SUSEConnect
- Update to 0.3.31
- Disallow registering via SUSEConnect if the system is managed by SUSE Manager.
- Add subscription name to output of 'SUSEConnect --status'
- Update to 0.3.30
- send payload of GET requests as part of the url,
  not in the body (see bsc#1185611)
bind
- Since BIND 9.9, it has been easier to use tsig-keygen and
  ddns-confgen to generare TSIG keys. In 9.13, TSIG support was
  removed from dnssec-keygen, so now it is just for DNSKEY (and KEY
  for obscure cases). tsig-keygen is now used to generate DDNS keys.
  [bsc#1187921, vendor-files.tar.bz2]
c-ares
- 5c995d5.patch: augment input validation on hostnames to allow _
  as part of DNS response (bsc#1190225)
ca-certificates-mozilla
- remove the DST_Root_CA_X3.pem trust, as it expires september 30th 2021.
  (bsc#1190858)
cloud-init
- Add cloud-init-log-file-mode.patch (bsc#1183939)
  + Change log file creation mode to 640
- Add cloud-init-no-pwd-in-log.patch (bsc#1184758)
  + Do not write the generated password to the log file
- Add cloud-init-purge-cache-py-ver-change.patch
docker
- Add patch to return ENOSYS for clone3 to avoid breaking glibc again.
  bsc#1190670
  + 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Add shell requires for the *-completion subpackages.
efibootmgr

      
file
- Add patch bsc1189996-9fbe768a.patch to fix bsc#1189996
grub2
- Fix error not a btrfs filesystem on s390x (bsc#1187645)
  * 80_suse_btrfs_snapshot
- Fix error gfxterm isn't found with multiple terminals (bsc#1187565)
  * grub2-fix-error-terminal-gfxterm-isn-t-found.patch
- Fix boot failure after kdump due to the content of grub.cfg is not
  completed with pending modificaton in xfs journal (bsc#1186975)
  * grub-install-force-journal-draining-to-ensure-data-i.patch
- Patch refreshed
  * grub2-mkconfig-default-entry-correction.patch
kernel-default
- ipc: remove memcg accounting for sops objects in do_semtimedop()
  (bsc#1190115).
- memcg: enable accounting of ipc resources (bsc#1190115
  CVE-2021-3759).
- commit 84a3538
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
  - patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
  - patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit ebb6bcb
- fixup "/rpm: support gz and zst compression methods"/ once more
  (bsc#1190428, bsc#1190358)
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
  Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 165378a
- PM: sleep: core: Avoid setting power.must_resume to false
  (git-fixes).
- drm/panfrost: Use u64 for size in lock_region (git-fixes).
- dmaengine: idxd: clear block on fault flag when clear wq
  (git-fixes).
- dmaengine: idxd: fix wq slot allocation index check (git-fixes).
- commit b255b0e
- PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
- PCI: iproc: Fix BCMA probe resource handling (git-fixes).
- usb: dwc2: Fix error path in gadget registration (git-fixes).
- commit 59e7328
- thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
  (git-fixes).
- drm/panfrost: Simplify lock_region calculation (git-fixes).
- dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
  (git-fixes).
- mfd: lpc_sch: Rename GPIOBASE to prevent build error
  (git-fixes).
- mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
  (git-fixes).
- mfd: axp20x: Update AXP288 volatile ranges (git-fixes).
- gpio: mpc8xxx: Fix a resources leak in the error handling path
  of 'mpc8xxx_probe()' (git-fixes).
- commit 75d69a6
- pwm: lpc32xx: Don't modify HW state in .probe() after the PWM
  chip was registered (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 800
  (git-fixes).
- PCI: Fix pci_dev_str_match_path() alloc while atomic bug
  (git-fixes).
- PCI/portdrv: Enable Bandwidth Notification only if port supports
  it (git-fixes).
- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
  (git-fixes).
- PCI: Call Max Payload Size-related fixup quirks early
  (git-fixes).
- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
  ROG Strix G17 (git-fixes).
- reset: reset-zynqmp: Fixed the argument data type (git-fixes).
- gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for
  (semi)planar U/V formats (git-fixes).
- commit f395ad9
- Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412)
  Deleted and blacklisted:
  patches.suse/platform-x86-intel_int0002_vgpio-Only-call-enable_ir.patch
  patches.suse/platform-x86-intel_int0002_vgpio-Pass-irqchip-when-a.patch
- commit bebba41
- fixup "/rpm: support gz and zst compression methods"/ once more
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
  Fixes: 23510fce36ec ("/fixup "/rpm: support gz and zst compression methods"/"/)
- commit 34e68f4
- Avoid double printing SUSE specific flags in mod->taint (bsc#1190413).
- commit 297a1a6
- fixup "/rpm: support gz and zst compression methods"/ (bsc#1190358, bsc#1190428).
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
- fixup "/rpm: support gz and zst compression methods"/
  Fixes: 3b8c4d9bcc24 ("/rpm: support gz and zst compression methods"/)
- commit 6c262f9
- kernel-cert-subpackage: Fix certificate location in scriptlets
  (bsc#1189841).
  Fixes: d9a1357edd73 ("/rpm: Define $certs as rpm macro (bsc#1189841)."/)
- commit 8684de8
- mm/vmscan: fix infinite loop in drop_slab_node (VM
  Functionality, bsc#1189301).
- commit 016e8e0
- blacklist.conf: blacklist an unwanted commit
- commit 910824e
- SUNRPC: Simplify socket shutdown when not reusing TCP ports
  (git-fixes).
- SUNRPC: Fix potential memory corruption (git-fixes).
- NFSv4/pNFS: Fix a layoutget livelock loop (git-fixes).
- nfsd4: Fix forced-expiry locking (git-fixes).
- lockd: Fix invalid lockowner cast after vfs_test_lock
  (git-fixes).
- commit 59642ba
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
- commit 8c2fa8c
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
- commit a70a19d
- Sort nvme patches into linux-block.
- commit 090f7ef
- Refresh patches.suse/cpuidle-pseries-Fixup-CEDE0-latency-only-for-POWER10.patch
  Update patch metadata.
- commit cbfec2a
- btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481).
- Delete
  patches.suse/btrfs-dump_space_info-when-encountering-total_bytes_pinned-0-at-umount.patch.
- commit bfb1107
- btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc#1135481).
- commit 9722825
- btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481).
- commit 350aa4f
- btrfs: rip out may_commit_transaction (bsc#1135481).
- commit 4606638
- btrfs: add a trace class for dumping the current ENOSPC state (bsc#1135481).
- commit 631f16e
- btrfs: adjust the flush trace point to include the source (bsc#1135481).
- commit e32ea57
- btrfs: implement space clamping for preemptive flushing (bsc#1135481).
- commit ca710c1
- btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481).
- commit 4b02073
- btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481).
- commit 7205c9f
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481).
- Refresh
  patches.suse/btrfs-account-ticket-size-at-add-delete-time.patch.
- commit bcb2da5
- btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481).
- commit fba4763
- btrfs: rename need_do_async_reclaim (bsc#1135481).
- commit f764126
- btrfs: improve preemptive background space flushing (bsc#1135481).
- commit 874aca2
- btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481).
- commit 7ec1638
- btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481).
- commit c78869d
- btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc#1135481).
- commit c805821
- btrfs: add a trace point for reserve tickets (bsc#1135481).
- commit ed22c30
- btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc#1135481).
- commit f6a0397
- ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
  (git-fixes).
- ALSA: hda/realtek: Workaround for conflicting SSID on ASUS
  ROG Strix G17 (git-fixes).
- gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for
  (semi)planar U/V formats (git-fixes).
- commit 6335a8b
- SUNRPC: improve error response to over-size gss credential
  (bsc#1190022).
- commit 0678bd3
- scsi: sg: add sg_remove_request in sg_write (bsc#1171420
  CVE2020-12770).
- commit 59a4a94
- Bluetooth: schedule SCO timeouts with delayed_work
  (CVE-2021-3640 bsc#1188172).
- Refresh
  patches.suse/Bluetooth-fix-repeated-calls-to-sco_sock_kill.patch.
- Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch.
- commit 69c5b94
- sched/fair: Ensure that the CFS parent is added after unthrottling (git-fixes).
- commit f3a38fb
- rpm/kernel-source.spec.in: do some more for vanilla_only
  Make sure:
  * sources are NOT executable
  * env is not used as interpreter
  * timestamps are correct
  We do all this for normal kernel builds, but not for vanilla_only
  kernels (linux-next and vanilla).
- commit b41e4fd
- Revert "/memcg: enable accounting for file lock caches (bsc#1190115)."/
  This reverts commit 78b761616bfb31a0d54806624e7c8db23fbeda9c.
  It's effectively upstream commit
  3754707bcc3e190e5dadc978d172b61e809cb3bd applied to kernel-source (to
  avoid proliferation of patches). Make a note in blacklist.conf too.
- commit eba498f
- Update kabi files.
- update from September 2021 maintenance update submission (commit 21030bc7f9be)
- commit 63b67d5
- fix patch metadata
- fix Patch-mainline:
  - patches.suse/mm-vmscan-guarantee-drop_slab_node-termination.patch
- commit bddec27
- blacklist.conf: kABI
- commit 2b1e710
- mm, vmscan: guarantee drop_slab_node() termination (VM
  Functionality, bsc#1189301).
- commit 56cc71b
- Delete patches.kabi/cpuidle-cpuidle_state-kABI-fix.patch.
  we don't have the field in sle15-sp3
- commit 0e3f58a
- blacklist.conf: cosmetic fix
- commit c872ce5
- blacklist.conf: 33cba859220b ("/fscache: Fix fscache_cookie_put() to not deref after dec"/)
  Needs prerequisites to backport which could be problematic.
- commit 648a5e5
- usb: dwc3: core: Properly default unspecified speed (git-fixes).
- commit 714137e
- libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
  (git-fixes).
- commit 5a2ecd2
- kABI: revert change in struct bpf_insn_aux_data (bsc#1188983,
  bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit 425bbd2
- memcg: enable accounting of ipc resources (bsc#1190115
  CVE-2021-3759).
- memcg: enable accounting for file lock caches (bsc#1190115).
- commit 925e30c
- Refresh
  patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch.
- commit f3cba28
- series.conf: cleanup
- update upstream references and resort:
  - patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch
- commit 0d42678
- update nvme patch references and move them out of sorted section
  Within a few days, nvme repository was not only rebased again but the
  patches has been also reordered. To avoid further spurious git-sort errors,
  move the nvme patches out of sorted section until they reach mainline or
  some better behaving subsystem repository.
- update Git-commit and move out of sorted section:
  - patches.suse/nvme-multipath-revalidate-paths-during-rescan.patch
  - patches.suse/nvme-only-call-synchronize_srcu-when-clearing-curren.patch
  - patches.suse/nvme-tcp-Do-not-reset-transport-on-data-digest-error.patch
- commit 95e9f8b
- mm: fix memory_failure() handling of dax-namespace metadata
  (bsc#1189872).
- commit e915313
- rpm: Fold kernel-devel and kernel-source scriptlets into spec files
  (bsc#1189841).
  These are unchanged since 2011 when they were introduced. No need to
  track them separately.
- commit 692d38b
- rpm: Abolish image suffix (bsc#1189841).
  This is used only with vanilla kernel which is not supported in any way.
  The only effect is has is that the image and initrd symlinks are created
  with this suffix.
  These symlinks are not used except on s390 where the unsuffixed symlinks
  are used by zipl.
  There is no reason why a vanilla kernel could not be used with zipl as
  well as it's quite unexpected to not be able to boot when only a vanilla
  kernel is installed.
  Finally we now have a backup zipl kernel so if the vanilla kernel is
  indeed unsuitable the backup kernel can be used.
- commit e2f37db
- kernel-binary.spec: Define $image as rpm macro (bsc#1189841).
- commit e602b0f
- rpm: Define $certs as rpm macro (bsc#1189841).
  Also pass around only the shortened hash rather than full filename.
  As has been discussed in bsc#1124431 comment 51
  https://bugzilla.suse.com/show_bug.cgi?id=1124431#c51 the placement of
  the certificates is an API which cannot be changed unless we can ensure
  that no two kernels that use different certificate location can be built
  with the same certificate.
- commit d9a1357
- HID: input: do not report stylus battery state as "/full"/
  (git-fixes).
- HID: i2c-hid: Fix Elan touchpad regression (git-fixes).
- pinctrl: samsung: Fix pinctrl bank pin count (git-fixes).
- pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
  (git-fixes).
- pinctrl: single: Fix error return code in
  pcs_parse_bits_in_pinctrl_entry() (git-fixes).
- clk: kirkwood: Fix a clocking boot regression (git-fixes).
- mailbox: sti: quieten kernel-doc warnings (git-fixes).
- overflow: Correct check_shl_overflow() comment (git-fixes).
- commit 835ad7d
- ASoC: rt5682: Adjust headset volume button threshold again
  (git-fixes).
- commit 662b23e
- drm/nouveau/kms/nv50: workaround EFI GOP window channel format
  differences (git-fixes).
- iwlwifi: pnvm: accept multiple HW-type TLVs (git-fixes).
- ASoC: component: Remove misplaced prefix handling in pin
  control functions (git-fixes).
- ASoC: rt5682: Adjust headset volume button threshold
  (git-fixes).
- commit db055cd
- mtd: rawnand: cafe: Fix a resource leak in the error handling
  path of 'cafe_nand_probe()' (git-fixes).
- USB: serial: option: add new VID/PID to support Fibocom FG150
  (git-fixes).
- drm/nouveau/disp: power down unused DP links during init
  (git-fixes).
- drm: Copy drm_wait_vblank to user before returning (git-fixes).
- virtio_pci: Support surprise removal of virtio pci device
  (git-fixes).
- commit ce46f13
- ocfs2: ocfs2_downconvert_lock failure results in deadlock
  (bsc#1188439).
- commit d85d8fa
- cgroup1: fix leaked context root causing sporadic NULL deref
  in LTP (bsc#1190181).
- commit d57aed6
- Refresh patches.suse/powerpc-stacktrace-Include-linux-delay.h.patch.
- commit aec8493
- series.conf: cleanup
- update upstream references and resort:
  - patches.suse/scsi-core-Add-scsi_prot_ref_tag-helper.patch
  - patches.suse/scsi-ibmvfc-Do-not-wait-for-initial-device-scan.patch
  - patches.suse/scsi-lpfc-Add-256-Gb-link-speed-support.patch
  - patches.suse/scsi-lpfc-Add-PCI-ID-support-for-LPe37000-LPe38000-s.patch
  - patches.suse/scsi-lpfc-Call-discovery-state-machine-when-handling.patch
  - patches.suse/scsi-lpfc-Clear-outstanding-active-mailbox-during-PC.patch
  - patches.suse/scsi-lpfc-Copyright-updates-for-12.8.0.11-patches.patch
  - patches.suse/scsi-lpfc-Copyright-updates-for-14.0.0.0-patches.patch
  - patches.suse/scsi-lpfc-Delay-unregistering-from-transport-until-G.patch
  - patches.suse/scsi-lpfc-Discovery-state-machine-fixes-for-LOGO-han.patch
  - patches.suse/scsi-lpfc-Enable-adisc-discovery-after-RSCN-by-defau.patch
  - patches.suse/scsi-lpfc-Fix-KASAN-slab-out-of-bounds-in-lpfc_unreg.patch
  - patches.suse/scsi-lpfc-Fix-NULL-ptr-dereference-with-NPIV-ports-f.patch
  - patches.suse/scsi-lpfc-Fix-NVMe-support-reporting-in-log-message.patch
  - patches.suse/scsi-lpfc-Fix-cq_id-truncation-in-rq-create.patch
  - patches.suse/scsi-lpfc-Fix-function-description-comments-for-vmid.patch
  - patches.suse/scsi-lpfc-Fix-memory-leaks-in-error-paths-while-issu.patch
  - patches.suse/scsi-lpfc-Fix-possible-ABBA-deadlock-in-nvmet_xri_ab.patch
  - patches.suse/scsi-lpfc-Fix-target-reset-handler-from-falsely-retu.patch
  - patches.suse/scsi-lpfc-Improve-firmware-download-logging.patch
  - patches.suse/scsi-lpfc-Keep-NDLP-reference-until-after-freeing-th.patch
  - patches.suse/scsi-lpfc-Remove-REG_LOGIN-check-requirement-to-issu.patch
  - patches.suse/scsi-lpfc-Remove-redundant-assignment-to-pointer-pcm.patch
  - patches.suse/scsi-lpfc-Remove-use-of-kmalloc-in-trace-event-loggi.patch
  - patches.suse/scsi-lpfc-Revise-Topology-and-RAS-support-checks-for.patch
  - patches.suse/scsi-lpfc-Skip-issuing-ADISC-when-node-is-in-NPR-sta.patch
  - patches.suse/scsi-lpfc-Skip-reg_vpi-when-link-is-down-for-SLI3-in.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.11.patch
  - patches.suse/scsi-lpfc-Update-lpfc-version-to-14.0.0.0.patch
  - patches.suse/scsi-lpfc-Use-PBDE-feature-enabled-bit-to-determine-.patch
  - patches.suse/scsi-qla2xxx-Fix-spelling-mistakes-allloc-alloc.patch
  - patches.suse/scsi-qla2xxx-Fix-use-after-free-in-debug-code.patch
  - patches.suse/scsi-qla2xxx-Remove-redundant-continue-statement-in-.patch
  - patches.suse/scsi-qla2xxx-Remove-redundant-initialization-of-vari.patch
  - patches.suse/scsi-qla2xxx-Remove-unused-variable-status.patch
  - patches.suse/scsi-qla2xxx-Update-version-to-10.02.00.107-k.patch
  - patches.suse/scsi-qla2xxx-Use-the-proper-SCSI-midlayer-interfaces.patch
  - patches.suse/scsi-qla2xxx-edif-Add-authentication-pass-fail-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Add-detection-of-secure-device.patch
  - patches.suse/scsi-qla2xxx-edif-Add-doorbell-notification-for-app.patch
  - patches.suse/scsi-qla2xxx-edif-Add-encryption-to-I-O-path.patch
  - patches.suse/scsi-qla2xxx-edif-Add-extraction-of-auth_els-from-th.patch
  - patches.suse/scsi-qla2xxx-edif-Add-getfcinfo-and-statistic-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Add-key-update.patch
  - patches.suse/scsi-qla2xxx-edif-Add-send-receive-and-accept-for-au.patch
  - patches.suse/scsi-qla2xxx-edif-Add-start-stop-bsgs.patch
  - patches.suse/scsi-qla2xxx-edif-Increment-command-and-completion-c.patch
- commit 9a3c219
- update patches metadata
  Once again, the nvme repository branch has been rebased so that patches
  from it must have their Git-commit tags updated to avoid git-sort errors.
- commit cca729c
- fix patch metadata
- fix Patch-mainline:
  patches.suse/NFS-Correct-size-calculation-for-create-reply-length.patch
- commit fbde034
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/nvme-code-command_id-with-a-genctr-for-use-after-fre.patch
  - patches.suse/nvme-pci-limit-maximum-queue-depth-to-4095.patch
  - patches.suse/nvme-tcp-don-t-check-blk_mq_tag_to_rq-when-receiving.patch
  - patches.suse/params-lift-param_set_uint_minmax-to-common-code.patch
- commit 5b98a5d
- cgroup: verify that source is a string (bsc#1190131).
- commit b8204f1
- blacklist.conf: Add 2ca11b0e043b cgroup: Fix kernel-doc
- commit 0b9195b
- Update patch reference for virtio_console fix (CVE-2021-38160 bsc#1190117)
- commit c8baed7
- rpm/config.sh: correct OBS_PROJECT to SUSE:SLE-15-SP3:Update
  SP3 has been released long time ago
- commit c0223dc
- scsi: libfc: Fix array index out of bound exception
  (bsc#1188616).
- commit de260d1
- nvme-tcp: Do not reset transport on data digest errors
  (bsc#1188418).
- nvme: only call synchronize_srcu when clearing current path
  (bsc#1188067).
- commit bbe789f
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/dp_mst: Fix return code on sideband message failure
  (git-fixes).
- drm/prime: fix comment on PRIME Helpers (git-fixes).
- drm/of: free the iterator object on failure (git-fixes).
- drm/of: free the right object (git-fixes).
- ASoC: Intel: Skylake: Fix module resource and format selection
  (git-fixes).
- ASoC: Intel: kbl_da7219_max98927: Fix format selection for
  max98373 (git-fixes).
- ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in
  mt8183_afe_pcm_dev_probe (git-fixes).
- commit a00572a
- VMCI: fix NULL pointer dereference when unmapping queue pair
  (git-fixes).
- commit 45162f9
- usb: host: xhci-rcar: Don't reload firmware after the completion
  (git-fixes).
- usb: bdc: Fix an error handling path in 'bdc_probe()' when no
  suitable DMA config is available (git-fixes).
- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
  (git-fixes).
- usb: gadget: mv_u3d: request_irq() after initializing UDC
  (git-fixes).
- usb: phy: tahvo: add IRQ check (git-fixes).
- usb: host: ohci-tmio: add IRQ check (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
  (git-fixes).
- usb: mtu3: fix the wrong HS mult value (git-fixes).
- usb: mtu3: use @mult for HS isoc or intr (git-fixes).
- usb: phy: twl6030: add IRQ checks (git-fixes).
- commit 2b2a9dc
- soc: qcom: smsm: Fix missed interrupts if state changes while
  masked (git-fixes).
- soc: qcom: rpmhpd: Use corner in power_off (git-fixes).
- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes).
- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes).
- usb: phy: fsl-usb: add IRQ check (git-fixes).
- usb: gadget: udc: at91: add IRQ check (git-fixes).
- usb: dwc3: meson-g12a: add IRQ check (git-fixes).
- tty: serial: fsl_lpuart: fix the wrong mapbase value
  (git-fixes).
- staging: rtl8192u: Fix bitwise vs logical operator in
  TranslateRxSignalStuff819xUsb() (git-fixes).
- commit 7e7cd62
- media: venus: venc: Fix potential null pointer dereference on
  pointer fmt (git-fixes).
- media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
  (git-fixes).
- media: stkwebcam: fix memory leak in stk_camera_probe
  (git-fixes).
- media: go7007: remove redundant initialization (git-fixes).
- media: go7007: fix memory leak in go7007_usb_probe (git-fixes).
- media: dvb-usb: Fix error handling in dvb_usb_i2c_init
  (git-fixes).
- media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
  (git-fixes).
- media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
  (git-fixes).
- media: cxd2880-spi: Fix an error handling path (git-fixes).
- commit c67010c
- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes).
- drm/msm/dsi: Fix some reference counted resource leaks
  (git-fixes).
- drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear
  necessary LMs (git-fixes).
- drm/amdgpu/acp: Make PM domain really work (git-fixes).
- drm/panfrost: Fix missing clk_disable_unprepare() on error in
  panfrost_clk_init() (git-fixes).
- media: TDA1997x: enable EDID support (git-fixes).
- fpga: zynqmp-fpga: Address warning about unused variable
  (git-fixes).
- fpga: xiilnx-spi: Address warning about unused variable
  (git-fixes).
- fpga: altera-freeze-bridge: Address warning about unused
  variable (git-fixes).
- commit 6aaa769
- dmaengine: imx-sdma: remove duplicated sdma_load_context
  (git-fixes).
- Revert "/dmaengine: imx-sdma: refine to load context only once"/
  (git-fixes).
- ASoC: wcd9335: Disable irq on slave ports in the remove function
  (git-fixes).
- ASoC: wcd9335: Fix a memory leak in the error handling path
  of the probe function (git-fixes).
- ASoC: wcd9335: Fix a double irq free in the remove function
  (git-fixes).
- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
  (git-fixes).
- ASoC: ti: delete some dead code in omap_abe_probe() (git-fixes).
- ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes).
- ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
  (git-fixes).
- commit bdcb5b3
- xprtrdma: Pad optimization, revisited (bsc#1189760).
- commit 0acbfd0
- Refresh
  patches.suse/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch.
- commit fa03a78
- Refresh
  patches.suse/btrfs-fix-NULL-pointer-dereference-when-deleting-dev.patch.
- commit 2264bac
- iwlwifi: skip first element in the WTAS ACPI table (git-fixes).
- Bluetooth: btusb: check conditions before enabling USB ALT 3
  for WBS (git-fixes).
- Bluetooth: mgmt: Fix wrong opcode in the response for add_adv
  cmd (git-fixes).
- Bluetooth: btusb: Fix a unspported condition to set available
  debug features (git-fixes).
- commit 084b82e
- Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
  (CVE-2021-3640 bsc#1188172).
- commit a21f4da
- Move upstreamed BT fixes into sorted section
- commit 0de160e
- brcmfmac: pcie: fix oops on failure to resume and reprobe
  (git-fixes).
- bcma: Fix memory leak for internally-handled cores (git-fixes).
- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
  (git-fixes).
- rsi: fix an error code in rsi_probe() (git-fixes).
- rsi: fix error code in rsi_load_9116_firmware() (git-fixes).
- mac80211: Fix insufficient headroom issue for AMSDU (git-fixes).
- Bluetooth: add timeout sanity check to hci_inquiry (git-fixes).
- Bluetooth: fix repeated calls to sco_sock_kill (git-fixes).
- Bluetooth: increase BTNAMSIZ to 21 chars to fix potential
  buffer overflow (git-fixes).
- Bluetooth: sco: prevent information leak in
  sco_conn_defer_accept() (git-fixes).
- leds: trigger: audio: Add an activate callback to ensure the
  initial brightness is set (git-fixes).
- i2c: mt65xx: fix IRQ check (git-fixes).
- i2c: s3c2410: fix IRQ check (git-fixes).
- i2c: iop3xx: fix deferred probing (git-fixes).
- i2c: highlander: add IRQ check (git-fixes).
- mmc: moxart: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- PCI: PM: Enable PME if it can be signaled from D3cold
  (git-fixes).
- PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
  (git-fixes).
- commit 9a711f4
- Add alt-commit for a BT fix patch (git-fixes)
- commit 3dbcbb3
- nvme-multipath: revalidate paths during rescan (bsc#1187211)
- commit b61f128
- usb: dwc3: Add support for DWC_usb32 IP (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Enable-suspend-events.patch.
- commit 8846c72
- md: revert io stats accounting (git-fixes).
- device-dax: Fix default return code of range_parse()
  (git-fixes).
- commit b8e948b
- vt_kdsetmode: extend console locking (bsc#1190025
  CVE-2021-3753).
- commit 025c5d0
- nbd: Aovid double completion of a request (git-fixes).
- commit 7a1bece
- nbd: Fix NULL pointer in flush_workqueue (git-fixes).
- dm rq: fix double free of blk_mq_tag_set in dev remove after
  table load fails (git-fixes).
- dm integrity: fix missing goto in bitmap_flush_interval error
  handling (git-fixes).
- drivers/block/null_blk/main: Fix a double free in null_init
  (git-fixes).
- dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes).
- nbd: don't update block size after device is started
  (git-fixes).
- commit 6df7d5d
- blacklist.conf: add following commit IDs,
- 27ba3e8ff3ab86449e63d38a8d623053591e65fa
- 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23
- 854f32648b8a5e424d682953b1a9f3b7c3322701
- a4c8dd9c2d0987cf542a2a0c42684c9c6d78a04e
- 24f6b6036c9eec21191646930ad42808e6180510
- 5b0fab508992c2e120971da658ce80027acbc405
- commit eb9efeb
- usb: dwc2: Postponed gadget registration to the udc class driver
  (git-fixes).
- commit e55ae9a
- rpm/kernel-binary.spec.in: Use kmod-zstd provide.
  This makes it possible to use kmod with ZSTD support on non-Tumbleweed.
- commit 357f09a
- crypto: qat - use proper type for vf_mask (git-fixes).
- lib/mpi: use kcalloc in mpi_resize (git-fixes).
- power: supply: max17042: handle fails of reading status register
  (git-fixes).
- spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes).
- spi: spi-pic32: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
  (git-fixes).
- regulator: vctrl: Avoid lockdep warning in enable/disable ops
  (git-fixes).
- regulator: vctrl: Use locked regulator_get_voltage in probe path
  (git-fixes).
- PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
- commit d2a4523
- mm: swap: properly update readahead statistics in
  unuse_pte_range() (bsc#1187619).
- commit 6ceb471
- NFS: Correct size calculation for create reply length
  (bsc#1189870).
- commit 7843408
- iommu/amd: Move Stoney Ridge check to detect_ivrs()
  (bsc#1189762).
- commit d8747d6
- blacklist.conf: Don't revert SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
  This revert fix which breaks the ACPI based RPi's.
  We support only DT based RPi's.
- commit c076733
- sched/rt: Fix RT utilization tracking during policy change (git-fixes)
- commit 8fc8b7f
- sched/fair: Correctly insert cfs_rq's to list on unthrottle (git-fixes)
- commit 1732b9b
- kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes).
- commit 53f17d6
- drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
  (git-fixes).
- drm/amd/display: Remove invalid assert for ODM + MPC case
  (git-fixes).
- drm/amdgpu: don't enable baco on boco platforms in runpm
  (git-fixes).
- drm/amd/display: workaround for hard hang on HPD on native DP
  (git-fixes).
- drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X
  (git-fixes).
- drm/amdgpu: fix the doorbell missing when in CGPG issue for
  renoir (git-fixes).
- commit fa96b1f
- usb: dwc3: gadget: Stop EP0 transfers during pullup disable
  (git-fixes).
- usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes).
- Revert "/USB: serial: ch341: fix character loss at high transfer
  rates"/ (git-fixes).
- can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange
  of the CAN RX and TX error counters (git-fixes).
- dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if
  controller is not yet available (git-fixes).
- dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
  (git-fixes).
- usb: dwc3: gadget: Properly track pending and queued SG
  (git-fixes).
- ath9k: Clear key cache explicitly on disabling hardware
  (git-fixes).
- ath: Use safer key clearing with key cache entries (git-fixes).
- Bluetooth: hidp: use correct wait queue when removing ctrl_wait
  (git-fixes).
- commit 6ee1085
- Revert "/mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN
  on BCM2711"/ (git-fixes).
- PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes).
- mmc: dw_mmc: Fix hang on data CRC error (git-fixes).
- dmaengine: xilinx_dma: Fix read-after-free bug when terminating
  transfers (git-fixes).
- USB: core: Avoid WARNings for 0-length descriptor requests
  (git-fixes).
- media: drivers/media/usb: fix memory leak in zr364xx_probe
  (git-fixes).
- media: zr364xx: fix memory leaks in probe() (git-fixes).
- media: zr364xx: propagate errors from zr364xx_start_readpipe()
  (git-fixes).
- commit de359d6
- cpuidle: Consolidate disabled state checks (bsc#1175543)
  patches.suse/cpuidle-Poll-for-a-minimum-of-30ns-and-poll-for-a-tick-if-lower-c-states-are-disabled.patch
  was refreshed as well by this patch for code adjustment.
- commit 486ca9f
- cpuidle: cpuidle_state kABI fix (bsc#1175543)
  The patch bsc1175543-cpuidle-Drop-disabled-field-from-struct-cpuidle_stat.patch
  Dropped the 'disabled' field in struct cpuidle_state because no drivers
  use it, They use the state flag instead.
  Fix kABI to avoid offset changes.
- commit aa615e8
- intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc#1180347, bsc#1180141)
- commit da07134
- intel_idle: Fix max_cstate for processor models without C-state tables (bsc#1175543)
- commit 81641db
- intel_idle: Ignore _CST if control cannot be taken from the platform (bsc#1175543)
- commit b93fbf1
- cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543)
- commit d669a61
- cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc#1175543)
- commit 8d2d96f
- intel_idle: Customize IceLake server support (bsc#1175543)
- commit 25d205d
- intel_idle: Annotate init time data structures (bsc#1175543)
  The patches.suse/intel_idle-Customize-IceLake-server-support.patch was
  refreshed as well by this patch for code adjustment.
- commit 2ed77d7
- Documentation: admin-guide: PM: Add intel_idle document (bsc#1175543)
- commit 65d3c96
- intel_idle: Use ACPI _CST on server systems (bsc#1175543)
  Below 2 patches were refreshed as well by this patch for code
  adjustment:
  patches.suse/intel_idle-convert-to-new-x86-cpu-match-macros.patch
  patches.suse/intel_idle-Customize-IceLake-server-support.patch
- commit f10f8c4
- intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc#1175543)
- commit 79ec477
- intel_idle: Allow ACPI _CST to be used for selected known processors (bsc#1175543)
- commit ecacb28
- cpuidle: Allow idle states to be disabled by default (bsc#1175543)
- commit 48a3541
- intel_idle: Use ACPI _CST for processor models without C-state tables (bsc#1175543)
- commit 9dbf3f1
- intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543)
- commit 462302a
- ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543)
- commit 70c6258
- ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc#1175543)
- commit c99fda3
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543)
- commit 9eb9d8c
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543)
- commit c0d7249
- ACPI: processor: Export function to claim _CST control (bsc#1175543)
- commit 66eadb0
- cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543)
- commit c479621
- net: qrtr: fix another OOB Read in qrtr_endpoint_post
  (CVE-2021-3743 bsc#1189883).
- net: qrtr: fix OOB Read in qrtr_endpoint_post (CVE-2021-3743
  bsc#1189883).
- commit 78ff8ba
- x86/kvm: fix vcpu-id indexed array sizes (git-fixes).
- commit 3288077
- btrfs: fix NULL pointer dereference when deleting device by
  invalid id (bsc#1189832 CVE-2021-3739).
- commit 6bfce07
- btrfs: fix NULL pointer dereference when deleting device by
  invalid id (bsc#1189832 CVE-2021-3739).
- commit 0c26345
- xen/events: Fix race in set_evtchn_to_irq (git-fixes).
- commit cfb3b9b
- nvme: code command_id with a genctr for use-after-free
  validation (bsc#1181972).
- nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
  (bsc#1181972).
- nvme-pci: limit maximum queue depth to 4095 (bsc#1181972).
- params: lift param_set_uint_minmax to common code (bsc#1181972).
- nvme: avoid possible double fetch in handling CQE (bsc#1181972).
- nvme-pci: fix NULL req in completion handler (bsc#1181972).
- nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth
  (bsc#1181972).
- nvme-pci: use unsigned for io queue depth (bsc#1181972).
- commit 01de302
- post.sh: detect /usr mountpoint too
- commit c7b3d74
- md/raid10: properly indicate failure when ending a failed
  write request (git-fixes).
- Refresh for the above change,
  patches.suse/md-display-timeout-error.patch.
- commit 2088aff
- kernel, fs: Introduce and use set_restart_fn() and
  arch_set_restart_data() (bsc#1189153).
- commit 8bf2f14
- Refresh
  patches.suse/blk-mq-sched-Fix-blk_mq_sched_alloc_tags-error-handl.patch.
- commit 6f36e1b
- perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (bsc#1189225).
- commit 8f47b8e
- kABI fix of usb_dcd_config_params (git-fixes).
- commit 8726268
- x86/fpu: Limit xstate copy size in xstateregs_set()
  (bsc#1152489).
- commit 33182b7
- blacklist.conf: 9625895011d1 x86/fpu: Fix copy_xstate_to_kernel() gap handling
- commit 50f6bfa
- net: usb: lan78xx: don't modify phy_device state concurrently (bsc#1188270)
- commit 4e61642
- scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650).
- commit 41aa06c
- usb: gadget: Export recommended BESL values (git-fixes).
- commit 96bbeda
- ovl: prevent private clone if bind mount is not allowed
  (bsc#1189706, CVE-2021-3732).
- commit d40514b
- blacklist.conf: 6c34df6f350d ("/tracing: Apply trace filters on all output channels"/)
  Requires at least commit 8cfcf15503f6 ("/tracing: kprobes: Output kprobe
  event to printk buffer"/) too. Let's wait if there is an actual problem
  for someone.
- commit ef40598
- kernel-binary.spec.in: make sure zstd is supported by kmod if used
- commit f36412b
- kernel-binary.spec.in: add zstd to BuildRequires if used
- commit aa61dba
- tracing / histogram: Fix NULL pointer dereference on strcmp()
  on NULL event name (git-fixes).
- commit bf4be33
- x86/sev: Use "/SEV: "/ prefix for messages from sev.c (jsc#SLE-14337).
- x86/sev: Split up runtime #VC handler for correct state tracking (jsc#SLE-14337).
- x86/sev: Make sure IRQs are disabled while GHCB is active (jsc#SLE-14337).
- commit 33b49b0
- net/mlx5e: Add missing capability check for uplink follow (bsc#1188412)
- commit db9b0eb
- net/mlx5: Add ts_cqe_to_dest_cqn related bits (bsc#1188412)
- commit 0a67f96
- x86/signal: Detect and prevent an alternate signal stack
  overflow (bsc#1152489).
- commit 72c8a0d
- slimbus: ngd: reset dma setup during runtime pm (git-fixes).
- slimbus: messaging: check for valid transaction id (git-fixes).
- slimbus: messaging: start transaction ids from 1 instead of zero
  (git-fixes).
- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
  BCM2711 (git-fixes).
- mmc: sdhci-iproc: Cap min clock frequency on BCM2711
  (git-fixes).
- commit cc02968
- Fix breakage of swap over NFS (bsc#1188924).
- commit 9f3f2ef
- Update Patch-mainline tags for patches that landed in 5.14-rc7.
- commit 118111d
- ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8
  (git-fixes).
- commit 7a5c94a
- ASoC: intel: atom: Fix breakage for PCM buffer address setup
  (git-fixes).
- commit 0bed191
- Update config files: disable CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH (bsc#1189696)
  This option is only for special purpose, and rather harmful for the
  usual operations.
- commit 1e546ed
- rpm: support gz and zst compression methods
  Extend commit 18fcdff43a00 ("/rpm: support compressed modules"/) for
  compression methods other than xz.
- commit 3b8c4d9
- ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10
  (git-fixes).
- ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx
  series (git-fixes).
- ALSA: hda/realtek - Add ALC285 HP init procedure (git-fixes).
- ALSA: hda/realtek - Add type for ALC287 (git-fixes).
- ALSA: hda/realtek: Change device names for quirks to barebone
  names (git-fixes).
- ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms
  (git-fixes).
- ALSA: hda/hdmi: let new platforms assign the pcm slot
  dynamically (git-fixes).
- commit a13877e
- SUNRPC: 'Directory with parent 'rpc_clnt' already
  present!' (bsc#1168202 bsc#1188924).
- SUNRPC: fix use-after-free in rpc_free_client_work()
  (bsc#1168202 bsc#1188924).
- kabi fix for SUNRPC: defer slow parts of rpc_free_client()
  to a workqueue (bsc#1168202 bsc#1188924).
- SUNRPC: defer slow parts of rpc_free_client() to a workqueue
  (bsc#1168202 bsc#1188924).
- commit a690151
- ALSA: hda: Fix hang during shutdown due to link reset
  (git-fixes).
- ALSA: hda: Release controller display power during
  shutdown/reboot (git-fixes).
- commit 62c768e
- PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes).
- PCI/MSI: Correct misleading comments (git-fixes).
- PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes).
- PCI/MSI: Enforce that MSI-X table entry is masked for update
  (git-fixes).
- PCI/MSI: Mask all unused MSI-X entries (git-fixes).
- i2c: dev: zero out array used for i2c reads from userspace
  (git-fixes).
- commit 4d62c8f
- ALSA: hda/via: Apply runtime PM workaround for ASUS B23E
  (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15
  9510 laptop (git-fixes).
- ALSA: hda - fix the 'Capture Switch' value change notifications
  (git-fixes).
- commit bb87ddf
- s390/boot: fix use of expolines in the DMA code (bsc#1188878
  ltc#193771).
- commit 46381a6
- series.conf: cleanup
- move mainline backports to sorted section:
  - patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch
  - patches.suse/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested.patch
- commit 30636ef
- Refresh
  patches.suse/x86-fpu-make-init_fpstate-correct-with-optimized-xsave.patch.
- commit 20ad695
- Refresh patches.suse/x86-fpu-make-init_fpstate-correct-with-optimized-xsave.patch.
- commit 9deb044
- Fix kabi of prepare_to_wait_exclusive() (bsc#1189575).
- commit da7e3ca
- powerpc/smp: Use existing L2 cache_map cpumask to find L3
  cache siblings (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Remove the redundant get_shared_cpu_map()
  (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Lookup cache by dt node and thread-group id
  (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/smp: Make some symbols static (jsc#SLE-13615 bsc#1180100
  ltc#190257 git-fixes).
- powerpc/cacheinfo: Improve diagnostics about malformed cache
  lists (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- powerpc/cacheinfo: Use name@unit instead of full DT path in
  debug messages (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes).
- commit f7e0183
- ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
  (bsc#1189587).
- commit ae93a20
- ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
  (bsc#1189586).
- commit 50b39b2
- ubifs: Only check replay with inode type to judge if inode
  linked (bsc#1187455).
- commit 3cfd5e7
- ubifs: Fix error return code in alloc_wbufs() (bsc#1189585).
- blacklist.conf:
- commit d0fe9df
- ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583).
- commit abd23d2
- ocfs2: issue zeroout to EOF blocks (bsc#1189582).
- commit 7960ad8
- ocfs2: fix snprintf() checking (bsc#1189581).
- commit ca894bd
- ocfs2: fix zero out valid data (bsc#1189579).
- commit 42e68bc
- writeback: fix obtain a reference to a freeing memcg css
  (bsc#1189577).
- commit b318f10
- ext4: fix potential htree corruption when growing large_dir
  directories (bsc#1189576).
- commit 13d68f1
- rq-qos: fix missed wake-ups in rq_qos_throttle try two
  (bsc#1189575).
- commit edbcd21
- fanotify: fix copy_event_to_user() fid error clean up
  (bsc#1189574).
- commit a8937b5
- bdi: Do not use freezable workqueue (bsc#1189573).
- commit 60e4174
- mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
  (bsc#1189569).
- commit 1b1dfcf
- ext4: cleanup in-core orphan list if ext4_truncate() failed
  to get a transaction handle (bsc#1189568).
- commit 0ace36d
- ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567).
- commit 4329025
- ext4: fix avefreec in find_group_orlov (bsc#1189566).
- commit d7bfbbd
- ext4: remove check for zero nr_to_scan in ext4_es_scan()
  (bsc#1189565).
- commit 3ca5f18
- ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
  (bsc#1189564).
- commit cd60859
- ext4: return error code when ext4_fill_flex_info() fails
  (bsc#1189563).
- commit 200d004
- ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562).
- commit fd9a225
- blacklist.conf: add Kconfig patch for BLK_DEV_INITRD
  Add 481083ec0bfc ("/initramfs: Remove redundant dependency of RD_ZSTD
  on BLK_DEV_INITRD"/) to blacklist. We don't have be1859bdc660 ("/initramfs:
  remove redundant dependency on BLK_DEV_INITRD"/), on which this one is based,
  either.
- commit 598e95d
- scsi: lpfc: Move initialization of phba->poll_list earlier to
  avoid crash (git-fixes).
- commit 92c63a5
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
  (bsc#1189399, CVE-2021-3653).
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested
  (bsc#1189400, CVE-2021-3656).
- KVM: X86: MMU: Use the correct inherited permissions to get
  shadow page (CVE-2021-38198 bsc#1189262).
- commit 7902615
- usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes).
- commit 2a94579
- Revert "/xfrm: policy: Read seqcount outside of rcu-read side
  in xfrm_policy_lookup_bytype"/ (bsc#1185675).
  This revert was initially applied to SLE15-SP2-RT (70e4d04b75f). Since
  the reverted commit went into SLE15-SP2 (96f285dfa8b), the revert needs
  to move from SLE15-SP2-RT to SLE15-SP2.
- commit f32a28c
- Update
  patches.suse/ibmvnic-Allow-device-probe-if-the-device-is-not-read.patch
  (bsc#1167032 ltc#184087 bsc#1184114 ltc#192237).
- commit 8a87839
- blacklist.conf: add an entry for the reverted iTCO_wdt
- commit 4c97ae2
- usb: dwc3: gadget: Fix handling ZLP (git-fixes).
- commit 5e0eec9
- tracing: Reject string operand in the histogram expression
  (git-fixes).
- commit edab067
- tracing / histogram: Give calculation hist_fields a size
  (git-fixes).
- commit 49985ee
- blacklist.conf: 1e3bac71c505 ("/tracing/histogram: Rename "/cpu"/ to "/common_cpu"/"/)
  Better not to backport the commit as it changes the semantics of an
  existing field.
- commit 00d0183
- blacklist.conf: 6c881ca0b304 ("/afs: Fix tracepoint string placement with built-in AFS"/)
  CONFIG_AFS_FS is not set on SLE15-SP2. It is on SLE15-SP3 but only as a
  module, not built-in. No need to backport the commit.
- commit 43483b1
- bpf: Fix leakage due to insufficient speculative store
  bypass mitigation (bsc#1188983, bsc#1188985, CVE-2021-34556,
  CVE-2021-35477).
- bpf: Introduce BPF nospec instruction for mitigating Spectre v4
  (bsc#1188983, bsc#1188985, CVE-2021-34556, CVE-2021-35477).
- commit f87c7ce
- blk-iolatency: error out if blk_get_queue() failed in
  iolatency_set_limit() (bsc#1189507).
- commit b15ef07
- blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling
  (bsc#1189506).
- commit 7fe32f7
- block: fix trace completion for chained bio (bsc#1189505).
- commit 47344da
- blk-wbt: make sure throttle is enabled properly (bsc#1189504).
- commit 7b07185
- blk-wbt: introduce a new disable state to prevent false positive
  by rwb_enabled() (bsc#1189503).
- commit 798c57a
- misc: rtsx: do not setting OC_POWER_DOWN reg in
  rtsx_pci_init_ocp() (git-fixes).
- misc: atmel-ssc: lock with mutex instead of spinlock
  (git-fixes).
- commit 55d9570
- gpio: eic-sprd: break loop when getting NULL device resource
  (git-fixes).
- Revert "/gpio: eic-sprd: Use devm_platform_ioremap_resource()"/
  (git-fixes).
- commit 990b695
- Revert a BT patch that was reverted on stable trees (git-fixes)
  Delete patches.suse/Bluetooth-Shutdown-controller-after-workqueues-are-f.patch
- commit 127d54b
- mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
  (git-fixes).
- commit 0a223c6
- x86/fpu: Make init_fpstate correct with optimized XSAVE
  (bsc#1152489).
- commit 603fc19
- kernel-binary.spec: Require dwarves for kernel-binary-devel when BTF is
  enabled (jsc#SLE-17288).
  About the pahole version: v1.18 should be bare mnimum, v1.22 should be
  fully functional, for now we ship git snapshot with fixes on top of
  v1.21.
- commit 8ba3382
- x86/fpu: Reset state for all signal restore failures
  (bsc#1152489).
- commit f42aa15
- blacklist.conf: blacklist davicom legacy ethernet driver
- commit 78e9c10
- usb: dwc3: gadget: Check MPS of the request length (git-fixes).
- commit 0d1e1fe
- Drop watchdog iTCO_wdt patch that causes incompatible behavior (bsc#1189449)
  Also blacklisted
- commit e5dd4ab
- Update config files.
- commit 565c68c
- s390/ap: Fix hanging ioctl caused by wrong msg counter
  (bsc#1188982 LTC#193817).
- commit 7e146ac
- s390/ap: Fix hanging ioctl caused by wrong msg counter
  (bsc#1188982 LTC#193817).
- commit 0297522
- Bluetooth: switch to lock_sock in SCO (CVE-2021-3640
  bsc#1188172).
- Bluetooth: avoid circular locks in sco_sock_connect
  (CVE-2021-3640 bsc#1188172).
- commit f2d375d
- Update patch reference for a BT fix (CVE-2021-3640 bsc#1188172)
- commit 98aa089
- powerpc/pseries: Fix update of LPAR security flavor after LPM
  (bsc#1188885 ltc#193722 git-fixes).
- commit fbccd6a
- pinctrl: tigerlake: Fix GPIO mapping for newer version of
  software (git-fixes).
- commit 3483c38
- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep
  disable (git-fixes).
- commit 5733c23
- usb: dwc3: gadget: Disable gadget IRQ during pullup disable
  (git-fixes).
- usb: dwc3: gadget: Prevent EP queuing while stopping transfers
  (git-fixes).
- commit 124c915
- PCI/MSI: Do not set invalid bits in MSI mask (git-fixes).
- PCI/MSI: Enable and mask MSI-X early (git-fixes).
- ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes).
- iio: adc: Fix incorrect exit of for-loop (git-fixes).
- iio: humidity: hdc100x: Add margin to the conversion time
  (git-fixes).
- iio: adc: ti-ads7950: Ensure CS is deasserted after reading
  channels (git-fixes).
- USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes).
- usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup
  (git-fixes).
- usb: dwc3: Stop active transfers before halting the controller
  (git-fixes).
- commit 627b67a
- config: refresh
- commit a299bb8
- bpf: Fix integer overflow involving bucket_size (bsc#1189233,
  CVE#CVE-2021-38166).
- commit f4fe434
- Update patches.suse/s390-dasd-add-missing-discipline-function
  (bsc#1188130 ltc#193581).
- commit 0a58311
- ceph: take snap_empty_lock atomically with snaprealm refcount
  change (bsc#1189427).
- ceph: reduce contention in ceph_check_delayed_caps()
  (bsc#1187468).
- commit 93c7440
- blacklist.conf: Add 'fix poly1305_core_setkey() declaration'
  Commit 8d195e7a8ada ("/crypto: poly1305 - fix poly1305_core_setkey()
  declaration"/) is a cleanup which breaks kABI.
- commit 37e4183
- scsi: blkcg: Fix application ID config options (bsc#1189385
  jsc#SLE-18970).
- Update config files.
- commit 1317caa
- crypto: x86/curve25519 - fix cpu feature checking logic in
  mod_exit (git-fixes).
- wireguard: allowedips: free empty intermediate nodes when
  removing single node (git-fixes).
- wireguard: allowedips: allocate nodes in kmem_cache (git-fixes).
- wireguard: allowedips: remove nodes in O(1) (git-fixes).
- commit 6aa0bda
- USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
  (git-fixes).
- USB: serial: option: add Telit FD980 composition 0x1056
  (git-fixes).
- USB: serial: ch341: fix character loss at high transfer rates
  (git-fixes).
- usb: gadget: f_hid: idle uses the highest byte for duration
  (git-fixes).
- usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
  (git-fixes).
- usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes).
- commit f089244
- drm/meson: fix colour distortion from HDR set during vendor
  u-boot (git-fixes).
- drm/i915: Only access SFC_DONE when media domain is not fused
  off (git-fixes).
- ASoC: SOF: Intel: hda-ipc: fix reply size checking (git-fixes).
- drm/amdgpu/display: fix DMUB firmware version info (git-fixes).
- drm/amdgpu/display: only enable aux backlight control for OLED
  panels (git-fixes).
- commit 8d4d06f
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650
  G8 Notebook PC (git-fixes).
- commit 71d7dbd
- ALSA: pcm: Fix mmap breakage without explicit buffer setup
  (git-fixes).
- ASoC: amd: Fix reference to PCM buffer address (git-fixes).
- ASoC: uniphier: Fix reference to PCM buffer address (git-fixes).
- commit 8f53414
- ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes).
- ASoC: xilinx: Fix reference to PCM buffer address (git-fixes).
- ASoC: intel: atom: Fix reference to PCM buffer address
  (git-fixes).
- ASoC: tlv320aic31xx: Fix jack detection after suspend
  (git-fixes).
- spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes).
- virt_wifi: fix error on connect (git-fixes).
- commit 690710b
- staging: rtl8712: get rid of flush_scheduled_work (git-fixes).
- staging: rtl8723bs: Fix a resource leak in sd_int_dpc
  (git-fixes).
- serial: 8250_mtk: fix uart corruption issue when rx power off
  (git-fixes).
- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
- soc: ixp4xx: fix printing resources (git-fixes).
- spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
  (git-fixes).
- spi: meson-spicc: fix memory leak in meson_spicc_remove
  (git-fixes).
- pcmcia: i82092: fix a null pointer dereference bug (git-fixes).
- libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes).
- spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
  (git-fixes).
- commit 24af025
- ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes).
- ASoC: cs42l42: Remove duplicate control for WNF filter frequency
  (git-fixes).
- ASoC: cs42l42: Fix inversion of ADC Notch Switch control
  (git-fixes).
- ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J (git-fixes).
- ASoC: cs42l42: Correct definition of ADC Volume control
  (git-fixes).
- firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
  fw_load_sysfs_fallback (git-fixes).
- Revert "/ACPICA: Fix memory leak caused by _CID repair function"/
  (git-fixes).
- dmaengine: imx-dma: configure the generic DMA type to make it
  work (git-fixes).
- ALSA: usb-audio: fix incorrect clock source setting (git-fixes).
- commit 20c4d69
- KVM: nVMX: Handle split-lock #AC exceptions that happen in L2
  (bsc#1187959).
- KVM: VMX: Extend VMXs #AC interceptor to handle split lock
  [#]AC in guest (bsc#1187959).
- KVM: x86: Emulate split-lock access as a write in emulator
  (bsc#1187959).
- commit 93dd7c1
- x86/split_lock: Provide handle_guest_split_lock() (bsc#1187959).
- Refresh
  patches.suse/x86-resctrl-query-llc-monitoring-properties-once-during-boot.patch.
  patches.suse/x86-split_lock-don-t-write-msr_test_ctrl-on-cpus-that-aren-t-whitelisted.patch.
- commit b9759ab
- scsi: qla2xxx: Remove redundant initialization of variable
  num_cnt (bsc#1189392).
- scsi: qla2xxx: Fix use after free in debug code (bsc#1189392).
- scsi: qla2xxx: Fix spelling mistakes "/allloc"/ -> "/alloc"/
  (bsc#1189392).
- scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392).
- scsi: qla2xxx: edif: Increment command and completion counts
  (bsc#1189392).
- scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392).
- scsi: qla2xxx: edif: Add doorbell notification for app
  (bsc#1189392).
- scsi: qla2xxx: edif: Add detection of secure device
  (bsc#1189392).
- scsi: qla2xxx: edif: Add authentication pass + fail bsgs
  (bsc#1189392).
- scsi: qla2xxx: edif: Add key update (bsc#1189392).
- scsi: qla2xxx: edif: Add extraction of auth_els from the wire
  (bsc#1189392).
- scsi: qla2xxx: edif: Add send, receive, and accept for auth_els
  (bsc#1189392).
- scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs
  (bsc#1189392).
- scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392).
- scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392).
- scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI
  (bsc#1189392).
- scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392).
- scsi: qla2xxx: Remove redundant continue statement in a for-loop
  (bsc#1189392).
- scsi: qla2xxx: Add heartbeat check (bsc#1189392).
- scsi: qla2xxx: Use list_move_tail() instead of
  list_del()/list_add_tail() (bsc#1189392).
- scsi: qla2xxx: Remove duplicate declarations (bsc#1189392).
- scsi: qla2xxx: Log PCI address in
  qla_nvme_unregister_remote_port() (bsc#1189392).
- scsi: qla2xxx: Remove redundant assignment to rval
  (bsc#1189392).
- scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal
  (bsc#1189392).
- scsi: qla2xxx: Fix error return code in
  qla82xx_write_flash_dword() (bsc#1189392).
- commit 4f97d8a
- Update patch reference for a netfilter fix (CVE-2021-38209 bsc#1189393)
- commit 26cdeeb
- scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted()
  (bsc#1189385).
- scsi: lpfc: Remove redundant assignment to pointer pcmd
  (bsc#1189385).
- scsi: lpfc: Copyright updates for 14.0.0.0 patches
  (bsc#1189385).
- scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385).
- scsi: lpfc: Add 256 Gb link speed support (bsc#1189385).
- scsi: lpfc: Revise Topology and RAS support checks for new
  adapters (bsc#1189385).
- scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385).
- scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series
  adapters (bsc#1189385).
- scsi: lpfc: Copyright updates for 12.8.0.11 patches
  (bsc#1189385).
- scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385).
- scsi: lpfc: Skip issuing ADISC when node is in NPR state
  (bsc#1189385).
- scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC
  cmpl path (bsc#1189385).
- scsi: lpfc: Call discovery state machine when handling
  PLOGI/ADISC completions (bsc#1189385).
- scsi: lpfc: Delay unregistering from transport until GIDFT or
  ADISC completes (bsc#1189385).
- scsi: lpfc: Enable adisc discovery after RSCN by default
  (bsc#1189385).
- scsi: lpfc: Use PBDE feature enabled bit to determine PBDE
  support (bsc#1189385).
- scsi: lpfc: Clear outstanding active mailbox during PCI function
  reset (bsc#1189385).
- scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi()
  routine (bsc#1189385).
- scsi: lpfc: Remove REG_LOGIN check requirement to issue an
  ELS RDF (bsc#1189385).
- scsi: lpfc: Fix memory leaks in error paths while issuing ELS
  RDF/SCR request (bsc#1189385).
- scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF
  handling (bsc#1189385).
- scsi: lpfc: Keep NDLP reference until after freeing the IOCB
  after ELS handling (bsc#1189385).
- scsi: lpfc: Fix target reset handler from falsely returning
  FAILURE (bsc#1189385).
- scsi: lpfc: Discovery state machine fixes for LOGO handling
  (bsc#1189385).
- scsi: lpfc: Fix function description comments for vmid routines
  (bsc#1189385).
- scsi: lpfc: Improve firmware download logging (bsc#1189385).
- scsi: lpfc: Remove use of kmalloc() in trace event logging
  (bsc#1189385).
- scsi: lpfc: Fix NVMe support reporting in log message
  (bsc#1189385).
- scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385).
- scsi: lpfc: Use list_move_tail() instead of
  list_del()/list_add_tail() (bsc#1189385).
- scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker
  thread (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Append the VMID to the wqe before sending
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Implement ELS commands for appid
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add support for VMID in mailbox command
  (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc
  (bsc#1189385 jsc#SLE-18970).
- scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc#SLE-18970).
- Update config files
  Add kABI fixup patch
- patches.kabi/blk-cgroup-kABI-fixes-for-new-fc_app_id-definition.patch
- scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970).
- scsi: lpfc: Remove redundant assignment to pointer temp_hdr
  (bsc#1189385).
- commit e47f569
- nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384).
- commit da8a2b6
- README: Modernize build instructions.
- commit 8cc5c28
- ovl: allow upperdir inside lowerdir (bsc#1189323).
- ovl: fix missing revert_creds() on error path (bsc#1189323).
- ovl: skip getxattr of security labels (bsc#1189323).
- ovl: perform vfs_getxattr() with mounter creds (bsc#1189323).
- ovl: expand warning in ovl_d_real() (bsc#1189323).
- commit d2a0c13
- rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305)
- commit 7f9ade7
- platform/x86: pcengines-apuv2: Add missing terminating entries
  to gpio-lookup tables (git-fixes).
- commit e6925d8
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/NFSv4-Initialise-connection-to-the-server-in-nfs4_al.patch
  - patches.suse/NFSv4-pNFS-Don-t-call-_nfs4_pnfs_v3_ds_connect-multi.patch
  - patches.suse/SUNRPC-Fix-the-batch-tasks-count-wraparound.patch
  - patches.suse/SUNRPC-Should-wake-up-the-privileged-task-firstly.patch
  - patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
- commit bd541fa
- net: ll_temac: Fix TX BD buffer overwrite (CVE-2021-38207
  bsc#1189298).
- commit 64dedf9
- mac80211: Fix NULL ptr deref for injected rate info
  (CVE-2021-38206 bsc#1189296).
- commit a4dbb10
- scsi: zfcp: Report port fc_security as unknown early during
  remote cable pull (git-fixes).
- commit 071c9e5
- net: xilinx_emaclite: Do not print real IOMEM pointer
  (CVE-2021-38205 bsc#1189292).
- commit 1e538f8
- Update patch reference for a USB max3421 HCD fix (CVE-2021-38204 bsc#1189291)
- commit 68d7672
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
  state (bsc#1184180).
- commit 435d2bf
- drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH +
  CML combos (bsc#1188700).
- drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH +
  CML combos (bsc#1188700).
- drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings
  (bsc#1188700).
- drm/i915/gen9_bc: Recognize TGP PCH + CML combos (bsc#1188700).
- drm/i915/rkl: new rkl ddc map for different PCH (bsc#1188700).
- drm/i915/dg1: provide port/phy mapping for vbt (bsc#1188700).
- drm/i915/dg1: gmbus pin mapping (bsc#1188700).
- drm/i915: Introduce HPD_PORT_TC<n> (bsc#1188700).
- drm/i915: Move hpd_pin setup to encoder init (bsc#1188700).
- drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6
  (bsc#1188700).
- drm/i915: Nuke the redundant TC/TBT HPD bit defines
  (bsc#1188700).
- drm/i915: Add VBT AUX CH H and I (bsc#1188700).
- drm/i915: Add VBT DVO ports H and I (bsc#1188700).
- drm/i915: Add more AUX CHs to the enum (bsc#1188700).
- commit 3f49445
- usb: dwc3: gadget: Don't setup more than requested (git-fixes).
- commit d278880
- usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init
  (git-fixes).
- commit bc358f9
- ocfs2: initialize ip_next_orphan (bsc#1186731).
- commit fd80e8c
- NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
  (git-fixes).
- SUNRPC: Should wake up the privileged task firstly (git-fixes).
- SUNRPC: Fix the batch tasks count wraparound (git-fixes).
- nfs: fix acl memory leak of posix_acl_create() (git-fixes).
- commit 1bdda2d
- NFSv4: Initialise connection to the server in
  nfs4_alloc_client() (bsc#1040364).
- Delete
  patches.suse/0001-NFSv4-don-t-let-hanging-mounts-block-other-mounts.patch.
  Upstream now has a fix for this bug, so use their version instead of ours.
- commit 350271e
- usb: dwc3: gadget: Give back staled requests (git-fixes).
- commit c4cb23f
- usb: dwc3: support continuous runtime PM with dual role
  (git-fixes).
- commit f340e0b
- iommu/vt-d: Global devTLB flush when present context entry
  changed (bsc#1189220).
- iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229).
- iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214).
- iommu/amd: Fix extended features logging (bsc#1189213).
- iommu/vt-d: Define counter explicitly as unsigned int
  (bsc#1189216).
- iommu/arm-smmu-v3: Decrease the queue size of evtq and priq
  (bsc#1189210).
- crypto: ccp - Annotate SEV Firmware file names (bsc#1189212).
- iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218).
- iommu/vt-d: Check for allocation failure in aux_detach_device()
  (bsc#1189215).
- iommu/vt-d: Force to flush iotlb before creating superpage
  (bsc#1189219).
- iommu/vt-d: Invalidate PASID cache when root/context entry
  changed (bsc#1189221).
- iommu/vt-d: Don't set then clear private data in
  prq_event_thread() (bsc#1189217).
- iommu/vt-d: Reject unsupported page request modes (bsc#1189222).
- iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK
  (bsc#1189209).
- commit f116a8f
- blacklist.conf: Add two IOMMU fixes
  b9abb19fa5fd iommu: Check dev->iommu in iommu_dev_xxx functions
  474dd1c65064 iommu/vt-d: Fix clearing real DMA device's scalable-mode context entries
- commit 2db8dfc
- powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats
  unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769
  git-fixes).
- commit c109f3e
- Fix filesystem requirement and suse-release requires
  Reduce filesystem conflict to anything less than 16 to allow pulling the
  change into the next major stable version.
  Don't require suse-release as that's not technically required. Conflict
  with a too old one instead.
- commit 913f755
- iwlwifi: rs-fw: don't support stbc for HE 160 (git-fixes).
- commit 981ddc7
- blacklist.conf: obsoleted by 8d396bb0a5b62b326f6be7594d8bd46b088296bd
- commit d9ae913
- USB: usbtmc: Fix RCU stall warning (git-fixes).
- commit 8c8f7df
- powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148
  ltc#190702 git-fixes).
- commit 8c2e999
- fpga: dfl: fme: Fix cpu hotplug issue in performance reporting
  (git-fixes).
- commit 1278281
- powerpc/pseries: Fix regression while building external modules
  (bsc#1160010 ltc#183046 git-fixes).
  This changes a GPL symbol to general symbol which is kABI change but not
  kABI break.
- commit 5db0ce9
- powerpc/papr_scm: Reduce error severity if nvdimm stats
  inaccessible (bsc#1189197 ltc#193906).
- commit 9021659
- fpga: dfl: fme: Fix cpu hotplug issue in performance reporting
  (git-fixes).
- staging: rtl8723bs: Fix a resource leak in sd_int_dpc
  (git-fixes).
- serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts
  (git-fixes).
- serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated
  driver (git-fixes).
- soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
- soc: ixp4xx: fix printing resources (git-fixes).
- dmaengine: imx-dma: configure the generic DMA type to make it
  work (git-fixes).
- dmaengine: idxd: fix setup sequence for MSIXPERM table
  (git-fixes).
- drm/i915: Correct SFC_DONE register offset (git-fixes).
- ASoC: ti: j721e-evm: Check for not initialized parent_clk_id
  (git-fixes).
- ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking
  during startup (git-fixes).
- ASoC: rt5682: Fix the issue of garbled recording after
  powerd_dbus_suspend (git-fixes).
- drm/amd/display: Fix max vstartup calculation for modes with
  borders (git-fixes).
- drm/amd/display: Fix comparison error in dcn21 DML (git-fixes).
- commit b4ad8ce
- firmware_loader: fix use-after-free in firmware_fallback_sysfs
  (git-fixes).
- serial: tegra: Only print FIFO error message when an error
  occurs (git-fixes).
- serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes).
- spi: mediatek: Fix fifo transfer (git-fixes).
- ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits
  (git-fixes).
- spi: stm32h7: fix full duplex irq handler handling (git-fixes).
- regulator: rt5033: Fix n_voltages settings for BUCK and LDO
  (git-fixes).
- commit 8f575e8
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/ALSA-hda-realtek-Fix-headset-mic-for-Acer-SWIFT-SF31.patch
  - patches.suse/ALSA-hda-realtek-add-mic-quirk-for-Acer-SF314-42.patch
  - patches.suse/ALSA-seq-Fix-racy-deletion-of-subscriber.patch
  - patches.suse/ALSA-usb-audio-Add-registration-quirk-for-JBL-Quantu-4b0556b96e1f.patch
  - patches.suse/ALSA-usb-audio-Fix-superfluous-autosuspend-recovery.patch
- commit 486a747
- Move upstreamed patch into sorted section
- commit a779693
- ALSA: usb-audio: Avoid unnecessary or invalid connector
  selection at resume (git-fixes).
- commit a52bb92
- ALSA: seq: Fix racy deletion of subscriber (git-fixes).
- ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 600
  (git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56
  (ALC256) (git-fixes).
- ALSA: usb-audio: Fix superfluous autosuspend recovery
  (git-fixes).
- commit 57d9208
- Update kabi files.
- Update from August 2021 maintenance update submission (commit 055c4fd5f13c)
- commit 0b9f7b1
- net: dsa: mv88e6xxx: also read STU state in
  mv88e6250_g1_vtu_getnext (git-fixes).
- commit 4d3a9e0
- Bluetooth: defer cleanup of resources in hci_unregister_dev()
  (git-fixes).
- commit 38ad73f
- fix patches metadata
- fix Patch-mainline:
  - patches.suse/NFSv4.1-Don-t-rebind-to-the-same-source-port-when-re.patch
  - patches.suse/SUNRPC-prevent-port-reuse-on-transports-which-don-t-.patch
- commit 5e54e89
- blacklist.conf: kABI changes due to kvm_mmu_rule struct.
- commit f3e0e69
- Refresh patches.suse/Input-ili210x-add-missing-negation-for-touch-indicat.patch
  Fix missing parentheses in the input backport patch.
- commit 0913716
- rpm/kernel-source.rpmlintrc: ignore new include/config files
  In 5.13, since 0e0345b77ac4, config files have no longer .h suffix.
  Adapt the zero-length check.
  Based on Martin Liska's change.
- commit b6f021b
- Revert "/gpio: mpc8xxx: change the gpio interrupt
  flags."/ (git-fixes).
- drm/amd/display: ensure dentist display clock update finished
  in DCN20 (git-fixes).
- commit 3d2a7da
- gpio: tqmx86: really make IRQ optional (git-fixes).
- media: videobuf2-core: dequeue if start_streaming fails
  (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes).
- clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
  (git-fixes).
- cfg80211: Fix possible memory leak in function
  cfg80211_bss_update (git-fixes).
- commit 7dd3f8c
- SUNRPC: prevent port reuse on transports which don't request it
  (bnc#1186264 bnc#1189021).
- commit a89b568
- kabi fix for NFSv4.1: Don't rebind to the same source port when
  reconnecting to the server
  (bnc#1186264 bnc#1189021)
- commit 844eb4c
- NFSv4.1: Don't rebind to the same source port when
  (bnc#1186264 bnc#1189021)
- commit 4b89a40
- ionic: fix up dim accounting for tx and rx (jsc#SLE-16649).
- ionic: remove intr coalesce update from napi (jsc#SLE-16649).
- ionic: make all rx_mode work threadsafe (jsc#SLE-16649).
- RDMA/bnxt_re: Fix stats counters (bsc#1188231).
- bnxt_en: Validate vlan protocol ID on RX packets
  (jsc#SLE-15075).
- ionic: add handling of larger descriptors (jsc#SLE-16649).
- ionic: add new queue features to interface (jsc#SLE-16649).
- ionic: fix sizeof usage (jsc#SLE-16649).
- ionic: protect adminq from early destroy (jsc#SLE-16649).
- ionic: stop watchdog when in broken state (jsc#SLE-16649).
- ionic: block actions during fw reset (jsc#SLE-16649).
- ionic: fix unchecked reference (jsc#SLE-16649).
- ionic: simplify the intr_index use in txq_init (jsc#SLE-16649).
- ionic: code cleanup details (jsc#SLE-16649).
- ionic: aggregate Tx byte counting calls (jsc#SLE-16649).
- ionic: simplify tx clean (jsc#SLE-16649).
- ionic: generic tx skb mapping (jsc#SLE-16649).
- ionic: simplify TSO descriptor mapping (jsc#SLE-16649).
- ionic: simplify use of completion types (jsc#SLE-16649).
- ionic: rebuild debugfs on qcq swap (jsc#SLE-16649).
- ionic: simplify rx skb alloc (jsc#SLE-16649).
- ionic: optimize fastpath struct usage (jsc#SLE-16649).
- ionic: implement Rx page reuse (jsc#SLE-16649).
- ionic: move rx_page_alloc and free (jsc#SLE-16649).
- ionic: change mtu after queues are stopped (jsc#SLE-16649).
- ionic: remove some unnecessary oom messages (jsc#SLE-16649).
- ionic: useful names for booleans (jsc#SLE-16649).
- ionic: check for link after netdev registration (jsc#SLE-16649).
- ionic: start queues before announcing link up (jsc#SLE-16649).
- commit 55ca0a7
- btrfs: rework chunk allocation to avoid exhaustion of the
  system chunk array (bsc#1189077).
- btrfs: fix deadlock with concurrent chunk allocations involving
  system chunks (bsc#1189077).
- btrfs: move the chunk_mutex in btrfs_read_chunk_tree
  (bsc#1189077).
- btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk
  (bsc#1189077).
- btrfs: parameterize dev_extent_min for chunk allocation
  (bsc#1189077).
- btrfs: factor out create_chunk() (bsc#1189077).
- btrfs: factor out decide_stripe_size() (bsc#1189077).
- btrfs: factor out gather_device_info() (bsc#1189077).
- btrfs: factor out init_alloc_chunk_ctl (bsc#1189077).
- btrfs: introduce alloc_chunk_ctl (bsc#1189077).
- btrfs: refactor find_free_dev_extent_start() (bsc#1189077).
- btrfs: introduce chunk allocation policy (bsc#1189077).
- btrfs: handle invalid profile in chunk allocation (bsc#1189077).
- commit 707ed65
- tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop
  (CVE-2021-3679 bsc#1189057).
- commit 49b5ebf
- net/mlx5: Properly convey driver version to firmware
  (git-fixes).
- commit 44d8f42
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- commit ac61742
- can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
- commit 75096f3
- net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
- commit 524d35f
- Update kabi files.
- update from August 2021 maintenance update submission (commit a13100d5f167)
- commit 75dc981
- blacklist.conf: add macsonic driver
- commit 688a554
- cifs: do not share tcp sessions of dfs connections
  (bsc#1185902).
- commit 78eb685
- cifs: prevent NULL deref in cifs_compose_mount_options()
  (bsc#1185902).
- commit a798607
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- commit 17b0494
- cifs: fix check of dfs interlinks (bsc#1185902).
- commit 1db4f4d
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- commit 064a32d
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- commit 65332c5
- cifs: set a minimum of 2 minutes for refreshing dfs cache
  (bsc#1185902).
- commit 1a16c86
- cifs: fix path comparison and hash calc (bsc#1185902).
- commit 9ae40ff
- cifs: handle different charsets in dfs cache (bsc#1185902).
- commit 7b185cd
- cifs: keep referral server sessions alive (bsc#1185902).
- commit a6fba08
- Refresh
  patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
  (bsc#1187591, bsc#1188694)
- Return EFI_UNSUPPORTED when accessing EFI_RNG_PROTOCOL failed.
- Improved the warning message.
- commit 6f32319
- cifs: get rid of @noreq param in __dfs_cache_find()
  (bsc#1185902).
- commit 7f4ff26
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- commit 96ce669
- cifs: Remove unused inline function is_sysvol_or_netlogon()
  (bsc#1185902).
- commit 7d7b6d5
- KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790).
- commit 81b4c99
- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit
  RSB path (bsc#1188788).
- commit f2e225f
- KVM: VMX: Enable machine check support for 32bit targets
  (bsc#1188787).
- commit 388d3fb
- KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4()
  (bsc#1188786).
- commit c5de014
- KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check
  in !64-bit (bsc#1188784).
- commit 08b2951
- KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
  (bsc#1188783).
- commit 5f8f317
- KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
  (bsc#1188782).
- commit ef7bd2d
- KVM: nVMX: Reset the segment cache when stuffing guest segs
  (bsc#1188781).
- commit 8984ecb
- KVM: nVMX: Really make emulated nested preemption timer pinned
  (bsc#1188780).
- commit 597c5f3
- ceph: clean up and optimize ceph_check_delayed_caps()
  (bsc#1187468).
- commit 33a74a3
- cifs: constify get_normalized_path() properly (bsc#1185902).
- commit f4ccabe
- cifs: don't cargo-cult strndup() (bsc#1185902).
- commit 2296da2
- Update config files: enable zstd decompression for initramfs (bsc#1187483, jsc#SLE-18766)
- commit 0fe9f47
- usr: Add support for zstd compressed initramfs (bsc#1187483, jsc#SLE-18766).
- commit a9bf6b8
- lib: Add zstd support to decompress (bsc#1187483, jsc#SLE-18766).
- commit 8fa709b
- btrfs: track ordered bytes instead of just dio ordered bytes (bsc#1135481).
- commit 9c3cf71
- btrfs: account for new extents being deleted in total_bytes_pinned (bsc#1135481).
- commit fed2922
- btrfs: handle space_info::total_bytes_pinned inside the delayed ref itself (bsc#1135481).
- commit 5426822
- btrfs: shrink delalloc pages instead of full inodes (bsc#1135481).
- commit 5e89cd2
- btrfs: fix possible infinite loop in data async reclaim (bsc#1135481).
- commit f95f181
- btrfs: add a comment explaining the data flush steps (bsc#1135481).
- commit a308556
- btrfs: do async reclaim for data reservations (bsc#1135481).
- commit deae828
- btrfs: flush delayed refs when trying to reserve data space (bsc#1135481).
- commit d82c207
- btrfs: run delayed iputs before committing the transaction for data (bsc#1135481).
- commit 6af13e4
- btrfs: don't force commit if we are data (bsc#1135481).
- commit 3380b09
- btrfs: drop the commit_cycles stuff for data reservations (bsc#1135481).
- commit c6ed5f3
- btrfs: use the same helper for data and metadata reservations (bsc#1135481).
- commit 188e042
- btrfs: serialize data reservations if we are flushing (bsc#1135481).
- commit 9a68295
- btrfs: use ticketing for data space reservations (bsc#1135481).
- commit 0cad012
- btrfs: add btrfs_reserve_data_bytes and use it (bsc#1135481).
- commit 7c494a4
- btrfs: add the data transaction commit logic into may_commit_transaction (bsc#1135481).
- commit 9327930
- btrfs: add flushing states for handling data reservations (bsc#1135481).
- commit ee0a32c
- btrfs: check tickets after waiting on ordered extents (bsc#1135481).
- commit e9723f6
- btrfs: use btrfs_start_delalloc_roots in shrink_delalloc (bsc#1135481).
- commit 08a821e
- btrfs: use the btrfs_space_info_free_bytes_may_use helper for delalloc (bsc#1135481).
- commit e18060c
- btrfs: call btrfs_try_granting_tickets when reserving space (bsc#1135481).
- commit e684a31
- btrfs: call btrfs_try_granting_tickets when unpinning anything (bsc#1135481).
- commit df0d484
- btrfs: call btrfs_try_granting_tickets when freeing reserved bytes (bsc#1135481).
- commit 4167827
- btrfs: make ALLOC_CHUNK use the space info flags (bsc#1135481).
- commit 6287797
- btrfs: make shrink_delalloc take space_info as an arg (bsc#1135481).
- commit 1eb212c
- btrfs: handle U64_MAX for shrink_delalloc (bsc#1135481).
- commit acedfaf
- btrfs: remove orig from shrink_delalloc (bsc#1135481).
- commit 02659bb
- btrfs: change nr to u64 in btrfs_start_delalloc_roots (bsc#1135481).
- commit 5b57ee8
- usb: dwc3: core: don't do suspend for device mode if already
  suspended (git-fixes).
- commit 82b18d4
- usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set
  (git-fixes).
- commit 072728a
- usb: dwc3: gadget: Set link state to RX_Detect on disconnect
  (git-fixes).
- commit 6a1e8b7
- usb: dwc3: gadget: Don't send unintended link state change
  (git-fixes).
- commit acdee65
- usb: dwc3: of-simple: add a shutdown (git-fixes).
- commit 15b84b1
- usb: dwc3: debug: Remove newline printout (git-fixes).
- commit 5104cc5
- usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
- commit a403162
- usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes).
- commit e16e74a
- usb: dwc3: gadget: Set BESL config parameter (git-fixes).
- commit b02b13d
- usb: dwc3: Separate field holding multiple properties
  (git-fixes).
- commit 1087836
- usb: dwc3: st: Add of_dev_put() in probe function (git-fixes).
- commit b4290b9
- usb: dwc3: st: Add of_node_put() before return in probe function
  (git-fixes).
- commit a5796ab
- usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes).
- commit 638e28a
- usb: dwc3: Use devres to get clocks (git-fixes).
- commit e717ac7
kmod
- Use docbook 4 rather than docbook 5 for building man pages (bsc#1190190).
  * Refres no-stylesheet-download.patch
- Add ZSTD support on Tumbleweed only. Add a way to detect ZSTD.
- Display module information even for modules built into the running kernel
  (bsc#1189537).
  + libkmod-Provide-info-even-for-modules-built-into-the.patch
- Enable support for ZSTD compressed modules
- /usr/lib should override /lib where both are available. Support /usr/lib for
  depmod.d as well.
  * Refresh usr-lib-modprobe.patch
- Remove test patches included in release 29
  - kmod-populate-modules-Use-more-bash-more-quotes.patch
  - kmod-testsuite-compress-modules-if-feature-is-enabled.patch
  - kmod-also-test-xz-compression.patch
- Update to release 29
  * Fix `modinfo -F` not working for built-in modules and
    certain fields.
  * Fix a memory leak, overflow and double free on error path.
- Drop 0001-Fix-modinfo-F-always-shows-name-for-built-ins.patch,
  0001-libkmod-config-revamp-kcmdline-parsing-into-a-state-.patch,
  0002-libkmod-config-re-quote-option-from-kernel-cmdline.patch
  (all merged)
libesmtp
- Add libesmtp-fix-cve-2019-19977.patch: Fix stack-based buffer
  over-read in ntlm/ntlmstruct.c (bsc#1160462 bsc#1189097).
mozilla-nss
- Removed nss-fips-kdf-self-tests.patch.  This was made
  obsolete by upstream changes. (bmo#1660304)
- Rebase nss-fips-stricter-dh.patch needed due to upstream changes.
- Update nss-fips-constructor-self-tests.patch to fix crashes
  reported by upstream. This was likely affecting WebRTC calls.
- update to NSS 3.68
  * bmo#1713562 - Fix test leak.
  * bmo#1717452 - NSS 3.68 should depend on NSPR 4.32.
  * bmo#1693206 - Implement PKCS8 export of ECDSA keys.
  * bmo#1712883 - DTLS 1.3 draft-43.
  * bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension.
  * bmo#1713562 - Validate ECH public names.
  * bmo#1717610 - Add function to get seconds from epoch from pkix::Time.
- update to NSS 3.67
  * bmo#1683710 - Add a means to disable ALPN.
  * bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66).
  * bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja.
  * bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c.
  * bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte.
- update to NSS 3.66
  * bmo#1710716 - Remove Expired Sonera Class2 CA from NSS.
  * bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority.
  * bmo#1708307 - Remove Trustis FPS Root CA from NSS.
  * bmo#1707097 - Add Certum Trusted Root CA to NSS.
  * bmo#1707097 - Add Certum EC-384 CA to NSS.
  * bmo#1703942 - Add ANF Secure Server Root CA to NSS.
  * bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS.
  * bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database.
  * bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler.
  * bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h.
  * bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators.
  * bmo#1709291 - Add VerifyCodeSigningCertificateChain.
  * Use GNU tar for the release helper script.
- update to NSS 3.65
  * bmo#1709654 - Update for NetBSD configuration.
  * bmo#1709750 - Disable HPKE test when fuzzing.
  * bmo#1566124 - Optimize AES-GCM for ppc64le.
  * bmo#1699021 - Add AES-256-GCM to HPKE.
  * bmo#1698419 - ECH -10 updates.
  * bmo#1692930 - Update HPKE to final version.
  * bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default.
  * bmo#1703936 - New coverity/cpp scanner errors.
  * bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
  * bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
  * bmo#1705119 - Deadlock when using GCM and non-thread safe tokens.
- refreshed patches
- Firefox 90.0 requires NSS 3.66
- update to NSS 3.64
  * bmo#1705286 - Properly detect mips64.
  * bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and
    disable_crypto_vsx.
  * bmo#1698320 - replace __builtin_cpu_supports("/vsx"/) with
    ppc_crypto_support() for clang.
  * bmo#1613235 - Add POWER ChaCha20 stream cipher vector
    acceleration.
- update to NSS 3.63.1
  * no upstream release notes for 3.63.1 (yet)
  Fixed in 3.63
  * bmo#1697380 - Make a clang-format run on top of helpful contributions.
  * bmo#1683520 - ECCKiila P384, change syntax of nested structs
    initialization to prevent build isses with GCC 4.8.
  * bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
    scalar multiplication.
  * bmo#1683520 - ECCKiila P521, change syntax of nested structs
    initialization to prevent build isses with GCC 4.8.
  * bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
    scalar multiplication.
  * bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
  * bmo#1694214 - tstclnt can't enable middlebox compat mode.
  * bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
    profiles.
  * bmo#1685880 - Minor fix to prevent unused variable on early return.
  * bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
    with nss build.
  * bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
    of root CA changes, CA list version 2.48.
  * bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
    'Chambers of Commerce' and 'Global Chambersign' roots.
  * bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
  * bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
  * bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
  * bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
    from NSS.
  * bmo#1687822 - Turn off Websites trust bit for the “Staat der
    Nederlanden Root CA - G3” root cert in NSS.
  * bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
    Root - 2008' and 'Global Chambersign Root - 2008’.
  * bmo#1694291 - Tracing fixes for ECH.
- required for Firefox 88
- update to NSS 3.62
  * bmo#1688374 - Fix parallel build NSS-3.61 with make
  * bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add()
    can corrupt "/cachedCertTable"/
  * bmo#1690583 - Fix CH padding extension size calculation
  * bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail
  * bmo#1690421 - Install packaged libabigail in docker-builds image
  * bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing
  * bmo#1674819 - Fixup a51fae403328, enum type may be signed
  * bmo#1681585 - Add ECH support to selfserv
  * bmo#1681585 - Update ECH to Draft-09
  * bmo#1678398 - Add Export/Import functions for HPKE context
  * bmo#1678398 - Update HPKE to draft-07
- required for Firefox 87
- Add nss-btrfs-sqlite.patch to address bmo#1690232
- update to NSS 3.61
  * required for Firefox 86
  * bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key
    values under certain conditions.
  * bmo#1684300 - Fix default PBE iteration count when NSS is compiled
    with NSS_DISABLE_DBM.
  * bmo#1651411 - Improve constant-timeness in RSA operations.
  * bmo#1677207 - Upgrade Google Test version to latest release.
  * bmo#1654332 - Add aarch64-make target to nss-try.
- update to NSS 3.60.1
  Notable changes in NSS 3.60:
  * TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support
    has been added, replacing the previous ESNI (draft-ietf-tls-esni-01)
    implementation. See bmo#1654332 for more information.
  * December 2020 batch of Root CA changes, builtins library updated
    to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769
    for more information.
- removed obsolete ppc-old-abi-v3.patch
- update to NSS 3.59.1
  * bmo#1679290 - Fix potential deadlock with certain third-party
    PKCS11 modules
- update to NSS 3.59
  Notable changes
  * Exported two existing functions from libnss:
    CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
  Bugfixes
  * bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race
  * bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
  * bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent
  * bmo#1670835 - Support enabling and disabling signatures via Crypto Policy
  * bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed
    root certs when SHA1 signatures are disabled.
  * bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to
    solve some test intermittents
  * bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in
    our CVE-2020-25648 fix that broke purple-discord
    (boo#1179382)
  * bmo#1666891 - Support key wrap/unwrap with RSA-OAEP
  * bmo#1667989 - Fix gyp linking on Solaris
  * bmo#1668123 - Export CERT_AddCertToListHeadWithData and
    CERT_AddCertToListTailWithData from libnss
  * bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
  * bmo#1663091 - Remove unnecessary assertions in the streaming
    ASN.1 decoder that affected decoding certain PKCS8
    private keys when using NSS debug builds
  * bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
- update to NSS 3.58
  Bugs fixed:
  * bmo#1641480 (CVE-2020-25648)
    Tighten CCS handling for middlebox compatibility mode.
  * bmo#1631890 - Add support for Hybrid Public Key Encryption
    (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello
    (draft-ietf-tls-esni).
  * bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto
    extensions.
  * bmo#1668328 - Handle spaces in the Python path name when using
    gyp on Windows.
  * bmo#1667153 - Add PK11_ImportDataKey for data object import.
  * bmo#1665715 - Pass the embedded SCT list extension (if present)
    to TrustDomain::CheckRevocation instead of the notBefore value.
- install libraries in %{_libdir} (boo#1029961)
- Fix build with RPM 4.16: error: bare words are no longer
  supported, please use "/..."/:  lib64 == lib64.
- update to NSS 3.57
  * The following CA certificates were Added:
    bmo#1663049 - CN=Trustwave Global Certification Authority
    SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8
    bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority
    SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4
    bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority
    SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097
  * The following CA certificates were Removed:
    bmo#1651211 - CN=EE Certification Centre Root CA
    SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76
    bmo#1656077 - O=Government Root Certification Authority; C=TW
    SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3
  * Trust settings for the following CA certificates were Modified:
    bmo#1653092 - CN=OISTE WISeKey Global Root GA CA
    Websites (server authentication) trust bit removed.
  * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes
- requires NSPR 4.29
- removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256)
- introduced _constraints due to high memory requirements especially
  for LTO on Tumbleweed
- Add patch to fix build on aarch64 - boo#1176934:
  * nss-freebl-fix-aarch64.patch
- Update nss-fips-approved-crypto-non-ec.patch to match RC2 code
  being moved to deprecated/.
- Remove nss-fix-dh-pkcs-derive-inverted-logic.patch. This was made
  obsolete by upstream changes.
- update to NSS 3.56
  Notable changes
  * bmo#1650702 - Support SHA-1 HW acceleration on ARMv8
  * bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS.
  * bmo#1654142 - Add CPU feature detection for Intel SHA extension.
  * bmo#1648822 - Add stricter validation of DH keys in FIPS mode.
  * bmo#1656986 - Properly detect arm64 during GYP build architecture
    detection.
  * bmo#1652729 - Add build flag to disable RC2 and relocate to
    lib/freebl/deprecated.
  * bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay.
  * bmo#1588941 - Send empty certificate message when scheme selection
    fails.
  * bmo#1652032 - Fix failure to build in Windows arm64 makefile
    cross-compilation.
  * bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent.
  * bmo#1653975 - Fix 3.53 regression by setting "/all"/ as the default
    makefile target.
  * bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert.
  * bmo#1659814 - Fix interop.sh failures with newer tls-interop
    commit and dependencies.
  * bmo#1656519 - NSPR dependency updated to 4.28
- do not hard require mozilla-nss-certs-32bit via baselibs
  (boo#1176206)
- update to NSS 3.55
  Notable changes
  * P384 and P521 elliptic curve implementations are replaced with
    verifiable implementations from Fiat-Crypto [0] and ECCKiila [1].
  * PK11_FindCertInSlot is added. With this function, a given slot
    can be queried with a DER-Encoded certificate, providing performance
    and usability improvements over other mechanisms. (bmo#1649633)
  * DTLS 1.3 implementation is updated to draft-38. (bmo#1647752)
  Relevant Bugfixes
  * bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and
    P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila.
  * bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature.
  * bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding.
  * bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part
    ChaCha20 (which was not functioning correctly) and more strictly
    enforce tag length.
  * bmo#1649648 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1649316 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1649322 - Don't memcpy zero bytes (sanitizer fix).
  * bmo#1653202 - Fix initialization bug in blapitest when compiled
    with NSS_DISABLE_DEPRECATED_SEED.
  * bmo#1646594 - Fix AVX2 detection in makefile builds.
  * bmo#1649633 - Add PK11_FindCertInSlot to search a given slot
    for a DER-encoded certificate.
  * bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo.
  * bmo#1647752 - Update DTLS 1.3 implementation to draft-38.
  * bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI.
  * bmo#1649226 - Add Wycheproof ECDSA tests.
  * bmo#1637222 - Consistently enforce IV requirements for DES and 3DES.
  * bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in
    RSA_CheckSignRecover.
  * bmo#1646324 - Advertise PKCS#1 schemes for certificates in the
    signature_algorithms extension.
- update to NSS 3.54
  Notable changes
  * Support for TLS 1.3 external pre-shared keys (bmo#1603042).
  * Use ARM Cryptography Extension for SHA256, when available
    (bmo#1528113)
  * The following CA certificates were Added:
    bmo#1645186 - certSIGN Root CA G2.
    bmo#1645174 - e-Szigno Root CA 2017.
    bmo#1641716 - Microsoft ECC Root Certificate Authority 2017.
    bmo#1641716 - Microsoft RSA Root Certificate Authority 2017.
  * The following CA certificates were Removed:
    bmo#1645199 - AddTrust Class 1 CA Root.
    bmo#1645199 - AddTrust External CA Root.
    bmo#1641718 - LuxTrust Global Root 2.
    bmo#1639987 - Staat der Nederlanden Root CA - G2.
    bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4.
    bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4.
    bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3.
  * A number of certificates had their Email trust bit disabled.
    See bmo#1618402 for a complete list.
  Bugs fixed
  * bmo#1528113 - Use ARM Cryptography Extension for SHA256.
  * bmo#1603042 - Add TLS 1.3 external PSK support.
  * bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows.
  * bmo#1645186 - Add "/certSIGN Root CA G2"/ root certificate.
  * bmo#1645174 - Add Microsec's "/e-Szigno Root CA 2017"/ root certificate.
  * bmo#1641716 - Add Microsoft's non-EV root certificates.
  * bmo1621151 - Disable email trust bit for "/O=Government
    Root Certification Authority; C=TW"/ root.
  * bmo#1645199 - Remove AddTrust root certificates.
  * bmo#1641718 - Remove "/LuxTrust Global Root 2"/ root certificate.
  * bmo#1639987 - Remove "/Staat der Nederlanden Root CA - G2"/ root
    certificate.
  * bmo#1618402 - Remove Symantec root certificates and disable email trust
    bit.
  * bmo#1640516 - NSS 3.54 should depend on NSPR 4.26.
  * bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c.
  * bmo#1642153 - Fix infinite recursion building NSS.
  * bmo#1642638 - Fix fuzzing assertion crash.
  * bmo#1642871 - Enable SSL_SendSessionTicket after resumption.
  * bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs.
  * bmo#1643557 - Fix numerous compile warnings in NSS.
  * bmo#1644774 - SSL gtests to use ClearServerCache when resetting
    self-encrypt keys.
  * bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c.
  * bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding.
netcfg
- add submissions port number [bsc#1189683]
- modified patches
  % services-suse.diff
open-iscsi
- Merge latest upstream, which includeds:
  * Support the "/qede"/ CMA-card driver. (bsc#1188579)
  * iscsistart: fix null pointer deref before exit
- Merge latest upstream, which added fix (bsc#1185930):
  * Set default 'startup' to 'onboot' for FW nodes
- Local (SUSE) change: update iscsi.service so that it tries to
  logon to any "/onboot"/ and firmware targets, in case a target
  was offline when booted but back up when the service is started.
  (bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
  * Add "/no wait"/ option to iscsiadm firmware login
  * Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
  * Log proper error message when AUTH failure occurs
openssl-1_1
- Other OpenSSL functions that print ASN.1 data have been found to assume that
  the ASN1_STRING byte array will be NUL terminated, even though this is not
  guaranteed for strings that have been directly constructed. Where an application
  requests an ASN.1 structure to be printed, and where that ASN.1 structure
  contains ASN1_STRINGs that have been directly constructed by the application
  without NUL terminating the "/data"/ field, then a read buffer overrun can occur.
  * CVE-2021-3712 continued
  * bsc#1189521
  * Add CVE-2021-3712-other-ASN1_STRING-issues.patch
  * Sourced from openssl-CVE-2021-3712.tar.bz2 posted on bsc-1189521
    2021-08-24 00:47 PDT by Marcus Meissner
pcre2
- Added 0001-Fixed-atomic-group-backtracking-bug.patch
  * bsc#1187937
  * PHP 7.6.4 on s390x returns different results for preg_match
    function as compared to older PHP versions and x86
  * Sourced from upstream subversion commit:
    $ svn log -r965 svn://vcs.pcre.org/pcre2/code/trunk
python3
- Rebuild to get new headers, avoid building in support for
  stropts.h (bsc#1187338).
runc
- Add Fix-ptsname-for-big-endian-architectures-again.patch (bsc#1189743)
samba
-  CVE-2021-20254 Buffer overrun in sids_to_unixids();
  (bnc#14571); (bsc#1184677).
- Fix offline domain backup not possible using lmdb version >= 0.9.26;
  (bso#14676);
- Require libldb >= 2.2.1; (bsc#1183572); (bsc#1183574);
- Update to 4.13.6
  * CVE-2020-27840: samba: Unauthenticated remote heap corruption
    via bad DNs; (bso#14595); (bsc#1183572).
  * CVE-2021-20277: samba: out of bounds read in ldb_handler_fold;
    (bso#14655); (bsc#1183574).
- Update to 4.13.5
  * s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
    start-up failure; (bso#14634);
  * s3: libsmb: Add missing cli_tdis() in error path if encryption setup
    failed on temp proxy connection; (bso#13992);
  * smbd: In conn_force_tdis_done() when forcing a connection closed force
    a full reload of services; (bso#14604);
  * dbcheck: Check Deleted Objects and reduce noise in reports about
    expired tombstones (bso#14593);
  * s3: Fix fcntl waf configure check; (bso#14503);
  * s3/auth: Implement "/winbind:ignore domains"/; (bso#14602);
  * smbd: Use fsp->conn->session_info for the initial delete-on-close
    token; (bso#14617);
  * s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error path;
    (bso#14648);
  * classicupgrade: Treat old never expires value right; (bso#14624);
  * g_lock: Fix uninitalized variable reads; (bso#14636);
  * s3:pysmbd: Fix fd leak in py_smbd_create_file(); (bso#13898);
  * lib:util: Avoid free'ing our own pointer; (bso#14625);
  * HEIMDAL: krb5_storage_free(NULL) should work; (bso#12505);
- Spec file fixes around systemd and requires; (bsc#1182830);
- Align systemd service unit files with upstream provided ones.
xen
- bsc#1189632 - VUL-0: CVE-2021-28701: xen: Another race in
  XENMAPSPACE_grant_table handling (XSA-384)
  xsa384.patch
- Upstream bug fixes (bsc#1027519)
  61001231-x86-work-around-GNU-ld-2-37-issue.patch
  611a7e38-x86-CET-shstk-WARN-manipulation.patch
  611cba4e-VT-d-Tylersburg-errata-more-steppings.patch
  611f844b-AMD-IOMMU-dont-leave-pt-mapped.patch
  6128a856-gnttab-radix-tree-node-init.patch
  61122ac6-credit2-avoid-spuriously-picking-idle.patch (Replaces
    credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch)
  6126339d-AMD-IOMMU-global-ER-extending.patch (Replaces xsa378-1.patch)
  6126344f-AMD-IOMMU-unity-map-handling.patch (Replaces xsa378-2.patch)
  61263464-IOMMU-pass-access-to-p2m_get_iommu_flags.patch (Replaces xsa378-3.patch)
  6126347d-IOMMU-generalize-VT-d-mapped-RMRR-tracking.patch (Replaces xsa378-4.patch)
  6126349a-AMD-IOMMU-rearrange-reassignment.patch (Replaces xsa378-5.patch)
  612634ae-AMD-IOMMU-rearrange-ER-UM-recording.patch (Replaces xsa378-6.patch)
  612634c3-x86-p2m-introduce-p2m_is_special.patch (Replaces xsa378-7.patch)
  612634dc-x86-p2m-guard-identity-mappings.patch (Replaces xsa378-8.patch)
  612634f4-x86-mm-widen-locked-region-in-xatp1.patch (Replaces xsa379.patch)
  6126350a-gnttab-release-mappings-preemption.patch (Replaces xsa380-1.patch
  6126351f-gnttab-replace-mapkind.patch (Replaces xsa380-2.patch)
  6126353d-gnttab-get-status-frames-array-capacity.patch (Replaces xsa382.patch)
  61263553-Arm-restrict-maxmem-for-dom0less.patch (Replaces xsa383.patch)
- bsc#1189882 - refresh libxc.sr.superpage.patch
  prevent superpage allocation in the LAPIC and ACPI_INFO range
- bsc#1189373 - VUL-0: CVE-2021-28694,CVE-2021-28695,
  CVE-2021-28696: xen: IOMMU page mapping issues on x86 (XSA-378)
  xsa378-1.patch
  xsa378-2.patch
  xsa378-3.patch
  xsa378-4.patch
  xsa378-5.patch
  xsa378-6.patch
  xsa378-7.patch
  xsa378-8.patch
- bsc#1189376 - VUL-0: CVE-2021-28697: xen: grant table v2 status
  pages may remain accessible after de-allocation. (XSA-379)
  xsa379.patch
- bsc#1189378 - VUL-0: CVE-2021-28698: xen: long running loops in
  grant table handling. (XSA-380)
  xsa380-1.patch
  xsa380-2.patch
- bsc#1189380 - VUL-0: CVE-2021-28699: xen: inadequate grant-v2
  status frames array bounds check. (XSA-382)
  xsa382.patch
- bsc#1189381 - VUL-0: CVE-2021-28700: xen: xen/arm: No memory
  limit for dom0less domUs. (XSA-383)
  xsa383.patch
- bsc#1188050 - L3: Xen guest yval1a80 SLES11SP4 hangs on cluster
  See also bsc#1179246.
  credit2-avoid-picking-a-spurious-idle-unit-when-caps-are-used.patch
- Drop aarch64-maybe-uninitialized.patch as the fix is in tarball.
- bsc#1176189 - xl monitoring process exits during xl save -p|-c
  keep the monitoring process running to cleanup the domU during shutdown
  xl-save-pc.patch
- bsc#1179246 - Dom0 hangs when pinning CPUs for dom0 with HVM guest
  60be0e24-credit2-pick-runnable-unit.patch
  60be0e42-credit2-per-entity-load-tracking-when-continuing.patch
- Upstream bug fixes (bsc#1027519)
  60bf9e19-Arm-create-dom0less-domUs-earlier.patch (Replaces xsa372-1.patch)
  60bf9e1a-Arm-boot-modules-scrubbing.patch (Replaces xsa372-2.patch)
  60bf9e1b-VT-d-size-qinval-queue-dynamically.patch (Replaces xsa373-1.patch)
  60bf9e1c-AMD-IOMMU-size-command-buffer-dynamically.patch (Replaces xsa373-2.patch)
  60bf9e1d-VT-d-eliminate-flush-related-timeouts.patch (Replaces xsa373-2.patch)
  60bf9e1e-x86-spec-ctrl-protect-against-SCSB.patch (Replaces xsa375.patch)
  60bf9e1f-x86-spec-ctrl-mitigate-TAA-after-S3.patch (Replaces xsa377.patch)
  60bfa904-AMD-IOMMU-wait-for-command-slot.patch (Replaces xsa373-4.patch)
  60bfa906-AMD-IOMMU-drop-command-completion-timeout.patch (Replaces xsa373-5.patch)
  60afe617-x86-TSX-minor-cleanup-and-improvements.patch
  60afe618-x86-TSX-deprecate-vpmu=rtm-abort.patch
  60be3097-x86-CPUID-fix-HLE-and-RTM-handling-again.patch
  60c0bf86-x86-TSX-cope-with-deprecation.patch
  60c8a7ac-x86-vpt-fully-init-timers-before-enlisting.patch
  60c8de6e-osdep_xenforeignmemory_map-prototype.patch
  60d49689-VT-d-undo-device-mappings-upon-error.patch
  60d496b9-VT-d-adjust-domid-map-updating-on-unmap.patch
  60d496d6-VT-d-clear_fault_bits-should-clear-all.patch
  60d496ee-VT-d-dont-lose-errors-on-multi-IOMMU-flush.patch
  60d5c6df-IOMMU-PCI-dont-let-domain-cleanup-continue.patch
- Dropped gcc11-fixes.patch
- bsc#1183243 - L3: Core cannot be opened when using xl dump-core
  of VM with PTF
  60ba695e-tools-libs-ctrl-fix-xc_core_arch_map_p2m-to-support.patch
- bsc#1180350 - some long deprecated commands were finally removed
  in qemu6. Adjust libxl to use supported commands.
  libxl-d5f54009dba11d04bfe2a28eee47b994de66b84a.patch
  libxl-f3f778c81769075ac0eb93b98d4b2803e7936453.patch
  libxl-4e217db45e83fc3173382306c8b03da86099a25d.patch
  libxl-85760c03d664400368a3f76ae0225307c25049a7.patch
  libxl-0ff26a3225d69ffec76fe5aca8296852fa951204.patch
  libxl-7c313e8365eb663311a0cf39f77b4f5880244765.patch
  libxl-0c0b3a7e4a2d65fd252b89b46bdcdb048bb24b6c.patch
  libxl-fe6630ddc4e8a8fbf8dd28a1bc58e3881393f9c1.patch
  libxl-qemu6-vnc-password.patch
  libxl-qemu6-scsi.patch
- Update logrotate.conf, move global options into per-file sections
  to prevent globbering of global state (bsc#1187406)
- Fix shell macro expansion in xen.spec, so that ExecStart=
  in xendomains-wait-disks.service is created correctly (bsc#1183877)
- bsc#1186428 - VUL-0: CVE-2021-28693: xen: xen/arm: Boot modules
  are not scrubbed (XSA-372)
  xsa372-1.patch
  xsa372-2.patch
- bsc#1186429 - VUL-0: CVE-2021-28692: xen: inappropriate x86 IOMMU
  timeout detection / handling (XSA-373)
  xsa373-1.patch
  xsa373-2.patch
  xsa373-3.patch
  xsa373-4.patch
  xsa373-5.patch
- bsc#1186433 - VUL-0: CVE-2021-0089: xen: Speculative Code Store
  Bypass (XSA-375)
  xsa375.patch
- bsc#1186434 - VUL-0: CVE-2021-28690: xen: x86: TSX Async Abort
  protections not restored after S3 (XSA-377)
  xsa377.patch
- Upstream bug fixes (bsc#1027519)
  60a27288-x86emul-gas-2-36-test-harness-build.patch
  60af933d-x86-gcc11-hypervisor-build.patch
  60afe616-x86-CPUID-rework-HLE-and-RTM-handling.patch
- Upstream bug fix (bsc#1027519)
  608676f2-VT-d-register-based-invalidation-optional.patch
- Add xen.sysconfig-fillup.patch to make sure xencommons is in a
  format as expected by fillup. (bsc#1185682)
  Each comment needs to be followed by an enabled key. Otherwise
  fillup will remove manually enabled key=value pairs, along with
  everything that looks like a stale comment, during next pkg update
- Refresh xenstore-launch.patch to cover also daemon case
- Update to Xen 4.14.2 bug fix release (bsc#1027519)
  xen-4.14.2-testing-src.tar.bz2
- Drop patches contained in new tarball
  5fedf9f4-x86-hpet_setup-fix-retval.patch
  5ff458f2-x86-vPCI-tolerate-disabled-MSI-X-entry.patch
  5ff71655-x86-dpci-EOI-regardless-of-masking.patch
  5ffc58e8-x86-ACPI-dont-overwrite-FADT.patch
  600999ad-x86-dpci-do-not-remove-pirqs-from.patch
  600ab341-x86-vioapic-EOI-check-IRR-before-inject.patch
  6011bbc7-x86-timer-fix-boot-without-PIT.patch
  6013e4bd-memory-bail-from-page-scrub-when-CPU-offline.patch
  6013e546-x86-HVM-reorder-domain-init-error-path.patch
  601d4396-x86-EFI-suppress-ld-2-36-debug-info.patch
  602bd768-page_alloc-only-flush-after-scrubbing.patch
  602cfe3d-IOMMU-check-if-initialized-before-teardown.patch
  602e5a8c-gnttab-never-permit-mapping-transitive-grants.patch
  602e5abb-gnttab-bypass-IOMMU-when-mapping-own-grant.patch
  6037b02e-x86-EFI-suppress-ld-2-36-base-relocs.patch
  60410127-gcc11-adjust-rijndaelEncrypt.patch
  60422428-x86-shadow-avoid-fast-fault-path.patch
  604b9070-VT-d-disable-QI-IR-before-init.patch
  60535c11-libxl-domain-soft-reset.patch
  60700077-x86-vpt-avoid-pt_migrate-rwlock.patch
  60787714-x86-HPET-factor-legacy-replacement-mode-enabling.patch
  60787714-x86-HPET-avoid-legacy-replacement-mode.patch
xfsprogs
- xfs_bmap: remove -c from manpage (bsc#1189552)
- xfs_bmap: don't reject -e (bsc#1189552)
  * Add xfsprogs-xfs_bmap-remove-c-from-manpage.patch
  * Add xfsprogs-xfs_bmap-don-t-reject-e.patch
- xfs_repair: check plausibility of root dir pointer before trashing it
  (bsc#1188651)
  * Add xfsprogs-xfs_repair-refactor-fixed-inode-location-checks.patch
  * Add xfsprogs-xfs_repair-check-plausibility-of-root-dir-pointer-be.patch
- xfsprogs: split libhandle1 into a separate package, since nothing
  within xfsprogs dynamically links against it. The shared library
  is still required by xfsdump as a runtime dependency.
- mkfs.xfs: fix ASSERT on too-small device with stripe geometry
  (bsc#1181536)
  * Add xfsprogs-mkfs.xfs-fix-ASSERT-on-too-small-device-with-stripe-.patch
- mkfs.xfs: if either sunit or swidth is nonzero, the other must be as
  well (bsc#1085917, bsc#1181535)
  * Add xfsprogs-mkfs.xfs-if-either-sunit-or-swidth-is-nonzero-the-ot.patch
- xfs_growfs: refactor geometry reporting (bsc#1181306)
  * Add xfsprogs-xfs_growfs-refactor-geometry-reporting.patch
- xfs_growfs: allow mounted device node as argument (bsc#1181299)
  * Add xfsprogs-libfrog-fs_table_lookup_mount-should-realpath-the-ar.patch
  * Add xfsprogs-xfs_fsr-refactor-mountpoint-finding-to-use-libfrog-p.patch
  * Add xfsprogs-xfs_growfs-allow-mounted-device-node-as-argument.patch
- xfs_repair: rebuild directory when non-root leafn blocks claim block 0
  (bsc#1181309)
  * Add xfsprogs-xfs_repair-rebuild-directory-when-non-root-leafn-blo.patch