Unbreakable Enterprise kernel security update

[5.15.0-204.147.6.2]

• smb3: Replace smb2pdu 1-element arrays with flex-arrays (Kees Cook) [Orabug: 36353543]
• hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Shradha Gupta) [Orabug: 36358874]
• hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Souradeep Chakrabarti)
• hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Michael Kelley)
• netfilter: ipset: Missing gc cancellations fixed (Jozsef Kadlecsik)
• netfilter: ipset: fix performance regression in swap operation (Jozsef Kadlecsik)
• netfilter: nft_set_rbtree: skip end interval element from gc (Pablo Neira Ayuso)
• netfilter: nf_tables: set dormant flag on hook register failure (Florian Westphal)
  [5.15.0-204.147.6.1]
• arm64: Minimize tlb flush due to vttbr writes on AmpereOne (Ganapatrao Kulkarni) [Orabug: 36359078]
  [5.15.0-204.147.6]
• keys, dns: Fix size check of V1 server-list header (David Howells)
• net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809]
• KVM: x86: smm: preserve interrupt shadow in SMRAM (Maxim Levitsky) [Orabug: 36171472]
  [5.15.0-204.147.5]
• tcp: fix excessive TLP and RACK timeouts from HZ rounding (Neal Cardwell) [Orabug: 36289786]
• uek-rpm: Make few builtin options to modules back – hardening (Harshit Mogalapalli) [Orabug: 36196579]
• iommufd/iova_bitmap: Consider page offset for the pages to be pinned (Joao Martins) [Orabug: 36197723]
• iommufd/iova_bitmap: Handle recording beyond the mapped pages (Joao Martins) [Orabug: 36197723]
• iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (Joao Martins) [Orabug: 36197723]
• iommufd/iova_bitmap: Bounds check mapped::pages access (Joao Martins) [Orabug: 36197723]
• Revert ‘iommu/amd: Improve dirty read io-pgtable walker’ (Joao Martins) [Orabug: 36197723]
  [5.15.0-204.147.4]
• uek-rpm: Disable MCORE2 in container kernel configs (Harshit Mogalapalli) [Orabug: 36267828]
• md: fix regression for null-ptr-deference in __md_stop() (Yu Kuai) [Orabug: 36230125]
• md: Free resources in __md_stop (Xiao Ni) [Orabug: 36230125]
• md: Change active_io to percpu (Xiao Ni) [Orabug: 36230125]
• md: Factor out is_md_suspended helper (Xiao Ni) [Orabug: 36230125]
• hwmon: (opbmc) E6/AST2600 platform enabled (Jan Zdarek) [Orabug: 36222931]
  [5.15.0-204.147.3]
• Revert ‘tcp: fix excessive TLP and RACK timeouts from HZ rounding’ (Sherry Yang) [Orabug: 36241828]
• mm: avoid heavy swap lock contention when unmapping with padata (Anthony Yznaga) [Orabug: 36073084]
• mm: use less threads when unmapping some large VMAs (Anthony Yznaga) [Orabug: 36073084]
• crypto: qat - add NULL pointer check (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - fix mutex ordering in adf_rl (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - fix error path in add_update_sla() (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add sysfs_added flag for rate limiting (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add sysfs_added flag for ras (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - prevent underflow in rp2srv_store() (Dan Carpenter) [Orabug: 36156923]
• Documentation: ABI: debugfs-driver-qat: fix fw_counters path (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - move adf_cfg_services (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - add num_rps sysfs attribute (Ciunas Bennett) [Orabug: 36156923]
• crypto: qat - add rp2svc sysfs attribute (Ciunas Bennett) [Orabug: 36156923]
• crypto: qat - add rate limiting sysfs interface (Ciunas Bennett) [Orabug: 36156923]
• crypto: qat - add rate limiting feature to qat_4xxx (Damian Muszynski) [Orabug: 36156923]
• units: add missing header (Andy Shevchenko) [Orabug: 36156923]
• units: Add BYTES_PER_*BIT (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add retrieval of fw capabilities (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add bits.h to icp_qat_hw.h (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - move admin api (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - fix ring to service map for QAT GEN4 (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - use masks for AE groups (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - refactor fw config related functions (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - count QAT GEN4 errors (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add error counters (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add handling of errors from ERRSOU3 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add adf_get_aram_base() helper function (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add handling of compression related errors for QAT GEN4 (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add handling of errors from ERRSOU2 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add reporting of errors from ERRSOU1 for QAT GEN4 (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add reporting of correctable errors for QAT GEN4 (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add infrastructure for error reporting (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - fix double free during reset (Svyatoslav Pankratov) [Orabug: 36156923]
• crypto: qat - add cnv_errors debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - add pm_status debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - refactor included headers (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - add namespace to driver (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - Remove zlib-deflate (Herbert Xu) [Orabug: 36156923]
• crypto: qat - enable dc chaining service (Adam Guerin) [Orabug: 36156923]
• crypto: qat - consolidate services structure (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - fix unregistration of compression algorithms (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - fix unregistration of crypto algorithms (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - ignore subsequent state up commands (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - do not shadow error code (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - fix state machines cleanup paths (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - refactor deprecated strncpy (Justin Stitt) [Orabug: 36156923]
• crypto: qat - Use list_for_each_entry() helper (Jinjie Ruan) [Orabug: 36156923]
• crypto: qat - fix crypto capability detection for 4xxx (Adam Guerin) [Orabug: 36156923]
• crypto: qat - Remove unused function declarations (Yue Haibing) [Orabug: 36156923]
• crypto: qat - use kfree_sensitive instead of memset/kfree() (Yang Yingliang) [Orabug: 36156923]
• crypto: qat - replace the if statement with min() (You Kangren) [Orabug: 36156923]
• crypto: qat - add heartbeat counters check (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add heartbeat feature (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add measure clock frequency (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - drop obsolete heartbeat interface (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add internal timer for qat 4xxx (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - add fw_counters debugfs file (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - change value of default idle filter (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - do not export adf_init_admin_pm() (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - expose pm_idle_enabled through sysfs (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - extend configuration for 4xxx (Adam Guerin) [Orabug: 36156923]
• Documentation: qat: change kernel version (Meadhbh) [Orabug: 36156923]
• Documentation: qat: rewrite description (Bagas Sanjaya) [Orabug: 36156923]
• Documentation: qat: Use code block for qat sysfs example (Bagas Sanjaya) [Orabug: 36156923]
• crypto: qat - refactor fw config logic for 4xxx (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - make fw images name constant (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - move returns to default case (Adam Guerin) [Orabug: 36156923]
• crypto: qat - update slice mask for 4xxx devices (Karthikeyan Gopal) [Orabug: 36156923]
• crypto: qat - set deprecated capabilities as reserved (Karthikeyan Gopal) [Orabug: 36156923]
• crypto: qat - add missing function declaration in adf_dbgfs.h (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - move dbgfs init to separate file (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - Move driver to drivers/crypto/intel/qat (Tom Zanussi) [Orabug: 36156923]
• crypto: qat - drop redundant adf_enable_aer() (Bjorn Helgaas) [Orabug: 36156923]
• crypto: qat - simplify adf_enable_aer() (Uwe Kleine-Konig) [Orabug: 36156923]
• crypto: qat - fix apply custom thread-service mapping for dc service (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - add support for 402xx devices (Damian Muszynski) [Orabug: 36156923]
• crypto: qat - make state machine functions static (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - refactor device restart logic (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - replace state machine calls (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - fix concurrency issue when device state changes (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - expose device config through sysfs for 4xxx (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - delay sysfs initialization (Shashank Gupta) [Orabug: 36156923]
• crypto: qat - Include algapi.h for low-level Crypto API (Herbert Xu) [Orabug: 36156923]
• crypto: qat - Use request_complete helpers (Herbert Xu) [Orabug: 36156923]
• crypto: qat - add qat_zlib_deflate (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - extend buffer list logic interface (Lucas Segarra Fernandez) [Orabug: 36156923]
• crypto: qat - fix spelling mistakes from ‘bufer’ to ‘buffer’ (Meadhbh Fitzpatrick) [Orabug: 36156923]
• crypto: qat - add limit to linked list parsing (Adam Guerin) [Orabug: 36156923]
• crypto: qat - add check to validate firmware images (Srinivas Kerekare) [Orabug: 36156923]
• crypto: qat - relocate and rename adf_sriov_prepare_restart() (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - change behaviour of adf_cfg_add_key_value_param() (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - Removes the x86 dependency on the QAT drivers (Yoan Picchi) [Orabug: 36156923]
• crypto: qat - Fix unsigned function returning negative constant (Haowen Bai) [Orabug: 36156923]
• crypto: qat - remove line wrapping for pfvf_ops functions (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - use u32 variables in all GEN4 pfvf_ops (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - replace disable_vf2pf_interrupts() (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - leverage the GEN2 VF mask definiton (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - rework the VF2PF interrupt handling logic (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - fix off-by-one error in PFVF debug print (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - fix wording and formatting in code comment (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - test PFVF registers for spurious interrupts on GEN4 (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - add check for invalid PFVF protocol version 0 (Wojciech Ziemba) [Orabug: 36156923]
• crypto: qat - add missing restarting event notification in VFs (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - remove unnecessary tests to detect PFVF support (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - remove unused PFVF stubs (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - remove unneeded braces (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - fix ETR sources enabled by default on GEN2 devices (Marco Chiappero) [Orabug: 36156923]
• crypto: qat - stop using iommu_present() (Robin Murphy) [Orabug: 36156923]
• crypto: qat - remove unneeded assignment (Giovanni Cabiddu) [Orabug: 36156923]
• crypto: qat - don’t cast parameter in bit operations (Andy Shevchenko) [Orabug: 36156923]
• Revert ‘selftests/bpf: Test tail call counting with bpf2bpf and data on stack’ (Samasth Norway Ananda) [Orabug: 36204961]
• netfilter: nf_tables: check if catch-all set element is active in next generation (Pablo Neira Ayuso) [Orabug: 36250951] {CVE-2024-1085}
  [5.15.0-204.147.2]
• LTS version: v5.15.147 (Vijayendra Suman)
• net: usb: ax88179_178a: move priv to driver_priv (Justin Chen)
• net: usb: ax88179_178a: remove redundant init code (Justin Chen)
• tracing/kprobes: Fix symbol counting logic by looking at modules as well (Andrii Nakryiko)
• kallsyms: Make module_kallsyms_on_each_symbol generally available (Jiri Olsa)
• netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter)
• perf inject: Fix GEN_ELF_TEXT_OFFSET for jit (Adrian Hunter)
• ipv6: remove max_size check inline with ipv4 (Jon Maxwell)
• net: tls, update curr on splice as well (John Fastabend)
• mmc: sdhci-sprd: Fix eMMC init failure after hw reset (Wenchao Chen)
• mmc: core: Cancel delayed work before releasing host (Geert Uytterhoeven)
• mmc: rpmb: fixes pause retune on all RPMB partitions. (Jorge Ramirez-Ortiz)
• mmc: meson-mx-sdhc: Fix initialization frozen issue (Ziyang Huang)
• mm: fix unmap_mapping_range high bits shift bug (Jiajun Xie)
• x86/kprobes: fix incorrect return address calculation in kprobe_emulate_call_indirect (Jinghao Jia)
• firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (Takashi Sakamoto)
• mm/memory-failure: check the mapcount of the precise page (Matthew Wilcox (Oracle))
• selftests: secretmem: floor the memory size to the multiple of page_size (Muhammad Usama Anjum)
• net: Implement missing SO_TIMESTAMPING_NEW cmsg support (Thomas Lange)
• bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters() (Michael Chan)
• asix: Add check for usbnet_get_endpoints (Chen Ni)
• octeontx2-af: Re-enable MAC TX in otx2_stop processing (Naveen Mamindlapalli)
• octeontx2-af: Always configure NIX TX link credits based on max frame size (Naveen Mamindlapalli)
• octeontx2-af: Set NIX link credits based on max LMAC (Sunil Goutham)
• octeontx2-af: Don’t enable Pause frames by default (Hariprasad Kelam)
• net/qla3xxx: fix potential memleak in ql_alloc_buffer_queues (Dinghao Liu)
• igc: Fix hicredit calculation (Rodrigo Cataldo)
• i40e: Restore VF MSI-X state during PCI reset (Andrii Staikov)
• ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (Mark Brown)
• ASoC: meson: g12a-toacodec: Fix event generation (Mark Brown)
• ASoC: meson: g12a-tohdmitx: Validate written enum values (Mark Brown)
• ASoC: meson: g12a-toacodec: Validate written enum values (Mark Brown)
• i40e: fix use-after-free in i40e_aqc_add_filters() (Ke Xiao)
• net: Save and restore msg_namelen in sock_sendmsg (Marc Dionne)
• netfilter: nft_immediate: drop chain reference counter on error (Pablo Neira Ayuso)
• net: bcmgenet: Fix FCS generation for fragmented skbuffs (Adrian Cinal)
• sfc: fix a double-free bug in efx_probe_filters (Zhipeng Lu)
• ARM: sun9i: smp: Fix array-index-out-of-bounds read in sunxi_mc_smp_init (Stefan Wahren)
• net-timestamp: extend SOF_TIMESTAMPING_OPT_ID to HW timestamps (Vadim Fedorenko)
• can: raw: add support for SO_MARK (Marc Kleine-Budde)
• can: raw: add support for SO_TXTIME/SCM_TXTIME (Marc Kleine-Budde)
• net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (Jorn-Thorben Hinz)
• r8169: Fix PCI error on system resume (Kai-Heng Feng)
• net: sched: em_text: fix possible memory leak in em_text_destroy() (Hangyu Hua)
• mlxbf_gige: fix receive packet race condition (David Thompson)
• ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable (Chancel Liu)
• igc: Check VLAN EtherType mask (Kurt Kanzenbach)
• igc: Check VLAN TCI mask (Kurt Kanzenbach)
• igc: Report VLAN EtherType matching back to user (Kurt Kanzenbach)
• i40e: Fix filter input checks to prevent config with invalid values (Sudheer Mogilappagari)
• drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (Khaled Almahallawy)
• octeontx2-af: Fix marking couple of structure as __packed (Suman Ghosh)
• nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local (Siddh Raman Pant)
• drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer (Douglas Anderson)
• Revert ‘PCI/ASPM: Remove pcie_aspm_pm_state_change()’ (Bjorn Helgaas)
• ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (Siddhesh Dharme)
• block: Don’t invalidate pagecache for invalid falloc modes (Sarthak Kukreti)
  [5.15.0-204.146.1]
• uek-rpm: Update the kABI files for new symbol (Yifei Liu) [Orabug: 36183477]
• x86: KVM: SVM: refresh AVIC inhibition in svm_leave_nested() (Maxim Levitsky) [Orabug: 36183624]
• KVM: x86: SVM: allow AVIC to co-exist with a nested guest running (Maxim Levitsky) [Orabug: 36183624]
• KVM: x86: allow per cpu apicv inhibit reasons (Maxim Levitsky) [Orabug: 36183624]
• rds: Add count for ready receive cache (Hans Westgaard Ry) [Orabug: 36186035]