[ubuntu/kinetic-proposed] linux-allwinner 5.19.0-1001.1 (Accepted)
Andy Whitcroft
apw at canonical.com
Thu Oct 13 22:55:20 UTC 2022
linux-allwinner (5.19.0-1001.1) kinetic; urgency=medium
* kinetic/linux-allwinner: 5.19.0-1001.1 -proposed tracker (LP: #1992460)
* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/master)
* Kernel regresses openjdk on riscv64 (LP: #1992484)
- SAUCE: Revert "riscv: mmap with PROT_WRITE but no PROT_READ is invalid"
* Enable Nezha board (LP: #1975592)
- clk: fixed: Remove Allwinner A10 special-case logic
- dt-bindings: clock: fixed-factor: Drop Allwinner A10 compatible
- dt-bindings: clock: Add compatible for D1 DE2 clocks
- clk: sunxi: Limit legacy clocks to 32-bit ARM
- clk: sunxi: Do not select the PRCM MFD
- soc: sunxi: mbus: Only build the driver on ARM/ARM64
- dt-bindings: i2c: mv64xxx: Add variants with offload support
- arm64: dts: allwinner: a100: Update I2C controller fallback
- dt-bindings: usb: sunxi-musb: Add Allwinner D1 compatible
- dt-bindings: usb: generic-ehci: Add Allwinner D1 compatible
- dt-bindings: usb: generic-ohci: Add Allwinner D1 compatible
- dt-bindings: pinctrl: sunxi: Make interrupts optional
- dt-bindings: pinctrl: sunxi: allow vcc-pi-supply
- dt-bindings: pinctrl: Add compatible for Allwinner D1
- pinctrl: sunxi: Support the 2.5V I/O bias mode
- pinctrl: sunxi: Refactor register/offset calculation
- pinctrl: sunxi: Make some layout parameters dynamic
- pinctrl: sunxi: Add driver for Allwinner D1
- pinctrl: sunxi: Fix name for A100 R_PIO
- riscv: make patch-function pointer more generic in cpu_manufacturer_info
struct
- riscv: remove usage of function-pointers from cpufeatures and t-head errata
- riscv: introduce nops and __nops macros for NOP sequences
- riscv: convert the t-head pbmt errata to use the __nops macro
- of: also handle dma-noncoherent in of_dma_is_coherent()
- dt-bindings: riscv: document cbom-block-size
- riscv: Add support for non-coherent devices using zicbom extension
- riscv: implement cache-management errata for T-Head SoCs
- dt-bindings: interrupt-controller: sifive,plic: Document Renesas RZ/Five SoC
- irqchip/sifive-plic: Add support for Renesas RZ/Five SoC
- dt-bindings: interrupt-controller: Require trigger type for T-HEAD PLIC
- irqchip/sifive-plic: Fix T-HEAD PLIC edge trigger handling
- irqchip/sifive-plic: Make better use of the effective affinity mask
- irqchip/sifive-plic: Separate the enable and mask operations
- SAUCE: RISC-V: Clear SIP bit only when using SBI IPI operations
- SAUCE: irqchip/riscv-intc: Allow drivers to directly discover INTC hwnode
- SAUCE: genirq: Add mechanism to multiplex a single HW IPI
- SAUCE: RISC-V: Treat IPIs as normal Linux IRQs
- SAUCE: RISC-V: Allow marking IPIs as suitable for remote FENCEs
- SAUCE: RISC-V: Use IPIs for remote TLB flush when possible
- SAUCE: RISC-V: Use IPIs for remote icache flush when possible
- SAUCE: rtc: sun6i: add support for R329 RTC
- SAUCE: dt-bindings: mfd: x-powers,axp152: Document the AXP228 variant
- SAUCE: dt-bindings: net: bluetooth: realtek: Add RTL8723DS
- SAUCE: bus: sun50i-de2: Prevent driver from being unbound
- SAUCE: clk: sunxi-ng: mp: Avoid computing the rate twice
- SAUCE: clk: sunxi-ng: d1: Limit PLL rates to stable ranges
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Use of_device_get_match_data
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Use devm_platform_ioremap_resource
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Used device-managed clocks/resets
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Support multiple custom PHY ops
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Separate A83T and H3 PHY ops
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Group PHY ops functions by generation
- SAUCE: dt-bindings: display: Add D1 HDMI compatibles
- SAUCE: drm/sun4i: Add support for D1 HDMI
- SAUCE: drm/sun4i: sun8i-hdmi-phy: Add support for D1 PHY
- SAUCE: [HACK] drm/sun4i: Copy in BSP code for D1 HDMI PHY
- SAUCE: dt-bindings: display: sun6i-dsi: Fix clock conditional
- SAUCE: dt-bindings: display: sun6i-dsi: Add the A100 variant
- SAUCE: drm/sun4i: dsi: Add a variant structure
- SAUCE: drm/sun4i: dsi: Add the A100 variant
- SAUCE: dt-bindings: sun6i-a31-mipi-dphy: Add the interrupts property
- SAUCE: ARM: dts: sun8i: a33: Add DPHY interrupt
- SAUCE: arm64: dts: allwinner: a64: Add DPHY interrupt
- SAUCE: dt-bindings: sun6i-a31-mipi-dphy: Add the A100 DPHY variant
- SAUCE: phy: allwinner: phy-sun6i-mipi-dphy: Make RX support optional
- SAUCE: phy: allwinner: phy-sun6i-mipi-dphy: Set enable bit last
- SAUCE: phy: allwinner: phy-sun6i-mipi-dphy: Add a variant power-on hook
- SAUCE: phy: allwinner: phy-sun6i-mipi-dphy: Add the A100 DPHY variant
- SAUCE: hwspinlock: sun6i: Clarify bank counting logic
- SAUCE: hwspinlock: sun6i: Fix driver to match binding
- SAUCE: dt-bindings: hwlock: sun6i: Add interrupts property
- SAUCE: dt-bindings: hwlock: sun6i: Add per-SoC compatibles
- SAUCE: riscv: mm: Use IOMMU for DMA when available
- SAUCE: dt-bindings: iommu: sun50i: Add compatible for Allwinner D1
- SAUCE: iommu/sun50i: Support variants without an external reset
- SAUCE: iommu/sun50i: Ensure bypass is disabled
- SAUCE: iommu/sun50i: Add support for the D1 variant
- SAUCE: iommu/sun50i: Ensure the IOMMU can be used for DMA
- SAUCE: genirq: Add support for oneshot-safe threaded EOIs
- SAUCE: irqchip/sifive-plic: Enable oneshot-safe threaded EOIs
- SAUCE: irqchip/sifive-plic: Support wake IRQs
- SAUCE: mfd: sun6i-prcm: Update Kconfig description
- SAUCE: drm/sun4i: Update Kconfig defaults and descriptions
- SAUCE: dt-bindings: leds: Add Allwinner R329/D1 LED controller
- SAUCE: leds: sun50i-r329: New driver for the R329/D1 LED controller
- SAUCE: mmc: sunxi-mmc: Correct the maximum segment size
- SAUCE: mmc: sunxi-mmc: Fix clock refcount imbalance during unbind
- SAUCE: dt-bindings: display: Add bindings for ClockworkPi CWD686
- SAUCE: drm: panel: Add driver for Clockwork cwd686 panel
- SAUCE: drm: panel: cwd686: Add regulators
- SAUCE: drm: panel: cwd686: Make reset gpio mandatory
- SAUCE: drm: panel: cwd686: Increase post-reset delay
- SAUCE: drm: panel: cwd686: Use vendor panel init sequence
- SAUCE: drm: panel: cwd686: Fix timings
- SAUCE: drm: panel: cwd686: Disable burst
- SAUCE: drm: panel: cwd686: Use the init sequence from the R-01 BSP
- SAUCE: drm: panel: cwd686: Power up sequence
- SAUCE: drm: panel: cwd686: Why is this not getting called?
- SAUCE: dt-bindings: display: Add Sitronix ST7701s panel binding
- SAUCE: drm/panel: Add driver for ST7701s DPI LCD panel
- SAUCE: regulator: dt-bindings: Add Allwinner D1 LDOs
- SAUCE: regulator: sun20i: Add support for Allwinner D1 LDOs
- SAUCE: dt-bindings: sram: sunxi-sram: Add optional regulators child
- SAUCE: soc: sunxi: sram: Only iterate over SRAM children
- SAUCE: nvmem: sunxi_sid: Always use 32-bit MMIO reads
- SAUCE: nvmem: sunxi_sid: Drop the workaround on A64
- SAUCE: nvmem: core: Support reading cells with >= 8 bit offsets
- SAUCE: dt-bindings: nvmem: Allow bit offsets greater than a byte
- SAUCE: ASoC: dt-bindings: sun4i-spdif: Require resets for H6
- SAUCE: ASoC: dt-bindings: sun4i-spdif: Add compatible for D1
- SAUCE: ASoC: sun4i-spdif: Assert reset when removing the device
- SAUCE: ASoC: sun4i-spdif: Simplify code around optional resets
- SAUCE: ASoC: sun4i-spdif: Add support for separate RX/TX clocks
- SAUCE: ASoC: sun4i-spdif: Add support for the D1 variant
- SAUCE: dt-bindings: sram: sunxi-sram: Add D1 compatible string
- SAUCE: soc: sunxi: sram: Actually claim SRAM regions
- SAUCE: soc: sunxi: sram: Prevent the driver from being unbound
- SAUCE: soc: sunxi: sram: Fix probe function ordering issues
- SAUCE: soc: sunxi: sram: Fix debugfs info for A64 SRAM C
- SAUCE: soc: sunxi: sram: Return void from the release function
- SAUCE: soc: sunxi: sram: Save a pointer to the OF match data
- SAUCE: soc: sunxi: sram: Export the LDO control register
- SAUCE: soc: sunxi: sram: Add support for the D1 system control
- SAUCE: dt-bindings: thermal: sun8i: Add compatible for D1
- SAUCE: thermal: sun8i: Document the unknown field
- SAUCE: thermal: sun8i: Set the event type for new samples
- SAUCE: thermal: sun8i: Use optional clock/reset getters
- SAUCE: thermal: sun8i: Ensure vref is powered
- SAUCE: thermal: sun8i: Add support for the D1 variant
- SAUCE: dt-bindings: timer: allwinner,sun4i-a10-timer: Add D1 compatible
- SAUCE: dt-bindings: riscv: Add T-HEAD C906 and C910 compatibles
- SAUCE: dt-bindings: vendor-prefixes: Add Allwinner D1 board vendors
- SAUCE: dt-bindings: riscv: Add Allwinner D1 board compatibles
- SAUCE: riscv: Add Allwinner SoC family Kconfig option
- SAUCE: riscv: dts: allwinner: Add the D1 SoC base devicetree
- SAUCE: riscv: dts: allwinner: Add Allwinner D1 Nezha devicetree
- SAUCE: riscv: dts: allwinner: Add Sipeed Lichee RV devicetrees
- SAUCE: riscv: dts: allwinner: Add MangoPi MQ Pro devicetree
- SAUCE: riscv: dts: allwinner: Add Dongshan Nezha STU devicetree
- SAUCE: riscv: dts: allwinner: Add ClockworkPi and DevTerm devicetrees
- SAUCE: riscv: defconfig: Enable the Allwinner D1 platorm and drivers
- SAUCE: riscv: dts: allwinner: d1: Add LED controller
- SAUCE: riscv: dts: allwinner: d1: Add RGB LEDs to boards
- SAUCE: dt-bindings: crypto: sun8i-ce: Add compatible for D1
- SAUCE: crypto: sun8i-ce - Add TRNG clock to D1 variant
- SAUCE: riscv: dts: allwinner: d1: Add crypto engine support
- SAUCE: dt-bindings: spi: sun6i: Add R329 variant
- SAUCE: spi: spi-sun6i: Use a struct for quirks
- SAUCE: spi: spi-sun6i: Add Allwinner R329 support
- SAUCE: [WIP] spi: spi-sun6i: Dual/Quad RX Support
- SAUCE: riscv: dts: allwinner: Add SPI support
- SAUCE: fixup! dt-bindings: spi: sun6i: Add R329 variant
- SAUCE: pwm: sun8i-v536: document device tree bindings
- SAUCE: pwm: sunxi: Add Allwinner SoC PWM controller driver
- SAUCE: squash? pwm: sunxi: Add Allwinner SoC PWM controller driver
- SAUCE: pwm: sun8i-v536: Add support for the Allwinner D1
- SAUCE: riscv: dts: allwinner: d1: Add PWM support
- SAUCE: riscv: dts: allwinner: d1: Hook up PWM-controlled CPU voltage
regulators
- SAUCE: riscv: dts: allwinner: mangopi-mq-pro: Add PWM LED
- SAUCE: drm/sun4i: dsi: Allow panel attach before card registration
- SAUCE: drm/sun4i: mixer: Remove unused CMA headers
- SAUCE: drm/sun4i: decouple TCON_DCLK_DIV value from pll_mipi/dotclock ratio
- SAUCE: drm/sun4i: tcon: Always protect the LCD dotclock rate
- SAUCE: drm/sun4i: tcon_top: Register reset, clock gates in probe
- SAUCE: riscv: dts: allwinner: lichee-rv-86-panel-480p: Add panel
- SAUCE: riscv: dts: allwinner: d1: Add DSI pipeline
- SAUCE: riscv: dts: allwinner: devterm: Add DSI panel and backlight
- SAUCE: riscv: dts: allwinner: d1: Add HDMI pipeline
- SAUCE: riscv: dts: allwinner: d1: Enable HDMI on supported boards
- SAUCE: dt-bindings: display: sun4i-tcon: Add external LVDS PHY
- SAUCE: riscv: dts: allwinner: d1: Add LVDS0 PHY
- SAUCE: ASoC: sun4i-i2s: Also set capture DMA width
- SAUCE: [WIP] ASoC: sun4i-spdif: Add support for separate resets
- SAUCE: ASoC: sun20i-codec: New driver for D1 internal codec
- SAUCE: [WIP] ASoC: sun20i-codec: What is this ramp thing?
- SAUCE: riscv: dts: allwinner: d1: Add sound cards to boards
- SAUCE: [WIP] riscv: Add peripherals to D1 SoC device tree
- SAUCE: ASoC: sun20i-codec: Remove duplicate regulator handling
* Miscellaneous Ubuntu changes
- [Packaging] Create allwinner flavour
- [Config] updateconfigs after rebase
- [Packaging] Update abi files from a cross-build.
[ Ubuntu: 5.19.0-20.20 ]
* kinetic/linux: 5.19.0-20.20 -proposed tracker (LP: #1992408)
* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/master)
* Kinetic kernels 5.19.0-18/19-generic won't boot on Intel 11th/12th gen
(LP: #1991704)
- drm/i915: fix null pointer dereference
* rcu_sched detected stalls on CPUs/tasks (LP: #1967130)
- [Config] Disable VMAP_STACK on riscv64
* Disable sv57 as the userspace is not ready (LP: #1991790)
- SAUCE: riscv: mm: Force disable sv57
* earlyconsole prints question marks on 5.19.0-1002-generic (LP: #1988984)
- [Config] Set CONFIG_PWM_SIFIVE=m for riscv64
* RCU stalls (LP: #1991951)
- [Config] Harmonize RCU_CPU_STALL_TIMEOUT
* backport dkms fixes to build modules correctly for hwe-5.19+ kernels with
custom compiler (LP: #1991664)
- [Packaging] use versioned gcc-12
- [Packaging] Update configs with versioned compiler version
* FTBFS on kinetic (LP: #1990964)
- SAUCE: uapi: Fixup strace compile error
* CVE-2022-40768
- scsi: stex: Properly zero out the passthrough command structure
* [22.10 FEAT] zKVM: Crypto Passthrough Hotplug - kernel part (LP: #1852741)
- s390/vfio-ap: use new AP bus interface to search for queue devices
- s390/vfio-ap: move probe and remove callbacks to vfio_ap_ops.c
- s390/vfio-ap: manage link between queue struct and matrix mdev
- s390/vfio-ap: introduce shadow APCB
- s390/vfio-ap: refresh guest's APCB by filtering AP resources assigned to
mdev
- s390/vfio-ap: allow assignment of unavailable AP queues to mdev device
- s390/vfio-ap: rename matrix_dev->lock mutex to matrix_dev->mdevs_lock
- s390/vfio-ap: introduce new mutex to control access to the KVM pointer
- s390/vfio-ap: use proper locking order when setting/clearing KVM pointer
- s390/vfio-ap: prepare for dynamic update of guest's APCB on assign/unassign
- s390/vfio-ap: prepare for dynamic update of guest's APCB on queue
probe/remove
- s390/vfio-ap: allow hot plug/unplug of AP devices when assigned/unassigned
- s390/vfio-ap: hot plug/unplug of AP devices when probed/removed
- s390/vfio-ap: reset queues after adapter/domain unassignment
- s390/vfio-ap: implement in-use callback for vfio_ap driver
- s390/vfio-ap: sysfs attribute to display the guest's matrix
- s390/vfio-ap: handle config changed and scan complete notification
- s390/vfio-ap: update docs to include dynamic config support
- s390/Docs: new doc describing lock usage by the vfio_ap device driver
- MAINTAINERS: pick up all vfio_ap docs for VFIO AP maintainers
[ Ubuntu: 5.19.0-19.19 ]
* kinetic/linux: 5.19.0-19.19 -proposed tracker (LP: #1990960)
* kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983)
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display
(using struct cred as input)"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk
parameter const"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
smk_netlbl_mls()"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use
lsmblob"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to
kfree_sensitive()"""
- Revert "Revert "Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check"""
- Revert "Revert "Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive
flag"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full
LSM context"""
- Revert "Revert "Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple
object LSM attributes"""
- Revert "Revert "Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline
function declration."""
- Revert "Revert "Revert "UBUNTU: SAUCE: Audit: Add new record for multiple
process LSM attributes"""
- Revert "Revert "Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a
lsmblob"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in
netlink netfilter"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in
security_inode_getsecctx"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in
security_secid_to_secctx"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context
releaser"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display"""
- Revert "Revert "Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to
use lsmblobs"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_cred_getsecid"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_inode_getsecid"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_task_getsecid"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_ipc_getsecid"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_secid_to_secctx"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_secctx_to_secid"""
- Revert "Revert "Revert "UBUNTU: SAUCE: net: Prepare UDS for security module
stacking"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_kernel_act_as"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
security_audit_rule_match"""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob
data structure."""
- Revert "Revert "Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the
sock security"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from
SK_CTX() to aa_sock()"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to
aa_unix_sk()"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as
part of a secid to secctx"""
- Revert "Revert "Revert "apparmor: fix absroot causing audited secids to
begin with ="""
- Revert "Revert "Revert "UBUNTU SAUCE: apparmor: fix apparmor mediating
locking non-fs, unix sockets"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: fix use after free in
sk_peer_label"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: af_unix mediation"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: patch to provide
compatibility with v2.x net rules"""
- Revert "Revert "Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash
string hex value"""
- SAUCE: upstream v6.0: apparmor: fix absroot causing audited secids to begin
with =
- SAUCE: upstream v6.0: apparmor: Fix kernel-doc
- SAUCE: upstream v6.0: lsm: Fix kernel-doc
- SAUCE: upstream v6.0: apparmor: Update help description of policy hash for
introspection
- SAUCE: upstream v6.0: apparmor: make export of raw binary profile to
userspace optional
- SAUCE: upstream v6.0: apparmor: Enable tuning of policy paranoid load for
embedded systems
- SAUCE: upstream v6.0: apparmor: don't create raw_sha1 symlink if sha1
hashing is disabled
- SAUCE: upstream v6.0: apparmor: resolve uninitialized symbol warnings in
policy_unpack_test.c
- SAUCE: upstream v6.0: security/apparmor: remove redundant ret variable
- SAUCE: upstream v6.0: apparmor: Use struct_size() helper in kmalloc()
- SAUCE: upstream v6.0: apparmor: Fix match_mnt_path_str() and match_mnt()
kernel-doc comment
- SAUCE: upstream v6.0: apparmor: Fix some kernel-doc comments
- SAUCE: upstream v6.0: apparmor: Fix some kernel-doc comments
- SAUCE: upstream v6.0: apparmor: Fix undefined reference to
`zlib_deflate_workspacesize'
- SAUCE: upstream v6.0: apparmor: Fix some kernel-doc comments
- SAUCE: upstream v6.0: apparmor: test: Remove some casts which are no-longer
required
- SAUCE: upstream v6.0: apparmor: add a kernel label to use on kernel objects
- SAUCE: upstream v6.0: apparmor: Convert secid mapping to XArrays instead of
IDR
- SAUCE: upstream v6.0: apparmor: disable showing the mode as part of a secid
to secctx
- SAUCE: upstream v6.0: apparmor: Mark alloc_unconfined() as static
- SAUCE: upstream v6.0: apparmor: Fix some kernel-doc comments
- SAUCE: upstream v6.0: apparmor: allow label to carry debug flags
- SAUCE: upstream v6.0: apparmor: extend policydb permission set by making use
of the xbits
- SAUCE: upstream v6.0: apparmor: move ptrace mediation to more logical
task.{h,c}
- SAUCE: upstream v6.0: apparmor: correct config reference to intended one
- SAUCE: upstream v6.0: lsm,io_uring: add LSM hooks for the new uring_cmd file
op
- SAUCE: upstream v6.0: selinux: implement the security_uring_cmd() LSM hook
- SAUCE: upstream v6.0: Smack: Provide read control for io_uring_cmd
- SAUCE: apparmor-next 6.1: apparmor: fix a memleak in multi_transaction_new()
- SAUCE: apparmor-next 6.1: apparmor: fix lockdep warning when removing a
namespace
- SAUCE: apparmor-next 6.1: apparmor: reserve mediation classes
- SAUCE: apparmor-next 6.1: apparmor: use zstd compression for profile data
- SAUCE: apparmor-next 6.1: apparmor: expose compression level limits in sysfs
- SAUCE: apparmor-next 6.1: apparmor: compute file permissions on profile load
- SAUCE: apparmor-next 6.1: apparmor: compute xmatch permissions on profile
load
- SAUCE: apparmor-next 6.1: apparmor: move fperm computation into
policy_unpack
- SAUCE: apparmor-next 6.1: apparmor: rework and cleanup fperm computation
- SAUCE: apparmor-next 6.1: apparmor: convert xmatch to use aa_perms structure
- SAUCE: apparmor-next 6.1: apparmor: compute policydb permission on profile
load
- SAUCE: apparmor-next 6.1: apparmor: combine file_rules and aa_policydb into
a single shared struct
- SAUCE: apparmor-next 6.1: apparmor: convert xmatch to using the new shared
policydb struct
- SAUCE: apparmor-next 6.1: apparmor: convert fperm lookup to use accept as an
index
- SAUCE: apparmor-next 6.1: apparmor: convert xmatch lookup to use accept as
an index
- SAUCE: apparmor-next 6.1: apparmor: cleanup shared permission struct
- SAUCE: apparmor-next 6.1: apparmor: convert policy lookup to use accept as
an index
- SAUCE: apparmor-next 6.1: apparmor: preparse for state being more than just
an integer
- SAUCE: apparmor-next 6.1: apparmor: Fix abi check to include v8 abi
- SAUCE: apparmor-next 6.1: apparmor: fix apparmor mediating locking non-fs
unix sockets
- SAUCE: apparmor-next 6.1: apparmor: extend policydb permission set by making
use of the xbits
- SAUCE: apparmor-next 6.1: apparmor: move dfa perm macros into policy_unpack
- SAUCE: apparmor-next 6.1: apparmor: extend xindex size
- SAUCE: apparmor-next 6.1: apparmor: isolate policy backwards compatibility
to its own file
- SAUCE: apparmor-next 6.1: apparmor: extend permissions to support a label
and tag string
- SAUCE: apparmor-next 6.1: apparmor: add mediation class information to
auditing
- SAUCE: apparmor-next 6.1: apparmor: add user mode flag
- SAUCE: apparmor-next 6.1: apparmor: make transition table unpack generic so
it can be reused
- SAUCE: apparmor-next 6.1: apparmor: group dfa policydb unpacking
- SAUCE: apparmor-next 6.1: apparmor: make unpack_array return a trianary
value
- SAUCE: apparmor-next 6.1: apparmor: add the ability for policy to specify a
permission table
- SAUCE: apparmor-next 6.1: apparmor: verify permission table indexes
- SAUCE: apparmor-next 6.1: apparmor: make sure perm indexes are accumulated
- SAUCE: apparmor-next 6.1: apparmor: cleanup: move perm accumulation into
perms.h
- SAUCE: apparmor-next 6.1: apparmor: verify loaded permission bits masks
don't overlap
- SAUCE: apparmor-next 6.1: apparmor: refactor profile rules and attachments
- SAUCE: apparmor-next 6.1: apparmor: rework profile->rules to be a list
- SAUCE: apparmor-next 6.1: apparmor: fix aa_class_names[] to match reserved
classes
- SAUCE: apparmor-next 6.1: apparmor: Fix regression in stacking due to label
flags
- SAUCE: apparmor-next 6.1: apparmor: Simplify obtain the newest label on a
cred
- SAUCE: apparmor-next 6.1: apparmor: make __aa_path_perm() static
- SAUCE: apparmor-next 6.1: apparmor: Fix doc comment for compute_fperms
- SAUCE: apparmor-next 6.1: apparmor: Remove unnecessary size check when
unpacking trans_table
- SAUCE: apparmor-next 6.1: apparmor: make sure the decompression ctx is
promperly initialized
- SAUCE: apparmor: add/use fns to print hash string hex value
- SAUCE: apparmor: patch to provide compatibility with v2.x net rules
- SAUCE: Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: make
__aa_path_perm() static"
- SAUCE: apparmor: af_unix mediation
- SAUCE: fix shutdown unix socket owner conditional check
- SAUCE: apparmor: rename aa_sock() to aa_unix_sk()
- SAUCE: apparmor: Add fine grained mediation of posix mqueues
- SAUCE: apparmor: LSM stacking: switch from SK_CTX() to aa_sock()
- SAUCE: lsm stacking v37: integrity: disassociate ima_filter_rule from
security_audit_rule
- SAUCE: lsm stacking v37: LSM: Infrastructure management of the sock security
- SAUCE: lsm stacking v37: LSM: Add the lsmblob data structure.
- SAUCE: lsm stacking v37: LSM: provide lsm name and id slot mappings
- SAUCE: lsm stacking v37: IMA: avoid label collisions with stacked LSMs
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_audit_rule_match
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_kernel_act_as
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_secctx_to_secid
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_secid_to_secctx
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_ipc_getsecid
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_current_getsecid
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_inode_getsecid
- SAUCE: lsm stacking v37: LSM: Use lsmblob in security_cred_getsecid
- SAUCE: lsm stacking v37: LSM: Specify which LSM to display
- SAUCE: fixup lsm stacking v37: LSM: Specify which LSM to display
- SAUCE: lsm stacking v37: LSM: Ensure the correct LSM context releaser
- SAUCE: lsm stacking v37: LSM: Use lsmcontext in security_secid_to_secctx
- SAUCE: lsm stacking v37: LSM: Use lsmcontext in security_inode_getsecctx
- SAUCE: lsm stacking v37: LSM: Use lsmcontext in
security_dentry_init_security
- SAUCE: lsm stacking v37: LSM: security_secid_to_secctx in netlink netfilter
- SAUCE: lsm stacking v37: NET: Store LSM netlabel data in a lsmblob
- SAUCE: lsm stacking v37: binder: Pass LSM identifier for confirmation
- SAUCE: lsm stacking v37: LSM: security_secid_to_secctx module selection
- SAUCE: lsm stacking v37: Audit: Keep multiple LSM data in audit_names
- SAUCE: lsm stacking v37: Audit: Create audit_stamp structure
- SAUCE: lsm stacking v37: LSM: Add a function to report multiple LSMs
- SAUCE: lsm stacking v37: Audit: Allow multiple records in an audit_buffer
- SAUCE: lsm stacking v37: Audit: Add record for multiple task security
contexts
- SAUCE: lsm stacking v37: audit: multiple subject lsm values for netlabel
- SAUCE: lsm stacking v37: Audit: Add record for multiple object contexts
- SAUCE: lsm stacking v37: netlabel: Use a struct lsmblob in audit data
- SAUCE: lsm stacking v37: LSM: Removed scaffolding function lsmcontext_init
- SAUCE: lsm stacking v37: LSM: Add /proc attr entry for full LSM context
- SAUCE: lsm stacking v37: AppArmor: Remove the exclusive flag
- SAUCE: security, lsm: Introduce security_create_user_ns()
- SAUCE: bpf-lsm: Make bpf_lsm_userns_create() sleepable
- SAUCE: selinux: Implement userns_create hook
- SAUCE: apparmor: add user namespace creation mediation
- [Config] update configs after apply new apparmor patch set
* kinetic: apply new apparmor and LSM stacking patch set (LP: #1989983) //
5.19.0-17.17: kernel NULL pointer dereference, address: 0000000000000084
(LP: #1990236)
- SAUCE: apparmor: fix oops in unix owner conditional setup
* Miscellaneous Ubuntu changes
- [Config] make sure CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is enforced
Date: 2022-10-12 10:15:08.588848+00:00
Changed-By: Dimitri John Ledkov <dimitri.ledkov+lp at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-allwinner/5.19.0-1001.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list