- glibc
-
- static-tls-surplus.patch: rtld: Avoid using up static TLS surplus for
optimizations (bsc#1200855, BZ #25051)
- strncpy-power9-vsx.patch: powerpc: Fix VSX register number on
__strncpy_power9 (bsc#1200334, BZ #29197)
- selinux-deprecated.patch: Disable warnings due to deprecated libselinux
symbols used by nss and nscd (bsc#1197718)
- systemtap-altmacro.patch: i386: Remove broken CAN_USE_REGISTER_ASM_EBP
(bsc#1197718, BZ #28771)
- kernel-default
-
- x86/kexec: Disable RET on kexec (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit ef1c2ca
- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 41afdd9
- x86/bugs: Add Cannon lake to RETBleed affected CPU list
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 6b54061
- ibmvnic: Properly dispose of all skbs during a failover
(bsc#1200925).
- commit 06221e8
- x86/cpu/amd: Enumerate BTC_NO (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit b7a3331
- x86/common: Stamp out the stepping madness (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 3962a01
- KVM: VMX: Prevent RSB underflow before vmenter (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit a2b7d09
- x86/speculation: Fill RSB on vmexit for IBRS (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit fd58624
- KVM: VMX: Fix IBRS handling after vmexit (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 79152af
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit f625aa5
- KVM: VMX: Convert launched argument to flags (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit e0dd694
- KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 528b21e
- KVM: VMX: Flatten __vmx_vcpu_run() (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 5c70c82
- x86/speculation: Remove x86_spec_ctrl_mask (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 4f79cdb
- x86/speculation: Use cached host SPEC_CTRL value for guest
entry/exit (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 140d756
- x86/speculation: Fix SPEC_CTRL write on SMT state change
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 43488f5
- x86/speculation: Fix firmware entry SPEC_CTRL handling
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit 410bedf
- x86/cpu/amd: Add Spectral Chicken (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 3ed82bb
- x86/bugs: Do IBPB fallback check only once (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 914bf03
- x86/bugs: Add retbleed=ibpb (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 0636a43
- net: rose: fix UAF bugs caused by timer handler (git-fixes).
- net: usb: ax88179_178a: Fix packet receiving (git-fixes).
- usbnet: fix memory allocation in helpers (git-fixes).
- NFC: nxp-nci: Don't issue a zero length i2c_master_read()
(git-fixes).
- nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
(git-fixes).
- linux/dim: Fix divide by 0 in RDMA DIM (git-fixes).
- virtio-net: fix race between ndo_open() and
virtio_device_ready() (git-fixes).
- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in
brcmstb_pm_probe (git-fixes).
- iio: accel: mma8452: ignore the return value of reset operation
(git-fixes).
- usb: chipidea: udc: check request status before setting device
address (git-fixes).
- USB: serial: option: add Quectel RM500K module support
(git-fixes).
- USB: serial: option: add Quectel EM05-G modem (git-fixes).
- USB: serial: option: add Telit LE910Cx 0x1250 composition
(git-fixes).
- mtd: rawnand: gpmi: Fix setting busy timeout setting
(git-fixes).
- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask
chips (git-fixes).
- virtio_net: fix xdp_rxq_info bug after suspend/resume
(git-fixes).
- commit 3920c43
- drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
(git-fixes).
- hwmon: (ibmaem) don't call platform_device_del() if
platform_device_add() fails (git-fixes).
- caif_virtio: fix race between virtio_device_ready() and
ndo_open() (git-fixes).
- iio: adc: vf610: fix conversion mode sysfs node name
(git-fixes).
- iio:chemical:ccs811: rearrange iio trigger get and register
(git-fixes).
- iio:accel:bma180: rearrange iio trigger get and register
(git-fixes).
- iio: trigger: sysfs: fix use-after-free on remove (git-fixes).
- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
(git-fixes).
- iio: adc: axp288: Override TS pin bias current for some models
(git-fixes).
- gpio: winbond: Fix error code in winbond_gpio_get() (git-fixes).
- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
(git-fixes).
- drm/msm: Fix double pm_runtime_disable() call (git-fixes).
- drm/sun4i: Fix crash during suspend after component bind failure
(git-fixes).
- ata: libata: add qc->flags in ata_qc_complete_template
tracepoint (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (git-fixes).
- ALSA: hda/realtek - ALC897 headset MIC no sound (git-fixes).
- commit aa4e5a5
- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (bsc#1185762).
- blacklist.conf:
remove this entry
- commit 6e5bc29
- blk-mq: drop workarounds for cpu hotplug queue management (bsc#1185762)
This patches never made it to mainline. Instead a simpler solution was
added upstream 14dc7a18abbe ("/block: Fix handling of offline queues in
blk_mq_alloc_request_hctx().
- commit a4e1276
- blacklist.conf: breaks kABI in an unfixable manner
- commit de9d595
- kabi: nvme workaround header include (bsc#1201193).
- commit 1e4257b
- x86/xen: Rename SYS* entry points (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit b3da909
- intel_idle: Disable IBRS during long idle (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit bff00e1
- xhci: Add reset resume quirk for AMD xhci controller
(git-fixes).
- commit 144d367
- x86/bugs: Report Intel retbleed vulnerability (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 9a4b6fa
- usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC
(git-fixes).
- Refresh
patches.suse/usb-pci-quirks-disable-D3cold-on-xhci-suspend-for-s2.patch.
- Refresh
patches.suse/usb-xhci-do-not-perform-Soft-Retry-for-some-xHCI-hos.patch.
- commit 1d0d070
- x86/bugs: Split spectre_v2_select_mitigation() and
spectre_v2_user_select_mitigation() (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit eda1e45
- x86/speculation: Add spectre_v2=ibrs option to support Kernel
IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit c12a655
- x86/bugs: Optimize SPEC_CTRL MSR writes (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 94eb4a2
- x86/entry: Add kernel IBRS implementation (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 7077b17
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit c21cae3
- netfilter: nf_tables: stricter validation of element data
(CVE-2022-34918 bsc#1201171).
- commit d3cb893
- scsi: nvme: Added a new sysfs attribute appid_store
(bsc#1201193).
- commit 946af0d
- blacklist.conf: update
- blacklist.conf: Add new commit
- commit 6c8c02b
- block/keyslot-manager: prevent crash when num_slots=1
(git-fixes).
- blk-cgroup: fix a hd_struct leak in blkcg_fill_root_iostats
(git-fixes).
- commit ef13f5c
- nvmet: fix freeing unallocated p2pmem (git-fixes).
- nvmet-rdma: Fix NULL deref when SEND is completed with error
(git-fixes).
- nvmet-rdma: Fix NULL deref when setting pi_enable and traddr
INADDR_ANY (git-fixes).
- commit ad1ec47
- blacklist.conf: Add nvmet patch
- commit f8744f6
- nvme-tcp: fix H2CData PDU send accounting (again) (git-fixes).
- commit 781a006
- x86/bugs: Enable STIBP for JMP2RET (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 3a3473f
- x86/bugs: Add AMD retbleed= boot parameter (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- Update config files.
- commit 89f84ec
- x86/bugs: Report AMD retbleed vulnerability (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 13522d3
- x86: Add magic AMD return-thunk (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit b13e1ec
- x86: Use return-thunk in asm code (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit ba20e78
- x86/sev: Avoid using __x86_return_thunk (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit e26025b
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
(bsc#1199657 CVE-2022-29900 CVE-2022-29901).
- commit a16eea7
- x86/kvm: Fix SETcc emulation for return thunks (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 1744d2e
- x86/bpf: Use alternative RET encoding (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit 3599ff8
- x86: Undo return-thunk damage (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 9c190f7
- scsi: lpfc: Update lpfc version to 14.2.0.4 (bsc#1201193).
- scsi: lpfc: Allow reduced polling rate for
nvme_admin_async_event cmd completion (bsc#1201193).
- scsi: lpfc: Add more logging of cmd and cqe information for
aborted NVMe cmds (bsc#1201193).
- scsi: lpfc: Fix port stuck in bypassed state after LIP in
PT2PT topology (bsc#1201193).
- scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is
aborted (bsc#1201193).
- scsi: lpfc: Address NULL pointer dereference after
starget_to_rport() (bsc#1201193).
- scsi: lpfc: Resolve some cleanup issues following SLI path
refactoring (bsc#1201193).
- scsi: lpfc: Resolve some cleanup issues following abort path
refactoring (bsc#1201193).
- scsi: lpfc: Correct BDE type for XMIT_SEQ64_WQE in
lpfc_ct_reject_event() (bsc#1201193).
- scsi: lpfc: Add support for ATTO Fibre Channel devices
(bsc#1201193).
- scsi: lpfc: Add support for VMID tagging of NVMe I/Os
(bsc#1201193).
- scsi: lpfc: Rework lpfc_vmid_get_appid() to be protocol
independent (bsc#1201193).
- scsi: lpfc: Commonize VMID code location (bsc#1201193).
- scsi: nvme-fc: Add new routine nvme_fc_io_getuuid()
(bsc#1201193).
- commit 7f7c840
- net: stmmac: reset Tx desc base address before restarting Tx
(git-fixes).
- commit db66d0c
- net: lantiq: Add locking for TX DMA channel (git-fixes).
- commit 021df50
- net: ethernet: stmmac: Disable hardware multicast filter
(git-fixes).
- commit 36ce5b8
- sunvnet: use icmp_ndo_send helper (git-fixes).
- commit 22762aa
- gtp: use icmp_ndo_send helper (git-fixes).
- commit b9a3ced
- veth: fix races around rq->rx_notify_masked (git-fixes).
- commit c90500d
- net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
- commit 8c700c0
- Update config files.
- commit d2069d8
- scsi: qla2xxx: Update version to 10.02.07.700-k (bsc#1201160).
- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error
injection (bsc#1201160).
- scsi: qla2xxx: Fix losing FCP-2 targets on long port disable
with I/Os (bsc#1201160).
Refresh:
- patches.suse/revert-scsi-qla2xxx-Changes-to-support-FCP2-Target.patch
- scsi: qla2xxx: Add debug prints in the device remove path
(bsc#1201160).
- scsi: qla2xxx: Fix losing target when it reappears during delete
(bsc#1201160).
- scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation
tests (bsc#1201160).
- scsi: qla2xxx: Fix crash due to stale SRB access around I/O
timeouts (bsc#1201160).
- scsi: qla2xxx: Turn off multi-queue for 8G adapters
(bsc#1201160).
- scsi: qla2xxx: Wind down adapter after PCIe error (bsc#1201160).
- scsi: qla2xxx: Add a new v2 dport diagnostic feature
(bsc#1201160).
- scsi: qla2xxx: Fix excessive I/O error messages by default
(bsc#1201160).
- scsi: qla2xxx: Update version to 10.02.07.600-k (bsc#1201160).
- scsi: qla2xxx: edif: Fix slow session teardown (bsc#1201160).
- scsi: qla2xxx: edif: Reduce N2N thrashing at app_start time
(bsc#1201160).
- scsi: qla2xxx: edif: Fix no logout on delete for N2N
(bsc#1201160).
- scsi: qla2xxx: edif: Fix session thrash (bsc#1201160).
- scsi: qla2xxx: edif: Tear down session if keys have been removed
(bsc#1201160).
- scsi: qla2xxx: edif: Fix no login after app start (bsc#1201160).
- scsi: qla2xxx: edif: Reduce disruption due to multiple app start
(bsc#1201160).
- scsi: qla2xxx: edif: Send LOGO for unexpected IKE message
(bsc#1201160).
- scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription
(bsc#1201160).
- scsi: qla2xxx: Update version to 10.02.07.500-k (bsc#1201160).
- scsi: qla2xxx: edif: Fix n2n login retry for secure device
(bsc#1201160).
- scsi: qla2xxx: edif: Fix n2n discovery issue with secure target
(bsc#1201160).
- scsi: qla2xxx: edif: Remove old doorbell interface
(bsc#1201160).
- scsi: qla2xxx: edif: Add retry for ELS passthrough
(bsc#1201160).
- scsi: qla2xxx: edif: Synchronize NPIV deletion with
authentication application (bsc#1201160).
- scsi: qla2xxx: edif: Fix potential stuck session in sa update
(bsc#1201160).
- scsi: qla2xxx: edif: Add bsg interface to read doorbell events
(bsc#1201160).
- scsi: qla2xxx: edif: Wait for app to ack on sess down
(bsc#1201160).
- scsi: qla2xxx: edif: bsg refactor (bsc#1201160).
- scsi: qla2xxx: edif: Reduce Initiator-Initiator thrashing
(bsc#1201160).
- commit d2cb0ed
- Revert "/block: Fix a lockdep complaint triggered by request
queue flushing"/ (git-fixes).
- commit 4eca7cd
- scsi: qla2xxx: Remove unused 'ql_dm_tgt_ex_pct' parameter
(bsc#1201160).
- scsi: qla2xxx: Remove setting of 'req' and 'rsp' parameters
(bsc#1201160).
- commit 4780b01
- nvme-multipath: set nr_zones for zoned namespaces (git-fixes). - Refresh patches.suse/nvme-fix-refcounting-imbalance-when-all-paths-are-do.patch.
- commit 76d2349
- ceph: clean up locking annotation for ceph_get_snap_realm and
__lookup_snap_realm (bsc#1201149).
- Refresh
patches.suse/ceph-take-snap_empty_lock-atomically-with-snaprealm-refcount-change.patch.
- commit d26c619
- ceph: add some lockdep assertions around snaprealm handling
(bsc#1201147).
- Refresh
patches.suse/ceph-take-snap_empty_lock-atomically-with-snaprealm-refcount-change.patch.
- commit 2f1c9fc
- blacklist.conf: add commit
- commit aaeabea
- x86/retpoline: Use -mfunction-return (bsc#1199657 CVE-2022-29900
CVE-2022-29901).
- commit 9a7c312
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201143).
- commit 8a0b165
- bio: fix page leak bio_add_hw_page failure (git-fixes).
- blk-mq: update hctx->dispatch_busy in case of real scheduler (git-fixes).
- block: advance iov_iter on bio_add_hw_page failure (git-fixes).
- commit 7e67c38
- blacklist.conf: ignore documentation fix
- commit ea0880a
- scsi: core: Show SCMD_LAST in text form (git-fixes).
- commit d76d5ab
- scsi: sd_zbc: Support disks with more than 2**32 logical
(git-fixes).
- scsi: sd_zbc: Ensure buffer size is aligned to SECTOR_SIZE
(git-fixes).
- scsi: sd: sd_zbc: Don't pass GFP_NOIO to kvcalloc (git-fixes).
- commit 29c91b5
- x86/cpufeatures: Move RETPOLINE flags to word 11 (bsc#1199657
CVE-2022-29900 CVE-2022-29901).
- commit ea71447
- crypto: x86/poly1305 - Fixup SLS (bsc#1201050 CVE-2021-26341).
- commit af7f65a
- scsi: sd: sd_zbc: Fix ZBC disk initialization (git-fixes).
- commit 9db78a9
- scsi: sd: sd_zbc: Fix handling of host-aware ZBC disks
(git-fixes).
- blacklist.conf: Remove entry from blacklist
- commit 5cb2eb0
- scsi: sd_zbc: Improve zone revalidation (git-fixes).
- scsi: sd_zbc: Don't limit max_zone_append sectors to
(git-fixes).
- scsi: sd_zbc: Remove unused inline functions (git-fixes).
- scsi: sd: Signal drive managed SMR disks (git-fixes).
- commit 6f51c10
- x86: Add straight-line-speculation mitigation (bsc#1201050
CVE-2021-26341).
- Update config files.
- Refresh
patches.suse/x86-speculation-rename-retpoline_amd-to-retpoline_lfence.patch.
- commit d2ed44a
- x86/alternative: Relax text_poke_bp() constraint (bsc#1201050
CVE-2021-26341).
- commit 2e7822c
- x86/alternatives: Teach text_poke_bp() to emulate RET
(bsc#1201050 CVE-2021-26341).
- commit 4eb3542
- x86/alternatives: Implement a better poke_int3_handler()
completion scheme (bsc#1201050 CVE-2021-26341).
- commit cf0f438
- x86/alternative: Shrink text_poke_loc (bsc#1201050
CVE-2021-26341).
- commit db3f434
- x86/alternative: Remove text_poke_loc::len (bsc#1201050
CVE-2021-26341).
- commit 90aebc8
- x86/alternative: Add text_opcode_size() (bsc#1201050
CVE-2021-26341).
- commit 83d7faa
- x86/alternatives: Add and use text_gen_insn() helper
(bsc#1201050 CVE-2021-26341).
- commit 5121e4e
- x86/alternatives, jump_label: Provide better text_poke()
batching interface (bsc#1201050 CVE-2021-26341).
- commit 1b220c6
- x86: Prepare inline-asm for straight-line-speculation
(bsc#1201050 CVE-2021-26341).
- commit 6687132
- x86: Prepare asm files for straight-line-speculation
(bsc#1201050 CVE-2021-26341).
- commit f2fec2e
- x86/lib/atomic64_386_32: Rename things (bsc#1201050
CVE-2021-26341).
- commit 88d97d1
- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
(bsc#1201050 CVE-2021-26341).
- commit 59b7688
- Update metadata references
- commit 45bbc74
- usb: gadget: u_ether: fix regression in setting fixed MAC
address (git-fixes).
- commit 23f9eaa
- move devm_allocate to end of structure for kABI (git-fixes).
- commit 39ff4a9
- spi: Fix use-after-free with devm_spi_alloc_* (git-fixes).
- commit 531527e
- sctp: handle kABI change in struct sctp_endpoint (CVE-2022-20154
bsc#1200599).
- commit b1e8eec
- sctp: use call_rcu to free endpoint (CVE-2022-20154
bsc#1200599).
- commit 44ec44b
- kABI fix of sysctl_run_estimation (git-fixes).
- ipvs: add sysctl_run_estimation to support disable estimation
(bsc#1195504).
- commit 326d103
- bcache: avoid unnecessary soft lockup in kworker
update_writeback_rate() (bsc#1197362).
- bcache: memset on stack variables in bch_btree_check() and
bch_sectors_dirty_init() (git-fixes).
- bcache: avoid journal no-space deadlock by reserving 1 journal
bucket (git-fixes).
- bcache: remove incremental dirty sector counting for
bch_sectors_dirty_init() (git-fixes).
- bcache: improve multithreaded bch_sectors_dirty_init()
(git-fixes).
- bcache: improve multithreaded bch_btree_check() (git-fixes).
- nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
- nvdimm/region: Fix default alignment for small regions
(git-fixes).
- bcache: fixup multiple threads crash (git-fixes).
- md: fix update super 1.0 on rdev size change (git-fixes).
- commit 702bf9b
- Fixup !CONFIG_BLK_CGROUP build in
patches.suse/block-don-t-merge-across-cgroup-boundaries-if-blkcg-.patch.
- commit bfec8fb
- phy: aquantia: Fix AN when higher speeds than 1G are not
advertised (git-fixes).
- ALSA: hda/via: Fix missing beep setup (git-fixes).
- ALSA: hda/conexant: Fix missing beep setup (git-fixes).
- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()
(git-fixes).
- i2c: designware: Use standard optional ref clock implementation
(git-fixes).
- tty: goldfish: Fix free_irq() on remove (git-fixes).
- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
(git-fixes).
- usb: dwc2: Fix memory leak in dwc2_hcd_init (git-fixes).
- USB: serial: option: add support for Cinterion MV31 with new
baseline (git-fixes).
- USB: serial: io_ti: add Agilent E5805A support (git-fixes).
- virtio-mmio: fix missing put_device() when vm_cmdline_parent
registration failed (git-fixes).
- ata: libata-core: fix NULL pointer deref in
ata_host_alloc_pinfo() (git-fixes).
- ALSA: hda/realtek - Add HW8326 support (git-fixes).
- ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()
(git-fixes).
- ASoC: es8328: Fix event generation for deemphasis control
(git-fixes).
- ASoC: wm8962: Fix suspend while playing music (git-fixes).
- ASoC: cs42l56: Correct typo in minimum level for SX volume
controls (git-fixes).
- ASoC: cs42l52: Correct TLV for Bypass Volume (git-fixes).
- ASoC: cs53l30: Correct number of volume levels on SX controls
(git-fixes).
- ASoC: cs35l36: Update digital volume TLV (git-fixes).
- ASoC: cs42l52: Fix TLV scales for mixer controls (git-fixes).
- ASoC: nau8822: Add operation for internal PLL off and on
(git-fixes).
- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
(git-fixes).
- virtio-pci: Remove wrong address verification in vp_del_vqs()
(git-fixes).
- commit 3c059bb
- arm64: ftrace: fix branch range checks (git-fixes)
- commit 78ca39c
- block: Fix kABI in blk-merge.c (bsc#1198020).
- commit fa9f9d3
- ext4: add check to prevent attempting to resize an fs with
sparse_super2 (bsc#1197754).
- commit 063f013
- kabi/severities: ignore KABI for NVMe target (bsc#1192761)
Exported symbols under drivers/nvme/target/ are only used by the
nvmet subsystem itself.
- commit 60db37f
- blacklist.conf: Blacklist 14dc7a18abbe
- commit e3d2bff
- vmxnet3: fix minimum vectors alloc issue (bsc#1199489).
- commit 5d5a2b9
- nvme: kabi fix nvme subsystype change (bsc#1192761)
- commit e2cebc4
- blacklist.conf: Blacklist e583b5c472bd
- commit e1ae80a
- iomap: iomap_write_failed fix (bsc#1200829).
- commit c8ee717
- jfs: fix divide error in dbNextAG (bsc#1200828).
- commit 8668968
- ext4: make variable "/count"/ signed (bsc#1200820).
- commit 8506661
- init: Initialize noop_backing_dev_info early (bsc#1200822).
- commit 9bcd180
- writeback: Fix inode->i_io_list not be protected by
inode->i_lock error (bsc#1200821).
- commit 5276354
- blk-mq: do not update io_ticks with passthrough requests
(bsc#1200816).
- commit 25cf6a6
- blacklist.conf: Blacklist 14362a254179 and e730558adffb
- commit 84080f8
- blacklist.conf: Blacklist 623af4f538b5
- commit e09c291
- inotify: show inotify mask flags in proc fdinfo (bsc#1200600).
- commit dd7c510
- Update tags in:
patches.suse/bfq-Drop-pointless-unlock-lock-pair.patch.
patches.suse/bfq-Get-rid-of-__bio_blkcg-usage.patch.
patches.suse/bfq-Make-sure-bfqg-for-which-we-are-queueing-request.patch.
patches.suse/bfq-Remove-pointless-bfq_init_rq-calls.patch.
patches.suse/bfq-Split-shared-queues-on-move-between-cgroups.patch.
patches.suse/bfq-Track-whether-bfq_group-is-still-online.patch.
patches.suse/bfq-Update-cgroup-information-before-merging-bio.patch.
- commit fa82b91
- writeback: Avoid skipping inode writeback (bsc#1200813).
- commit fbc0033
- blk-iolatency: Fix inflight count imbalances and IO hangs on
offline (bsc#1200825).
- commit 77a71d2
- block: don't merge across cgroup boundaries if blkcg is enabled
(bsc#1198020).
- commit 08df09c
- ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1200810).
- commit 90ad366
- ext4: fix bug_on in __es_tree_search (bsc#1200809).
- commit 599d1b0
- blacklist.conf: Blacklist cb8435dc8ba3
- commit 82be35e
- ext4: fix race condition between ext4_write and
ext4_convert_inline_data (bsc#1200807).
- commit ab76d02
- ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
(bsc#1200806).
- commit 6fb9b0d
- nvmet: register discovery subsystem as 'current' (bsc#1192761).
- nvmet: switch check for subsystem type (bsc#1192761).
- nvme: add new discovery log page entry definitions
(bsc#1192761).
- nvme: display correct subsystem NQN (bsc#1192761).
- nvme: Add connect option 'discovery' (bsc#1192761).
Refresh:
- patches.suse/nvme-add-iopolicy-module-parameter.patch
- nvme: expose subsystem type in sysfs attribute 'subsystype'
(bsc#1192761).
Refresh:
- patches.suse/nvme-add-iopolicy-module-parameter.patch
- nvmet: set 'CNTRLTYPE' in the identify controller data
(bsc#1192761).
- nvmet: add nvmet_is_disc_subsys() helper (bsc#1192761).
- nvme: add CNTRLTYPE definitions for 'identify controller'
(bsc#1192761).
- nvmet: make discovery NQN configurable (bsc#1192761).
- nvmet: don't check iosqes,iocqes for discovery controllers
(bsc#1192761).
- nvmet: add nvmet_req_subsys() helper (bsc#1192761).
- commit 829b0a6
- blk-mq: clear active_queues before clearing
BLK_MQ_F_TAG_QUEUE_SHARED (bsc#1200263).
- commit e0430df
- rpm/check-for-config-changes: ignore GCC12/CC_NO_ARRAY_BOUNDS
Upstream commit f0be87c42cbd (gcc-12: disable '-Warray-bounds'
universally for now) added two new compiler-dependent configs:
* CC_NO_ARRAY_BOUNDS
* GCC12_NO_ARRAY_BOUNDS
Ignore them -- they are unset by dummy tools (they depend on gcc version
== 12), but set as needed during real compilation.
- commit a14607c
- ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (CVE-2022-1679
bsc#1199487).
- commit 1ae14c9
- powerpc/perf: Fix the threshold compare group constraint for
power9 (bsc#1065729).
- powerpc/idle: Fix return value of __setup() handler
(bsc#1065729).
- commit 60a1a9d
- scsi: ibmvfc: Store vhost pointer during subcrq allocation
(jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: ibmvfc: Allocate/free queue resource only during
probe/remove (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- commit 161dd5d
- pNFS: Don't keep retrying if the server replied
NFS4ERR_LAYOUTUNAVAILABLE (git-fixes).
- SUNRPC: Fix the calculation of xdr->end in
xdr_get_next_encode_buffer() (git-fixes).
- NFS: Further fixes to the writeback error handling (git-fixes).
- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS
layout (git-fixes).
- NFS: Memory allocation failures are not server fatal errors
(git-fixes).
- NFS: Don't report errors from nfs_pageio_complete() more than
once (git-fixes).
- NFS: Do not report flush errors in nfs_write_end() (git-fixes).
- NFS: Do not report EINTR/ERESTARTSYS as mapping errors
(git-fixes).
- commit b6dcac2
- Update patches.suse/pNFS-flexfiles-fix-incorrect-size-check-in-decode_nf.patch
(git-fixes CVE-2021-4157 bnc#1194013).
- commit fccebe3
- random: Add and use pr_fmt() (bsc#1184924).
- commit 565b0b7
- random: remove unnecessary unlikely() (bsc#1184924).
- commit 30b0d5d
- Refresh patches.suse/random-fix-crash-on-multiple-early-calls-to-add_bootloader_randomness.patch.
Update to upstream version.
- commit f01d1a8
- powerpc/rtas: Allow ibm,platform-dump RTAS call with null
buffer address (bsc#1200343 ltc#198477).
- commit eae5ebe
- exec: Force single empty string when argv is empty
(bsc#1200571).
- commit dffa04e
- scsi: smartpqi: create module parameters for LUN reset
(bsc#1179195 bsc#1200622).
- commit 96f3f82
- HID: add USB_HID dependancy to hid-prodikeys (CVE-2022-20132
bsc#1200619).
- HID: add USB_HID dependancy to hid-chicony (CVE-2022-20132
bsc#1200619).
- HID: bigbenff: prevent null pointer dereference (CVE-2022-20132
bsc#1200619).
- HID: add USB_HID dependancy on some USB HID drivers
(CVE-2022-20132 bsc#1200619).
- commit f2f08be
- HID: holtek: fix mouse probing (CVE-2022-20132 bsc#1200619).
- commit f8ff78e
- HID: check for valid USB device for many HID drivers
(CVE-2022-20132 bsc#1200619).
- HID: add hid_is_usb() function to make it simpler for USB
detection (CVE-2022-20132 bsc#1200619).
- commit 3fe30db
- blacklist.conf: add already cherry-picked usb revert commit
- commit 5b3636f
- certs/blacklist_hashes.c: fix const confusion in certs blacklist
(git-fixes).
- commit 6e1c6be
- drm/i915/reset: Fix error_state_read ptr + offset use
(git-fixes).
- net: ax25: Fix deadlock caused by skb_recv_datagram in
ax25_recvmsg (git-fixes).
- commit 24d4858
- igmp: Add ip_mc_list lock in ip_check_mc_rcu (bsc#1200604
CVE-2022-20141).
- commit 34bf464
- kabi: return type change of secure_ipv_port_ephemeral()
(CVE-2022-1012 bsc#1199482).
- tcp: drop the hash_32() part from the index calculation
(CVE-2022-1012 bsc#1199482).
- tcp: increase source port perturb table to 2^16 (CVE-2022-1012
bsc#1199482).
- tcp: dynamically allocate the perturb table used by source ports
(CVE-2022-1012 bsc#1199482).
- tcp: add small random increments to the source port
(CVE-2022-1012 bsc#1199482).
- tcp: resalt the secret every 10 seconds (CVE-2022-1012
bsc#1199482).
- tcp: use different parts of the port_offset for index and offset
(CVE-2022-1012 bsc#1199482).
- secure_seq: use the 64 bits of the siphash for port offset
calculation (CVE-2022-1012 bsc#1199482).
- commit f0bb4ae
- arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (git-fixes)
- commit 000b775
- kernel-binary.spec: check s390x vmlinux location
As a side effect of mainline commit edd4a8667355 ("/s390/boot: get rid of
startup archive"/), vmlinux on s390x moved from "/compressed"/ subdirectory
directly into arch/s390/boot. As the specfile is shared among branches,
check both locations and let objcopy use one that exists.
- commit cd15543
- Add missing recommends of kernel-install-tools to kernel-source-vanilla (bsc#1200442)
- commit 93b1375
- cifs: fix uninitialized pointer in error case in
dfs_cache_get_tgt_share (bsc#1200217).
- commit 61fbb01
- cifs: skip trailing separators of prefix paths (bsc#1200217).
- commit ee56e7d
- cifs: update internal module number (bsc#1200217).
- commit f5cdb99
- cifs: version operations for smb20 unneeded when legacy support
disabled (bsc#1200217).
- commit 1734132
- cifs: do not build smb1ops if legacy support is disabled
(bsc#1200217).
- commit aba3c47
- cifs: fix potential deadlock in direct reclaim (bsc#1200217).
- commit e9cc20c
- cifs: when extending a file with falloc we should make files
not-sparse (bsc#1200217).
- commit 294d1b1
- cifs: remove repeated debug message on cifs_put_smb_ses()
(bsc#1200217).
- commit 98c0db1
- cifs: fix potential double free during failed mount
(bsc#1200217).
- commit bce142b
- cifs: avoid parallel session setups on same channel
(bsc#1200217).
- commit 1f42004
- cifs: use new enum for ses_status (bsc#1200217).
- commit 7268b31
- cifs: do not use tcpStatus after negotiate completes
(bsc#1200217).
- commit 7674d31
- smb3: add mount parm nosparse (bsc#1200217).
- commit 2ffada9
- smb3: don't set rc when used and unneeded in query_info_compound
(bsc#1200217).
- commit 6fd63ad
- smb3: check for null tcon (bsc#1200217).
- commit b858070
- cifs: fix minor compile warning (bsc#1200217).
- commit fd0fc4d
- Add various fsctl structs (bsc#1200217).
- commit 90bede3
- smb3: add trace point for oplock not found (bsc#1200217).
- commit 346f7ed
- cifs: return the more nuanced writeback error on close()
(bsc#1200217).
- commit 7742646
- smb3: add trace point for lease not found issue (bsc#1200217).
- commit 0658354
- cifs: smbd: fix typo in comment (bsc#1200217).
- commit c4afc8a
- cifs: set the CREATE_NOT_FILE when opening the directory in
use_cached_dir() (bsc#1200217).
- commit 706627f
- cifs: check for smb1 in open_cached_dir() (bsc#1200217).
- commit 6a639c3
- cifs: move definition of cifs_fattr earlier in cifsglob.h
(bsc#1200217).
- commit f6bc702
- cifs: print TIDs as hex (bsc#1200217).
- commit e89f4ca
- cifs: return ENOENT for DFS lookup_cache_entry() (bsc#1200217).
- commit 415ae81
- cifs: don't call cifs_dfs_query_info_nonascii_quirk() if nodfs
was set (bsc#1200217).
- commit a90922b
- cifs: fix signed integer overflow when fl_end is OFFSET_MAX
(bsc#1200217).
- commit 586cc75
- SMB3: EBADF/EIO errors in rename/open caused by race condition
in smb2_compound_op (bsc#1200217).
- commit ee0782f
- cifs: destage any unwritten data to the server before calling
copychunk_write (bsc#1200217).
- commit 1bda1c7
- cifs: use correct lock type in cifs_reconnect() (bsc#1200217).
- commit 8a9f3fb
- cifs: fix NULL ptr dereference in refresh_mounts()
(bsc#1200217).
- commit 6a33928
- cifs: Use kzalloc instead of kmalloc/memset (bsc#1200217).
- commit b1096ec
- cifs: verify that tcon is valid before dereference in
cifs_kill_sb (bsc#1200217).
- commit 7b9058f
- cifs: potential buffer overflow in handling symlinks
(bsc#1200217).
- commit 6cb9820
- cifs: Split the smb3_add_credits tracepoint (bsc#1200217).
- commit 349ed65
- cifs: release cached dentries only if mount is complete
(bsc#1200217).
- commit 6b464d5
- cifs: Check the IOCB_DIRECT flag, not O_DIRECT (bsc#1200217).
- commit dde64e8
- cifs: update internal module number (bsc#1193629).
- commit 92220f4
- cifs: force new session setup and tcon for dfs (bsc#1200217).
- commit 83df40d
- cifs: remove check of list iterator against head past the loop
body (bsc#1200217).
- commit c041716
- cifs: fix potential race with cifsd thread (bsc#1200217).
- commit 4db1b1e
- smb3: fix ksmbd bigendian bug in oplock break, and move its
struct to smbfs_common (bsc#1200217).
[ ematsumiya: remove ksmbd parts ]
- commit 49a5253
- smb3: cleanup and clarify status of tree connections
(bsc#1200217).
- commit 7a8d282
- smb3: move defines for query info and query fsinfo to
smbfs_common (bsc#1200217).
[ ematsumiya: remove ksmbd parts ]
- commit 980c599
- smb3: move defines for ioctl protocol header and SMB2 sizes
to smbfs_common (bsc#1200217).
[ ematsumiya: remove ksmbd parts ]
- commit 4816364
- [smb3] move more common protocol header definitions to
smbfs_common (bsc#1200217).
[ ematsumiya: remove ksmbd parts ]
- commit 6224ee1
- cifs: fix incorrect use of list iterator after the loop
(bsc#1200217).
- commit aef3af4
- cifs: change smb2_query_info_compound to use a cached fid,
if available (bsc#1200217).
- commit 351d3bd
- cifs: use a different reconnect helper for non-cifsd threads
(bsc#1200217).
- commit f30e918
- cifs: we do not need a spinlock around the tree access during
umount (bsc#1200217).
- commit 7cfcd55
- cifs: fix handlecache and multiuser (bsc#1200217).
- commit 3ed19f3
- smb3: fix incorrect session setup check for multiuser mounts
(bsc#1200217).
- commit 7016d61
- cifs: fix confusing unneeded warning message on smb2.1 and
earlier (bsc#1200217).
- commit 5c8e870
- cifs: modefromsids must add an ACE for authenticated users
(bsc#1200217).
- commit 48a34af
- cifs: fix double free race when mount fails in cifs_get_root()
(bsc#1200217).
- commit f99992c
- cifs: do not use uninitialized data in the owner/group sid
(bsc#1200217).
- commit 84b55ef
- cifs: fix set of group SID via NTSD xattrs (bsc#1200217).
- commit eb184a1
- smb3: fix snapshot mount option (bsc#1200217).
- commit 874c094
- cifs: mark sessions for reconnection in helper function
(bsc#1200217).
- commit 0a58bbf
- cifs: call helper functions for marking channels for reconnect
(bsc#1200217).
- commit 9ee8dff
- cifs: call cifs_reconnect when a connection is marked
(bsc#1200217).
- commit da0085d
- [smb3] improve error message when mount options conflict with
posix (bsc#1200217).
- commit 2105c8f
- cifs: fix workstation_name for multiuser mounts (bsc#1200217).
- commit 5c19405
- cifs: unlock chan_lock before calling cifs_put_tcp_session
(bsc#1200217).
- commit 154c129
- Fix a warning about a malformed kernel doc comment in cifs
(bsc#1200217).
- commit b2b7511
- cifs: update internal module number (bsc#1200217).
- commit fd57627
- smb3: send NTLMSSP version information (bsc#1200217).
- commit 713e861
- cifs: cifs_ses_mark_for_reconnect should also update reconnect
bits (bsc#1200217).
- commit 9a2f0ac
- cifs: update tcpStatus during negotiate and sess setup
(bsc#1200217).
- commit d9e3178
- cifs: make status checks in version independent callers
(bsc#1200217).
- commit bd7b0d4
- cifs: remove repeated state change in dfs tree connect
(bsc#1200217).
- commit 010f86c
- cifs: fix the cifs_reconnect path for DFS (bsc#1200217).
- commit 8872018
- cifs: remove unused variable ses_selected (bsc#1200217).
- commit ff25a18
- cifs: protect all accesses to chan_* with chan_lock
(bsc#1200217).
- commit 570e7fa
- cifs: fix the connection state transitions with multichannel
(bsc#1200217).
- commit 9e04600
- cifs: check reconnects for channels of active tcons too
(bsc#1200217).
- commit 7d36579
- cifs: serialize all mount attempts (bsc#1200217).
- commit 551fdd3
- cifs: quirk for STATUS_OBJECT_NAME_INVALID returned for
non-ASCII dfs refs (bsc#1200217).
- commit c9efbf1
- cifs: alloc_path_with_tree_prefix: do not append sep. if the
path is empty (bsc#1200217).
- commit 764a91d
- cifs: clean up an inconsistent indenting (bsc#1200217).
- commit 248e46d
- cifs: free ntlmsspblob allocated in negotiate (bsc#1200217).
- commit 43eb5cf
- cifs: fix FILE_BOTH_DIRECTORY_INFO definition (bsc#1200217).
- commit 41d17b7
- cifs: move superblock magic defitions to magic.h (bsc#1200217).
- commit ef6d710
- cifs: Fix smb311_update_preauth_hash() kernel-doc comment
(bsc#1200217).
- commit f53ea90
- cifs: avoid race during socket reconnect between send and recv
(bsc#1200217).
- commit 722c8b7
- cifs: maintain a state machine for tcp/smb/tcon sessions
(bsc#1200217).
- commit 51b486f
- cifs: fix hang on cifs_get_next_mid() (bsc#1200217).
- commit fd0e196
- cifs: take cifs_tcp_ses_lock for status checks (bsc#1200217).
- commit 27f6fb8
- cifs: reconnect only the connection and not smb session where
possible (bsc#1200217).
- commit 16bf87d
- cifs: add WARN_ON for when chan_count goes below minimum
(bsc#1200217).
- commit a58714b
- cifs: adjust DebugData to use chans_need_reconnect for conn
status (bsc#1200217).
- commit 7ddcbf5
- cifs: use the chans_need_reconnect bitmap for reconnect status
(bsc#1200217).
- commit d6f970b
- cifs: track individual channel status using chans_need_reconnect
(bsc#1200217).
- commit b7aed75
- cifs: remove redundant assignment to pointer p (bsc#1200217).
- commit a5a52e3
- cifs: sanitize multiple delimiters in prepath (bsc#1200217).
- commit d076172
- cifs: ignore resource_id while getting fscache super cookie
(bsc#1200217).
- commit 2d5c0e6
- cifs: fix ntlmssp auth when there is no key exchange
(bsc#1200217).
- commit 93704ce
- cifs: wait for tcon resource_id before getting fscache super
(bsc#1200217).
- commit b7f6657
- cifs: fix missed refcounting of ipc tcon (bsc#1200217).
- commit e83f639
- floppy: disable FDRAWCMD by default (bsc#1198866 CVE-2022-1836).
- Update config files.
- commit f9d0532
- kernel-binary.spec: Support radio selection for debuginfo.
To disable debuginfo on 5.18 kernel a radio selection needs to be
switched to a different selection. This requires disabling the currently
active option and selecting NONE as debuginfo type.
- commit 43b5dd3
- drm/i915: Update TGL and RKL DMC firmware versions
(bsc#1198924).
- commit cce0630
- rpm/kernel-obs-build.spec.in: Also depend on dracut-systemd (bsc#1195775)
- commit 5d4e32c
- pahole 1.22 required for full BTF features.
also recommend pahole for kernel-source to make the kernel buildable
with standard config
- commit 364f54b
- rpm/kernel-obs-build.spec.in: add systemd-initrd and terminfo dracut module (bsc#1195775)
- commit d9a821b
- p11-kit
-
- CVE-2020-29362: Fixed a 4 byte overread (bsc#1180065)
Added p11-kit-CVE-2020-29362.patch:
- pcre
-
- Added pcre-8.45-bsc1199232-unicode-property-matching.patch
* bsc#1199232
* CVE-2022-1586
* Fixes unicode property matching issue
- python-PyJWT
-
- Add CVE-2022-29217-non-blocked-pubkeys.patch fixing
CVE-2022-29217 (bsc#1199756), which disallows use of blocked
pubkeys (heavily modified from upstream).
- python3
-
- Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid
CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the
command injection in the mailcap module.
- Rename support-expat-245.patch to
support-expat-CVE-2022-25236-patched.patch to unify the patch
with other packages.
- Add bpo-46623-skip-zlib-s390x.patch skipping two failing tests
on s390x.