Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

kernel-debug-modules-core-5.14.0-427.37.1.el9_4 RPM for x86_64

From AlmaLinux 9.4 BaseOS for x86_64

Name: kernel-debug-modules-core Distribution: AlmaLinux
Version: 5.14.0 Vendor: AlmaLinux
Release: 427.37.1.el9_4 Build date: Tue Sep 24 23:13:42 2024
Group: Unspecified Build host: x64-builder02.almalinux.org
Size: 46089936 Source RPM: kernel-5.14.0-427.37.1.el9_4.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://www.kernel.org/
Summary: Core kernel modules to match the core kernel
This package provides essential kernel modules for the core kernel package.

Provides

Requires

License

((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib

Changelog

* Fri Sep 13 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.37.1.el9_4]
  - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CKI Backport Bot) [RHEL-42783] {CVE-2024-26947}
  - powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (Mamatha Inamdar) [RHEL-45537 RHEL-25055]
  - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-40517 RHEL-39354] {CVE-2024-36016}
  - smb: client: set correct id, uid and cruid for multiuser automounts (Jay Shin) [RHEL-47260 RHEL-31245]
  - printk: printk.c: Disable per_console_kthreads on !CONFIG_PREEMPT_RT (Derek Barbosa) [RHEL-39064]
  - uio: Fix use-after-free in uio_open (Ricardo Robaina) [RHEL-41275 RHEL-26233] {CVE-2023-52439}
  - gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Steve Best) [RHEL-43192 RHEL-39849] {CVE-2024-36899}
  - wifi: mac80211: Avoid address calculations via out of bounds array indexing (CKI Backport Bot) [RHEL-51287 RHEL-51285] {CVE-2024-41071}
  - Input: cyapa - add missing input core locking to suspend/resume functions (cki-backport-bot) [RHEL-44455] {CVE-2023-52884}
  - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Limit number of driver warning messages (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix race condition in disconnect handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix race conditions in suspend/resume handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix partial packet errors on suspend/resume (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Add missing return code checks (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Remove unused pause frame queue (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Set flow control threshold to prevent packet loss (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Remove unused timer (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix white space and style issues (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - sctp: fix association labeling in the duplicate COOKIE-ECHO case (CKI Backport Bot) [RHEL-56745 RHEL-48647]
  - ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: remove af_xdp_zc_qps bitmap (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: reorder disabling IRQ and NAPI in ice_qp_dis (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make ice_vsi_cfg_txq() static (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make ice_vsi_cfg_rxq() static (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make use of DEFINE_FLEX() for struct ice_aqc_add_tx_qgrp (Petr Oros) [RHEL-52771 RHEL-17486]
  - xdp: reflect tail increase for MEM_TYPE_XSK_BUFF_POOL (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: update xdp_rxq_info::frag_size for ZC enabled Rx queue (Petr Oros) [RHEL-52771 RHEL-38863]
  - intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: remove redundant xdp_rxq_info registration (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: work on pre-XDP prog frag count (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: fix usage of multi-buffer BPF helpers for ZC XDP (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: recycle buffer in case Rx queue was full (Petr Oros) [RHEL-52771 RHEL-38863]
  - overflow: add DEFINE_FLEX() for on-stack allocs (Petr Oros) [RHEL-52771 RHEL-30138]
  - overflow: Add struct_size_t() helper (Petr Oros) [RHEL-52771 RHEL-30138]
  - bpf, sockmap: Prevent lock inversion deadlock in map delete elem (Felix Maurer) [RHEL-41479 RHEL-30107] {CVE-2024-35895}
  - xfs: allow SECURE namespace xattrs to use reserved block pool (CKI Backport Bot) [RHEL-54443 RHEL-49806]
  - platform/x86/intel-uncore-freq: Don't present root domain on error (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel-uncore-freq: Increase minor number support (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel-uncore-freq: Process read/write blocked feature status (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel/tpmi: Move TPMI ID definition (Steve Best) [RHEL-43291 RHEL-35956]
  - ice: fix VSI lists confusion when adding VLANs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
  - ice: fix accounting for filters shared by multiple VSIs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
  - ice: fix accounting if a VLAN already exists (CKI Backport Bot) [RHEL-57778 RHEL-17486]
* Fri Sep 06 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.36.1.el9_4]
  - scsi: qla2xxx: Fix double free of fcport (Nilesh Javali) [RHEL-39547 RHEL-40034 RHEL-25184 RHEL-35020] {CVE-2024-26929}
  - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (Nilesh Javali) [RHEL-39547 RHEL-41325 RHEL-25184 RHEL-35016] {CVE-2024-26930}
  - scsi: qla2xxx: Fix command flush on cable pull (Nilesh Javali) [RHEL-39547 RHEL-40029 RHEL-25184 RHEL-35012] {CVE-2024-26931}
  - net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53708 RHEL-53004] {CVE-2024-42246}
  - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-56275 RHEL-56084]
  - wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52368] {CVE-2024-42225}
  - cppc_cpufreq: Fix possible null pointer dereference (cki-backport-bot) [RHEL-44145] {CVE-2024-38573}
  - ring-buffer: Fix a race between readers and resize checks (cki-backport-bot) [RHEL-43920] {CVE-2024-38601}
  - fork: defer linking file vma until vma is fully initialized (Rafael Aquini) [RHEL-35617 RHEL-35022] {CVE-2024-27022}
  - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48393 RHEL-48391] {CVE-2024-40984}
  - KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes (Maxim Levitsky) [RHEL-41345 RHEL-32430] {CVE-2024-26991}
  - net/sched: act_mirred: don't override retval if we already lost the skb (Davide Caratti) [RHEL-42644 RHEL-31724] {CVE-2024-26739}
  - net/sched: act_mirred: Create function tcf_mirred_to_dev and improve readability (Davide Caratti) [RHEL-42644 RHEL-32137]
  - cpufreq: exit() callback is optional (cki-backport-bot) [RHEL-43848] {CVE-2024-38615}
  - gfs2: Fix potential glock use-after-free on unmount (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - gfs2: simplify gdlm_put_lock with out_free label (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - gfs2: Remove ill-placed consistency check (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - wifi: nl80211: Avoid address calculations via out of bounds array indexing (Jose Ignacio Tornos Martinez) [RHEL-46505 RHEL-34696] {CVE-2024-38562}
* Fri Aug 30 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.35.1.el9_4]
  - usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
  - ceph: force sending a cap update msg back to MDS for revoke op (Xiubo Li) [RHEL-55437]
  - ceph: periodically flush the cap releases (Xiubo Li) [RHEL-55437]
  - mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
  - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
  - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
  - net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
  - nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
  - kernfs: change kernfs_rename_lock into a read-write lock (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Separate kernfs_pr_cont_buf and rename_lock (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: fix missing kernfs_iattr_rwsem locking (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Introduce separate rwsem to protect inode attributes (Jay Shin) [RHEL-55253 RHEL-52956]
  - xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
  - Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
  - xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
  - nfsd: don't take fi_lock in nfsd_break_deleg_cb() (Benjamin Coddington) [RHEL-42578 RHEL-34875]
  - nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
  - net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
  - net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
  - net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
  - efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
  - ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (Charles Mirabile) [RHEL-34234 RHEL-1697]
  - ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (Charles Mirabile) [RHEL-34234 RHEL-1697]
  - ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (Scott Weaver) [RHEL-34234 RHEL-1697]
* Thu Aug 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.34.1.el9_4]
  - mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
  - mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
  - ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
  - x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
  - PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
  - iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
  - mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
  - regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
  - mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
  - kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
  - mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
  - rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - gpio: tegra186: Fix tegra186_gpio_is_accessible() check (Charles Mirabile) [RHEL-49347 RHEL-32452]
  - net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
  - KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
  - cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
  - x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
  - scsi: qedf: Ensure the copied buf is NUL terminated (cki-backport-bot) [RHEL-44203] {CVE-2024-38559}
* Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]
  - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
  - netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
  - crypto: bcm - Fix pointer arithmetic (cki-backport-bot) [RHEL-44116] {CVE-2024-38579}
  - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51035 RHEL-51033] {CVE-2024-41041}
  - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (Florian Westphal) [RHEL-42832 RHEL-33985] {CVE-2024-27019}
  - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV (Florian Westphal) [RHEL-42832 RHEL-33985]
  - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() (Florian Westphal) [RHEL-42832 RHEL-33985]
  - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (Florian Westphal) [RHEL-41802 RHEL-33985] {CVE-2024-26925}
  - netfilter: nf_tables: discard table flag update with pending basechain deletion (Florian Westphal) [RHEL-40231 RHEL-33985] {CVE-2024-35897}
  - netfilter: nf_tables: reject table flag and netdev basechain updates (Florian Westphal) [RHEL-40231 RHEL-33985]
  - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nft_limit: reject configurations that cause integer overflow (Florian Westphal) [RHEL-40065 RHEL-33985] {CVE-2024-26668}
  - scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48339] {CVE-2024-40978}
  - mm/huge_memory: don't unpoison huge_zero_folio (Aristeu Rozanski) [RHEL-47804] {CVE-2024-40914}
  - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48375 RHEL-6118] {CVE-2024-40983}
  - netfilter: nft_set_rbtree: skip end interval element from gc (Florian Westphal) [RHEL-41265] {CVE-2024-26581}
  - nvmet: fix a possible leak when destroy a ctrl during qp establishment (CKI Backport Bot) [RHEL-52021 RHEL-52019 RHEL-52020] {CVE-2024-42152}
  - net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (CKI Backport Bot) [RHEL-51756] {CVE-2024-42110}
  - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Florian Westphal) [RHEL-40265 RHEL-33985] {CVE-2024-35898}
  - netfilter: br_netfilter: remove WARN traps (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: br_netfilter: skip conntrack input hook for promisc packets (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: bridge: confirm multicast packets before passing them up the stack (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: nf_conntrack_bridge: initialize err to 0 (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (Florian Westphal) [RHEL-42842 RHEL-33985] {CVE-2024-27020}
* Mon Aug 12 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.32.1.el9_4]
  - REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
  - net/mlx5e: Fix netif state handling (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
  - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
  - tun: add missing verification for short frame (Patrick Talbert) [RHEL-50202 RHEL-50203] {CVE-2024-41091}
  - tap: add missing verification for short frame (Patrick Talbert) [RHEL-50264 RHEL-50265] {CVE-2024-41090}
  - vfio/pci: Lock external INTx masking ops (Alex Williamson) [RHEL-43421 RHEL-30023] {CVE-2024-26810}
  - net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44299] {CVE-2024-38538}
  - KVM: arm64: Ensure target address is granule-aligned for range TLBI (Sebastian Ott) [RHEL-52248 RHEL-31215]
  - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (cki-backport-bot) [RHEL-44250] {CVE-2024-38544}
  - NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-52082] {CVE-2024-41076}
  - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (Nigel Croxon) [RHEL-46421 RHEL-35393] {CVE-2024-39476}
  - KVM: s390: fix LPSWEY handling (CKI Backport Bot) [RHEL-50074]
  - cxl/port: Fix delete_endpoint() vs parent unregistration race (John W. Linville) [RHEL-39290 RHEL-23582] {CVE-2023-52771}
  - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (Petr Oros) [RHEL-49862 RHEL-17486] {CVE-2024-26855}
  - ice: fix LAG and VF lock dependency in ice_reset_vf() (Petr Oros) [RHEL-49820 RHEL-17486] {CVE-2024-36003}
  - net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (Jose Ignacio Tornos Martinez) [RHEL-47992 RHEL-9429] {CVE-2024-40939}
  - wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47770] {CVE-2024-40911}
  - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47788] {CVE-2024-40912}
  - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47920] {CVE-2024-40929}
  - wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48028] {CVE-2024-40941}
  - seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (Hangbin Liu) [RHEL-48098 RHEL-45826] {CVE-2024-40957}
  - ipv6: fix possible race in __fib6_drop_pcpu_from() (Hangbin Liu) [RHEL-47572 RHEL-45826] {CVE-2024-40905}
  - redhat/configs: Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
  - drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
  - drm/mgag200: Fix caching setup for remapped video memory (Scott Weaver) [RHEL-39581 RHEL-24102]
  - Revert "drm/mgag200: Flush the cache to improve latency" (Scott Weaver) [RHEL-39581 RHEL-28760]
  - net: psample: fix flag being set in wrong skb (Adrian Moreno) [RHEL-47275]
  - net: openvswitch: store sampling probability in cb. (Adrian Moreno) [RHEL-47275]
  - net: openvswitch: add psample action (Adrian Moreno) [RHEL-47275]
  - net: psample: allow using rate as probability (Adrian Moreno) [RHEL-47275]
  - net: psample: skip packet copy if no listeners (Adrian Moreno) [RHEL-47275]
  - net: psample: add user cookie (Adrian Moreno) [RHEL-47275]
  - i40e: fix: remove needless retries of NVM update (CKI Backport Bot) [RHEL-48169 RHEL-36692]
  - ice: Reject pin requests with unsupported flags (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Don't process extts if PTP is disabled (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Fix improper extts handling (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: stop destroying and reinitalizing Tx tracker during reset (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: factor out ice_ptp_rebuild_owner() (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: rename ice_ptp_tx_cfg_intr (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: don't check has_ready_bitmap in E810 functions (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: rename verify_cached to has_ready_bitmap (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: pass reset type to PTP reset functions (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: introduce PTP state machine (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: make RX HW timestamp reading code more reusable (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Rename E822 to E82X (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: periodically kick Tx timestamp interrupt (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Re-enable timestamping correctly after reset (Petr Oros) [RHEL-50388 RHEL-17486]
  - ptp: introduce helpers to adjust by scaled parts per million (Petr Oros) [RHEL-50388 RHEL-17486]
  - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (Andrew Halaney) [RHEL-42566 RHEL-24205] {CVE-2023-52880}
  - netfilter: complete validation of user input (Phil Sutter) [RHEL-47384 RHEL-37212] {CVE-2024-35962}
  - netfilter: validate user input for expected length (Phil Sutter) [RHEL-41668 RHEL-37212] {CVE-2024-35896}
  - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-40051 RHEL-39719] {CVE-2024-36025}
  - x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-37615 RHEL-33260] {CVE-2024-26908}
  - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Prarit Bhargava) [RHEL-37615 RHEL-25415]
* Fri Aug 09 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.31.1.el9_4]
  - net: fix __dst_negative_advice() race (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}
  - net: annotate data-races around sk->sk_dst_pending_confirm (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}
* Mon Aug 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.30.1.el9_4]
  - dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (Mark Salter) [RHEL-49538 RHEL-39308]
  - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jon Maloy) [RHEL-44467] {CVE-2024-37353}
  - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Izabela Bakollari) [RHEL-36271 RHEL-26682] {CVE-2024-26600}
  - eeprom: at24: fix memory corruption race condition (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Use dev_err_probe for nvmem register failure (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Add support for 24c1025 EEPROM (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: remove struct at24_client (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - at24: Support probing while in non-zero ACPI D state (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44439] {CVE-2024-37356}
  - cxl/region: Fix cxlr_pmem leaks (cki-backport-bot) [RHEL-44486] {CVE-2024-38391}
  - tls: fix missing memory barrier in tls_init (cki-backport-bot) [RHEL-44480] {CVE-2024-36489}
  - igc: avoid returning frame twice in XDP_REDIRECT (Corinna Vinschen) [RHEL-42714 RHEL-33266] {CVE-2024-26853}
  - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44404 RHEL-44402] {CVE-2024-33621}
  - ipvlan: add ipvlan_route_v6_outbound() helper (Davide Caratti) [RHEL-44404 RHEL-32205]
  - ipvlan: properly track tx_errors (Davide Caratti) [RHEL-44404 RHEL-32205]
  - wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-41698 RHEL-39754] {CVE-2024-36941}
  - wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-41658 RHEL-37028] {CVE-2024-35845}
  - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-41556 RHEL-37018] {CVE-2024-35852}
  - net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44215] {CVE-2024-38558}
  - wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-41520 RHEL-39799] {CVE-2024-36922}
  - wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-38754 RHEL-37345] {CVE-2024-35937}
  - ice: fix memory corruption bug with suspend and rebuild (Petr Oros) [RHEL-49858 RHEL-17486] {CVE-2024-35911}
  - ipv6: prevent possible NULL deref in fib6_nh_init() (Hangbin Liu) [RHEL-48182 RHEL-45826] {CVE-2024-40961}
  - netns: Make get_net_ns() handle zero refcount net (Paolo Abeni) [RHEL-48117 RHEL-46610] {CVE-2024-40958}
  - net: do not leave a dangling sk pointer, when socket creation fails (Paolo Abeni) [RHEL-48072 RHEL-46610] {CVE-2024-40954}
  - net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (CKI Backport Bot) [RHEL-47902] {CVE-2024-40928}
  - net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Ivan Vecera) [RHEL-43619 RHEL-30344] {CVE-2021-47606}
  - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (CKI Backport Bot) [RHEL-46921] {CVE-2024-39487}
  - nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (Benjamin Coddington) [RHEL-42732 RHEL-34875] {CVE-2024-26868}
  - efi: fix panic in kdump kernel (Steve Best) [RHEL-42920 RHEL-36998] {CVE-2024-35800}
  - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Hangbin Liu) [RHEL-41735 RHEL-31050] {CVE-2024-27417}
  - netfilter: nf_tables: do not compare internal table flags on updates (Florian Westphal) [RHEL-41682 RHEL-33985] {CVE-2024-27065}
  - ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-41466 RHEL-39786] {CVE-2024-36903}
  - netfilter: nf_tables: honor table dormant flag from netdev release event path (Florian Westphal) [RHEL-40056 RHEL-33985] {CVE-2024-36005}
  - cifs: fix underflow in parse_server_interfaces() (Paulo Alcantara) [RHEL-34636 RHEL-31245] {CVE-2024-26828}
  - drm/i915/audio: Fix audio time stamp programming for DP (CKI Backport Bot) [RHEL-45843]
  - platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
  - platform/x86: wmi: remove unnecessary initializations (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
  - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CKI Backport Bot) [RHEL-43170] {CVE-2024-36017}
  - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (Florian Westphal) [RHEL-40062 RHEL-33985] {CVE-2024-26808}
  - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-39017 RHEL-32372] {CVE-2024-35969}
  - netfilter: nf_tables: flush pending destroy work before exit_net release (Florian Westphal) [RHEL-38765 RHEL-33985] {CVE-2024-35899}
  - vt: fix unicode buffer corruption when deleting characters (Andrew Halaney) [RHEL-42947 RHEL-24205] {CVE-2024-35823}
* Fri Jul 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.29.1.el9_4]
  - net: Avoid address overwrite in kernel_connect (Davide Caratti) [RHEL-45728 RHEL-30875]
  - net: replace calls to sock->ops->connect() with kernel_connect() (Davide Caratti) [RHEL-45728 RHEL-33410]
  - i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-41638 RHEL-39704] {CVE-2024-36020}
  - cifs: translate network errors on send to -ECONNABORTED (Jay Shin) [RHEL-47047 RHEL-31245]
  - wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44132] {CVE-2024-38575}
  - wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-43208 RHEL-39803] {CVE-2024-36921}
  - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-42906 RHEL-36809] {CVE-2024-35789}
  - wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-42886 RHEL-36900] {CVE-2024-27434}
  - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-42860 RHEL-35142] {CVE-2024-27052}
  - wifi: mt76: mt7925e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-42856 RHEL-35148] {CVE-2024-27049}
  - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-42743 RHEL-34187] {CVE-2024-26897}
  - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (Jose Ignacio Tornos Martinez) [RHEL-42383 RHEL-35199] {CVE-2023-52651}
  - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-41402 RHEL-39781] {CVE-2024-36929}
* Fri Jul 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.28.1.el9_4]
  - mlxbf_gige: call request_irq() after NAPI initialized (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
  - mlxbf_gige: stop PHY during open() error paths (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
  - mlxbf_gige: stop interface during shutdown (Kamal Heib) [RHEL-41708 RHEL-37244] {CVE-2024-35885}
  - net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43796 RHEL-43794] {CVE-2022-48743}
  - nfp: flower: handle acti_netdevs allocation failure (Ken Cox) [RHEL-42852 RHEL-35158] {CVE-2024-27046}
  - block: add check that partition length needs to be aligned with block size (Ming Lei) [RHEL-45501 RHEL-26616] {CVE-2023-52458}
  - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: CREATE_SESSION must never cache NFS4ERR_DELAY replies (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: Document the phases of CREATE_SESSION (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: Fix the NFSv4.1 CREATE_SESSION operation (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - icmp: prevent possible NULL dereferences from icmp_build_probe() (Antoine Tenart) [RHEL-42974 RHEL-37002] {CVE-2024-35857}
  - NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking (Scott Mayhew) [RHEL-45360 RHEL-24133]
  - RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
  - RAS/AMD/ATL: Fix MI300 bank hash (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
  - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-42689 RHEL-33271] {CVE-2024-26852}
  - epoll: be better about file lifetimes (Pavel Reichl) [RHEL-44091 RHEL-44083] {CVE-2024-38580}
  - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Dick Kennedy) [RHEL-40659 RHEL-40665 RHEL-24508 RHEL-39793] {CVE-2024-36924}
  - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Dick Kennedy) [RHEL-40659 RHEL-40669 RHEL-24508 RHEL-39887] {CVE-2024-36952}
  - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (Viktor Malik) [RHEL-42640 RHEL-31726] {CVE-2024-26737}
  - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-41489 RHEL-38415] {CVE-2021-47459}
  - wifi: ath11k: restore country code during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: refactor setting country code logic (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - bus: mhi: host: Add mhi_power_down_keep_dev() API to support system suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - net: qrtr: support suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: support hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: thermal: don't try to register multiple times (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: fix warning on DMA ring capabilities event (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: do not dump SRNG statistics during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: remove MHI LOOPBACK channels (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: rearrange IRQ enable/disable in reset path (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
* Mon Jul 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.27.1.el9_4]
  - drm/ast: Fix soft lockup (CKI Backport Bot) [RHEL-45716]
  - dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41838 RHEL-33217] {CVE-2024-26880}
  - KVM: arm64: Do not re-initialize the KVM lock (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: Fix host-programmed guest events in nVHE (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: Fix double-free following kvm_pgtable_stage2_free_unlinked() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - octeontx2-af: Use separate handlers for interrupts (Kamal Heib) [RHEL-42846 RHEL-35170] {CVE-2024-27030}
  - Squashfs: check the inode number is not the invalid value of zero (Abhi Das) [RHEL-42811 RHEL-35098] {CVE-2024-26982}
  - net: fix sk_memory_allocated_{add|sub} vs softirqs (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - tcp: sk_forced_mem_schedule() optimization (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - net: make SK_MEMORY_PCPU_RESERV tunable (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-42655 RHEL-31690] {CVE-2024-26773}
  - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-42528 RHEL-38200] {CVE-2023-52809}
  - KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (Maxim Levitsky) [RHEL-43388]
  - s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-40398 RHEL-36047]
  - RAS: enable CONFIG_RAS_FMPM (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Avoid build errors when CONFIG_DEBUG_FS=n (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Safely handle saved records of various sizes (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Merge tag 'edac_updates_for_v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Fix off by one when unwinding on error (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Add debugfs interface to print record entries (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Save SPA values (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Export helper to get ras_debugfs_dir (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Introduce a FRU memory poison manager (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - x86/cpu/amd: Provide a separate accessor for Node ID (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 row retirement support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Documentation: Move RAS section to admin-guide (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Documentation: RAS: Add index and address translation section (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - cpu/SMT: Make SMT control more robust against enumeration failures (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
* Fri Jul 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.26.1.el9_4]
  - net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-39217 RHEL-37430] {CVE-2024-35958}
  - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-41749 RHEL-39837] {CVE-2024-36904}
  - mm/mglru: Revert "don't sync disk for each aging cycle" (Waiman Long) [RHEL-44418]
  - tipc: fix UAF in error path (Xin Long) [RHEL-34848 RHEL-34280] {CVE-2024-36886}
  - selftest/cgroup: Update test_cpuset_prs.sh to match changes (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Make cpuset.cpus.exclusive independent of cpuset.cpus (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Delay setting of CS_CPU_EXCLUSIVE until valid partition (Waiman Long) [RHEL-45139]
  - selftest/cgroup: Fix test_cpuset_prs.sh problems reported by test robot (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix remote root partition creation problem (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Optimize isolated partition only generate_sched_domains() calls (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix retval in update_cpumask() (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix a memory leak in update_exclusive_cpumask() (Waiman Long) [RHEL-45139]
  - ice: implement AQ download pkg retry (Petr Oros) [RHEL-38907 RHEL-17318]
  - redhat: include resolve_btfids in kernel-devel (Viktor Malik) [RHEL-43426 RHEL-40707]
  - blk-cgroup: fix list corruption from resetting io stat (cki-backport-bot) [RHEL-44977] {CVE-2024-38663}
  - misc: rtsx: do clear express reg every SD_INT (David Arcari) [RHEL-39985 RHEL-33706]
  - misc: rtsx: Fix rts5264 driver status incorrect when card removed (David Arcari) [RHEL-39985 RHEL-33706]
  - netfilter: tproxy: bail out if IP has been disabled on the device (cki-backport-bot) [RHEL-44371] {CVE-2024-36270}
  - lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44263 RHEL-44261] {CVE-2024-38543}
  - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44039] {CVE-2024-38586}
  - net: micrel: Fix receiving the timestamp in the frame for lan8841 (cki-backport-bot) [RHEL-43996] {CVE-2024-38593}
  - vt: fix memory overlapping when deleting chars in the buffer (Waiman Long) [RHEL-43379 RHEL-27780] {CVE-2022-48627}
  - net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (Kamal Heib) [RHEL-42728 RHEL-34192] {CVE-2024-26858}
  - locking/atomic: Make test_and_*_bit() ordered on failure (Paolo Bonzini) [RHEL-45896]
  - mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (Rafael Aquini) [RHEL-42659 RHEL-31840] {CVE-2024-26783}
  - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (Jose Ignacio Tornos Martinez) [RHEL-42379 RHEL-31530] {CVE-2023-52638}
  - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Ken Cox) [RHEL-42226 RHEL-38715] {CVE-2021-47548}
* Mon Jul 01 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.25.1.el9_4]
  - nvme: fix reconnection fail due to reserved tag allocation (Maurizio Lombardi) [RHEL-42896 RHEL-36896] {CVE-2024-27435}
  - net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (cki-backport-bot) [RHEL-43625] {CVE-2021-47596}
  - scsi: sg: Avoid race in error handling & drop bogus warn (Ewan D. Milne) [RHEL-36106 RHEL-35659]
  - scsi: sg: Avoid sg device teardown race (Ewan D. Milne) [RHEL-36106 RHEL-35659]
  - netfilter: nf_tables: use timestamp to check for set element timeout (Florian Westphal) [RHEL-38032 RHEL-33985] {CVE-2024-27397}
  - netfilter: nft_set_rbtree: Remove unused variable nft_net (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nft_set_rbtree: prefer sync gc to async worker (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nft_set_rbtree: rename gc deactivate+erase function (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nf_tables: de-constify set commit ops function argument (Florian Westphal) [RHEL-38032 RHEL-33985]
  - octeontx2-af: avoid off-by-one read from userspace (Kamal Heib) [RHEL-40486 RHEL-39873] {CVE-2024-36957}
* Sun Jun 23 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.24.1.el9_4]
  - net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - xen-netfront: Add missing skb_mark_for_recycle (Vitaly Kuznetsov) [RHEL-37626 RHEL-36573] {CVE-2024-27393}
  - tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-34953 RHEL-29239]
  - tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-34953 RHEL-29239]
  - net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-38972 RHEL-37093] {CVE-2023-52667}
  - crypto: qat - Fix typo (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
  - crypto: qat - specify firmware files for 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - validate slices count returned by FW (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve error logging to be consistent across features (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve error message in adf_get_arbiter_mapping() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - implement interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add bank save and restore flows (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - expand CSR operations for QAT GEN4 devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - rename get_sla_arr_of_type() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate CSR access code (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - move PFVF compat checker to a function (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate and rename 4xxx PF2VM definitions (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - adf_get_etr_base() helper (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - redhat/configs: Add CONFIG_CRYPTO_DEV_QAT_420XX (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - make ring to service map common for QAT GEN4 (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix ring to service map for dcc in 420xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix ring to service map for dcc in 4xxx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix comment structure (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove unnecessary description from comment (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove double initialization of value (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - removed unused macro in adf_cnv_dbgfs.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove unused macros in qat_comp_alg.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - uninitialized variable in adf_hb_error_inject_write() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - Documentation: qat: fix auto_reset section (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
  - crypto: qat - change SLAs cleanup flow at shutdown (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve aer error reset handling (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - limit heartbeat notifications (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add auto reset on error (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add fatal error notification (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - re-enable sriov after pf reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - update PFVF protocol for recovery (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - disable arbitration before reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add fatal error notify method (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add heartbeat error simulator (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - avoid memcpy() overflow warning (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - generate dynamically arbiter mappings (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for ring pair level telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for device telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add admin msgs for telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - include pci.h for GET_DEV() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for 420xx devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - move fw config related structures (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate portions of qat_4xxx code (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - change signature of uof_get_num_objs() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate and rename get_service_enabled() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - seq_file: add helper macro to define attribute for rw file (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - minmax: Introduce {min,max}_array() (Vladis Dronov) [RHEL-38546 RHEL-35816]
* Fri Jun 14 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.23.1.el9_4]
  - net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-34050 RHEL-30492] {CVE-2023-52626}
  - blk-mq: add helper for checking if one CPU is mapped to specified hctx (Ming Lei) [RHEL-38595 RHEL-36684]
  - net/sched: flower: Add lock protection when remove filter handle (Petr Oros) [RHEL-35672 RHEL-33379]
  - Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-33913 RHEL-31828] {CVE-2024-26801}
  - net: hns3: do not allow call hns3_nic_net_open repeatedly (Jose Ignacio Tornos Martinez) [RHEL-38933 RHEL-37707] {CVE-2021-47400}
  - tmpfs: fix Documentation of noswap and huge mount options (Nico Pache) [RHEL-38252 RHEL-31975]
  - shmem: add support to ignore swap (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: update documentation (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: skip page split if we're not reclaiming (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: move reclaim check early on writepages() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: set shmem_writepage() variables early (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: remove check for folio lock on writepage() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - ice: Add automatic VF reset on Tx MDD events (Petr Oros) [RHEL-39083 RHEL-36317]
  - net/ipv6: SKB symmetric hash should incorporate transport ports (Ivan Vecera) [RHEL-37641 RHEL-36218]
  - ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix missing sk_buff release in seg6_input_core (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix invalid unregister error path (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: add missing seg6_local_exit (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - block: fix q->blkg_list corruption during disk rebind (Ming Lei) [RHEL-36687 RHEL-33577]
  - ice: fix uninitialized dplls mutex usage (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix pin phase adjust updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll periodic work data updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll and dpll_pin data access on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll input pin phase_adjust value updates (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix connection state of DPLL and out pin (Petr Oros) [RHEL-36716 RHEL-36283]
  - redhat: remove the merge subtrees script (Derek Barbosa)
  - redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
  - redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
  - net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-38954 RHEL-37422] {CVE-2024-35960}
  - smb: client: fix UAF in smb2_reconnect_server() (Jay Shin) [RHEL-28943 RHEL-40177 RHEL-37273 RHEL-7986] {CVE-2024-35870}
  - smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (Jay Shin) [RHEL-28943 RHEL-31245]
  - RHEL: enable CONFIG_AMD_ATL (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
  - EDAC/amd64: Use new AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
  - RAS: Introduce AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
* Mon Jun 10 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.22.1.el9_4]
  - dpll: fix dpll_pin_on_pin_register() for multiple parent pins (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: indent DPLL option type by a tab (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix dpll_xa_ref_*_del() for multiple registrations (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: spec: use proper enum for pin capabilities attribute (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: move all dpll<>netdev helpers to dpll code (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix build failure due to rcu_dereference_check() on unknown type (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: rely on rcu for netdev_dpll_pin() (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix possible deadlock during netlink dump operation (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: check that pin is registered in __dpll_pin_unregister() (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: move xa_erase() call in to match dpll_pin_alloc() error path order (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: expose fractional frequency offset value to user (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: allocate pin ids in cycle (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: remove leftover mode_supported() op and use mode_get() instead (Petr Oros) [RHEL-36572 RHEL-32098]
  - Documentation: dpll: wrap DPLL_CMD_PIN_GET output in a code block (Petr Oros) [RHEL-36572 RHEL-32098]
  - Documentation: dpll: Fix code blocks (Petr Oros) [RHEL-36572 RHEL-32098]
  - MAINTAINERS: adjust header file entry in DPLL SUBSYSTEM (Petr Oros) [RHEL-36572 RHEL-32098]
  - netdev: Remove unneeded semicolon (Petr Oros) [RHEL-36572 RHEL-32098]
  - netlink: add variable-length / auto integers (Petr Oros) [RHEL-36572 RHEL-30145]
  - netlink: allow be16 and be32 types in all uint policy checks (Ivan Vecera) [RHEL-36572 RHEL-30656]
  - net: netlink: recommend policy range validation (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - netlink: add nla be16/32 types to minlen array (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - netlink: introduce bigendian integer types (Michal Schmidt) [RHEL-36572 RHEL-30344]
  - netlink: introduce NLA_POLICY_MAX_BE (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - ice: use irq_update_affinity_hint() (Michal Schmidt) [RHEL-38512 RHEL-35293]
  - x86/tsc: Defer marking TSC unstable to a worker (Wander Lairson Costa) [RHEL-9296 RHEL-19514]
  - x86/smpboot: Make TSC synchronization function call based (David Arcari) [RHEL-9296 RHEL-19514]
  - Bluetooth: hci_core: Remove le_restart_scan work (David Marlin) [RHEL-38524 RHEL-30099]
  - hwmon: (coretemp) Enlarge per package core count limit (David Arcari) [RHEL-35447 RHEL-22705]
  - hwmon: (coretemp) Fix bogus core_id to attr name mapping (David Arcari) [RHEL-35447 RHEL-22705]
  - hwmon: (coretemp) Fix out-of-bounds memory access (David Arcari) [RHEL-35447 RHEL-22705]
  - perf: arm_cspmu: Reject events meant for other PMUs (Michael Petlan) [RHEL-34991 RHEL-25824]
  - smb: client: refresh referral without acquiring refpath_lock (Jay Shin) [RHEL-38904 RHEL-7986]
  - smb: client: guarantee refcounted children from parent session (Jay Shin) [RHEL-38904 RHEL-7986]
  - smb3: show beginning time for per share stats (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: fix mount when dns_resolver key is not available (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: get rid of dfs code dep in namespace.c (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: get rid of dfs naming in automount code (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: rename cifs_dfs_ref.c to namespace.c (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: ensure to try all targets when finding nested links (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: introduce DFS_CACHE_TGT_LIST() (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: remove redundant pointer 'server' (Jay Shin) [RHEL-38904 RHEL-28739]
  - smb: client: fix parsing of source mount option (Jay Shin) [RHEL-38904 RHEL-28739]
  - integrity: eliminate unnecessary "Problem loading X.509 certificate" msg (Coiby Xu) [RHEL-39933 RHEL-12346]
* Mon Jun 03 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.21.1.el9_4]
  - drm/i915/display: Increase number of fast wake precharge pulses (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - drm/i915/psr: Improve fast and IO wake lines calculation (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - drm/i915/display: Make intel_dp_aux_fw_sync_len available for PSR code (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - smb: client: improve DFS mount check (Jay Shin) [RHEL-36743 RHEL-28739]
  - net: mana: Fix Rx DMA datasize and skb_over_panic (Cathy Avery) [RHEL-37622 RHEL-9872]
* Thu May 23 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.20.1.el9_4]
  - ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-33968 RHEL-31732] {CVE-2024-26735}
  - idpf: fix kernel panic on unknown packet types (Michal Schmidt) [RHEL-36145 RHEL-29035]
  - idpf: refactor some missing field get/prep conversions (Michal Schmidt) [RHEL-36145 RHEL-29035]
  - PCI: Fix pci_rh_check_status() call semantics (Luiz Capitulino) [RHEL-36541 RHEL-35032]
  - cxgb4: Properly lock TX queue for the selftest. (John B. Wyatt IV) [RHEL-36530 RHEL-31990 RHEL-9354]
* Mon May 20 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.19.1.el9_4]
  - x86/mce: Cleanup mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - x86/mce: Define amd_mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - x86/MCE/AMD: Split amd_mce_is_memory_error() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - fs: sysfs: Fix reference leak in sysfs_break_active_protection() (Ewan D. Milne) [RHEL-35302 RHEL-35078] {CVE-2024-26993}
* Mon May 13 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.18.1.el9_4]
  - netfilter: nf_tables: disallow anonymous set with timeout flag (Phil Sutter) [RHEL-32971 RHEL-30082] {CVE-2024-26642}
  - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (Phil Sutter) [RHEL-33070 RHEL-30078] {CVE-2024-26643}
  - netfilter: nft_ct: fix l3num expectations with inet pseudo family (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673}
  - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673}
  - arm64: tlb: Fix TLBI RANGE operand (Shaoqin Huang) [RHEL-33412 RHEL-26259]
  - arm64/mm: Modify range-based tlbi to decrement scale (Shaoqin Huang) [RHEL-33412 RHEL-26259]
  - rh_messages.h: mark mlx5 on Bluefield-3 as unmaintained (Scott Weaver) [RHEL-35878 RHEL-33061]
  - net: ip_tunnel: prevent perpetual headroom growth (Guillaume Nault) [RHEL-33934 RHEL-31816] {CVE-2024-26804}
  - gitlab-ci: use zstream builder container image (Michael Hofmann)
  - selftests: net: gro fwd: update vxlan GRO test expectations (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: prevent local UDP tunnel packets from being GROed (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: do not transition UDP GRO fraglist partial checksums to unnecessary (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - gro: fix ownership transfer (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - bpf, tcx: Get rid of tcx_link_const (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add additional mprog query test coverage (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Make seen_tc* variable tests more robust (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Test query on empty mprog and pass revision into attach (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Adapt assert_mprog_count to always expect 0 count (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Test bpf_mprog query API via libbpf and raw syscall (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftest/bpf: Add various selftests for program limits (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Refuse unused attributes in bpf_prog_{attach,detach} (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Handle bpf_mprog_query with NULL entry (Felix Maurer) [RHEL-33062 RHEL-28590]
  - net: Fix skb consume leak in sch_handle_egress (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add various more tcx test cases (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add test for detachment on empty mprog entry (Felix Maurer) [RHEL-33062 RHEL-28590]
  - tcx: Fix splat during dev unregister (Felix Maurer) [RHEL-33062 RHEL-28590]
  - tcx: Fix splat in ingress_destroy upon tcx_entry_free (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add mprog API tests for BPF tcx links (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add mprog API tests for BPF tcx opts (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Add fd-based tcx multi-prog infra with link support (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpftool: Implement link show support for tcx (Artem Savkov) [RHEL-33062 RHEL-23643]
  - bpftool: Extend net dump with tcx progs (Artem Savkov) [RHEL-33062 RHEL-23643]
  - bpf: fix precision backtracking instruction iteration (Jay Shin) [RHEL-35230 RHEL-23643]
* Tue May 07 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.17.1.el9_4]
  - ceph: switch to use cap_delay_lock for the unlink delay list (Jay Shin) [RHEL-33003 RHEL-32997]
  - ceph: remove useless session parameter for check_caps() (Xiubo Li) [RHEL-33003 RHEL-19813]
  - ceph: flush the dirty caps immediatelly when quota is approaching (Xiubo Li) [RHEL-33003 RHEL-19813]
  - vhost: Add smp_rmb() in vhost_enable_notify() (Gavin Shan) [RHEL-31839 RHEL-26104]
  - vhost: Add smp_rmb() in vhost_vq_avail_empty() (Gavin Shan) [RHEL-31839 RHEL-26104]
  - iommu/vt-d: Support enforce_cache_coherency only for empty domains (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Add MTL to quirk list to skip TE disabling (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Make context clearing consistent with context mapping (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Disable PCI ATS in legacy passthrough mode (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Omit devTLB invalidation requests when TES=0 (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - PCI/MSI: Prevent MSI hardware interrupt number truncation (Myron Stowe) [RHEL-33656 RHEL-21453]
* Fri Apr 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.16.1.el9_4]
  - memory: tegra: Skip SID programming if SID registers aren't set (Robert Foss) [RHEL-32675 RHEL-23656]
  - memory: tegra: Add SID override programming for MC clients (Robert Foss) [RHEL-32675 RHEL-23656]
  - iommu: Don't reserve 0-length IOVA region (Robert Foss) [RHEL-32675 RHEL-23656]
* Fri Apr 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.15.1.el9_4]
  - ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - ice: avoid the PTP hardware semaphore in gettimex64 path (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - ice: add ice_adapter for shared data across PFs on the same NIC (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - crypto: iaa - mark tech preview (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix nr_cpus < nr_iaa case (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix comp/decomp delay statistics (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix async_disable descriptor leak (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Remove header table code (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Laurent Vivier) [RHEL-32716 RHEL-31381]
  - x86/sev: Harden #VC instruction emulation somewhat (Vitaly Kuznetsov) [RHEL-30030 RHEL-30031] {CVE-2024-25743 CVE-2024-25742}
* Fri Apr 12 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.14.1.el9_4]
  - crypto: dh - implement FIPS PCT (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - crypto: tcrypt - add ffdhe2048(dh) test (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - crypto: dh - Make public key test FIPS-only (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - printk: allow disabling printk per-console device kthreads at boot (Luis Claudio R. Goncalves) [RHEL-30678 RHEL-17709]
  - mm, vmscan: remove ISOLATE_UNMAPPED (Nico Pache) [RHEL-29235 RHEL-28667]
  - trace-vmscan-postprocess: sync with tracepoints updates (Nico Pache) [RHEL-29235 RHEL-28667]
  - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: skip special VMAs in lru_gen_look_around() (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: reclaim offlined memcgs harder (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: try to stop at high watermarks (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: fix underprotected page cache (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: reuse some legacy trace events (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: improve design doc (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: clean up sysfs code (Nico Pache) [RHEL-29235 RHEL-28667]
  - cpu/hotplug: Do not bail-out in DYING/STARTING sections (David Arcari) [RHEL-29673 RHEL-19514]
  - crypto: akcipher - Disable signing and decryption (Herbert Xu) [RHEL-29079 RHEL-17113] {CVE-2023-6240}
* Wed Apr 10 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.13.1.el9_4]
  - ice: fix enabling RX VLAN filtering (Petr Oros) [RHEL-28837]
* Fri Apr 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.12.1.el9_4]
  - mm/sparsemem: fix race in accessing memory_section->usage (Waiman Long) [RHEL-28877 RHEL-28878] {CVE-2023-52489}
  - Revert "[redhat] kabi: add symbol __scsi_execute to stablelist" (Ewan D. Milne) [RHEL-30725]
* Wed Apr 03 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.11.1.el9_4]
  - xfs: fix SEEK_HOLE/DATA for regions with active COW extents (Bill O'Donnell) [RHEL-29365]
* Tue Apr 02 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.10.1.el9_4]
  - NFS: remove sync_mode test from nfs_writepage_locked() (Jeffrey Layton) [RHEL-28630]
  - nfs: Remove writepage (Jeffrey Layton) [RHEL-28630]
* Mon Apr 01 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.9.1.el9_4]
  - blk-mq: don't schedule block kworker on isolated CPUs (Ming Lei) [RHEL-13920]
* Tue Mar 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.8.1.el9_4]
  - dm-integrity: align the outgoing bio in integrity_recheck (Benjamin Marzinski) [RHEL-29679]
  - dm-integrity: fix a memory leak when rechecking the data (Benjamin Marzinski) [RHEL-29679]
  - NFSv4: fairly test all delegations on a SEQ4_ revocation (Benjamin Coddington) [RHEL-7976]
* Mon Mar 25 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.7.1.el9_4]
  - NFS: Read unlock folio on nfs_page_create_from_folio() error (Benjamin Coddington) [RHEL-18029]
  - i40e: Fix VF MAC filter removal (Ivan Vecera) [RHEL-15701]
  - i40e: Fix firmware version comparison function (Ivan Vecera) [RHEL-15701]
  - i40e: disable NAPI right after disabling irqs when handling xsk_pool (Ivan Vecera) [RHEL-15701]
  - i40e: take into account XDP Tx queues when stopping rings (Ivan Vecera) [RHEL-15701]
  - i40e: avoid double calling i40e_pf_rxq_wait() (Ivan Vecera) [RHEL-15701]
  - i40e: Fix wrong mask used during DCB config (Ivan Vecera) [RHEL-15701]
  - i40e: Fix waiting for queues of all VSIs to be disabled (Ivan Vecera) [RHEL-15701]
  - i40e: Do not allow untrusted VF to remove administratively set MAC (Ivan Vecera) [RHEL-15701]
  - net: intel: fix old compiler regressions (Ivan Vecera) [RHEL-15701]
  - i40e: update xdp_rxq_info::frag_size for ZC enabled Rx queue (Ivan Vecera) [RHEL-15701]
  - i40e: set xdp_rxq_info::frag_size (Ivan Vecera) [RHEL-15701]
  - intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers (Ivan Vecera) [RHEL-15701]
  - i40e: handle multi-buffer packets that are shrunk by xdp prog (Ivan Vecera) [RHEL-15701]
  - i40e: Include types.h to some headers (Ivan Vecera) [RHEL-15701]
  - i40e: Restore VF MSI-X state during PCI reset (Ivan Vecera) [RHEL-15701]
  - i40e: fix use-after-free in i40e_aqc_add_filters() (Ivan Vecera) [RHEL-15701]
  - i40e: Avoid unnecessary use of comma operator (Ivan Vecera) [RHEL-15701]
  - i40e: Fix VF disable behavior to block all traffic (Ivan Vecera) [RHEL-15701]
  - i40e: Fix filter input checks to prevent config with invalid values (Ivan Vecera) [RHEL-15701]
  - i40e: field get conversion (Ivan Vecera) [RHEL-15701]
  - i40e: field prep conversion (Ivan Vecera) [RHEL-15701]
  - intel: add bit macro includes where needed (Ivan Vecera) [RHEL-15701]
  - i40e: remove fake support of rx-frames-irq (Ivan Vecera) [RHEL-15701]
  - i40e: Fix ST code value for Clause 45 (Ivan Vecera) [RHEL-15701]
  - i40e: Fix unexpected MFS warning message (Ivan Vecera) [RHEL-15701]
  - i40e: Remove queue tracking fields from i40e_adminq_ring (Ivan Vecera) [RHEL-15701]
  - i40e: Remove AQ register definitions for VF types (Ivan Vecera) [RHEL-15701]
  - i40e: Delete unused and useless i40e_pf fields (Ivan Vecera) [RHEL-15701]
  - i40e: Fix adding unsupported cloud filters (Ivan Vecera) [RHEL-15701]
  - i40e: Delete unused i40e_mac_info fields (Ivan Vecera) [RHEL-15701]
  - i40e: Move inline helpers to i40e_prototype.h (Ivan Vecera) [RHEL-15701]
  - i40e: Remove VF MAC types (Ivan Vecera) [RHEL-15701]
  - i40e: Use helpers to check running FW and AQ API versions (Ivan Vecera) [RHEL-15701]
  - i40e: Add other helpers to check version of running firmware and AQ API (Ivan Vecera) [RHEL-15701]
  - i40e: Move i40e_is_aq_api_ver_ge helper (Ivan Vecera) [RHEL-15701]
  - i40e: Initialize hardware capabilities at single place (Ivan Vecera) [RHEL-15701]
  - i40e: Consolidate hardware capabilities (Ivan Vecera) [RHEL-15701]
  - i40e: Use DECLARE_BITMAP for flags field in i40e_hw (Ivan Vecera) [RHEL-15701]
  - i40e: Use DECLARE_BITMAP for flags and hw_features fields in i40e_pf (Ivan Vecera) [RHEL-15701]
  - i40e: Remove _t suffix from enum type names (Ivan Vecera) [RHEL-15701]
  - i40e: Remove unused flags (Ivan Vecera) [RHEL-15701]
  - i40e: add an error code check in i40e_vsi_setup (Ivan Vecera) [RHEL-15701]
  - i40e: increase max descriptors for XL710 (Ivan Vecera) [RHEL-15701]
  - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (Ivan Vecera) [RHEL-15701]
  - i40e: sync next_to_clean and next_to_process for programming status desc (Ivan Vecera) [RHEL-15701]
  - i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: remove count_mask (Ivan Vecera) [RHEL-15701]
  - i40e: use scnprintf over strncpy+strncat (Ivan Vecera) [RHEL-15701]
  - intel: fix format warnings (Ivan Vecera) [RHEL-15701]
  - i40e: Refactor and rename i40e_read_pba_string() (Ivan Vecera) [RHEL-15701]
  - i40e: Split and refactor i40e_nvm_version_str() (Ivan Vecera) [RHEL-15701]
  - i40e: prevent crash on probe if hw registers have invalid values (Ivan Vecera) [RHEL-15701]
  - i40e: Move DDP specific macros and structures to i40e_ddp.c (Ivan Vecera) [RHEL-15701]
  - i40e: Remove circular header dependencies and fix headers (Ivan Vecera) [RHEL-15701]
  - i40e: Split i40e_osdep.h (Ivan Vecera) [RHEL-15701]
  - i40e: Move memory allocation structures to i40e_alloc.h (Ivan Vecera) [RHEL-15701]
  - i40e: Simplify memory allocation functions (Ivan Vecera) [RHEL-15701]
  - i40e: Refactor I40E_MDIO_CLAUSE* macros (Ivan Vecera) [RHEL-15701]
  - i40e: Move I40E_MASK macro to i40e_register.h (Ivan Vecera) [RHEL-15701]
  - i40e: Remove back pointer from i40e_hw structure (Ivan Vecera) [RHEL-15701]
  - i40e: Add rx_missed_errors for buffer exhaustion (Ivan Vecera) [RHEL-15701]
  - net: Tree wide: Replace xdp_do_flush_map() with xdp_do_flush(). (Ivan Vecera) [RHEL-15701]
  - i40e: fix potential memory leaks in i40e_remove() (Ivan Vecera) [RHEL-15701]
  - i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (Ivan Vecera) [RHEL-15701]
  - i40e: fix misleading debug logs (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_profile_aq_section (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_section_table (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_profile_segment (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_package_header (Ivan Vecera) [RHEL-15701]
  - i40e: Remove unused function declarations (Ivan Vecera) [RHEL-15701]
  - i40e: remove i40e_status (Ivan Vecera) [RHEL-15701]
  - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: add TX multi-buffer support (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: add RX multi-buffer support (Ivan Vecera) [RHEL-15701]
  - i40e, xsk: fix comment typo (Ivan Vecera) [RHEL-15701]
  - i40e: remove unnecessary check for old MAC == new MAC (Ivan Vecera) [RHEL-15701]
  - i40e: fix i40e_setup_misc_vector() error handling (Ivan Vecera) [RHEL-15701]
  - i40e: fix accessing vsi->active_filters without holding lock (Ivan Vecera) [RHEL-15701]
  - i40e: Add support for VF to specify its primary MAC address (Ivan Vecera) [RHEL-15701]
  - i40e: fix registers dump after run ethtool adapter self test (Ivan Vecera) [RHEL-15701]
  - i40e: fix flow director packet filter programming (Ivan Vecera) [RHEL-15701]
  - i40e: add support for XDP multi-buffer Rx (Ivan Vecera) [RHEL-15701]
  - i40e: add xdp_buff to i40e_ring struct (Ivan Vecera) [RHEL-15701]
  - i40e: introduce next_to_process to i40e_ring (Ivan Vecera) [RHEL-15701]
  - i40e: use frame_sz instead of recalculating truesize for building skb (Ivan Vecera) [RHEL-15701]
  - i40e: Change size to truesize when using i40e_rx_buffer_flip() (Ivan Vecera) [RHEL-15701]
  - i40e: add pre-xdp page_count in rx_buffer (Ivan Vecera) [RHEL-15701]
  - i40e: change Rx buffer size for legacy-rx to support XDP multi-buffer (Ivan Vecera) [RHEL-15701]
  - i40e: consolidate maximum frame size calculation for vsi (Ivan Vecera) [RHEL-15701]
  - i40e: check vsi type before setting xdp_features flag (Ivan Vecera) [RHEL-15701]
  - drivers: net: turn on XDP features (Ivan Vecera) [RHEL-15701]
  - i40e: add xdp frags support to ndo_xdp_xmit (Ivan Vecera) [RHEL-15701]
  - dmaengine: idxd: Ensure safe user copy of completion record (Jerry Snitselaar) [RHEL-28511]
  - dmaengine: idxd: Remove shadow Event Log head stored in idxd (Jerry Snitselaar) [RHEL-28511]
  - dmaengine: idxd: Move dma_free_coherent() out of spinlocked context (Jerry Snitselaar) [RHEL-28511]
* Thu Mar 21 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.6.1.el9_4]
  - IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (Daniel Vacek) [RHEL-26063]
  - ASoC: Intel: soc-acpi: rt713+rt1316, no sdw-dmic config (Jaroslav Kysela) [RHEL-26456]
  - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Maxim Levitsky) [RHEL-26435]
  - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Maxim Levitsky) [RHEL-26435]
  - mlxsw: spectrum_acl_tcam: Fix stack corruption (Ivan Vecera) [RHEL-26463 RHEL-26465] {CVE-2024-26586}
* Tue Mar 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.5.1.el9_4]
  - i2c: i801: Fix block process call transactions (David Arcari) [RHEL-26479 RHEL-26481] {CVE-2024-26593}
  - sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23428 RHEL-23429] {CVE-2024-26602}
* Fri Mar 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.4.1.el9_4]
  - redhat/configs: enable pwr-mlxbf (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: support graceful reboot instead of emergency reset (Nirmala Dalvi) [RHEL-21119]
  - power: reset: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: change rst_pwr_hid and low_pwr_hid from global to local variables (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: add missing include (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: add BlueField SoC power control driver (Nirmala Dalvi) [RHEL-21119]
  - redhat/configs: enable pinctrl_mlxbf3 This driver is required to support the pinctrl device on the Bluefield-3 card. (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: Remove gpio_disable_free() (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: set varaiable mlxbf3_pmx_funcs storage-class-specifier to static (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: Add pinctrl driver support (Nirmala Dalvi) [RHEL-21115]
  - redhat/configs: enable gpio_mlxbf3 (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: add an error code check in mlxbf3_gpio_probe (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: Support add_pin_ranges() (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: Add gpio driver support (Nirmala Dalvi) [RHEL-21113]
  - redhat/configs: enable mlxbf-pmc (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix offset calculation for crspace events (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: Check devm_hwmon_device_register_with_groups() return value (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: Add null pointer checks for devm_kasprintf() (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Add support for BlueField-3 (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix reading of unprogrammed events (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix potential buffer overflows (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: fix sscanf() error checking (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: fix kernel-doc notation (Luiz Capitulino) [RHEL-21122]
  - SUNRPC: Remove stale comments (Jeffrey Layton) [RHEL-22860]
  - NFSD: Remove BUG_ON in nfsd4_process_cb_update() (Jeffrey Layton) [RHEL-22860]
  - NFSD: Replace comment with lockdep assertion (Jeffrey Layton) [RHEL-22860]
  - NFSD: Remove unused @reason argument (Jeffrey Layton) [RHEL-22860]
  - NFSD: Add callback operation lifetime trace points (Jeffrey Layton) [RHEL-22860]
  - NFSD: Rename nfsd_cb_state trace point (Jeffrey Layton) [RHEL-22860]
  - NFSD: Replace dprintks in nfsd4_cb_sequence_done() (Jeffrey Layton) [RHEL-22860]
  - NFSD: Add nfsd_seq4_status trace event (Jeffrey Layton) [RHEL-22860]
  - NFSD: Retransmit callbacks after client reconnects (Jeffrey Layton) [RHEL-22860]
  - NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (Jeffrey Layton) [RHEL-22860]
  - NFSD: Convert the callback workqueue to use delayed_work (Jeffrey Layton) [RHEL-22860]
  - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Jeffrey Layton) [RHEL-22860]
  - NFSv4, NFSD: move enum nfs_cb_opnum4 to include/linux/nfs4.h (Jeffrey Layton) [RHEL-22860]
  - tls: fix use-after-free on failed backlog decryption (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: separate no-async decryption request handling from async (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: decrement decrypt_pending if no async completion will be called (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - net: tls: fix use-after-free with partial reads and async decrypt (Sabrina Dubroca) [RHEL-26398 RHEL-26401] {CVE-2024-26582}
  - net: tls: handle backlogging of crypto requests (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: fix race between tx work scheduling and socket close (Sabrina Dubroca) [RHEL-26361 RHEL-26363] {CVE-2024-26585}
  - tls: fix race between async notify and socket close (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - net: tls: factor out tls_*crypt_async_wait() (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - i2c: mlxbf: Use devm_platform_get_and_ioremap_resource() (Luiz Capitulino) [RHEL-21116]
  - I2C: Explicitly include correct DT includes (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Use dev_err_probe in probe function (Luiz Capitulino) [RHEL-21116]
  - i2c: Convert to platform remove callback returning void (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: depend on ACPI; clean away ifdeffage (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: remove device tree support (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: support BlueField-3 SoC (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: add multi slave functionality (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: support lock mechanism (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Fix frequency calculation (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Refactor _UID handling to use acpi_dev_uid_to_integer() (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: remove IRQF_ONESHOT (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: incorrect base address passed during io write (Luiz Capitulino) [RHEL-21116]
* Thu Mar 14 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.3.1.el9_4]
  - SEV: disable SEV-ES DebugSwap by default (Paolo Bonzini) [RHEL-22997]
  - dm-integrity, dm-verity: reduce stack usage for recheck (Benjamin Marzinski) [RHEL-20912]
  - dm-crypt: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-20912]
  - dm-crypt: don't modify the data when using authenticated encryption (Benjamin Marzinski) [RHEL-20912]
  - dm-verity: recheck the hash after a failure (Benjamin Marzinski) [RHEL-20912]
  - dm-integrity: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-20912]
  - tracing/timerlat: Move hrtimer_init to timerlat_fd open() (John Kacur) [RHEL-26665]
  - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (Andrew Price) [RHEL-26500 RHEL-26502] {CVE-2023-52448}
  - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-15843]
  - sunrpc: have svc tasks sleep in TASK_INTERRUPTIBLE instead of TASK_IDLE (Jeffrey Layton) [RHEL-22742]
  - smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-21687 RHEL-21688] {CVE-2024-0565}
  - EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (Aristeu Rozanski) [RHEL-10022]
  - EDAC/mc: Add support for HBM3 memory type (Aristeu Rozanski) [RHEL-10022]
  - x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (Aristeu Rozanski) [RHEL-10022]
  - EDAC/mce_amd: Remove SMCA Extended Error code descriptions (Aristeu Rozanski) [RHEL-10022]
  - x86/mce/amd, EDAC/mce_amd: Move long names to decoder module (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Cache and use GPU node map (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Document heterogeneous system enumeration (Aristeu Rozanski) [RHEL-10022]
  - x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Fix indentation in umc_determine_edac_cap() (Aristeu Rozanski) [RHEL-10022]
  - EDAC: Sanitize MODULE_AUTHOR strings (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Add get_err_info() to pvt->ops (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Split dump_misc_regs() into dct/umc functions (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Split init_csrows() into dct/umc functions (Aristeu Rozanski) [RHEL-10022]
  - EDAC/amd64: Split determine_edac_cap() into dct/umc functions (Aristeu Rozanski) [RHEL-10022]
  - fprobe: Ensure running fprobe_exit_handler() finished before calling rethook_free() (Viktor Malik) [RHEL-26131]
  - fprobe: Release rethook after the ftrace_ops is unregistered (Viktor Malik) [RHEL-26131]
  - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super {CVE-2024-0841} (Audra Mitchell) [RHEL-20615 RHEL-20617] {CVE-2024-0841}
  - smb: client: fix parsing of SMB3.1.1 POSIX create context (Paulo Alcantara) [RHEL-26242 RHEL-26244] {CVE-2023-52434}
  - smb: client: fix potential OOBs in smb2_parse_contexts() (Paulo Alcantara) [RHEL-26242 RHEL-26244] {CVE-2023-52434}
* Mon Mar 11 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.2.1.el9_4]
  - x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (Paolo Bonzini) [RHEL-23426]
  - x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (Paolo Bonzini) [RHEL-23426]
  - x86/boot: Move x86_cache_alignment initialization to correct spot (Paolo Bonzini) [RHEL-23426]
  - x86/sev-es: Set x86_virt_bits to the correct value straight away, instead of a two-phase approach (Paolo Bonzini) [RHEL-23426]
  - KVM: x86: make KVM_REQ_NMI request iff NMI pending for vcpu (Prasad Pandit) [RHEL-2815]
  - drm/tegra: Remove existing framebuffer only if we support display (Robert Foss) [RHEL-26130]
  - Deprecate qla4xxx in RHEL-9 (Chris Leech) [RHEL-1241]
  - dm-bufio: fix no-sleep mode (Benjamin Marzinski) [RHEL-23968]
  - selftests: rtnetlink: add MACsec offload tests (Sabrina Dubroca) [RHEL-24616]
  - netdevsim: add dummy macsec offload (Sabrina Dubroca) [RHEL-24616]
  - selftests: rtnetlink: Make the set of tests to run configurable (Sabrina Dubroca) [RHEL-24616]
* Mon Mar 04 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.1.1.el9_4]
  - config: wifi: enable MT7925E card (Jose Ignacio Tornos Martinez) [RHEL-14693]
  - shmem: support idmapped mounts for tmpfs (Giuseppe Scrivano) [RHEL-23900]
  - iommu/vt-d: Fix incorrect cache invalidation for mm notification (Jerry Snitselaar) [RHEL-26541]
  - mmu_notifiers: rename invalidate_range notifier (Jerry Snitselaar) [RHEL-26541]
  - mmu_notifiers: don't invalidate secondary TLBs as part of mmu_notifier_invalidate_range_end() (Jerry Snitselaar) [RHEL-26541]
  - mmu_notifiers: call invalidate_range() when invalidating TLBs (Jerry Snitselaar) [RHEL-26541]
  - mmu_notifiers: fixup comment in mmu_interval_read_begin() (Jerry Snitselaar) [RHEL-26541]
  - mlxbf_gige: Enable the GigE port in mlxbf_gige_open (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: Fix intermittent no ip issue (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: fix receive packet race condition (Luiz Capitulino) [RHEL-21118]
  - net: ethernet: mellanox: Convert to platform remove callback returning void (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: Remove two unused function declarations (Luiz Capitulino) [RHEL-21118]
  - net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: fix white space in mlxbf_gige_eth_ioctl (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: add "set_link_ksettings" ethtool callback (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: support 10M/100M/1G speeds on BlueField-3 (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: add MDIO support for BlueField-3 (Luiz Capitulino) [RHEL-21118]
  - net/mlxbf_gige: Fix an IS_ERR() vs NULL bug in mlxbf_gige_mdio_probe (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: clear MDIO gateway lock after read (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: compute MDIO period based on i1clk (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: remove own module name define and use KBUILD_MODNAME instead (Luiz Capitulino) [RHEL-21118]
  - net/mlxbf_gige: use eth_zero_addr() to clear mac address (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: remove driver-managed interrupt counts (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: increase MDIO polling rate to 5us (Luiz Capitulino) [RHEL-21118]
  - net: mellanox: mlxbf_gige: Replace non-standard interrupt handling (Luiz Capitulino) [RHEL-21118]
  - mlxbf_gige: clear valid_polarity upon open (Luiz Capitulino) [RHEL-21118]
  - net/mlxbf_gige: Make use of devm_platform_ioremap_resourcexxx() (Luiz Capitulino) [RHEL-21118]
  - redhat: update self-test data (Scott Weaver)
  - redhat: enable zstream release numbering for RHEL 9.4 (Scott Weaver)
  - redhat: set default dist suffix for RHEL 9.4 (Scott Weaver)
* Mon Mar 04 2024 Andrew Lukoshko <alukoshko@almalinux.org> [5.14.0-427.el9]
  - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
  - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
  - qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024
  - qla4xxx: bring back deprecated PCI ids
  - lpfc: bring back deprecated PCI ids
  - be2iscsi: bring back deprecated PCI ids
  - nvme-pci: add BOGUS_NID for Intel 0a54 device
  - kernel/rh_messages.h: empty rh_disabled_pci_devices and rh_unmaintained_pci_devices lists
* Thu Feb 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.el9]
  - scsi: smartpqi: Fix disable_managed_interrupts (Tomas Henzl) [RHEL-26145]
  - redhat/configs: Enable Intel IAA Compression Accelerator for x86 (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Account for cpu-less numa nodes (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - remove unneeded semicolon (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Change desc->priv to 0 (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: Add support for device/wq defaults (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add IAA Compression Accelerator stats (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add irq support for the crypto async interface (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add support for deflate-iaa compression algorithm (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add compression mode management along with fixed mode (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add per-cpu workqueue table with rebalancing (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add Intel IAA Compression Accelerator crypto driver core (Vladis Dronov) [RHEL-20145]
  - crypto: iaa - Add IAA Compression Accelerator Documentation (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: add callback support for iaa crypto (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: Add wq private data accessors (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: Export wq resource management functions (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: Export descriptor management functions (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: Rename drv_enable/disable_wq to idxd_drv_enable/disable_wq, and export (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: add external module driver support for dsa_bus_type (Vladis Dronov) [RHEL-20145]
  - dmaengine: idxd: add wq driver name support for accel-config user tool (Vladis Dronov) [RHEL-20145]
* Thu Feb 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-426.el9]
  - firmware: arm_ffa: Assign the missing IDR allocation ID to the FFA device (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Allow the FF-A drivers to use 32bit mode of messaging (Mark Salter) [RHEL-16037]
  - optee: fix uninited async notif value (Mark Salter) [RHEL-16037]
  - KEYS: trusted: tee: Refactor register SHM usage (Mark Salter) [RHEL-16037]
  - redhat/configs: enable ARM_FFA_TRANSPORT (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Don't set the memory region attributes for MEM_LEND (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Set handle field to zero in memory descriptor (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Set reserved/MBZ fields to zero in the memory descriptors (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Fix FFA device names for logical partitions (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Fix usage of partition info get count flag (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Check if ffa_driver remove is present before executing (Mark Salter) [RHEL-16037]
  - tee: optee: Add SMC for loading OP-TEE image (Mark Salter) [RHEL-16037]
  - optee: add per cpu asynchronous notification (Mark Salter) [RHEL-16037]
  - tee: optee: Fix typo Unuspported -> Unsupported (Mark Salter) [RHEL-16037]
  - tee: amdtee: fix race condition in amdtee_open_session (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Move comment before the field it is documenting (Mark Salter) [RHEL-16037]
  - optee: Add __init/__exit annotations to module init/exit funcs (Mark Salter) [RHEL-16037]
  - tee: optee: fix possible memory leak in optee_register_device() (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Split up ffa_ops into info, message and memory operations (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Set up 32bit execution mode flag using partiion property (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Add v1.1 get_partition_info support (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Rename ffa_dev_ops as ffa_ops (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Make memory apis ffa_device independent (Mark Salter) [RHEL-16037]
  - tee: optee: Drop ffa_ops in optee_ffa structure using ffa_dev->ops directly (Mark Salter) [RHEL-16037]
  - tee: fix compiler warning in tee_shm_register() (Mark Salter) [RHEL-16037]
  - tee: add overflow check in register_shm_helper() (Mark Salter) [RHEL-16037]
  - tee: tee_get_drvdata(): fix description of return value (Mark Salter) [RHEL-16037]
  - optee: Remove duplicate 'of' in two places. (Mark Salter) [RHEL-16037]
  - optee: smc_abi.c: fix wrong pointer passed to IS_ERR/PTR_ERR() (Mark Salter) [RHEL-16037]
  - tee: optee: Pass a pointer to virt_addr_valid() (Mark Salter) [RHEL-16037]
  - tee: optee: Use ffa_dev_get_drvdata to fetch driver_data (Mark Salter) [RHEL-16037]
  - tee: remove flags TEE_IOCTL_SHM_MAPPED and TEE_IOCTL_SHM_DMA_BUF (Mark Salter) [RHEL-16037]
  - tee: remove tee_shm_va2pa() and tee_shm_pa2va() (Mark Salter) [RHEL-16037]
  - optee: cache argument shared memory structs (Mark Salter) [RHEL-16037]
  - optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET (Mark Salter) [RHEL-16037]
  - optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG (Mark Salter) [RHEL-16037]
  - optee: rename rpc_arg_count to rpc_param_count (Mark Salter) [RHEL-16037]
  - tee: make tee_shm_register_kernel_buf vmalloc supported (Mark Salter) [RHEL-16037]
  - tee: combine "config" and "menu" for TEE's menuconfig (Mark Salter) [RHEL-16037]
  - tee: optee: add missing mutext_destroy in optee_ffa_probe (Mark Salter) [RHEL-16037]
  - tee: refactor TEE_SHM_* flags (Mark Salter) [RHEL-16037]
  - tee: replace tee_shm_register() (Mark Salter) [RHEL-16037]
  - KEYS: trusted: tee: use tee_shm_register_kernel_buf() (Mark Salter) [RHEL-16037]
  - tee: add tee_shm_register_{user,kernel}_buf() (Mark Salter) [RHEL-16037]
  - optee: add optee_pool_op_free_helper() (Mark Salter) [RHEL-16037]
  - tee: replace tee_shm_alloc() (Mark Salter) [RHEL-16037]
  - tee: simplify shm pool handling (Mark Salter) [RHEL-16037]
  - tee: add tee_shm_alloc_user_buf() (Mark Salter) [RHEL-16037]
  - tee: remove unused tee_shm_pool_alloc_res_mem() (Mark Salter) [RHEL-16037]
  - hwrng: optee-rng: use tee_shm_alloc_kernel_buf() (Mark Salter) [RHEL-16037]
  - tee: amdtee: Make use of the helper macro LIST_HEAD() (Mark Salter) [RHEL-16037]
  - tee: optee: fix error return code in probe function (Mark Salter) [RHEL-16037]
  - optee: use driver internal tee_context for some rpc (Mark Salter) [RHEL-16037]
  - optee: add error checks in optee_ffa_do_call_with_arg() (Mark Salter) [RHEL-16037]
  - optee: Use bitmap_free() to free bitmap (Mark Salter) [RHEL-16037]
  - optee: Fix NULL but dereferenced coccicheck error (Mark Salter) [RHEL-16037]
  - optee: add asynchronous notifications (Mark Salter) [RHEL-16037]
  - optee: separate notification functions (Mark Salter) [RHEL-16037]
  - tee: export teedev_open() and teedev_close_context() (Mark Salter) [RHEL-16037]
  - tee: fix put order in teedev_close_context() (Mark Salter) [RHEL-16037]
  - optee: Suppress false positive kmemleak report in optee_handle_rpc() (Mark Salter) [RHEL-16037]
  - tee: amdtee: fix an IS_ERR() vs NULL bug (Mark Salter) [RHEL-16037]
  - optee: fix kfree NULL pointer (Mark Salter) [RHEL-16037]
  - optee: Fix spelling mistake "reclain" -> "reclaim" (Mark Salter) [RHEL-16037]
  - optee: add FF-A support (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Add ffa_dev_get_drvdata helper function (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Use FFA_FEATURES to detect if native versions are supported (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Add support for querying FF-A features (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Remove ffa_dev_ops_get() (Mark Salter) [RHEL-16037]
  - firmware: arm_ffa: Add pointer to the ffa_dev_ops in struct ffa_dev (Mark Salter) [RHEL-16037]
  - PCI: Fix active state requirement in PME polling (Alex Williamson) [RHEL-25125]
* Wed Feb 21 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-425.el9]
  - cgroup/cpuset: Include isolated cpuset CPUs in cpu_is_isolated() check (Waiman Long) [RHEL-21798]
  - cgroup/cpuset: Expose cpuset.cpus.isolated (Waiman Long) [RHEL-21798]
  - cgroup/cpuset: Take isolated CPUs out of workqueue unbound cpumask (Waiman Long) [RHEL-21798]
  - cgroup/cpuset: Keep track of CPUs in isolated partitions (Waiman Long) [RHEL-21798]
  - selftests/cgroup: Minor code cleanup and reorganization of test_cpuset_prs.sh (Waiman Long) [RHEL-21798]
  - workqueue: Move workqueue_set_unbound_cpumask() and its helpers inside CONFIG_SYSFS (Waiman Long) [RHEL-21798]
  - workqueue: Add workqueue_unbound_exclude_cpumask() to exclude CPUs from wq_unbound_cpumask (Waiman Long) [RHEL-21798]
  - workqueue: Make sure that wq_unbound_cpumask is never empty (Waiman Long) [RHEL-21798]
  - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() (Waiman Long) [RHEL-21798]
  - workqueue: add cmdline parameter `workqueue.unbound_cpus` to further constrain wq_unbound_cpumask at boot time (Waiman Long) [RHEL-21798]
  - ovl: mark xwhiteouts directory with overlay.opaque='x' (Alexander Larsson) [RHEL-25807]
  - ovl: Add documentation on nesting of overlayfs mounts (Alexander Larsson) [RHEL-25807]
  - Enable CONFIG_PWRSEQ_{SIMPLIE,EMMC} on aarch64 (Charles Mirabile) [RHEL-21062]
  - mmc: pwrseq: Convert to platform remove callback returning void (Charles Mirabile) [RHEL-21062]
  - mmc: pwrseq_simple: Convert to platform remove callback returning void (Charles Mirabile) [RHEL-21062]
  - mmc: pwrseq_simple: include deferred probe reasons (Charles Mirabile) [RHEL-21062]
  - mmc: pwrseq: Use bitmap_free() to free bitmap (Charles Mirabile) [RHEL-21062]
  - crypto: ccp - fix memleak in ccp_init_dm_workarea (Vladis Dronov) [RHEL-14851]
  - crypto: ccp/sp - Convert to platform remove callback returning void (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Dump SEV command buffer registers on SEV command error (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for DBC over PSP mailbox (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add a macro to check capabilities register (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add a communication path abstraction for DBC (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for extended PSP mailbox commands (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Move direct access to some PSP registers out of TEE (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Get a free page to use while fetching initial nonce (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for getting and setting DBC parameters (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for setting user ID for dynamic boost control (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for fetching a nonce for dynamic boost control (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - move setting PSP master to earlier in the init (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add bootloader and TEE version offsets (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Add support for displaying PSP firmware versions (Vladis Dronov) [RHEL-14851]
  - crypto: ccp - Rename macro for security attributes (Vladis Dronov) [RHEL-14851]
  - sched/core: Make sched_setaffinity() always return -EINVAL on empty cpumask (Waiman Long) [RHEL-21440]
  - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Charles Mirabile) [RHEL-24020]
  - bpf: sockmap, updating the sg structure should also update curr (Felix Maurer) [RHEL-21459]
  - bpf, x64: Fix tailcall infinite loop (Felix Maurer) [RHEL-21459]
  - tty: n_gsm: initialize more members at gsm_alloc_mux() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix race condition in gsmld_write() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix resource allocation order in gsm_activate_mux() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix race condition in status line change on dead connections (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix flow control handling in tx path (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix NULL pointer access due to DLCI release (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: name the debug bits (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: replace use of gsm_read_ea() with gsm_read_ea_val() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong signal octets encoding in MSC (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong modem processing in convergence layer type 2 (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix user open not possible at responder until initiator open (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Delete gsmtty open SABM frame when config requester (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix deadlock and link starvation in outgoing data path (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix non flow control frames during mux flow off (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix reset fifo race condition (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix missing explicit ldisc flush (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix deadlock in gsmtty_open() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Modify CR,PF bit printk info when config requester (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix SW flow control encoding/handling (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: add parameters used with parameter negotiation (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong command retry handling (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: introduce macro for minimal unit size (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix insufficient txframe size (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: introduce gsm_control_command() function (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix invalid use of MSC in advanced option (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong command frame length field encoding (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong tty control line for flow control (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix missing timer to handle stalled links (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: add parameter negotiation support (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix tty registration before control channel open (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix software flow control handling (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Fix packet data hex dump output (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Don't ignore write return value in gsmld_output() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: name gsm tty device minors (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: stop using alloc_tty_driver (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: don't store semi-state into tty drivers (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - hvsi: don't panic on tty_register_driver failure (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - amiserial: switch rs_table to a single state (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - amiserial: expand "custom" (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - amiserial: remove serial_* strings (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - amiserial: use memset to zero serial_state (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix encoding of command/response bit (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix broken virtual tty handling (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix missing update of modem controls after DLCI open (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix frame reception handling (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: clean up indenting in gsm_queue() (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Save dlci address open status when config requester (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Modify CR,PF bit when config requester (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix UAF in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix wrong DLCI release order (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix mux cleanup after unregister tty device (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix decoupled mux resource (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: fix restart handling via CLD command (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - tty: n_gsm: Modify gsmtty driver register method when config requester (Wander Lairson Costa) [RHEL-19959 RHEL-19971] {CVE-2023-6546}
  - config: wifi: enable RTL 8852CE card (Jose Ignacio Tornos Martinez) [RHEL-22603]
* Mon Feb 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-424.el9]
  - tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) [RHEL-21839]
  - Revert "efi/arm64: libstub: avoid SetVirtualAddressMap() when possible" (Paolo Bonzini) [RHEL-23382]
  - Revert "arm64: efi: Force the use of SetVirtualAddressMap() on Altra machines" (Paolo Bonzini) [RHEL-23382]
  - Revert "arm64: efi: Force the use of SetVirtualAddressMap() on eMAG and Altra Max machines" (Paolo Bonzini) [RHEL-23382]
  - Revert "arm64: efi: Use SMBIOS processor version to key off Ampere quirk" (Paolo Bonzini) [RHEL-23382]
  - Revert "efi/libstub: smbios: Drop unused 'recsize' parameter" (Paolo Bonzini) [RHEL-23382]
  - crypto: rsa - restrict plaintext/ciphertext values more (Vladis Dronov) [RHEL-24869]
  - crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-24869]
  - crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-24869]
  - dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-23572]
  - dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-23572]
  - dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-23572]
  - netfilter: nf_tables: bail out on mismatching dynset and set expressions (Florian Westphal) [RHEL-19016 RHEL-19017] {CVE-2023-6622}
  - memory: tegra: Add Tegra234 clients for RCE and VI (Joel Slebodnick) [RHEL-16714]
  - cpufreq: tegra194: remove redundant AND with cpu_online_mask (Joel Slebodnick) [RHEL-16714]
  - cpufreq: tegra194: use refclk delta based loop instead of udelay (Joel Slebodnick) [RHEL-16714]
  - cpufreq: tegra194: save CPU data to avoid repeated SMP calls (Joel Slebodnick) [RHEL-16714]
  - i2c: tegra: Fix i2c-tegra DMA config option processing (Joel Slebodnick) [RHEL-16714]
  - i2c: tegra: Fix failure during probe deferral cleanup (Joel Slebodnick) [RHEL-16714]
  - firmware: tegra: bpmp: Add support for DRAM MRQ GSCs (Joel Slebodnick) [RHEL-16714]
  - gpio: tegra186: Check PMC driver status before any request (Joel Slebodnick) [RHEL-16714]
  - soc/tegra: fuse: Fix Tegra234 fuse size (Joel Slebodnick) [RHEL-16714]
  - soc/tegra: pmc: Add AON SW Wake support for Tegra234 (Joel Slebodnick) [RHEL-16714]
  - gpio: tegra186: Check GPIO pin permission before access. (Joel Slebodnick) [RHEL-16714]
  - soc/tegra: fuse: Add support for Tegra264 (Joel Slebodnick) [RHEL-16714]
  - soc/tegra: bpmp: Actually free memory on error path (Joel Slebodnick) [RHEL-16714]
  - firmware: tegra: bpmp: Fix error paths in debugfs (Joel Slebodnick) [RHEL-16714]
  - netfilter: nf_tables: check if catch-all set element is active in next generation (Florian Westphal) [RHEL-23505 RHEL-23511] {CVE-2024-1085}
  - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-23502 RHEL-23508] {CVE-2024-1086}
  - RHEL: re-enable CONFIG_TCP_CONG_ILLINOIS (Davide Caratti) [RHEL-5736]
  - KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test (Eric Auger) [RHEL-16671 RHEL-24620]
  - KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (Eric Auger) [RHEL-24620]
  - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache (Eric Auger) [RHEL-24620]
  - KVM: arm64: vgic-v3: Reinterpret user ISPENDR writes as I{C,S}PENDR (Eric Auger) [RHEL-24620]
  - KVM: arm64: vgic: Use common accessor for writes to ICPENDR (Eric Auger) [RHEL-24620]
  - KVM: arm64: vgic: Use common accessor for writes to ISPENDR (Eric Auger) [RHEL-24620]
  - KVM: arm64: vgic-v4: Restore pending state on host userspace write (Eric Auger) [RHEL-24620]
  - KVM: arm64: Update and fix FGT register masks (Eric Auger) [RHEL-24620]
  - IB: Use capital "OR" for multiple licenses in SPDX (Izabela Bakollari) [RHEL-10363]
  - RDMA/rdmavt: Delete unnecessary NULL check (Izabela Bakollari) [RHEL-10363]
  - IB/rdmavt: Fix target union member for rvt_post_one_wr() (Izabela Bakollari) [RHEL-10363]
  - ice: add CGU info to devlink info callback (Petr Oros) [RHEL-22620]
  - nvme: start keep-alive after admin queue setup (Maurizio Lombardi) [RHEL-25203]
  - perf list: Fix JSON segfault by setting the used skip_duplicate_pmus callback (Michael Petlan) [RHEL-17626]
  - libbpf: Use OPTS_SET() macro in bpf_xdp_query() (Viktor Malik) [RHEL-24445]
  - ovl: remove privs in ovl_fallocate() (Miklos Szeredi) [RHEL-17368]
  - ovl: remove privs in ovl_copyfile() (Miklos Szeredi) [RHEL-17368]
  - nvme-host: fix the updating of the firmware version (Maurizio Lombardi) [RHEL-25086]
  - devlink: Expose port function commands to control IPsec packet offloads (Petr Oros) [RHEL-24425]
  - devlink: Expose port function commands to control IPsec crypto offloads (Petr Oros) [RHEL-24425]
* Fri Feb 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-423.el9]
  - Bluetooth: Add support for Gale Peak (8087:0036) (Jose Ignacio Tornos Martinez) [RHEL-24999]
  - Bluetooth: btintel: Add support for Gale Peak (Jose Ignacio Tornos Martinez) [RHEL-24999]
  - mlxbf-bootctl: correctly identify secure boot with development keys (Luiz Capitulino) [RHEL-21120]
  - platform/mellanox: mlxbf-bootctl: Convert to platform remove callback returning void (Luiz Capitulino) [RHEL-21120]
  - mlxbf-bootctl: Support sysfs entries for MFG fields (Luiz Capitulino) [RHEL-21120]
  - mlxbf-bootctl: Support setting the ARM boot state to "OS up" (Luiz Capitulino) [RHEL-21120]
  - mlxbf-bootctl: Support the large icmc write/read (Luiz Capitulino) [RHEL-21120]
  - mlxbf-bootctl: Add sysfs file for BlueField boot log (Luiz Capitulino) [RHEL-21120]
  - mlxbf-bootctl: Add sysfs file for BlueField boot fifo (Luiz Capitulino) [RHEL-21120]
  - platform/mellanox: add firmware reset support (Luiz Capitulino) [RHEL-21120]
  - tpm: Enable hwrng only for Pluton on AMD CPUs (Štěpán Horáček) [RHEL-18985]
  - redhat: hsr: Mark as tech preview (Felix Maurer) [RHEL-24972]
  - Bluetooth: Add more enc key size check (Bastien Nocera) [RHEL-19668 RHEL-19669] {CVE-2023-24023}
  - netfilter: xt_recent: fix (increase) ipv6 literal buffer length (Florian Westphal) [RHEL-21163]
  - netfilter: xt_owner: Fix for unsafe access of sk->sk_socket (Florian Westphal) [RHEL-21163]
  - netfilter: xt_u32: validate user space input (Florian Westphal) [RHEL-21163]
  - keys, dns: Fix size check of V1 server-list header (Davide Caratti) [RHEL-21582]
  - keys, dns: Fix missing size check of V1 server-list header (Davide Caratti) [RHEL-21582]
  - keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (Davide Caratti) [RHEL-21582]
  - net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() (Davide Caratti) [RHEL-21582]
  - psample: Require 'CAP_NET_ADMIN' when joining "packets" group (Davide Caratti) [RHEL-21582]
  - llc: verify mac len before reading mac header (Davide Caratti) [RHEL-21582]
  - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (Ilya Dryomov) [RHEL-22252]
  - ceph: always queue a writeback when revoking the Fb caps (Ilya Dryomov) [RHEL-22252]
  - ceph: always check dir caps asynchronously (Ilya Dryomov) [RHEL-22252]
  - ice: Add check for lport extraction to LAG init (Petr Oros) [RHEL-21561]
  - ice: stop trashing VF VSI aggregator node ID information (Petr Oros) [RHEL-21561]
  - pmdomain: xilinx: Move Kconfig option to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: ti: Move and add Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: tegra: Move Kconfig option to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: st: Add a Kconfig option for the ux500 power domain (Radu Rendec) [RHEL-25420]
  - pmdomain: samsung: Move Kconfig option to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: rockchip: Move Kconfig option to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: renesas: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: qcom: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: mediatek: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: imx: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: bcm: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: amlogic: Move Kconfig options to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: actions: Move Kconfig file to the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: Prepare to move Kconfig files into the pmdomain subsystem (Radu Rendec) [RHEL-25420]
  - pmdomain: Rename the genpd subsystem to pmdomain (Radu Rendec) [RHEL-25420]
  - genpd: imx: relocate scu-pd under genpd (Radu Rendec) [RHEL-25420]
  - genpd: move owl-sps-helper.c from drivers/soc (Radu Rendec) [RHEL-25420]
  - genpd: Makefile: build imx (Radu Rendec) [RHEL-25420]
  - ARM: ux500: Move power-domain driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - ARM: ux500: Convert power-domain code into a regular platform driver (Radu Rendec) [RHEL-25420]
  - soc: xilinx: Move power-domain driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: ti: Mover power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: tegra: Move powergate-bpmp driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: samsung: Move power-domain driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: rockchip: Mover power-domain driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: renesas: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: qcom: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: mediatek: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: imx: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: bcm: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: amlogic: Move power-domain drivers to the genpd dir (Radu Rendec) [RHEL-25420]
  - soc: actions: Move power-domain driver to the genpd dir (Radu Rendec) [RHEL-25420]
  - genpd: Create a new subsystem directory to host genpd providers (Radu Rendec) [RHEL-25420]
  - soc: mediatek: Let PMIC Wrapper and SCPSYS depend on OF (Radu Rendec) [RHEL-25420]
  - ARM: ux500: Drop unused register file (Radu Rendec) [RHEL-25420]
  - redhat/confgs: enable sdhci-of-dwcmshc (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Add runtime PM operations (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Add error handling in dwcmshc_resume (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Convert to platform remove callback returning void (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Explicitly include correct DT includes (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: properly determine max clock on Rockchip (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: add the missing device table IDs for acpi (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Update DLL and pre-change delay for rockchip platform (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: enable host V4 support for BlueField-3 SoC (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: Re-enable support for the BlueField-3 SoC (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: add support for rk3588 (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: rename rk3568 to rk35xx (Luiz Capitulino) [RHEL-21121]
  - mmc: sdhci-of-dwcmshc: add reset call back for rockchip Socs (Luiz Capitulino) [RHEL-21121]
  - netfilter: nft_set_pipapo: prefer gfp_kernel allocation (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: mark newset as dead on transaction abort (Florian Westphal) [RHEL-21443]
  - netfilter: nft_immediate: drop chain reference counter on error (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: skip set commit for deleted/destroyed sets (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: set transport offset from mac header for netdev/egress (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: validate family when identifying table via handle (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: fix 'exist' matching on bigendian arches (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() (Florian Westphal) [RHEL-21443]
  - netfilter: nft_set_rbtree: .deactivate fails if element has expired (Florian Westphal) [RHEL-21443]
  - netfilter: nft_payload: fix wrong mac header matching (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: do not refresh timeout when resetting element (Florian Westphal) [RHEL-21443]
  - netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (Florian Westphal) [RHEL-21443]
  - netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [RHEL-21443]
  - netfilter: nft_exthdr: Fix non-linear header modification (Florian Westphal) [RHEL-21443]
  - redhat: add nvidia oot signing key (David Airlie) [RHEL-18051]
  - RDMA/efa: Fix wrong resources deallocation order (Izabela Bakollari) [RHEL-17697]
  - RDMA/efa: Add RDMA write HW statistics counters (Izabela Bakollari) [RHEL-17697]
  - RDMA/efa: Fix unsupported page sizes in device (Izabela Bakollari) [RHEL-17697]
  - RDMA/efa: Add rdma write capability to device caps (Izabela Bakollari) [RHEL-17697]
  - RDMA/efa: Add data polling capability feature bit (Izabela Bakollari) [RHEL-17697]
  - md: partially revert "md/raid6: use valid sector values to determine if an I/O should wait on the reshape" (Benjamin Marzinski) [RHEL-24489]
  - ipvs: fix racy memcpy in proc_do_sync_threshold (Florian Westphal) [RHEL-21166]
  - ipvs: align inner_mac_header for encapsulation (Florian Westphal) [RHEL-21166]
  - x86/mce: Prevent duplicate error records (Aristeu Rozanski) [RHEL-24447]
* Thu Feb 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-422.el9]
  - sfc: Check firmware supports Ethernet PTP filter (Izabela Bakollari) [RHEL-11017]
  - sfc: allocate a big enough SKB for loopback selftest packet (Izabela Bakollari) [RHEL-11017]
  - sfc: fix field-spanning memcpy in selftest (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove vfdi.h (Izabela Bakollari) [RHEL-11017]
  - sfc: Cleanups in io.h (Izabela Bakollari) [RHEL-11017]
  - sfc: Miscellaneous comment removals (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove struct efx_special_buffer (Izabela Bakollari) [RHEL-11017]
  - sfc: Filter cleanups for Falcon and Siena (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove some NIC type indirections that are no longer needed (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove PTP code for Siena (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove EFX_REV_SIENA_A0 (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove support for siena high priority queue (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove siena_nic_data and stats (Izabela Bakollari) [RHEL-11017]
  - sfc: Remove falcon references (Izabela Bakollari) [RHEL-11017]
  - sfc: support for devlink port requires MAE access (Izabela Bakollari) [RHEL-11017]
  - sfc: falcon: use padding to fix alignment in loopback test (Izabela Bakollari) [RHEL-11017]
  - sfc: siena: use padding to fix alignment in loopback test (Izabela Bakollari) [RHEL-11017]
  - sfc: use padding to fix alignment in loopback test (Izabela Bakollari) [RHEL-11017]
  - sfc: fix crash when reading stats while NIC is resetting (Izabela Bakollari) [RHEL-11017]
  - sfc: keep alive neighbour entries while a TC encap action is using them (Izabela Bakollari) [RHEL-11017]
  - sfc: fix uninitialized variable use (Izabela Bakollari) [RHEL-11017]
  - sfc: add CONFIG_INET dependency for TC offload (Izabela Bakollari) [RHEL-11017]
  - sfc: do not try to call tc functions when CONFIG_SFC_SRIOV=n (Izabela Bakollari) [RHEL-11017]
  - sfc: Add devlink dev info support for EF10 (Izabela Bakollari) [RHEL-11017]
  - sfc: generate encap headers for TC offload (Izabela Bakollari) [RHEL-11017]
  - sfc: neighbour lookup for TC encap action offload (Izabela Bakollari) [RHEL-11017]
  - sfc: MAE functions to create/update/delete encap headers (Izabela Bakollari) [RHEL-11017]
  - sfc: add function to atomically update a rule in the MAE (Izabela Bakollari) [RHEL-11017]
  - sfc: some plumbing towards TC encap action offload (Izabela Bakollari) [RHEL-11017]
  - sfc: add fallback action-set-lists for TC offload (Izabela Bakollari) [RHEL-11017]
  - sfc: fix error unwinds in TC offload (Izabela Bakollari) [RHEL-11017]
  - sfc: handle VI shortage on ef100 by readjusting the channels (Izabela Bakollari) [RHEL-11017]
  - sfc: fix devlink info error handling (Izabela Bakollari) [RHEL-11017]
  - sfc: populate enc_ip_tos matches in MAE outer rules (Izabela Bakollari) [RHEL-11017]
  - sfc: release encap match in efx_tc_flow_free() (Izabela Bakollari) [RHEL-11017]
  - sfc: disable RXFCS and RXALL features by default (Izabela Bakollari) [RHEL-11017]
  - sfc: add offloading of 'foreign' TC (decap) rules (Izabela Bakollari) [RHEL-11017]
  - sfc: add code to register and unregister encap matches (Izabela Bakollari) [RHEL-11017]
  - sfc: add functions to insert encap matches into the MAE (Izabela Bakollari) [RHEL-11017]
  - sfc: handle enc keys in efx_tc_flower_parse_match() (Izabela Bakollari) [RHEL-11017]
  - sfc: add notion of match on enc keys to MAE machinery (Izabela Bakollari) [RHEL-11017]
  - sfc: document TC-to-EF100-MAE action translation concepts (Izabela Bakollari) [RHEL-11017]
  - sfc: support offloading TC VLAN push/pop actions to the MAE (Izabela Bakollari) [RHEL-11017]
  - sfc: move xdp_features configuration in efx_pci_probe_post_io() (Izabela Bakollari) [RHEL-11017]
  - redhat: configs: ccimx93-dvk: enable eth network (Eric Chanudet) [RHEL-20495]
  - redhat: configs: ccimx93-dvk enablement (Eric Chanudet) [RHEL-20495]
  - net/mlx5: Consider VLAN interface in MACsec TX steering rules (Amir Tzin) [RHEL-20930]
  - net/mlx5: Support MACsec over VLAN (Amir Tzin) [RHEL-20930]
  - net/mlx5: Enable MACsec offload feature for VLAN interface (Amir Tzin) [RHEL-20930]
  - firmware: arm_scmi: Specify the performance level when adding an OPP (Steve Dunnagan) [RHEL-9668]
  - OPP: Extend dev_pm_opp_data with a level (Steve Dunnagan) [RHEL-9668]
  - OPP: Add dev_pm_opp_add_dynamic() to allow more flexibility (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix frequency truncation by promoting multiplier type (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix possible frequency truncation when using level indexing mode (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Drop redundant ->device_domain_id() from perf ops (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Align perf ops to use domain-id as in-parameter (Steve Dunnagan) [RHEL-9668]
  - cpufreq: scmi: Prepare to move OF parsing of domain-id to cpufreq (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Extend perf protocol ops to get information of a domain (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Extend perf protocol ops to get number of domains (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add SCMI v3.1 System Power extensions (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add qcom smc/hvc transport support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Convert u32 to unsigned long to align with arm_smccc_1_1_invoke() (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add support for clock parents (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Simplify error path in scmi_dvfs_device_opps_add() (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Rename scmi_{msg_,}clock_config_{get,set}_{2,21} (Steve Dunnagan) [RHEL-9668]
  - redhat/configs: add ARM SCMI configs (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add clock OEM config clock operations (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add clock .state_get support to pre-v3.2 (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add v3.2 clock CONFIG_GET support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add clock v3.2 CONFIG_SET support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Simplify enable/disable clock operations (Steve Dunnagan) [RHEL-9668]
  - clk: scmi: Support atomic clock enable/disable API (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fixup perf power-cost/microwatt support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add v3.2 perf level indexing mode support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harden perf domain info access (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix chan_free cleanup on SMC (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Drop OF node reference in the transport channel setup (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix signed error return values handling (Steve Dunnagan) [RHEL-9668]
  - firmware: smccc: Fix use of uninitialised results structure (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Augment SMC/HVC to allow optional parameters (Steve Dunnagan) [RHEL-9668]
  - arm64: cpuidle: fix #ifdef for acpi functions (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix incorrect alloc_workqueue() invocation (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add support for unidirectional mailbox channels (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix xfers allocation on Rx channel (Steve Dunnagan) [RHEL-9668]
  - firmware: Use of_property_present() for testing DT property presence (Steve Dunnagan) [RHEL-9668]
  - firmware/psci: demote suspend-mode warning to info level (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Use the bitmap API to allocate bitmaps (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix device node validation for mailbox transport (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix raw coexistence mode behaviour on failure path (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Remove duplicate include header inclusion (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Return a literal instead of a variable (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Clean up a return statement in scmi_probe (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add per-channel raw injection support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add the raw mode co-existence support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Call raw mode hooks from the core stack (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Reject SCMI drivers when configured in raw mode (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add core raw transmission support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Populate a common SCMI debugfs root (Steve Dunnagan) [RHEL-9668]
  - include: trace: Add platform and channel instance references (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add internal platform/channel identifiers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Move errors defs and code to common.h (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add xfer helpers to provide raw access (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add flags field to xfer (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor scmi_wait_for_message_response (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor polling helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor xfer in-flight registration routines (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Split bus and driver into distinct modules (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Introduce a new lifecycle for protocol devices (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor device create/destroy helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Move handle get/set helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor protocol device creation (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add common notifier helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Move protocol registration helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Use dedicated devices to initialize channels (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Simplify chan_available transport operation (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Set fwnode for the scmi_device (Steve Dunnagan) [RHEL-9668]
  - cpuidle: drivers: firmware: psci: Dont instrument suspend code (Steve Dunnagan) [RHEL-9668]
  - firmware/psci: Don't register with debugfs if PSCI isn't available (Steve Dunnagan) [RHEL-9668]
  - firmware/psci: Fix MEM_PROTECT_RANGE function numbers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Make Rx chan_setup fail on memory errors (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Make tx_prepare time out eventually (Steve Dunnagan) [RHEL-9668]
  - firmware/psci: Add debugfs support to ease debugging (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harmonize SCMI tracing message format (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Support only one single system power device (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Use new SCMI full message tracing (Steve Dunnagan) [RHEL-9668]
  - include: trace: Add SCMI full message tracing (Steve Dunnagan) [RHEL-9668]
  - arm64: cpuidle: remove generic cpuidle support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Remove usage of the deprecated ida_simple_xxx API (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix response size warning for OPTEE transport (Steve Dunnagan) [RHEL-9668]
  - cpufreq: scmi: Support the power scale in micro-Watts in SCMI v3.1 (Steve Dunnagan) [RHEL-9668]
  - cpufreq: scmi: Use .register_em() to register with energy model (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Do not use !! on boolean when setting msg->flags (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add Powercap protocol enable support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Refactor the internal powercap get/set helpers (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add debugfs ABI documentation for raw mode (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix virtio channels cleanup on shutdown (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harden shared memory access in fetch_response (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harden shared memory access in fetch_notification (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Clear stale xfer->hdr.status (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix deferred_tx_wq release on error paths (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix devres allocation device in virtio transport (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Suppress the driver's bind attributes (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Cleanup the core driver removal callback (Steve Dunnagan) [RHEL-9668]
  - psci: Fix the function type for psci_initcall_t (Steve Dunnagan) [RHEL-9668]
  - Revert "firmware: arm_scmi: Add clock management to the SCMI power domain" (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix the asynchronous reset requests (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add SCMI PM driver remove routine (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harden accesses to the reset domains (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Harden accesses to the sensor domains (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Improve checks in the info_get operations (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Fix missing kernel-doc in optee (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Get detailed power scale from perf (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Use fast channel tracing (Steve Dunnagan) [RHEL-9668]
  - include: trace: Add SCMI fast channel tracing (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add devm_protocol_acquire helper (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add SCMI v3.1 powercap fast channels support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add SCMI v3.1 powercap protocol basic support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Generalize the fast channel support (Steve Dunnagan) [RHEL-9668]
  - firmware: arm_scmi: Add SCMI System Power Control driver (Steve Dunnagan) [RHEL-9668]
  - net: wwan: move wwan_hwsim to internals rpm (Jose Ignacio Tornos Martinez) [RHEL-24618]
  - Enable Intel MEI engine proxy for i915 (Mika Penttilä) [RHEL-1351]
  - mei: gsc_proxy: add gsc proxy driver (Mika Penttilä) [RHEL-1351]
  - mei: me: add meteor lake point M DID (Mika Penttilä) [RHEL-1351]
  - mei: bus: fix unlink on bus in error path (Mika Penttilä) [RHEL-1351]
  - misc/mei/hdcp: Use correct macros to initialize uuid_le (Mika Penttil