[El-errata] ELSA-2022-10079 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Dec 13 12:31:44 UTC 2022


Oracle Linux Security Advisory ELSA-2022-10079

http://linux.oracle.com/errata/ELSA-2022-10079.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.314.6.2.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.314.6.2.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.314.6.2.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.314.6.2.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.314.6.2.el8uek.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.314.6.2.el8uek.src.rpm

Related CVEs:

CVE-2022-2602
CVE-2022-3565
CVE-2022-4378




Description of changes:

[5.4.17-2136.314.6.2.el8uek]
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds)  [Orabug: 34883034]  {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Linus Torvalds)  [Orabug: 34883034]  {CVE-2022-4378}

[5.4.17-2136.314.6.1.el8uek]
- RDMA/uverbs: Move IB_EVENT_DEVICE_FATAL to destroy_uobj (Jason Gunthorpe)  [Orabug: 34859614]
- RDMA/uverbs: Do not discard the IB_EVENT_DEVICE_FATAL event (Jason Gunthorpe)  [Orabug: 34859614]
- Adding a new sysfs entry point -- forcepower -- to /sys/bus/pci/slots/X. (James Puthukattukaran)  [Orabug: 34859609]
- nvme: paring quiesce/unquiesce (Ming Lei)  [Orabug: 34859609]
- nvme: prepare for pairing quiescing and unquiescing (Ming Lei)  [Orabug: 34859609]
- nvme: apply nvme API to quiesce/unquiesce admin queue (Ming Lei)  [Orabug: 34859609]
- nvme: add APIs for stopping/starting admin queue (Ming Lei)  [Orabug: 34859609]
- nvme-fc: remove freeze/unfreeze around update_nr_hw_queues (James Smart)  [Orabug: 34859609]
- nvme-fc: avoid race between time out and tear down (James Smart)  [Orabug: 34859609]
- nvme-fc: update hardware queues before using them (Daniel Wagner)  [Orabug: 34859609]
- nvme-fabrics: reject I/O to offline device (Victor Gladkov)  [Orabug: 34859609]
- nvme-fc: wait for queues to freeze before calling update_hr_hw_queues (James Smart)  [Orabug: 34859609]

[5.4.17-2136.314.6.el8uek]
- RDMA/mlx5: Change debug log level for remote access error syndromes (Arumugam Kolappan)  [Orabug: 34798452]
- KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Track xAPIC ID only on userspace SET, _after_ vAPIC is updated (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Flush the "current" TLB when activating AVIC (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Purge "highest ISR" cache when updating APICv state (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Add AVIC doorbell tracepoint (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: Warning APICv inconsistency only when vcpu APIC mode is valid (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Introduce hybrid-AVIC mode (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Do not throw warning when calling avic_vcpu_load on a running vcpu (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Introduce logic to (de)activate x2AVIC mode (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Refresh AVIC configuration when changing APIC mode (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: Deactivate APICv on vCPU with APIC disabled (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Do not virtualize MSR accesses for APIC LVTT register (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Fix x2APIC MSRs interception (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Adding support for configuring x2APIC MSRs interception (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Do not support updating APIC ID when in x2APIC mode (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Compute dest based on sender's x2APIC status for AVIC kick (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Update avic_kick_target_vcpus to support 32-bit APIC ID (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Update max number of vCPUs supported for x2AVIC mode (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Detect X2APIC virtualization (x2AVIC) support (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: lapic: Rename [GET/SET]_APIC_DEST_FIELD to [GET/SET]_XAPIC_DEST_FIELD (Suravee Suthikulpanit)  [Orabug: 34160613]
- x86/cpufeatures: Introduce x2AVIC CPUID bit (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: Blindly get current x2APIC reg value on "nodecode write" traps (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Bug the VM if an accelerated x2APIC trap occurs on a "bad" reg (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Do not block APIC write for non ICR registers (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: Add support for vICR APIC-write VM-Exits in x2APIC mode (Zeng Guang)  [Orabug: 34160613]
- KVM: x86: disable preemption while updating apicv inhibition (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: Fix x2APIC Logical ID calculation for avic_kick_target_vcpus_fast (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: SVM: fix avic_kick_target_vcpus_fast (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: SVM: remove avic's broken code that updated APIC ID (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: inhibit APICv/AVIC on changes to APIC ID or APIC base (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: document AVIC/APICv inhibit reasons (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: SVM: allow to force AVIC to be enabled (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: Introduce trace point for the slow-path of avic_kic_target_vcpus (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Use target APIC ID to complete AVIC IRQs when possible (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Do not activate AVIC for SEV-enabled guest (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: x86: Pend KVM_REQ_APICV_UPDATE during vCPU creation to fix a race (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Trace all APICv inhibit changes and capture overall status (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Add wrappers for setting/clearing APICv inhibits (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Make APICv inhibit reasons an enum and cleanup naming (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: fix panic on out-of-bounds guest IRQ (Yi Wang)  [Orabug: 34160613]
- KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (Suravee Suthikulpanit)  [Orabug: 34160613]
- KVM: SVM: Disable preemption across AVIC load/put during APICv refresh (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Treat x2APIC's ICR as a 64-bit register, not two 32-bit regs (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Make kvm_lapic_set_reg() a "private" xAPIC helper (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Add helpers to handle 64-bit APIC MSR read/writes (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: WARN if KVM emulates an IPI without clearing the BUSY flag (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Don't rewrite guest ICR on AVIC IPI virtualization failure (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Use "raw" APIC register read for handling APIC-write VM-Exit (Sean Christopherson)  [Orabug: 34160613]
- KVM: VMX: Handle APIC-write offset wrangling in VMX code (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Do not change ICR on write to APIC_SELF_IPI (Paolo Bonzini)  [Orabug: 34160613]
- KVM: SVM: Rename AVIC helpers to use "avic" prefix instead of "svm" (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Rename kvm_x86_ops pointers to align w/ preferred vendor names (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Skip APICv update if APICv is disable at the module level (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: fix race between interrupt delivery and AVIC inhibition (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: set IRR in svm_deliver_interrupt (Paolo Bonzini)  [Orabug: 34160613]
- KVM: SVM: extract avic_ring_doorbell (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: SVM: move avic definitions from AMD's spec to svm.h (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: lapic: don't touch irr_pending in kvm_apic_update_apicv when inhibiting it (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: Move delivery of non-APICv interrupt into vendor code (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Move svm_hardware_setup() and its helpers below svm_x86_ops (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Drop AVIC's intermediate avic_set_running() helper (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Skip AVIC and IRTE updates when loading blocking vCPU (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Use kvm_vcpu_is_blocking() in AVIC load to handle preemption (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Remove unnecessary APICv/AVIC update in vCPU unblocking path (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Don't bother checking for "running" AVIC when kicking for IPIs (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Signal AVIC doorbell iff vCPU is in guest mode (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: add a tracepoint for APICv/AVIC interrupt delivery (Maxim Levitsky)  [Orabug: 34160613]
- KVM: Add helpers to wake/query blocking vCPU (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: Ensure target pCPU is read once when signalling AVIC doorbell (Sean Christopherson)  [Orabug: 34160613]
- KVM: ensure APICv is considered inactive if there is no APIC (Paolo Bonzini)  [Orabug: 34160613]
- KVM: x86: Use rw_semaphore for APICv lock to allow vCPU parallelism (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: Move SVM's APICv sanity check to common x86 (Sean Christopherson)  [Orabug: 34160613]
- KVM: SVM: AVIC: drop unsupported AVIC base relocation code (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: call avic_vcpu_load/avic_vcpu_put when enabling/disabling AVIC (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: move check for kvm_vcpu_apicv_active outside of avic_vcpu_{put|load} (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: avoid refreshing avic if its state didn't change (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: add warning for mistmatch between AVIC vcpu state and AVIC inhibition (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: Unexport __kvm_request_apicv_update() (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: APICv: fix race in kvm_request_apicv_update on SVM (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: APICv: drop immediate APICv disablement on current vCPU (Maxim Levitsky)  [Orabug: 34160613]
- KVM: SVM: svm_set_vintr don't warn if AVIC is active but is about to be deactivated (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: Check for pending interrupts when APICv is getting disabled (Vitaly Kuznetsov)  [Orabug: 34160613]
- KVM: SVM: Move AVIC vCPU kicking snippet to helper function (Sean Christopherson)  [Orabug: 34160613]
- KVM: x86: rename apic_access_page_done to apic_access_memslot_enabled (Maxim Levitsky)  [Orabug: 34160613]
- KVM: x86: Drop vendor specific functions for APICv/AVIC enablement (Vitaly Kuznetsov)  [Orabug: 34160613]
- KVM: x86: Use common 'enable_apicv' variable for both APICv and AVIC (Vitaly Kuznetsov)  [Orabug: 34160613]
- KVM: SVM: Drop unneeded CONFIG_X86_LOCAL_APIC check (Vitaly Kuznetsov)  [Orabug: 34160613]
- kvm: Replace vcpu->swait with rcuwait (Davidlohr Bueso)  [Orabug: 34160613]
- rcuwait: Introduce rcuwait_active() (Davidlohr Bueso)  [Orabug: 34160613]
- rcuwait: Introduce prepare_to and finish_rcuwait (Davidlohr Bueso)  [Orabug: 34160613]
- rcuwait: Let rcuwait_wake_up() return whether or not a task was awoken (Davidlohr Bueso)  [Orabug: 34160613]
- rcuwait: Fix stale wake call name in comment (Davidlohr Bueso)  [Orabug: 34160613]
- rcuwait: Add @state argument to rcuwait_wait_event() (Peter Zijlstra (Intel))  [Orabug: 34160613]
- acpi: Remove header dependency (Peter Zijlstra)  [Orabug: 34160613]

[5.4.17-2136.314.5.el8uek]
- rds: Remove the cp_rdsinfo_pending flag (Håkon Bugge)  [Orabug: 34658658]
- RDMA/uverbs: restrack shared PDs (Sharath Srinivasan)  [Orabug: 34789017]
- rds: ib: Fix cleanup of rds_ib_cache_gc_worker (Håkon Bugge)  [Orabug: 34806077]
- KVM: nVMX: Add tracepoint for nested VM-Enter (David Matlack)  [Orabug: 34806795]
- KVM: x86: Update trace function for nested VM entry to support VMX (Mingwei Zhang)  [Orabug: 34806795]
- Revert "KVM: nSVM: Log nRIP of L1 and L2 guest VMCB in nested VMRUN tracepoint" (Maciej S. Szmigiero)  [Orabug: 34806795]
- KVM: nVMX: Allow VMREAD when Enlightened VMCS is in use (Vitaly Kuznetsov)  [Orabug: 34806795]
- KVM: nVMX: Implement evmcs_field_offset() suitable for handle_vmread() (Vitaly Kuznetsov)  [Orabug: 34806795]
- KVM: nVMX: Rename vmcs_to_field_offset{,_table} (Vitaly Kuznetsov)  [Orabug: 34806795]
- KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS (Vitaly Kuznetsov)  [Orabug: 34806795]
- x86/kvm: Always inline evmcs_write64() (Peter Zijlstra)  [Orabug: 34806795]
- KVM: x86: Clean up redundant ROL16(val, n) macro definition (Like Xu)  [Orabug: 34806795]
- KVM: nVMX: Dynamically compute max VMCS index for vmcs12 (Sean Christopherson)  [Orabug: 34806795]
- KVM: nVMX: Use '-1' in 'hv_evmcs_vmptr' to indicate that eVMCS is not in use (Vitaly Kuznetsov)  [Orabug: 34806795]
- KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again (Vitaly Kuznetsov)  [Orabug: 34806795]
- KVM: nVMX: Add VM-Enter failed tracepoints for super early checks (Sean Christopherson)  [Orabug: 34806795]
- x86: Ignore iommu=off for AMD cpus (Dave Kleikamp)  [Orabug: 34034614]
- uek-rpm: Add xt_MASQUERADE to nano rpm (Somasundaram Krishnasamy)  [Orabug: 34630038]
- x86/mce: Retrieve poison range from hardware (Jane Chu)  [Orabug: 34670113]
- x86/mce: Include a MCi_MISC value in faked mce logs (Tony Luck)  [Orabug: 34670113]
- pmem: fix a name collision (Jane Chu)  [Orabug: 34670113]
- pmem: implement pmem_recovery_write() (Jane Chu)  [Orabug: 34670113]
- pmem: refactor pmem_clear_poison() (Jane Chu)  [Orabug: 34670113]
- dax: add .recovery_write dax_operation (Jane Chu)  [Orabug: 34670113]
- dax: introduce DAX_RECOVERY_WRITE dax access mode (Jane Chu)  [Orabug: 34670113]
- mce: fix set_mce_nospec to always unmap the whole page (Jane Chu)  [Orabug: 34670113]
- acpi/nfit: rely on mce->misc to determine poison granularity (Jane Chu)  [Orabug: 34670113]
- RDMA/restrack: Support all QP types (Leon Romanovsky)  [Orabug: 34704742]
- RDMA/core: Always release restrack object (Leon Romanovsky)  [Orabug: 34704742]
- RDMA/core: Add CM to restrack after successful attachment to a device (Shay Drory)  [Orabug: 34704742]
- Revert "rdmaip: Flush ARP cache after address has been cleared" (Sharath Srinivasan)  [Orabug: 34739575]
- vdpa/mlx5: default_mtu should not override mtu from vdpa tool (Si-Wei Liu)  [Orabug: 34756655]
- virtio-net: use mtu size as buffer length for big packets (Gavin Li)  [Orabug: 34756655]
- virtio-net: introduce and use helper function for guest gso support checks (Gavin Li)  [Orabug: 34756655]
- vdpa/mlx5: Use consistent RQT size (Eli Cohen)  [Orabug: 34756655]
- vdpa: mlx5: synchronize driver status with CVQ (Jason Wang)  [Orabug: 34756655]
- vdpa: mlx5: prevent cvq work from hogging CPU (Jason Wang)  [Orabug: 34756655]
- vdpa/mlx5: Avoid processing works if workqueue was destroyed (Eli Cohen)  [Orabug: 34756655]
- vhost: handle error while adding split ranges to iotlb (Anirudh Rayabharam)  [Orabug: 34756655]
- vdpa: support exposing the count of vqs to userspace (Longpeng)  [Orabug: 34756655]
- vdpa: change the type of nvqs to u32 (Longpeng)  [Orabug: 34756655]
- vdpa: support exposing the config size to userspace (Longpeng)  [Orabug: 34756655]
- vdpa/mlx5: re-create forwarding rules after mac modified (Michael Qiu)  [Orabug: 34756655]
- Add definition of VIRTIO_F_IN_ORDER feature bit (Gautam Dawar)  [Orabug: 34756655]
- vhost_vdpa: don't setup irq offloading when irq_num < 0 (Zhu Lingshan)  [Orabug: 34756655]
- vhost: allow batching hint without size (Jason Wang)  [Orabug: 34756655]
- vdpa: fix use-after-free on vp_vdpa_remove (Zhang Min)  [Orabug: 34756655]
- vhost: fix hung thread due to erroneous iotlb entries (Anirudh Rayabharam)  [Orabug: 34756655]
- vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command (Si-Wei Liu)  [Orabug: 34756655]
- vdpa/mlx5: should verify CTRL_VQ feature exists for MQ (Si-Wei Liu)  [Orabug: 34756655]
- vdpa: factor out vdpa_set_features_unlocked for vdpa internal use (Si-Wei Liu)  [Orabug: 34756655]
- RDMA/cma: Use output interface for net_dev check (Håkon Bugge)  [Orabug: 34774008]
- Revert "RDMA/cma: Use output interface for net_dev check" (Håkon Bugge)  [Orabug: 34774008]
- bpf: Add probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers (Daniel Borkmann)  [Orabug: 34797062]
- uaccess: Add strict non-pagefault kernel-space read function (Daniel Borkmann)  [Orabug: 34797062]
- do_wait: make PIDTYPE_PID case O(1) instead of O(n) (Jim Newsome)  [Orabug: 34798125]

[5.4.17-2136.314.4.el8uek]
- Feature: Add cmdline param sched_uek=[preempt,wakeidle] (Libo Chen)  [Orabug: 34779452]
- perf/x86/intel: Hide Topdown metrics events if slots is not enumerated (Kan Liang)  [Orabug: 34264064]
- net: macsec: Severe performance regression in "...preserve ordering" (Venkat Venkatsubra)  [Orabug: 34653784]
- mISDN: fix use-after-free bugs in l1oip timer handlers (Duoming Zhou)  [Orabug: 34719781]  {CVE-2022-3565}
- x86/microcode/AMD: Apply the patch late on every logical thread (Mihai Carabas)  [Orabug: 34731079]
- x86/microcode/AMD: Apply the patch early on every logical thread (Borislav Petkov)  [Orabug: 34731079]
- io_uring/af_unix: defer registered files gc to io_uring release (Pavel Begunkov)  [Orabug: 34743499]  {CVE-2022-2602}
- scsi: target: core: Silence the message about unknown VPD pages (Konstantin Shelekhin)  [Orabug: 34764768]

[5.4.17-2136.314.3.el8uek]
- net: ieee802154: return -EINVAL for unknown addr type (Alexander Aring) 
- ALSA: hda: beep: Simplify keep-power-at-enable behavior (Takashi Iwai) 
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (Luke D. Jones) 
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530 (Callum Osmotherly) 
- LTS tag: v5.4.218 (Sherry Yang) 
- Input: xpad - fix wireless 360 controller breaking after suspend (Cameron Gutman) 
- Input: xpad - add supported devices as contributed on github (Pavel Rojtberg) 
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (Johannes Berg) 
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (Johannes Berg) 
- wifi: cfg80211: avoid nontransmitted BSS list corruption (Johannes Berg) 
- wifi: cfg80211: fix BSS refcounting bugs (Johannes Berg) 
- wifi: cfg80211: ensure length byte is present before access (Johannes Berg) 
- wifi: cfg80211/mac80211: reject bad MBSSID elements (Johannes Berg) 
- wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() (Johannes Berg) 
- random: restore O_NONBLOCK support (Jason A. Donenfeld) 
- USB: serial: qcserial: add new usb-id for Dell branded EM7455 (Frank Wunderlich) 
- scsi: stex: Properly zero out the passthrough command structure (Linus Torvalds) 
- efi: Correct Macmini DMI match in uefi cert quirk (Orlando Chamberlain) 
- ALSA: hda: Fix position reporting on Poulsbo (Takashi Iwai) 
- random: clamp credited irq bits to maximum mixed (Jason A. Donenfeld) 
- ceph: don't truncate file in atomic_open (Hu Weiwen) 
- nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure (Ryusuke Konishi) 
- nilfs2: fix leak of nilfs_root in case of writer thread creation failure (Ryusuke Konishi) 
- nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() (Ryusuke Konishi) 
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (Krzysztof Kozlowski) 
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (Brian Norris) 
- mmc: core: Replace with already defined values for readability (ChanWoo Lee) 
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (Johan Hovold) 
- usb: mon: make mmapped memory read only (Tadeusz Struk) 
- arch: um: Mark the stack non-executable to fix a binutils warning (David Gow) 
- um: Cleanup compiler warning in arch/x86/um/tls_32.c (Lukas Straub) 
- um: Cleanup syscall_handler_t cast in syscalls_32.h (Lukas Straub) 
- net/ieee802154: fix uninit value bug in dgram_sendmsg (Haimin Zhang) 
- scsi: qedf: Fix a UAF bug in __qedf_probe() (Letu Ren) 
- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer (Sergei Antonov) 
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure (Swati Agarwal) 
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property (Swati Agarwal) 
- firmware: arm_scmi: Add SCMI PM driver remove routine (Cristian Marussi) 
- fs: fix UAF/GPF bug in nilfs_mdt_destroy (Dongliang Mu) 
- perf tools: Fixup get_current_dir_name() compilation (Alexey Dobriyan) 
- mm: pagewalk: Fix race between unmap and page walker (Steven Price) 
- LTS tag: v5.4.217 (Sherry Yang) 
- docs: update mediator information in CoC docs (Shuah Khan) 
- Makefile.extrawarn: Move -Wcast-function-type-strict to W=1 (Sami Tolvanen) 
- Revert "drm/amdgpu: use dirty framebuffer helper" (Greg Kroah-Hartman) 
- xfs: remove unused variable 'done' (YueHaibing) 
- xfs: fix uninitialized variable in xfs_attr3_leaf_inactive (Darrick J. Wong) 
- xfs: streamline xfs_attr3_leaf_inactive (Darrick J. Wong) 
- xfs: move incore structures out of xfs_da_format.h (Christoph Hellwig) 
- xfs: fix memory corruption during remote attr value buffer invalidation (Darrick J. Wong) 
- xfs: refactor remote attr value buffer invalidation (Darrick J. Wong) 
- xfs: fix s_maxbytes computation on 32-bit kernels (Darrick J. Wong) 
- xfs: truncate should remove all blocks, not just to the end of the page cache (Darrick J. Wong) 
- xfs: introduce XFS_MAX_FILEOFF (Darrick J. Wong) 
- xfs: fix misuse of the XFS_ATTR_INCOMPLETE flag (Christoph Hellwig) 
- LTS tag: v5.4.216 (Sherry Yang) 
- clk: iproc: Do not rely on node name for correct PLL setup (Florian Fainelli) 
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks (Han Xu) 
- selftests: Fix the if conditions of in test_extra_filter() (Wang Yufen) 
- nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices (Michael Kelley) 
- nvme: add new line after variable declatation (Chaitanya Kulkarni) 
- usbnet: Fix memory leak in usbnet_disconnect() (Peilin Ye) 
- Input: melfas_mip4 - fix return value check in mip4_probe() (Yang Yingliang) 
- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" (Brian Norris) 
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (Samuel Holland) 
- soc: sunxi: sram: Fix probe function ordering issues (Samuel Holland) 
- soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() (Cai Huoqing) 
- soc: sunxi: sram: Prevent the driver from being unbound (Samuel Holland) 
- soc: sunxi: sram: Actually claim SRAM regions (Samuel Holland) 
- ARM: dts: am33xx: Fix MMCHS0 dma properties (YuTong Chang) 
- ARM: dts: Move am33xx and am43xx mmc nodes to sdhci-omap driver (Faiz Abbas) 
- media: dvb_vb2: fix possible out of bound access (Hangyu Hua) 
- mm: fix madivse_pageout mishandling on non-LRU page (Minchan Kim) 
- mm/migrate_device.c: flush TLB while holding PTL (Alistair Popple) 
- mm: prevent page_frag_alloc() from corrupting the memory (Maurizio Lombardi) 
- mm/page_alloc: fix race condition between build_all_zonelists and page allocation (Mel Gorman) 
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (Sergei Antonov) 
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 (Niklas Cassel) 
- ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() (ChenXiaoSong) 
- ARM: dts: integrator: Tag PCI host with device_type (Linus Walleij) 
- clk: ingenic-tcu: Properly enable registers before accessing timers (Aidan MacDonald) 
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (Frank Wunderlich) 
- uas: ignore UAS for Thinkplus chips (Hongling Zeng) 
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (Hongling Zeng) 
- uas: add no-uas quirk for Hiksemi usb_disk (Hongling Zeng) 
- LTS tag: v5.4.215 (Sherry Yang) 
- ext4: make directory inode spreading reflect flexbg size (Jan Kara) 
- xfs: fix use-after-free when aborting corrupt attr inactivation (Darrick J. Wong) 
- xfs: fix an ABBA deadlock in xfs_rename (Darrick J. Wong) 
- xfs: don't commit sunit/swidth updates to disk if that would cause repair failures (Darrick J. Wong) 
- xfs: split the sunit parameter update into two parts (Darrick J. Wong) 
- xfs: refactor agfl length computation function (Darrick J. Wong) 
- xfs: use bitops interface for buf log item AIL flag check (Brian Foster) 
- xfs: stabilize insert range start boundary to avoid COW writeback race (Brian Foster) 
- xfs: fix some memory leaks in log recovery (Darrick J. Wong) 
- xfs: always log corruption errors (Darrick J. Wong) 
- xfs: constify the buffer pointer arguments to error functions (Darrick J. Wong) 
- xfs: convert EIO to EFSCORRUPTED when log contents are invalid (Darrick J. Wong) 
- xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename() (kaixuxia) 
- xfs: range check ri_cnt when recovering log items (Darrick J. Wong) 
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (Darrick J. Wong) 
- xfs: slightly tweak an assert in xfs_fs_map_blocks (Christoph Hellwig) 
- xfs: replace -EIO with -EFSCORRUPTED for corrupt metadata (Darrick J. Wong) 
- ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 (Luís Henriques) 
- workqueue: don't skip lockdep work dependency in cancel_work_sync() (Tetsuo Handa) 
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (Nathan Huckleberry) 
- drm/amd/display: Limit user regamma to a valid value (Yao Wang1) 
- drm/amdgpu: use dirty framebuffer helper (Hamza Mahfooz) 
- Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region (Vitaly Kuznetsov) 
- cifs: always initialize struct msghdr smb_msg completely (Stefan Metzmacher) 
- usb: xhci-mtk: fix issue of out-of-bounds array access (Chunfeng Yun) 
- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup (Stefan Haberland) 
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting (Ilpo Järvinen) 
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (Ilpo Järvinen) 
- serial: Create uart_xmit_advance() (Ilpo Järvinen) 
- net: sched: fix possible refcount leak in tc_new_tfilter() (Hangyu Hua) 
- net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD (Sean Anderson) 
- perf kcore_copy: Do not check /proc/modules is unchanged (Adrian Hunter) 
- perf jit: Include program header in ELF files (Lieven Hey) 
- can: gs_usb: gs_can_open(): fix race dev->can.state condition (Marc Kleine-Budde) 
- netfilter: ebtables: fix memory leak when blob is malformed (Florian Westphal) 
- net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs (Vladimir Oltean) 
- net/sched: taprio: avoid disabling offload when it was never enabled (Vladimir Oltean) 
- of: mdio: Add of_node_put() when breaking out of for_each_xx (Liang He) 
- i40e: Fix set max_tx_rate when it is lower than 1 Mbps (Michal Jaron) 
- i40e: Fix VF set max MTU size (Michal Jaron) 
- iavf: Fix set max MTU size with port VLAN and jumbo frames (Michal Jaron) 
- iavf: Fix bad page state (Norbert Zulinski) 
- MIPS: Loongson32: Fix PHY-mode being left unspecified (Serge Semin) 
- MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko (Randy Dunlap) 
- net: team: Unsync device addresses on ndo_stop (Benjamin Poirier) 
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header (Lu Wei) 
- iavf: Fix cached head and tail value for iavf_get_tx_pending (Brett Creeley) 
- netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (Pablo Neira Ayuso) 
- netfilter: nf_conntrack_irc: Tighten matching on DCC message (David Leadbeater) 
- netfilter: nf_conntrack_sip: fix ct_sip_walk_headers (Igor Ryzhov) 
- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma (Fabio Estevam) 
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (zain wang) 
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (Brian Norris) 
- mm/slub: fix to return errno if kmalloc() fails (Chao Yu) 
- efi: libstub: check Shim mode using MokSBStateRT (Ard Biesheuvel) 
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop (Callum Osmotherly) 
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (Luke D. Jones) 
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (Luke D. Jones) 
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (Luke D. Jones) 
- ALSA: hda/realtek: Re-arrange quirk table entries (Takashi Iwai) 
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (huangwenhui) 
- ALSA: hda: add Intel 5 Series / 3400 PCI DID (Kai Vehmanen) 
- ALSA: hda/tegra: set depop delay for tegra (Mohan Kumar) 
- USB: serial: option: add Quectel RM520N (jerry meng) 
- USB: serial: option: add Quectel BG95 0x0203 composition (Carl Yin(殷张成)) 
- Revert "usb: gadget: udc-xilinx: replace memcpy with memcpy_toio" (Greg Kroah-Hartman) 
- Revert "usb: add quirks for Lenovo OneLink+ Dock" (Greg Kroah-Hartman) 
- usb: cdns3: fix issue with rearming ISO OUT endpoint (Pawel Laszczak) 
- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (Piyush Mehta) 
- usb: add quirks for Lenovo OneLink+ Dock (Jean-Francois Le Fillatre) 
- tty: serial: atmel: Preserve previous USART mode if RS485 disabled (Sergiu Moga) 
- serial: atmel: remove redundant assignment in rs485_config (Lino Sanfilippo) 
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data (Codrin.Ciubotariu at microchip.com) 
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (Siddh Raman Pant) 
- usb: xhci-mtk: relax TT periodic bandwidth allocation (Ikjoon Jang) 
- usb: xhci-mtk: allow multiple Start-Split in a microframe (Chunfeng Yun) 
- usb: xhci-mtk: add some schedule error number (Chunfeng Yun) 
- usb: xhci-mtk: add a function to (un)load bandwidth info (Chunfeng Yun) 
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule (Chunfeng Yun) 
- usb: xhci-mtk: add only one extra CS for FS/LS INTR (Chunfeng Yun) 
- usb: xhci-mtk: get the microframe boundary for ESIT (Chunfeng Yun) 
- usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop (Wesley Cheng) 
- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup() (Thinh Nguyen) 
- usb: dwc3: gadget: Refactor pullup() (Thinh Nguyen) 
- usb: dwc3: gadget: Prevent repeat pullup() (Thinh Nguyen) 
- usb: dwc3: Issue core soft reset before enabling run/stop (Wesley Cheng) 
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind (Wesley Cheng) 
- ALSA: hda/sigmatel: Fix unused variable warning for beep power change (Takashi Iwai) 
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (Hyunwoo Kim) 
- mksysmap: Fix the mismatch of 'L0' symbols in System.map (Youling Tang) 
- MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping() (Alexander Sverdlin) 
- afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked (David Howells) 
- net: usb: qmi_wwan: add Quectel RM520N (jerry.meng) 
- ALSA: hda/tegra: Align BDL entry to 4KB boundary (Mohan Kumar) 
- ALSA: hda/sigmatel: Keep power up while beep is enabled (Takashi Iwai) 
- rxrpc: Fix calc of resend age (David Howells) 
- rxrpc: Fix local destruction being repeated (David Howells) 
- regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (Xiaolei Wang) 
- ASoC: nau8824: Fix semaphore unbalance at error paths (Takashi Iwai) 
- iomap: iomap that extends beyond EOF should be marked dirty (Chandan Babu R) 
- MAINTAINERS: add Chandan as xfs maintainer for 5.4.y (Chandan Babu R) 
- cifs: don't send down the destination address to sendmsg for a SOCK_STREAM (Stefan Metzmacher) 
- cifs: revalidate mapping when doing direct writes (Ronnie Sahlberg) 
- tracing: hold caller_addr to hardirq_{enable,disable}_ip (Yipeng Zou) 
- task_stack, x86/cea: Force-inline stack helpers (Borislav Petkov) 
- ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (Sasha Levin) 
- drm/meson: Fix OSD1 RGB to YCbCr coefficient (Stuart Menefy) 
- drm/meson: Correct OSD1 global alpha value (Stuart Menefy) 
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (Pali Rohár) 
- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0 (Trond Myklebust) 
- of: fdt: fix off-by-one error in unflatten_dt_nodes() (Sergey Shtylyov) 
- LTS tag: v5.4.214 (Sherry Yang) 
- tracefs: Only clobber mode/uid/gid on remount if asked (Brian Norris) 
- soc: fsl: select FSL_GUTS driver for DPIO (Mathew McBride) 
- net: dp83822: disable rx error interrupt (Enguerrand de Ribaucourt) 
- mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() (Jann Horn) 
to IGNORE_UAS (Hu Xiaoying) 
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (Hans de Goede) 
- perf/arm_pmu_platform: fix tests for platform_get_irq() failure (Yu Zhe) 
- nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() (Maurizio Lombardi) 
- Input: iforce - add support for Boeder Force Feedback Wheel (Greg Tulli) 
- ieee802154: cc2520: add rc code in cc2520_tx() (Li Qiong) 
- tg3: Disable tg3 device on system reboot to avoid triggering AER (Kai-Heng Feng) 
- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message (Even Xu) 
- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (Jason Wang) 
- drm/msm/rd: Fix FIFO-full deadlock (Rob Clark)

[5.4.17-2136.314.2.el8uek]
- pensando: kpcimgr: Fix deadlock in read_kpcimgr (Rob Gardner)  [Orabug: 34676899]
- uek-rpm: add aarch64 to list of vdso arches (Tom Saeger)  [Orabug: 34716202]
- uapi: Fix [rs]cq_vector data types in rds[6]_info_rdma_connection (Mark Haywood)  [Orabug: 34734191]
- uapi: Fix congested flag type in rds[6]_info_socket (Mark Haywood)  [Orabug: 34734191]
- uek-rpm: Remove nano_dracut-blacklist.conf (Somasundaram Krishnasamy)  [Orabug: 34743957]

[5.4.17-2136.314.1.el8uek]
- proc: provide details on indirect branch speculation (Anand K Mistry)  [Orabug: 33927837]
- net/rds: rds_tcp_accept_one ought to not discard messages (Gerd Rausch)  [Orabug: 34488376]
- net/rds: drop rs_transport module reference count on error (Gerd Rausch)  [Orabug: 34500807]
- pciemgr: use spin_lock_irqsave (Rob Gardner)  [Orabug: 34676884]
- iommu: set default value of INTEL_IOMMU_FLOPPY_WA to n (Harshit Mogalapalli)  [Orabug: 34724685]




More information about the El-errata mailing list