Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2020:3798-1
Rating:	important
References:	bsc#1050242 bsc#1050536 bsc#1050545 bsc#1050549 bsc#1056653 bsc#1056657 bsc#1056787 bsc#1064802 bsc#1066129 bsc#1067665 bsc#1103990 bsc#1103992 bsc#1104389 bsc#1104393 bsc#1109837 bsc#1110096 bsc#1111666 bsc#1112178 bsc#1112374 bsc#1118657 bsc#1122971 bsc#1136460 bsc#1136461 bsc#1139944 bsc#1158775 bsc#1170139 bsc#1170630 bsc#1172542 bsc#1172694 bsc#1174726 bsc#1174852 bsc#1175916 bsc#1176109 bsc#1176558 bsc#1176559 bsc#1176956 bsc#1177304 bsc#1177397 bsc#1177666 bsc#1177805 bsc#1177808 bsc#1177819 bsc#1177820 bsc#1178182 bsc#1178270 bsc#1178589 bsc#1178590 bsc#1178634 bsc#1178635 bsc#1178669 bsc#1178853 bsc#1178854 bsc#1178878 bsc#1178886 bsc#1178897 bsc#1178940 bsc#1178962 bsc#1179107 bsc#1179140 bsc#1179141 bsc#1179204 bsc#1179211 bsc#1179213 bsc#1179259 bsc#1179403 bsc#1179406 bsc#1179418 bsc#1179419 bsc#1179421 bsc#1179424 bsc#1179426 bsc#1179427 bsc#1179429 bsc#1179520 bsc#1179578 bsc#1179601 bsc#1179616 bsc#1179663 bsc#1179666 bsc#1179670 bsc#1179671 bsc#1179672 bsc#1179673 bsc#1179711 bsc#1179713 bsc#1179714 bsc#1179715 bsc#1179716 bsc#1179722 bsc#1179723 bsc#1179724
Cross-References:	CVE-2018-20669 CVE-2019-20934 CVE-2020-15436 CVE-2020-15437 CVE-2020-25669 CVE-2020-27777 CVE-2020-27786 CVE-2020-28915 CVE-2020-28974 CVE-2020-29371 CVE-2020-4788
CVSS scores:	CVE-2018-20669 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2018-20669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2018-20669 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-20934 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-20934 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2020-15436 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-15436 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-15437 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-15437 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2020-25669 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-27777 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-27777 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-27786 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-27786 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28915 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2020-28915 ( NVD ): 5.8 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H CVE-2020-28974 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2020-28974 ( NVD ): 5.0 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H CVE-2020-29371 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2020-29371 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2020-4788 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-4788 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:	SUSE Linux Enterprise Real Time 15 SP1 SUSE Real Time Module 15-SP1

An update that solves 11 vulnerabilities and has 80 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15-SP1 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2018-20669: Fixed an improper check i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c (bsc#1122971).
CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA fault statistics were inappropriately freed, aka CID-16d51a590a8c (bsc#1179663).
CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
CVE-2020-27786: Fixed a use after free in kernel midi subsystem snd_rawmidi_kernel_read1() (bsc#1179601).
CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095 (bsc#1178589).
CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).
CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666).

The following non-security bugs were fixed:

ACPI: GED: fix -Wformat (git-fixes).
ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).
ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (git-fixes).
ALSA: hda/realtek - Add new codec supported for ALC897 (git-fixes).
ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (git-fixes).
ALSA: mixart: Fix mutex deadlock (git-fixes).
ALSA: usb-audio: US16x08: fix value count for level meters (git-fixes).
arm64: KVM: Fix system register enumeration (bsc#1174726).
arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
ath10k: Acquire tx_lock in tx error paths (git-fixes).
Avoid a GCC warning about "/*" within a comment.
batman-adv: set .owner to THIS_MODULE (git-fixes).
Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes).
Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
bnxt_en: Fix race when modifying pause settings (bsc#1050242 ).
bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (bsc#1050242).
btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).
btrfs: account ticket size at add/delete time (bsc#1178897).
btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897).
btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
btrfs: do not delete mismatched root refs (bsc#1178962).
btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
btrfs: fix invalid removal of root ref (bsc#1178962).
btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897).
btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
btrfs: qgroup: do not commit transaction when we already hold the handle (bsc#1178634).
btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
btrfs: split dev-replace locking helpers for read and write (bsc#1178897).
can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).
can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).
can: dev: can_restart(): post buffer from the right context (git-fixes).
can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).
can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).
can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
ceph: add check_session_state() helper and make it global (bsc#1179259).
ceph: check session state after bumping session->s_seq (bsc#1179259).
ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956).
cifs: fix check of tcon dfs in smb1 (bsc#1178270).
cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944).
cifs: remove bogus debug code (bsc#1179427).
cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
Convert trailing spaces and periods in path components (bsc#1179424).
coredump: fix core_pattern parse error (git-fixes).
cxgb4: Fix offset when clearing filter byte counters (bsc#1064802 bsc#1066129).
docs: ABI: stable: remove a duplicated documentation (git-fixes).
docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
Drivers: hv: vmbus: Remove the unused "tsc_page" from struct hv_context (git-fixes).
drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).
drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes).
efi: cper: Fix possible out-of-bounds access (git-fixes).
efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes).
efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).
efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
efivarfs: fix memory leak in efivarfs_create() (git-fixes).
efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes).
efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
efi/x86: Ignore the memory attributes table on i386 (git-fixes).
efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672).
ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).
ext4: fix error handling code in add_new_gdb (bsc#1179722).
ext4: fix invalid inode checksum (bsc#1179723).
ext4: fix leaking sysfs kobject after failed mount (bsc#1179670).
ext4: limit entries returned when counting fsmap records (bsc#1179671).
ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673).
fs: Do not invalidate page buffers in block_write_full_page() (bsc#1179711).
fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549).
fuse: fix page dereference after free (bsc#1179213).
futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665).
futex: Handle transient "ownerless" rtmutex state correctly (bsc#1067665).
hv_balloon: disable warning when floor reached (git-fixes).
hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820).
hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854).
hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (git-fixes).
i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)
i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)
i40iw: Report correct firmware version (bsc#1111666)
IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)
IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666)
IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)
IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
IB/hfi1: Handle port down properly in pio (bsc#1111666)
IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666)
IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666)
IB/hfi1: Remove unused define (bsc#1111666)
IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)
IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
IB/iser: Fix dma_nents type definition (bsc#1111666)
IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666)
IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
IB/mlx4: Add and improve logging (bsc#1111666)
IB/mlx4: Add support for MRA (bsc#1111666)
IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)
IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666)
IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)
IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666)
IB/mlx4: Remove unneeded NULL check (bsc#1111666)
IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)
IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
IB/mlx5: Do not override existing ip_protocol (bsc#1111666)
IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
IB/mlx5: Fix implicit MR release flow (bsc#1111666)
IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666)
IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
IB/mlx5: Improve ODP debugging messages (bsc#1111666)
IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666)
IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666)
IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666)
IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)
IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
IB/qib: Remove a set-but-not-used variable (bsc#1111666)
IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
IB/rdmavt: Fix sizeof mismatch (bsc#1111666)
IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
IB/rxe: Make counters thread safe (bsc#1111666)
IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)
IB/umad: Avoid additional device reference during open()/close() (bsc#1111666)
IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
igc: Fix returning wrong statistics (bsc#1118657).
iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).
inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes).
Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
Input: i8042 - fix error return code in i8042_setup_aux() (git-fixes).
iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
kABI fix for g2d (git-fixes).
kABI workaround for usermodehelper changes (bsc#1179406).
kgdb: Fix spurious true from in_dbg_master() (git-fixes).
KVM: arm64: Add missing #include of -<linux/string.h> in guest.c (bsc#1174726).
KVM: arm64: Factor out core register ID enumeration (bsc#1174726).
KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726).
KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726).
KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726).
KVM host: kabi fixes for psci_version (bsc#1174726).
libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549).
locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549).
locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
mac80211: always wind down STA state (git-fixes).
mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
mac80211: minstrel: fix tx status processing corner case (git-fixes).
mac80211: minstrel: remove deferred sampling code (git-fixes).
media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
media: s5p-g2d: Fix a memory leak in an error handling path in 'g2d_probe()' (git-fixes).
media: uvcvideo: Set media controller entity functions (git-fixes).
media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).
mlxsw: core: Fix memory leak on module removal (bsc#1112374).
mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178).
mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204).
net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990 ).
net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
net: ena: Change license into format to SPDX in all files (bsc#1177397).
net: ena: Change log message to netif/dev function (bsc#1177397).
net: ena: Change RSS related macros and variables names (bsc#1177397).
net: ena: ethtool: Add new device statistics (bsc#1177397).
net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
net: ena: Fix all static chekers' warnings (bsc#1177397).
net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
net: ena: handle bad request id in ena_netdev (git-fixes).
net: ena: Remove redundant print of placement policy (bsc#1177397).
net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
net/mlx4_core: Fix init_hca fields offset (git-fixes).
net: qede: fix PTP initialization on recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
net: qede: fix use-after-free on recovery and AER handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
net: qed: fix async event callbacks unregistering (bsc#1104393 bsc#1104389).
net: qed: fix "maybe uninitialized" warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
net_sched: fix a memory leak in atm_tc_init() (bsc#1056657 bsc#1056653 bsc#1056787).
net/smc: fix valid DMBE buffer sizes (git-fixes).
net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() (bsc#1110096).
net/tls: Fix kmap usage (bsc#1109837).
net/tls: missing received data after fast remote close (bsc#1109837).
net/x25: prevent a couple of overflows (bsc#1178590).
nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
nfp: use correct define to return NONE fec (bsc#1109837).
NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630).
ocfs2: initialize ip_next_orphan (bsc#1179724).
PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
pinctrl: aspeed: Fix GPI only function problem (git-fixes).
platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/perf: Fix crash with is_sier_available when pmu is not set (bsc#1179578 ltc#189313).
powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536 bsc#1050545).
qed: suppress "do not support RoCE & iWARP" flooding on HW init (bsc#1050536 bsc#1050545).
qed: suppress false-positives interrupt error messages on HW init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).
RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)
RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666)
RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)
RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666)
RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666)
RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)
RDMA/cma: Fix false error message (bsc#1111666)
RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)
RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)
RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)
RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666)
RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
RDMA/core: Fix race between destroy and release FD object (bsc#1111666)
RDMA/core: Fix race when resolving IP address (bsc#1111666)
RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)
RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666)
RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)
RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
RDMA/hns: Set the unsupported wr opcode (bsc#1111666)
RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)
RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)
RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)
RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)
RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)
RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)
RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666)
RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666)
RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666)
RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
RDMA/mlx5: Return proper error value (bsc#1111666)
RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)
RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)
RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666)
RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)
RDMA/qedr: Endianness warnings cleanup (bsc#1111666)
RDMA/qedr: Fix doorbell setting (bsc#1111666)
RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 (bsc#1050545).
RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545 ).
RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
RDMA/qedr: Fix reported firmware version (bsc#1111666)
RDMA/qedr: Fix use of uninitialized field (bsc#1111666)
RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
RDMA/qedr: SRQ's bug fixes (bsc#1111666)
RDMA/qib: Delete extra line (bsc#1111666)
RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666)
RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)
RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#