfq: fix wrong init of saved start time for weight raising . - block: bfq: swap puts in bfqg_and_blkg_put . - block: bvec_nr_vecs returns value for wrong slab . - bnx2x: Fix invalid memory access in rss hash config path . - bnx2x: Fix receiving tx-timeout in error or recovery state . - bpf/verifier: disallow pointer subtraction . - bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail . - btrfs: fix missing error return in btrfs_drop_snapshot . - btrfs: handle errors while updating refcounts in update_ref_for_cow . - cdc-acm: fix race between reset and control messaging . - ceph: avoid a use-after-free in ceph_destroy_options . - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class . - cifs: Fix use after free of a mid_q_entry . - cifs: fix memory leak in SMB2_open . - cifs: integer overflow in in SMB2_ioctl . - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure . - clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 . - clk: tegra: bpmp: Do not crash when a clock fails to register . - clk: x86: Stop marking clocks as CLK_IS_CRITICAL . - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail . - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs . - clocksource/drivers/timer-atmel-pit: Properly handle error cases . - coda: fix "kernel memory exposure attempt" in fsync . - cpu/hotplug: Fix SMT supported evaluation . - cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC . - crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic . - crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions . - crypto: ccp - add timeout support in the SEV command . - crypto: chelsio - Fix memory corruption in DMA Mapped buffers . - crypto: mxs-dcp - Fix wait logic on chan threads . - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe . - cxgb4: fix abort_req_rss6 struct . - cxgb4: when disabling dcb set txq dcb priority to 0 . - dax: Fix deadlock in dax_lock_mapping_entry . - debugobjects: Make stack check warning more informative . - declance: Fix continuation with the adapter identification message . - dmaengine: pl330: fix irq race with terminate_all . - drivers/base: stop new probing during shutdown . - drivers/tty: add error handling for pcmcia_loop_config . - drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode . - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 . - drm/amdgpu: Fix vce work queue was not cancelled when suspend - drm/amdgpu: Pulling old prepare and submit for flip back . - drm/amdgpu: Update power state at the end of smu hw_init . - drm/amdgpu: add another ATPX quirk for TOPAZ . - drm/amdgpu: add new polaris pci id . - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk - drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset v2" . - drm/amdkfd: Fix error codes in kfd_get_process . - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions . - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues . - drm/i915: Handle incomplete Z_FINISH for compressed error states - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS . - drm/nouveau/debugfs: Wake up GPU before doing any reclocking . - drm/nouveau/disp: fix DP disable race . - drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload . - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early . - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume in connector_detect . - drm/nouveau: Fix deadlocks in nouveau_connector_detect . - drm/nouveau: Fix runtime PM leak in drm_open . - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping . - drm/sun4i: Fix an ulong overflow in the dotclock driver - drm/sun4i: Fix releasing node when enumerating enpoints . - drm: mali-dp: Call drm_crtc_vblank_reset on device init . - drm: udl: Destroy framebuffer only if it was initialized . - e1000: check on netif_running before calling e1000_up . - e1000: ensure to free old tx/rx rings in set_ringparam . - eeprom: at24: change nvmem stride to 1 . - eeprom: at24: check at24_read/write arguments . - eeprom: at24: correctly set the size for at24mac402 . - efi: Avoid potential crashes, fix the "struct efi_pci_io_protocol_32" definition for mixed mode . - enic: do not call enic_change_mtu in enic_probe . - enic: handle mtu change for vf properly . - enic: initialize enic- greater than rfs_h.lock in enic_probe . - ethtool: Remove trailing semicolon for static inline . - ethtool: fix a privilege escalation bug . - evm: Do not deadlock if a crypto algorithm is unavailable . - ext2, dax: set ext2_dax_aops for dax files . - ext4: avoid arithemetic overflow that can trigger a BUG . - ext4: avoid divide by zero fault when deleting corrupted inline directories . - ext4: check for NUL characters in extended attribute"s name . - ext4: check to make sure the rename"s destination is not freed . - ext4: do not mark mmp buffer head dirty . - ext4: fix online resize"s handling of a too-small final block group . - ext4: fix online resizing for bigalloc file systems with a 1k block size . - ext4: fix spectre gadget in ext4_mb_regular_allocator . - ext4: recalucate superblock checksum after updating free blocks/inodes . - ext4: reset error code in ext4_find_entry in fallback . - ext4: show test_dummy_encryption mount option in /proc/mounts . - fbdev/omapfb: fix omapfb_memory_read infoleak . - firmware, DMI: Add function to look up a handle and return DIMM size . - firmware: raspberrypi: Register hwmon driver . - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl . - fs/quota: Fix spectre gadget in do_quotactl . - fuse: Do not access pipe- greater than buffers without pipe_lock . - gpio: Fix crash due to registration race . - gpio: adp5588: Fix sleep-in-atomic-context bug . - gpio: mb86s70: Revert "Return error if requesting an already assigned gpio" . - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall . - gpiolib: Free the last requested descriptor . - hfs: prevent crash on exit from failed search . - hfsplus: do not return 0 when fill_super failed . - hfsplus: stop workqueue when fill_super failed . - hv: avoid crash in vmbus sysfs files . - hv_netvsc: fix schedule in RCU context . - hwmon: Make adt7475_read_word return errors . - hwmon: fix sysfs shunt resistor read access . - hwmon: Set weight source to zero correctly . - hwmon: Add support for RPi voltage sensor . - hwmon: rpi: add module alias to raspberrypi-hwmon . - hypfs_kill_super: deal with failed allocations . - i2c: i2c-scmi: fix for i2c_smbus_write_block_data . - i2c: rcar: cleanup DMA for all kinds of failure . - intel_th: pci: Add Ice Lake PCH support . - iommu/amd: Clear memory encryption mask from physical address . - iommu/arm-smmu: Error out only if not enough context interrupts . - iommu/vt-d: Add definitions for PFSID . - iommu/vt-d: Fix dev iotlb pfsid use . - iommu/vt-d: Fix scatterlist offset handling . - ipmi:ssif: Add support for multi-part transmit messages greater than 2 parts . - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr . - irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels . - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump . - iwlwifi: mvm: Allow TKIP for AP mode . - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI . - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface . - iwlwifi: mvm: open BA session only when sta is authorized . - iwlwifi: mvm: send BCAST management frames to the right station . - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb return value . - iwlwifi: pcie: gen2: build A-MSDU only for GSO . - jbd2: fix use after free in jbd2_log_do_checkpoint . - kABI: Hide get_msr_feature in kvm_x86_ops . - kabi protect enum mem_type . - kprobes/x86: Disable preemption in ftrace-based jprobes . - kprobes/x86: Fix %p uses in error messages . - kprobes/x86: Prohibit probing on exception masking instructions . - ksm: fix unlocked iteration over vmas in cmp_and_merge_page . - kvm, mm: account shadow page tables to kmemcg . - kvm/x86: kABI fix for vm_alloc/vm_free changes . - kvm: Make VM ioctl do valloc for some archs . - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs . - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl . - kvmclock: fix TSC calibration for nested guests . - lib/bug.c: exclude non-BUG/WARN exceptions from report_bug . - lib/ubsan.c: s/missaligned/misaligned/ . - lib/ubsan: add type mismatch handler for new GCC/Clang . - libertas: call into generic suspend code before turning off power . - liquidio: fix hang when re-binding VF host drv after running DPDK VF driver . - liquidio: fix kernel panic in VF driver . - loop: add recursion validation to LOOP_CHANGE_FD . - loop: do not call into filesystem while holding lo_ctl_mutex . - loop: fix LOOP_GET_STATUS lock imbalance . - mac80211: Fix station bandwidth setting after channel switch . - mac80211: Run TXQ teardown code before de-registering interfaces . - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X . - mac80211: do not Tx a deauth frame if the AP forbade Tx . - mac80211: do not convert to A-MSDU if frag/subframe limited . - mac80211: fix a race between restart and CSA flows . - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys . - mac80211: mesh: fix HWMP sequence numbering to follow standard . - mac80211: minstrel: fix using short preamble CCK rates on HT clients . - mac80211: shorten the IBSS debug messages . - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X . - mac80211_hwsim: require at least one channel . - mach64: detect the dot clock divider correctly on sparc . - media: af9035: prevent buffer overflow on write . - media: davinci: vpif_display: Mix memory leak on probe error path . - media: fsl-viu: fix error handling in viu_of_probe . - media: helene: fix xtal frequency setting at power on . - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power . - media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions . - media: soc_camera: ov772x: correct setting of banding filter . - media: tm6000: add error handling for dvb_register_adapter . - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg calls . - media: videobuf2-core: check for q- greater than error in vb2_core_qbuf . - mm/migrate: Use spin_trylock while resetting rate limit . - mm: /proc/pid/pagemap: hide swap entries from unprivileged users . - mm: Preserve _PAGE_DEVMAP across mprotect calls . - mm: fix BUG_ON in vmf_insert_pfn_pud from VM_MIXEDMAP removal . - mmc: block: avoid multiblock reads for the last sector in SPI mode . - mwifiex: handle race during mwifiex_usb_disconnect . - net: add support for Cavium PTP coprocessor . - net: cavium: fix NULL pointer dereference in cavium_ptp_put . - net: cavium: use module_pci_driver to simplify the code . - net: thunder: change q_len"s type to handle max ring size . - net: thunderx: Set max queue count taking XDP_TX into account . - net: thunderx: add MAC address filter tracking for LMAC . - net: thunderx: add XCAST messages handlers for PF . - net: thunderx: add multicast filter management support . - net: thunderx: add ndo_set_rx_mode callback implementation for VF . - net: thunderx: add new messages for handle ndo_set_rx_mode callback . - net: thunderx: add timestamping support . - net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request . - net: thunderx: check for failed allocation lmac- greater than dmacs . - net: thunderx: fix double free error . - net: thunderx: move filter register related macro into proper place . - net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode . - net: thunderx: remove a couple of redundant assignments . - net: thunderx: rework mac addresses list to u64 array . - nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O . - objtool, kprobes/x86: Sync the latest less than asm/insn.h greater than header with tools/objtool/arch/x86/include/asm/insn.h . - orangefs: fix deadlock; do not write i_size in read_iter . - orangefs: initialize op on loop restart in orangefs_devreq_read . - orangefs: use list_for_each_entry_safe in purge_waiting_ops . - orangefs_kill_sb: deal with allocation failures . - ovl: Sync upper dirty data when syncing overlayfs . - ovl: fix format of setxattr debug . - perf/x86/amd/ibs: Do not access non-started event . - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr . - perf/x86/intel/lbr: Fix incomplete LBR call stack . - perf/x86/intel/uncore: Correct fixed counter index check for NHM . - perf/x86/intel/uncore: Correct fixed counter index check in generic code . - perf/x86/intel/uncore: Fix Skylake UPI event format . - perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period . - perf/x86/intel: Fix event update for auto-reload . - perf/x86/intel: Fix large period handling on Broadwell CPUs . - perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs . - perf/x86/intel: Properly save/restore the PMU state in the NMI handler . - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver . - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map . - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* . - powerpc/firmware: Add definitions for new drc-info firmware feature . - powerpc/numa: Skip onlining a offline node in kdump path . - powerpc/powernv/ioda2: Reduce upper limit for DMA window size . - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE . - powerpc/pseries/mm: call H_BLOCK_REMOVE . - powerpc/pseries/mm: factorize PTE slot computation . - powerpc/pseries: Fix CONFIG_NUMA=n build . - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug . - powerpc/pseries: Fix duplicate firmware feature for DRC_INFO . - powerpc/rtas: Fix a potential race between CPU-Offline Migration . - printk/tracing: Do not trace printk_nmi_enter . - printk: drop in_nmi check from printk_safe_flush_on_panic . - proc: restrict kernel stack dumps to root . blacklist.conf: - ptrace,x86: Make user_64bit_mode available to 32-bit builds . - qed: Add missing device config for RoCE EDPM in UFP mode . - qed: Avoid sending mailbox commands when MFW is not responsive . - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode . - qed: Fix populating the invalid stag value in multi function mode . - qed: Fix shmem structure inconsistency between driver and the mfw . - qed: Prevent a possible deadlock during driver load and unload . - qed: Wait for MCP halt and resume commands to take place . - qed: Wait for ready indication before rereading the shmem . - qlcnic: fix Tx descriptor corruption on 82xx devices . - qmi_wwan: Added support for Gemalto"s Cinterion ALASxx WWAN interface . - qmi_wwan: set DTR for modems in forced USB2 mode . - qrtr: add MODULE_ALIAS macro to smd . - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED . - rculist: Improve documentation for list_for_each_entry_from_rcu . - rculist: add list_for_each_entry_from_rcu . - reiserfs: add check to detect corrupted directory entry . - reiserfs: do not panic on bad directory entries . - rename a hv patch to reduce conflicts in -AZURE - reorder a qedi patch to allow further work in this branch - rpc_pipefs: fix double-dput . - rtc: bq4802: add error handling for devm_ioremap . - sched/numa: Limit the conditions where scan period is reset . - scsi: core: Allow state transitions from OFFLINE to BLOCKED . - scsi: ipr: Eliminate duplicate barriers . - scsi: ipr: Use dma_pool_zalloc . - scsi: ipr: fix incorrect indentation of assignment statement . - scsi: libfc: check fc_frame_payload_get return value for null . - scsi: libfc: retry PRLI if we cannot analyse the payload . - scsi: qedi: Add the CRC size within iSCSI NVM image . - scsi: qedi: Initialize the stats mutex lock . - scsi: qla2xxx: Fix NVMe Target discovery . - scsi: qla2xxx: Fix NVMe session hang on unload . - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured . - scsi: qla2xxx: Fix duplicate switch database entries . - scsi: qla2xxx: Fix for double free of SRB structure . - scsi: qla2xxx: Fix memory leak for allocating abort IOCB . - scsi: qla2xxx: Fix re-using LoopID when handle is in use . - scsi: qla2xxx: Fix recursive mailbox timeout . - scsi: qla2xxx: Move log messages before issuing command to firmware . - scsi: qla2xxx: Return switch command on a timeout . - scsi: qla2xxx: do not allow negative thresholds . - scsi: target: prefer dbroot of /etc/target over /var/target . - selftests/x86: Add tests for User-Mode Instruction Prevention . - selftests/x86: Add tests for the STR and SLDT instructions . - serial: 8250_exar: Read INT0 from slave device, too . - serial: cpm_uart: return immediately from console poll . - serial: imx: restore handshaking irq for imx1 . - series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants . - signal: Properly deliver SIGSEGV from x86 uprobes . - smb2: fix missing files in root share directory listing . - smb3: fill in statfs fsid and correct namelen . - smb3: fix reset of bytes read and written stats . - smb3: on reconnect set PreviousSessionId field . - soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift . - soc: mediatek: pwrap: fix cipher init setting error . - sock_diag: fix use-after-free read in __sk_free . - soreuseport: initialise timewait reuseport field . - sound: do not call skl_init_chip to reset intel skl soc . - sound: enable interrupt after dma buffer initialization . - spi: rspi: Fix interrupted DMA transfers . - spi: rspi: Fix invalid SPI use during system suspend . - spi: sh-msiof: Fix handling of write value for SISTR register . - spi: sh-msiof: Fix invalid SPI use during system suspend . - spi: tegra20-slink: explicitly enable/disable clock . - squashfs metadata 2: electric boogaloo . - squashfs: be more careful about metadata corruption . - squashfs: more metadata hardening . - squashfs: more metadata hardening . - stm: Potential read overflow in stm_char_policy_set_ioctl . - supported.conf: added cavium_ptp - supported.conf: mark raspberrypi-hwmon as supported - switchtec: Fix Spectre v1 vulnerability . - sysfs: Do not return POSIX ACL xattrs via listxattr . - target: log Data-Out timeouts as errors . - target: log NOP ping timeouts as errors . - target: split out helper for cxn timeout error stashing . - target: stash sess_err_stats on Data-Out timeout . - target: use ISCSI_IQN_LEN in iscsi_target_stat . - team: Forbid enslaving team device to itself . - thermal: of-thermal: disable passive polling when thermal zone is disabled . - tools/vm/page-types.c: fix "defined but not used" warning . - tools/vm/slabinfo.c: fix sign-compare warning . - tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} . - tracing: Add barrier to trace_printk buffer nesting modification . - tsl2550: fix lux1_input error in low light . - tty: Drop tty- greater than count on tty_reopen failure . - tty: rocket: Fix possible buffer overwrite on register_PCI . - tty: serial: exar: Relocate sleep wake-up handling . - tty: serial: lpuart: avoid leaking struct tty_struct . - tty: vt_ioctl: fix potential Spectre v1 . - ubifs: Check for name being NULL while mounting . - udp: Unbreak modules that rely on external __skb_recv_udp availability . - uprobes/x86: Prohibit probing on MOV SS instruction . - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface . - usb: cdc_acm: Do not leak URB buffers . - usb: dwc2: Turn on uframe_sched on "amlogic" platforms . - usb: dwc2: Turn on uframe_sched on "bcm" platforms . - usb: dwc2: Turn on uframe_sched on "his" platforms . - usb: dwc2: Turn on uframe_sched on "stm32f4x9_fsotg" platforms . - usb: gadget: fotg210-udc: Fix memory leak of fotg210- greater than ep[i] . - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame . - usb: misc: uss720: Fix two sleep-in-atomic-context bugs . - usb: musb: dsps: do not disable CPPI41 irq in driver teardown . - usb: uas: add support for more quirk flags . - usb: wusbcore: security: cast sizeof to int for comparison . - usb: xhci-mtk: resume USB3 roothub first . - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait pte access . - uwb: hwa-rc: fix memory leak at probe . - vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page . - virtio: pci-legacy: Validate queue pfn . - vmbus: do not return values for uninitalized channels . - vti4: Do not count header length twice on tunnel setup . - vti6: fix PMTU caching and reporting on xmit . - vti6: remove !skb- greater than ignore_df check from vti6_xmit . - x86-64/realmode: Add instruction suffix . - x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect. - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present . - x86/CPU: Add a microcode loader callback . - x86/CPU: Check CPU feature bits after microcode upgrade . - x86/EISA: Do not probe EISA bus for Xen PV guests . - x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr . - x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush . - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush . - x86/KVM/VMX: Replace "vmx_l1d_flush_always" with "vmx_l1d_flush_cond" . - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount . - x86/LDT: Avoid warning in 32-bit builds with older gcc . - x86/MCE/AMD: Define a function to get SMCA bank type . - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read . - x86/MCE: Remove min interval polling limitation . - x86/MCE: Report only DRAM ECC as memory errors on AMD systems . - x86/MCE: Serialize sysfs changes . - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted . - x86/alternatives: Fixup alternative_call_2 . - x86/apic: Set up through-local-APIC mode on the boot CPU if "noapic" specified . - x86/asm: Add _ASM_ARG* constants for argument registers to less than asm/asm.h greater than . - x86/asm: Allow again using asm.h when building for the "bpf" clang target . - x86/asm: Do not use the confusing ".ifeq" directive . - x86/boot/64: Verify alignment of the LOAD segment . - x86/boot/compressed/64: Print error if 5-level paging is not supported . - x86/boot: Fix if_changed build flip/flop bug . - x86/boot: Move EISA setup to a separate file . - x86/boot: Relocate definition of the initial state of CR0 . - x86/build: Beautify build log of syscall headers . - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not . - x86/cpu/intel: Add missing TLB cpuid values . - x86/cpufeature: Add User-Mode Instruction Prevention definitions . - x86/cpufeatures: Add Intel PCONFIG cpufeature . - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature . - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash . - x86/decoder: Add new TEST instruction pattern . - x86/efi: Fix efi_call_phys_epilog with CONFIG_X86_5LEVEL=y . - x86/eisa: Add missing include . - x86/entry/64: Add two more instruction suffixes . - x86/entry/64: Use "xorl" for faster register clearing . - x86/entry: Reduce the code footprint of the "idtentry" macro . - x86/entry: Use SYSCALL_DEFINE macros for sys_modify_ldt . - x86/fpu/debug: Remove unused "x86_fpu_state" and "x86_fpu_deactivate_state" tracepoints . - x86/fpu: Make XSAVE check the base CPUID features before enabling . - x86/fpu: Parse clearcpuid= as early XSAVE argument . - x86/fpu: Remove second definition of fpu in __fpu__restore_sig . - x86/fpu: Remove the explicit clearing of XSAVE dependent features . - x86/hyperv: Check for required priviliges in hyperv_init . - x86/intel_rdt: Enable CMT and MBM on new Skylake stepping . - x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system . - x86/intel_rdt: Fix potential deadlock during resctrl mount . - x86/intel_rdt: Fix potential deadlock during resctrl unmount . - x86/irq: Remove an old outdated comment about context tracking races . - x86/kasan: Panic if there is not enough memory to boot . - x86/kexec: Make kexec work in 5-level paging mode . - x86/kprobes: Fix kernel crash when probing .entry_trampoline code . - x86/kvm/vmx: Remove duplicate l1d flush definitions . - x86/mce/AMD: Get address from already initialized block . - x86/mce: Add notifier_block forward declaration . - x86/mce: Check for alternate indication of machine check recovery on Skylake . - x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out . - x86/mce: Fix incorrect "Machine check from unknown source" message . - x86/microcode/intel: Check microcode revision before updating sibling threads . - x86/microcode/intel: Fix memleak in save_microcode_patch . - x86/microcode/intel: Look into the patch cache first . - x86/microcode/intel: Save microcode patch unconditionally . - x86/microcode/intel: Writeback and invalidate caches before updating microcode . - x86/microcode: Allow late microcode loading with SMT disabled . - x86/microcode: Attempt late loading only when new microcode is present . - x86/microcode: Do not exit early from __reload_late . - x86/microcode: Do not upload microcode if CPUs are offline . - x86/microcode: Fix CPU synchronization routine . - x86/microcode: Get rid of struct apply_microcode_ctx . - x86/microcode: Make sure boot_cpu_data.microcode is up-to-date . - x86/microcode: Make the late update update_lock a raw lock for RT . - x86/microcode: Propagate return value from updating functions . - x86/microcode: Request microcode on the BSP . - x86/microcode: Synchronize late microcode loading . - x86/microcode: Update the new microcode revision unconditionally . - x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all . - x86/mm/64: Rename the register_page_bootmem_memmap "size" parameter to "nr_pages" . - x86/mm/kmmio: Fix mmiotrace for page unaligned addresses . - x86/mm/kmmio: Make the tracer robust against L1TF . - x86/mm/pat: Make set_memory_np L1TF safe . - x86/mm/pti: Add an overflow check to pti_clone_pmds . - x86/mm/pti: Fix PTI comment in entry_SYSCALL_64 . - x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE . - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init . - x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has instead of this_cpu_has in build_cr3_noflush . - x86/mm: Relocate page fault error codes to traps.h . - x86/mm: Remove in_nmi warning from vmalloc_fault . - x86/nmi: Fix NMI uaccess race against CR3 switching . - x86/numa_emulation: Fix emulated-to-physical node mapping . - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup . - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear . - x86/paravirt: Fix some warning messages . - x86/paravirt: Remove "noreplace-paravirt" cmdline option . - x86/percpu: Fix this_cpu_read . - x86/pgtable: Do not set huge PUD/PMD on non-leaf entries . - x86/power: Fix swsusp_arch_resume prototype . - x86/pti: Check the return value of pti_user_pagetable_walk_p4d . - x86/pti: Check the return value of pti_user_pagetable_walk_pmd . - x86/retpoline/checksum32: Convert assembler indirect jumps . - x86/retpoline/irq32: Convert assembler indirect jumps . - x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread . - x86/smpboot: Do not use mwait_play_dead on AMD systems . - x86/spectre: Fix spelling mistake: "vunerable"- greater than "vulnerable" . - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels . - x86/speculation/l1tf: Exempt zeroed PTEs from inversion . - x86/speculation/l1tf: Extend 64bit swap file size limit . - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit on 32bit . - x86/speculation/l1tf: Fix up pte- greater than pfn conversion for PAE . - x86/speculation/l1tf: Invert all not present mappings . - x86/speculation/l1tf: Make pmd/pud_mknotpresent invert . - x86/speculation/l1tf: Protect PAE swap entries against L1TF . - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability . - x86/time: Correct the attribute on jiffies" definition . - x86/topology: Update the "cpu cores" field in /proc/cpuinfo correctly across CPU hotplug operations . - x86/tsc: Add missing header to tsc_msr.c . - x86/tsc: Allow TSC calibration without PIT . - x86/tsc: Prevent 32bit truncation in calc_hpet_ref . - x86/vdso: Fix asm constraints on vDSO syscall fallbacks . - x86/vdso: Fix vDSO syscall fallback asm constraint regression . - x86/xen: Delay get_cpu_cap until stack canary is established . - x86/xen: Drop 5-level paging support code from the XEN_PV code . - x86/xen: Reset VCPU0 info pointer after shared_info remap . - x86/xen: do not write ptes directly in 32-bit PV guests . - x86: Add check for APIC access address for vmentry of L2 guests . - x86: Call fixup_exception before notify_die in math_error . - x86: Delay skip of emulated hypercall instruction . - x86: PM: Make APM idle driver initialize polling state . - x86: i8259: Add missing include file . - x86: kvm: avoid unused variable warning . - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent . - xen/PVH: Set up GS segment for stack canary . - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap . - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code . - xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests . - xen: Remove unnecessary BUG_ON from __unbind_from_irq . - xfrm: use complete IPv6 addresses for hash . - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE . - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI . - xhci: Do not print a warning when setting link state for disabled ports . Special Instructions and Notes: Please reboot the system after installing this update.