[ubuntu/resolute-proposed] linux-nvidia-bos 7.0.0-2008.8 (Accepted)
Andy Whitcroft
apw at canonical.com
Thu May 28 16:10:21 UTC 2026
linux-nvidia-bos (7.0.0-2008.8) resolute; urgency=medium
* resolute/linux-nvidia-bos: 7.0.0-2007.7 -proposed tracker (LP: #2153497)
* GRO managed-frag use-after-free leading to local privilege escalation
(LP: #2154172)
- net: gro: don't merge zcopy skbs
* apparmor (LP: #2151747)
- SAUCE: apparmor: pass big_resp to handler
- SAUCE: apparmor: remove redundant kref_init for listener->count
- SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb
* apparmor (LP: #2151747) // CVE-2026-47337
- SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr
* apparmor (LP: #2151747) // CVE-2026-47334
- SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock
* apparmor (LP: #2151747) // CVE-2026-47333
- SAUCE: apparmor: fix dfa unpacking size of the notification filter
* apparmor (LP: #2151747) // CVE-2026-47332
- SAUCE: apparmor: fix size check against type instead of pointer
* apparmor: LLVM/clang build failure due to uninitialized variable in
notify.c (LP: #2148809) // CVE-2026-47330
- SAUCE: apparmor: initialize variable used in uninitialized context
* apparmor (LP: #2151747) // CVE-2026-47329
- SAUCE: apparmor: fix name validation bypass on notification
* apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328
- SAUCE: apparmor: fix glob memory leak after kstrdup
* apparmor (LP: #2151747) // CVE-2026-47326
- SAUCE: apparmor: fix inverted NULL check after aa_get_buffer
* CVE-2026-46300
- net: skbuff: preserve shared-frag marker during coalescing
- net: skbuff: propagate shared-frag marker through frag-transfer helpers
* net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)
- net/rds: reset op_nents when zerocopy page pin fails
* CVE-2026-46333
- ptrace: slightly saner 'get_dumpable()' logic
* CVE-2026-43500
- rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
- rxrpc: Fix potential UAF after skb_unshare() failure
- rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets
- rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
* CVE-2026-43284
- xfrm: esp: avoid in-place decrypt on shared skb frags
* Packaging resync (LP: #1786013)
- [Packaging] debian.nvidia-bos/dkms-versions -- update from kernel-
versions (adhoc/d2026.05.20)
* Add CXL Type-2 device support, RAS error handling, reset, state
save/restore, and interleaving support (LP: #2143032) // CXL: Backport
Type-2, state save/restore, and reset support (LP: #2153819)
- NVIDIA: VR: SAUCE: [Config] CXL config annotations for Type-2 device and
RAS support
- NVIDIA: VR: SAUCE: [Config] Enable CXL DAX and KMEM built-in for CXL
memory access
- NVIDIA: VR: SAUCE: [Config] Add PCI_CXL annotation for CXL state
save/restore
- NVIDIA: VR: SAUCE: PCI: Add CXL DVSEC control, lock, and range register
definitions
- NVIDIA: VR: SAUCE: cxl: Move HDM decoder and register map definitions to
include/cxl/cxl.h
- NVIDIA: VR: SAUCE: PCI: Add virtual extended cap save buffer for CXL
state
- NVIDIA: VR: SAUCE: PCI: Add cxl DVSEC state save/restore across resets
- NVIDIA: VR: SAUCE: PCI: Add HDM decoder state save/restore
- NVIDIA: VR: SAUCE: PCI: Add CXL DVSEC reset and capability register
definitions
- NVIDIA: VR: SAUCE: PCI: Export pci_dev_save_and_disable() and
pci_dev_restore()
- NVIDIA: VR: SAUCE: cxl: Add memory offlining and cache flush helpers
- NVIDIA: VR: SAUCE: cxl: Add multi-function sibling coordination for CXL
reset
- NVIDIA: VR: SAUCE: cxl: Add CXL DVSEC reset sequence and flow
orchestration
- NVIDIA: VR: SAUCE: cxl: Add cxl_reset sysfs interface for PCI devices
- NVIDIA: VR: SAUCE: Documentation: ABI: Add CXL PCI cxl_reset sysfs
attribute
* CXL: Backport Type-2, state save/restore, and reset support (LP: #2153819)
- cxl: support Type2 when initializing cxl_dev_state
- cxl: export internal structs for external Type2 drivers
- cxl: Move pci generic code from cxl_pci to core/cxl_pci
- cxl/pci: Remove redundant cxl_pci_find_port() call
- NVIDIA: VR: SAUCE: sfc: add cxl support
- NVIDIA: VR: SAUCE: cxl/sfc: Map cxl regs
- NVIDIA: VR: SAUCE: cxl/sfc: Initialize dpa without a mailbox
- NVIDIA: VR: SAUCE: cxl: Prepare memdev creation for type2
- NVIDIA: VR: SAUCE: sfc: create type2 cxl memdev
- NVIDIA: VR: SAUCE: cxl: attach region to an accelerator/type2 memdev
- NVIDIA: VR: SAUCE: cxl: Avoid dax creation for accelerators
- NVIDIA: VR: SAUCE: sfc: support pio mapping based on cxl
- NVIDIA: VR: SAUCE: dax/hmem: Request cxl_acpi and cxl_pci before walking
Soft Reserved ranges
- NVIDIA: VR: SAUCE: dax/hmem: Gate Soft Reserved deferral on DEV_DAX_CXL
- NVIDIA: VR: SAUCE: cxl/region: Skip decoder reset on detach for
autodiscovered regions
- NVIDIA: VR: SAUCE: dax/cxl, hmem: Initialize hmem early and defer
dax_cxl binding
- NVIDIA: VR: SAUCE: dax: Track all dax_region allocations under a global
resource tree
- NVIDIA: VR: SAUCE: cxl/region: Add helper to check Soft Reserved
containment by CXL regions
- NVIDIA: VR: SAUCE: dax: Add deferred-work helpers for dax_hmem and
dax_cxl coordination
- NVIDIA: VR: SAUCE: dax/hmem, cxl: Defer and resolve ownership of Soft
Reserved memory ranges
- NVIDIA: VR: SAUCE: dax/hmem: Reintroduce Soft Reserved ranges back into
the iomem tree
- NVIDIA: VR: SAUCE: cxl/region: Support multi-level interleaving with
smaller granularities for lower levels
- NVIDIA: SAUCE: Revert "NVIDIA: VR: SAUCE: cxl: add support for cxl
reset"
* Installer fails internally with a RSync error due to page fault
(LP: #2150640)
- NVIDIA: SAUCE: ovl: keep err zero after successful ovl_cache_get()
* Refresh series: Allow ATS to be always on for certain ATS-capable devices
(LP: #2150727)
- Revert "NVIDIA: VR: SAUCE: iommu/arm-smmu-v3: Allow ATS to be always on"
- Revert "NVIDIA: VR: SAUCE: PCI: Allow ATS to be always on for non-CXL
NVIDIA GPUs"
- Revert "NVIDIA: VR: SAUCE: PCI: Allow ATS to be always on for CXL.cache
capable devices"
- NVIDIA: VR: SAUCE: PCI: Allow ATS to be always on for CXL.cache capable
devices
- NVIDIA: VR: SAUCE: PCI: Allow ATS to be always on for pre-CXL devices
- NVIDIA: VR: SAUCE: iommu/arm-smmu-v3: Allow ATS to be always on
* Pull CPPC mailing list patches for Spark (LP: #2131705)
- ACPI: CPPC: Add cppc_get_perf() API to read performance controls
- ACPI: CPPC: Warn on missing mandatory DESIRED_PERF register
- ACPI: CPPC: Extend cppc_set_epp_perf() for FFH/SystemMemory
- cpufreq: CPPC: Update cached perf_ctrls on sysfs write
- cpufreq: cppc: Update MIN_PERF/MAX_PERF in target callbacks
- ACPI: CPPC: add APIs and sysfs interface for perf_limited
- cpufreq: CPPC: Add sysfs documentation for perf_limited
- ACPI: CPPC: Move reference performance to capabilities
- ACPI: CPPC: Fix uninitialized ref variable in cppc_get_perf_caps()
- ACPI: CPPC: Check cpc_read() return values consistently
- cpufreq: Remove max_freq_req update for pre-existing policy
- cpufreq: Add boost_freq_req QoS request
- cpufreq: Allocate QoS freq_req objects with policy
- cpufreq/amd-pstate: Cache the max frequency in cpudata
- NVIDIA: SAUCE: cpufreq: Extract cpufreq_policy_init_qos() function
- NVIDIA: SAUCE: cpufreq: Set default policy->min/max values for all
drivers
- NVIDIA: SAUCE: cpufreq: Remove driver default policy->min/max init
- NVIDIA: SAUCE: cpufreq: Use policy->min/max init as QoS request
- NVIDIA: SAUCE: cpufreq: CPPC: add autonomous mode boot parameter support
* Backport Vera PMU support (LP: #2149756)
- Revert "NVIDIA: VR: SAUCE: perf vendor events arm64: Add Tegra410
Olympus PMU events"
- Revert "NVIDIA: VR: SAUCE: perf: add NVIDIA Tegra410 C2C PMU"
- Revert "NVIDIA: VR: SAUCE: perf: add NVIDIA Tegra410 CPU Memory Latency
PMU"
- Revert "NVIDIA: VR: SAUCE: perf/arm_cspmu: nvidia: Add Tegra410 PCIE-TGT
PMU"
- Revert "NVIDIA: VR: SAUCE: perf/arm_cspmu: nvidia: Add Tegra410 PCIE
PMU"
- Revert "NVIDIA: VR: SAUCE: perf/arm_cspmu: Add arm_cspmu_acpi_dev_get"
- Revert "NVIDIA: VR: SAUCE: perf/arm_cspmu: nvidia: Add Tegra410 UCF PMU"
- Revert "NVIDIA: VR: SAUCE: perf/arm_cspmu: nvidia: Rename doc to
Tegra241"
- perf/arm_cspmu: nvidia: Rename doc to Tegra241
- perf/arm_cspmu: nvidia: Add Tegra410 UCF PMU
- perf/arm_cspmu: Add arm_cspmu_acpi_dev_get
- perf/arm_cspmu: nvidia: Add Tegra410 PCIE PMU
- perf/arm_cspmu: nvidia: Add Tegra410 PCIE-TGT PMU
- perf: add NVIDIA Tegra410 CPU Memory Latency PMU
- perf: add NVIDIA Tegra410 C2C PMU
- perf vendor events arm64: Add Tegra410 Olympus PMU events
- NVIDIA: VR: SAUCE: perf/arm_pmu: Skip PMCCNTR_EL0 on NVIDIA Olympus
* Backport lan743x driver patches (LP: #2152064)
- net: microchip: lan743x: add ethtool nway_reset support
- net: lan743x: fix SGMII detection on PCI1xxxx B0+ during warm reset
- net: lan743x: rename chip_rev to fpga_rev
* Backport SMT-aware asymmetric CPU capacity idle selection (LP: #2150671)
- NVIDIA: VR: SAUCE: sched/fair: Attach sched_domain_shared to
sd_asym_cpucapacity
- NVIDIA: VR: SAUCE: sched/fair: Prefer fully-idle SMT cores in asym-
capacity idle selection
- NVIDIA: VR: SAUCE: sched/fair: Reject misfit pulls onto busy SMT
siblings on asym-capacity
- NVIDIA: VR: SAUCE: sched/fair: Add SIS_UTIL support to
select_idle_capacity()
* Forward-port of the full Arm Live Firmware Activation (LFA) v2 series
(LP: #2150652)
- Revert "NVIDIA: VR: SAUCE: firmware: smccc: register as platform driver"
- Revert "NVIDIA: VR: SAUCE: firmware: smccc: add timeout, touch wdt"
- Revert "NVIDIA: VR: SAUCE: firmware: smccc: add support for Live
Firmware Activation (LFA)"
- NVIDIA: VR: SAUCE: dt-bindings: arm: Add Live Firmware Activation
binding
- NVIDIA: VR: SAUCE: firmware: smccc: Add support for Live Firmware
Activation (LFA)
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Move image rescanning
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Add timeout and trigger
watchdog
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Register ACPI notification
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Add auto_activate sysfs file
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Register DT interrupt
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: introduce SMC access lock
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: handle LFA_BUSY in PRIME and
ACTIVATE
- NVIDIA: VR: SAUCE: firmware: smccc: lfa: Emit a uevent on inventory
updates
* Introduce a sharded cache affinity scope (LP: #2150467)
- workqueue: fix parse_affn_scope() prefix matching bug
- workqueue: fix typo in WQ_AFFN_SMT comment
- workqueue: add WQ_AFFN_CACHE_SHARD affinity scope
- workqueue: set WQ_AFFN_CACHE_SHARD as the default affinity scope
- tools/workqueue: add CACHE_SHARD support to wq_dump.py
- workqueue: add test_workqueue benchmark module
- docs: workqueue: document WQ_AFFN_CACHE_SHARD affinity scope
- workqueue: avoid unguarded 64-bit division
- workqueue: validate cpumask_first() result in
llc_populate_cpu_shard_id()
- [Config] nvidia: Defaults for CONFIG_TEST_WORKQUEUE
* UBUNTU: [Config] nvidia: Disable default CMA reservation (LP: #2150898)
- [Config] nvidia: Disable default CMA reservation
* Backport Use device ID range for DGX Spark iGPU (LP: #2150487)
- NVIDIA: SAUCE: iommu/arm-smmu-v3: Use device ID range for DGX Spark iGPU
iommu quirk
* Backport NVIDIA: SAUCE: iommu/arm-smmu-v3: Use identity domain for ASPEED
BMC devices (LP: #2150470)
- NVIDIA: SAUCE: iommu/arm-smmu-v3: Use identity domain for ASPEED BMC
devices
* Update GDS/NVMe SAUCE for v6.17 (LP: #2134960) // [linux-nvidia-7.0]:
Forward-port GDS/NVFS content (LP: #2150289)
- NVIDIA: SAUCE: Patch NVMe/NVMeoF driver to support GDS on Linux 7.0
Kernel
* Backport Set LED_HW_PLUGGABLE for NPEM and fix class init ordering issue
of CXL/fwctl (LP: #2149918)
- PCI/NPEM: Set LED_HW_PLUGGABLE for hotplug-capable ports
- fwctl: Fix class init ordering to avoid NULL pointer dereference on
device removal
* gpio: tegra186: Simplify GPIO line name prefix and support multi-socket
devices (LP: #2148664)
- gpio: tegra186: Simplify GPIO line name prefix handling
- gpio: tegra186: Support multi-socket devices
- Revert "NVIDIA: SAUCE: serial: 8250_mtk: Add ACPI support"
- NVIDIA: SAUCE: MEDIATEK: serial: 8250_mtk: Add ACPI support
* fix r8169 vs r8127 contention for Spark (LP: #2144345)
- NVIDIA: SAUCE: r8169: remove PCI IDs claimed by r8127 driver
* Backport of the vfio/nvgrace-gpu Blackwell-Next GPU readiness check (v3)
from LKML to 26.04_linux-nvidia. (LP: #2148701)
- NVIDIA: SAUCE: vfio/nvgrace-gpu: Add Blackwell-Next GPU readiness check
via CXL DVSEC
[ Ubuntu: 7.0.0-15.15 ]
* resolute/linux: 7.0.0-15.15 -proposed tracker (LP: #2148866)
* Qualcomm X1E: Speaker overdrive causes hardware protection shutdown
(LP: #2149808)
- SAUCE: ASoC: qcom: x1e80100: limit speaker volumes
* intel-ipu7 / intel-ipu7-isys modules are shipped unsigned in latest
Resolute kernels, breaking Secure Boot systems (LP: #2148718)
- [packaging] add intel-ipu7 to signature inclusion list
Date: 2026-05-27 22:40:09.922167+00:00
Changed-By: Jacob Martin <jacob.martin at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-nvidia-bos/7.0.0-2008.8
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list