bpftool-debuginfo-4.19.90-2405.5.0.0251.oe1 >  A fViW^^frqp ׽>?`4_*(7S 1w_̪rFaӥqX t E̐?A0>p<|?ld . T$(Rgm     , 0@ThC(_8hd9d:dFlGHIXY\]^Bbcdefltu(v8z  &hCbpftool-debuginfo4.19.902405.5.0.0251.oe1Debug information for package bpftoolThis package provides debug information for package bpftool. Debug information is useful when developing applications that use this package or when debugging this package.fVobs-worker-backend-test-0001>popenEuler:20.03:LTS:SP1 / standard_x86_64http://openeuler.orgGPLv2http://openeuler.orgDevelopment/Debughttp://www.kernel.org/linuxx86_64>pAAA$fVfVfVfVef02bf3f02e8835a40df26801de6cafb7f843b6a7a0cb987ccbb3c4f07fbf233rootrootrootrootrootrootrootrootkernel-4.19.90-2405.5.0.0251.oe1.src.rpmbpftool-debuginfobpftool-debuginfo(x86-64)    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.15.1fWfM@fDf:f(@ff-f @ee@eZeeeee@eoe5@eeeexK@eoede\eSa@eKx@e@@e7e/e&@ev@e e@d@dd@dhd.@dd@d~ddd@ddZ@ddw6dm@d_{dZ5dI@d?d5Kd,@d&@d$(@d@dadxcc@cwc=@cc@cc@cci@c.c@c|cs@cjDcb[cZrcWcN@cEZc2c)@c#c!@cc @cob5@bL@bbޅbK@bb'bba@b&b@b@Zhang Changzhong - 4.19.90-2405.5.0.0251Zhang Changzhong - 4.19.90-2405.4.0.0250Zhang Changzhong - 4.19.90-2405.3.0.0249Zhang Changzhong - 4.19.90-2405.1.0.0248Zhang Changzhong - 4.19.90-2404.3.0.0247Zhang Changzhong - 4.19.90-2404.2.0.0246Zhang Changzhong - 4.19.90-2404.1.0.0245Zhang Changzhong - 4.19.90-2403.4.0.0244Zhang Changzhong - 4.19.90-2403.3.0.0243Zhang Changzhong - 4.19.90-2403.2.0.0242Zhang Changzhong - 4.19.90-2403.1.0.0241Zhang Changzhong - 4.19.90-2402.6.0.0240Zhang Changzhong - 4.19.90-2402.5.0.0239Zhang Changzhong - 4.19.90-2402.4.0.0238Zhang Changzhong - 4.19.90-2402.1.0.0237Zhang Changzhong - 4.19.90-2401.5.0.0236Zhang Changzhong - 4.19.90-2401.4.0.0235Zhang Changzhong - 4.19.90-2401.3.0.0234Zhang Changzhong - 4.19.90-2401.1.0.0233Zhang Changzhong - 4.19.90-2312.6.0.0232Zhang Changzhong - 4.19.90-2312.4.0.0231Zhang Changzhong - 4.19.90-2312.3.0.0230Zhang Changzhong - 4.19.90-2312.1.0.0229Zhang Changzhong - 4.19.90-2311.5.0.0228Zhang Changzhong - 4.19.90-2311.4.0.0227Zhang Changzhong - 4.19.90-2311.3.0.0226Zhang Changzhong - 4.19.90-2311.2.0.0225Zhang Changzhong - 4.19.90-2311.1.0.0224Zhang Changzhong - 4.19.90-2310.4.0.0223Zhang Changzhong - 4.19.90-2310.3.0.0222Zhang Changzhong - 4.19.90-2310.2.0.0221Zhang Changzhong - 4.19.90-2309.5.0.0220Zhang Changzhong - 4.19.90-2309.4.0.0219Zhang Changzhong - 4.19.90-2309.3.0.0218Zhang Changzhong - 4.19.90-2309.1.0.0217Zhang Changzhong - 4.19.90-2308.5.0.0216Zhang Changzhong - 4.19.90-2308.4.0.0215Zhang Changzhong - 4.19.90-2308.3.0.0214Zhang Changzhong - 4.19.90-2308.2.0.0213Zhang Changzhong - 4.19.90-2308.1.0.0212Zhang Changzhong - 4.19.90-2307.5.0.0211Zhang Changzhong - 4.19.90-2307.4.0.0210Zhang Changzhong - 4.19.90-2307.3.0.0209Zhang Changzhong - 4.19.90-2306.7.0.0208Zhang Changzhong - 4.19.90-2306.5.0.0207Zhang Changzhong - 4.19.90-2306.4.0.0206Zhang Changzhong - 4.19.90-2306.3.0.0205Zhang Changzhong - 4.19.90-2306.1.0.0204Zhang Changzhong - 4.19.90-2305.4.0.0203Zhang Changzhong - 4.19.90-2305.3.0.0202Zhang Changzhong - 4.19.90-2305.2.0.0201Zhang Changzhong - 4.19.90-2305.1.0.0200Zhang Changzhong - 4.19.90-2304.5.0.0199Zhang Changzhong - 4.19.90-2304.4.0.0198Zhang Changzhong - 4.19.90-2304.3.0.0197Zhang Changzhong - 4.19.90-2304.1.0.0196Zhang Changzhong - 4.19.90-2303.6.0.0195Zhang Changzhong - 4.19.90-2303.5.0.0194Zhang Changzhong - 4.19.90-2303.4.0.0193Zhang Changzhong - 4.19.90-2303.3.0.0192Zhang Changzhong - 4.19.90-2303.1.0.0191Laibin Qiu - 4.19.90-2302.5.0.0190Laibin Qiu - 4.19.90-2302.4.0.0189Laibin Qiu - 4.19.90-2302.3.0.0188Laibin Qiu - 4.19.90-2302.1.0.0187Laibin Qiu - 4.19.90-2301.6.0.0186Zheng Zengkai - 4.19.90-2301.5.0.0185Laibin Qiu - 4.19.90-2301.3.0.0184Laibin Qiu - 4.19.90-2212.4.0.0183Laibin Qiu - 4.19.90-2212.3.0.0182Laibin Qiu - 4.19.90-2212.2.0.0181Laibin Qiu - 4.19.90-2212.1.0.0180Laibin Qiu - 4.19.90-2211.6.0.0179Laibin Qiu - 4.19.90-2211.5.0.0178Laibin Qiu - 4.19.90-2211.4.0.0177Laibin Qiu - 4.19.90-2211.2.0.0176Laibin Qiu - 4.19.90-2211.1.0.0175Laibin Qiu - 4.19.90-2210.5.0.0174Laibin Qiu - 4.19.90-2210.4.0.0173Laibin Qiu - 4.19.90-2210.3.0.0172Laibin Qiu - 4.19.90-2210.1.0.0171Laibin Qiu - 4.19.90-2209.6.0.0170Laibin Qiu - 4.19.90-2209.5.0.0169Laibin Qiu - 4.19.90-2209.4.0.0168Laibin Qiu - 4.19.90-2209.3.0.0167Laibin Qiu - 4.19.90-2209.1.0.0166Laibin Qiu - 4.19.90-2208.6.0.0165Laibin Qiu - 4.19.90-2208.5.0.0164Laibin Qiu - 4.19.90-2208.4.0.0163Laibin Qiu - 4.19.90-2208.2.0.0162Laibin Qiu - 4.19.90-2208.1.0.0161Laibin Qiu - 4.19.90-2207.4.0.0160Laibin Qiu - 4.19.90-2207.3.0.0159Laibin Qiu - 4.19.90-2207.2.0.0158Laibin Qiu - 4.19.90-2207.1.0.0157Laibin Qiu - 4.19.90-2206.4.0.0156Laibin Qiu - 4.19.90-2206.3.0.0155Laibin Qiu - 4.19.90-2206.2.0.0154Laibin Qiu - 4.19.90-2206.1.0.0153Laibin Qiu - 4.19.90-2205.6.0.0152- !8066 drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 - !8038 CVE-2023-52817 - !8106 usb: dwc3: ep0: fix NULL pointer exception - !8059 soc: fsl: qbman: Always disable interrupts when taking cgr_lock - !8017 perf/core: Bail out early if the request AUX area is out of bound - !8064 isdn: mISDN: netjet: Fix crash in nj_probe: - !8049 xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING - usb: dwc3: ep0: fix NULL pointer exception - !8055 drm/client: Fully protect modes[ - !8000 v2 net/tls: Fix flipped sign in tls_err_abort() calls - !8032 netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 - isdn: mISDN: netjet: Fix crash in nj_probe: - !8056 scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() - !7999 HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up - soc: fsl: qbman: Always disable interrupts when taking cgr_lock - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() - drm/client: Fully protect modes[] with dev->mode_config.mutex - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING - !7817 netfilter: nft_flow_offload: reset dst in route object after setting up flow - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() - !7965 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - !7951 sched/rt: Fix rt_runtime leaks with cpu hotplug and RT_RUNTIME_SHARE - perf/core: Bail out early if the request AUX area is out of bound - !7981 Fix CVE-2021-47455 - !7901 f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances - !7700 scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() - !7682 dm snapshot: fix lockup in dm_exception_table_exit - !7867 media: bttv: fix use after free error due to btv->timeout timer - !7421 x86/CPU/AMD: Update the Zenbleed microcode revisions - !7415 cpu/SMT: Make SMT control more robust against enumeration failures - !7451 v2 ip: Treat IPv4 segment's lowest address as unicast - !7393 v2 scsi: sr: Do not leak information in ioctl - !7971 fbmon: prevent division by zero in fb_videomode_from_videomode() - net/tls: Fix flipped sign in tls_err_abort() calls - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up - !7963 ipv6: Fix infinite recursion in fib6_dump_done(). - !7979 drm/radeon: fix a possible null pointer dereference - ptp: fix code indentation issues - ptp: Fix possible memory leak in ptp_clock_register() - drm/radeon: fix a possible null pointer dereference - fbmon: prevent division by zero in fb_videomode_from_videomode() - !7944 v2 netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - ipv6: Fix infinite recursion in fib6_dump_done(). - sched/rt: Fix rt_runtime leaks with cpu hotplug and RT_RUNTIME_SHARE - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries - !7811 Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() - !7892 CVE-2023-52868 - !7910 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs - !7851 netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances - thermal: core: prevent potential string overflow - !7854 net/mlx5e: fix a double-free in arfs_create_groups - !7794 v2 Fix CVE-2023-52656 - media: bttv: fix use after free error due to btv->timeout timer - !7840 netrom: Fix a data-race around sysctl_netrom_transport_timeout - net/mlx5e: fix a double-free in arfs_create_groups - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser - !7770 drm/amd/pm: fix a double-free in si_dpm_init - netrom: Fix a data-race around sysctl_netrom_transport_timeout - !7589 irqchip/gic-v3-its: Prevent double free on error - !7713 CVE-2024-35936 - !7751 Fix CVE-2023-52698 - netfilter: nft_flow_offload: reset dst in route object after setting up flow - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() - io_uring: drop any code related to SCM_RIGHTS - io_uring/unix: drop usage of io_uring socket - !7742 netrom: Fix data-races around sysctl_net_busy_read - !7748 drm/radeon: possible buffer overflow - drm/amd/pm: fix a double-free in si_dpm_init - calipso: fix memory leak in netlbl_calipso_add_pass() - netlabel: remove unused parameter in netlbl_netlink_auditinfo() - net: netlabel: Fix kerneldoc warnings - drm/radeon: possible buffer overflow - netrom: Fix data-races around sysctl_net_busy_read - !7669 btrfs: send: handle path ref underflow in header iterate_inode_ref() - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() - dm snapshot: fix lockup in dm_exception_table_exit - btrfs: send: handle path ref underflow in header iterate_inode_ref() - irqchip/gic-v3-its: Prevent double free on error - ip: Treat IPv4 segment's lowest address as unicast - x86/CPU/AMD: Update the Zenbleed microcode revisions - cpu/SMT: Make SMT control more robust against enumeration failures - scsi: sr: Do not leak information in ioctl- !7694 Bluetooth: af_bluetooth: Fix deadlock - !7701 ext4: fix corruption during on-line resize - !7676 sched/all: Change all BUG_ON() instances in the scheduler to WARN_ON_ONCE() - ext4: fix corruption during on-line resize - Bluetooth: af_bluetooth: Fix deadlock - !7573 pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() - sched/all: Change all BUG_ON() instances in the scheduler to WARN_ON_ONCE() - !7547 btrfs: fix information leak in btrfs_ioctl_logical_to_ino() - !7586 powerpc/imc-pmu: Add a null pointer check in update_events_in_group() - powerpc/imc-pmu: Add a null pointer check in update_events_in_group() - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() - !7477 firewire: nosy: ensure user_length is taken into account when fetching packet contents - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() - !7483 Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout - firewire: nosy: ensure user_length is taken into account when fetching packet contents - !7425 net: gtp: Fix Use-After-Free in gtp_dellink - !7434 net: openvswitch: Fix Use-After-Free in ovs_ct_exit - net: openvswitch: Fix Use-After-Free in ovs_ct_exit - net: gtp: Fix Use-After-Free in gtp_dellink - !7228 s390/zcrypt: fix reference counting on zcrypt card objects - !7193 CVE-2024-26921 - !7096 fix CVE-2024-26865 - s390/zcrypt: fix reference counting on zcrypt card objects - sk_buff: Fix KABI break for the modification of struct sk_buff - inet: inet_defrag: prevent sk release while still in use - inet: frags: re-introduce skb coalescing for local delivery - net: Fix KABI break for introducing is_skb_wmem() - skb_expand_head() adjust skb->truesize incorrectly - skbuff: introduce skb_expand_head() - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()- !7194 s390/dasd: fix double module refcount decrement - !7059 nilfs2: prevent kernel bug at submit_bh_wbc() - !7163 v2 usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error - !7104 KVM: Always flush async #PF workqueue when vCPU is being destroyed - !7203 NTB: fix possible name leak in ntb_register_device() - NTB: fix possible name leak in ntb_register_device() - s390/dasd: fix double module refcount decrement - !7158 v2 Squashfs: check the inode number is not the invalid value of zero - !7181 nfs: fix UAF in direct writes - !7091 nouveau: lock the client object tree. - !7120 v2 clk: zynq: Prevent null pointer dereference caused by kmalloc failure - !7089 nilfs2: fix failure to detect DAT corruption in btree and direct mappings - !7151 v2 scsi: sd: Fix sd_do_mode_sense() buffer length handling - nfs: fix UAF in direct writes - !7033 Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" - !7079 nvmet: fix a use-after-free - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error - !7140 media: usbtv: Remove useless locks in usbtv_video_free() - Squashfs: check the inode number is not the invalid value of zero - scsi: sd: Fix sd_do_mode_sense() buffer length handling - !7137 v2 SUNRPC: fix a memleak in gss_import_v2_context - !7138 SUNRPC: fix some memleaks in gssx_dec_option_array - !7100 netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() - !7095 CVE-2024-27020 - media: usbtv: Remove useless locks in usbtv_video_free() - SUNRPC: fix some memleaks in gssx_dec_option_array - SUNRPC: fix a memleak in gss_import_v2_context - !7114 v2 backport patch for thp deferred list for 4.19 - !7034 fix CVE-2024-27001 for 4.19 - !7032 clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays - !7115 drm/radeon: add a force flush to delay work when radeon - !7055 scsi: qla2xxx: Fix command flush on cable pull - !7109 fix CVE-2024-26960 - clk: zynq: Prevent null pointer dereference caused by kmalloc failure - !6260 packet: move from strlcpy with unused retval to strscpy - drm/radeon: add a force flush to delay work when radeon - THP: avoid lock when check whether THP is in deferred list - mm/mmu_gather: limit free batch count and add schedule point in tlb_batch_pages_flush - mm, thp: do not queue fully unmapped pages for deferred split - !7046 USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command - mm: swap: fix race between free_swap_and_cache() and swapoff() - mm/swapfile.c: use __try_to_reclaim_swap() in free_swap_and_cache() - !7053 CVE-2024-27024 - KVM: Always flush async #PF workqueue when vCPU is being destroyed - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() - !6970 ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - !6995 v2 net/mlx5e: Prevent deadlock while disabling aRFS - !7038 i40e: Fix NULL ptr dereference on VSI filter sync - !7037 media: v4l2-tpg: fix some memleaks in tpg_alloc - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() - netfilter: nf_tables: __nft_expr_type_get() selects specific family type - nouveau: lock the client object tree. - nilfs2: fix failure to detect DAT corruption in btree and direct mappings - !6992 media: edia: dvbdev: fix a use-after-free - nvmet: fix a use-after-free - !7045 v2 b43: fix CVE-2023-52644 - !7017 v2 net: ath9k: fix CVE-2024-26897 - nilfs2: prevent kernel bug at submit_bh_wbc() - !7016 v3 Fix CVE-2022-48693 - !7012 clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays - scsi: qla2xxx: Fix command flush on cable pull - net/rds: fix possible cp null dereference - net/rds: fix WARNING in rds_conn_connect_if_down - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command - !6991 mac802154: fix llsec key resources release in mac802154_llsec_key_del - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled - b43: dma: Fix use true/false for bool type variable - !7005 media: ttpci: fix two memleaks in budget_av_attach - !7014 nilfs2: fix OOB in nilfs_set_de_type - !7001 fix CVE-2024-27010 - i40e: Fix NULL ptr dereference on VSI filter sync - media: v4l2-tpg: fix some memleaks in tpg_alloc - !6880 media: go7007: fix a memleak in go7007_load_encoder - comedi: vmk80xx: fix incomplete endpoint checking - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays - !6984 clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays - !6893 cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - !6958 netfilter: nf_tables: fix memleak in map from abort path - !6820 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - !6940 drm: nv04: Fix out of bounds access - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe - nilfs2: fix OOB in nilfs_set_de_type - !6968 CVE-2024-26974 - clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays - !6976 nfp: flower: handle acti_netdevs allocation failure - media: ttpci: fix two memleaks in budget_av_attach - !6944 USB: core: Fix deadlock in usb_deauthorize_interface() - net/sched: fix kabi change in struct Qdisc - net/sched: Fix mirred deadlock on device recursion - !6870 scsi: mpt3sas: Fix use-after-free warning - net/mlx5e: Prevent deadlock while disabling aRFS - media: edia: dvbdev: fix a use-after-free - !6966 speakup: Avoid crash on very long word - !6963 v2 CVE-2024-27000 - mac802154: fix llsec key resources release in mac802154_llsec_key_del - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays - !6942 v2 ima: fix deadlock when traversing "ima_default_rules". - !6951 v2 spi: spi-mt65xx: Fix NULL pointer access in interrupt handler - nfp: flower: handle acti_netdevs allocation failure - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - crypto: qat - resolve race condition during AER recovery - crypto: qat - fix double free during reset - !6881 v4 CVE-2024-26846 - !6894 tun: limit printing rate when illegal packet received by tun dev - speakup: Avoid crash on very long word - serial: core: fix kernel-doc for uart_port_unlock_irqrestore() - serial: mxs-auart: add spinlock around changing cts state - serial: core: Provide port lock wrappers - !6883 Bluetooth: Fix TOCTOU in HCI debugfs implementation - !6856 media: dvb-frontends: avoid stack overflow warnings with clang - netfilter: nf_tables: fix memleak in map from abort path - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler - !6839 CVE-2023-52650 - !6869 v2 media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity - !6867 v2 nouveau: fix instmem race condition around ptr stores - USB: core: Fix deadlock in usb_deauthorize_interface() - !6852 serial/pmac_zilog: Remove flawed mitigation for rx irq flood - ima: fix deadlock when traversing "ima_default_rules". - drm: nv04: Fix out of bounds access - tun: limit printing rate when illegal packet received by tun dev - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - Bluetooth: Fix TOCTOU in HCI debugfs implementation - nvme-fc: do not wait in vain when unloading module - nvme-fc: remove err_work work item - media: go7007: fix a memleak in go7007_load_encoder - scsi: mpt3sas: Fix use-after-free warning - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity - nouveau: fix instmem race condition around ptr stores - media: dvb-frontends: avoid stack overflow warnings with clang - serial/pmac_zilog: Remove flawed mitigation for rx irq flood - drm/tegra: dsi: Add missing check for of_find_device_by_node - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - packet: move from strlcpy with unused retval to strscpy- !6858 CVE-2024-26883 - !6836 fs: sysfs: Fix reference leak in sysfs_break_active_protection() - !6845 erofs: fix pcluster use-after-free on UP platforms - !6827 fat: fix uninitialized field in nostale filehandles - !6807 CVE-2024-26923 - !6847 ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - bpf: Fix stackmap overflow check on 32-bit arches - bpf: Check for integer overflow when using roundup_pow_of_two() - !6758 CVE-2022-48664 - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - erofs: fix pcluster use-after-free on UP platforms - fs: sysfs: Fix reference leak in sysfs_break_active_protection() - !6795 rtmutex: Add acquire semantics for rtmutex lock acquisition slow path - fat: fix uninitialized field in nostale filehandles - !6777 tun: Fix xdp_rxq_info's queue_index when detaching - !6803 scsi: target: core: Add TMF to tmr_list handling - af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). - af_unix: Fix garbage collector racing against connect() - scsi: target: core: Add TMF to tmr_list handling - !6705 quota: fix CVE-2024-26878 - rtmutex: Add acquire semantics for rtmutex lock acquisition slow path - tun: Fix xdp_rxq_info's queue_index when detaching - !6674 cifs: fix underflow in parse_server_interfaces() - !6494 v2 oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup - !6745 PCI/IOV: Improve performance of creating VFs concurrently - !6754 binder: check offset alignment in binder_get_object() - !6746 v3 openEuler-1.0-LTS: bugfix for mm - !6716 CVE-2024-26922 - btrfs: fix hang during unmount when stopping a space reclaim worker - Btrfs: fix crash during unmount due to race with delayed inode workers - binder: check offset alignment in binder_get_object() - !6652 geneve: make sure to pull inner header in geneve_rx() - mm/madvise: fix potential pte_unmap_unlock pte error - PCI/IOV: Improve performance of creating VFs concurrently - !6664 drm/bridge: adv7511: fix crash on irq during probe - !6653 net/ipv6: avoid possible UAF in ip6_route_mpath_notify() - !6510 cachefiles: fix memory leak in cachefiles_add_cache() - drm/amdgpu: validate the parameters of bo mapping operations more clearly - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va - drm/amdgpu: restrict bo mapping within gpu address limits - drm/amdgpu: check alignment on CPU page for bo map - quota: Fix potential NULL pointer dereference - quota: check time limit when back out space/inode change - quota: code cleanup for __dquot_alloc_space() - !6662 sched/rt: Disallow writing invalid values to sched_rt_period_us - !6661 sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset - !6659 sched/rt: Fix sysctl_sched_rr_timeslice intial value - !6578 drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip - !6641 CVE-2024-26863 - cifs: fix underflow in parse_server_interfaces() - !6646 fix race between rebuild scheduler domains and hotplug work - drm/bridge: adv7511: fix crash on irq during probe - sched/rt: Disallow writing invalid values to sched_rt_period_us - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset - sched/rt: Fix sysctl_sched_rr_timeslice intial value - !6642 v3 x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() - geneve: make sure to pull inner header in geneve_rx() - !6621 amdkfd: use calloc instead of kzalloc to avoid integer overflow - cpuset: fix race between rebuild scheduler domains and hotplug work - !6617 net/bnx2x: Prevent access to a freed page in page_pool - !6611 net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() - x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - hsr: Fix uninit-value access in hsr_get_node() - net: hsr: fix placement of logical operator in a multi-line statement - !6397 btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - !6616 drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - amdkfd: use calloc instead of kzalloc to avoid integer overflow - net/bnx2x: Prevent access to a freed page in page_pool - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() - !6525 v2 CVE-2024-24860 bugfix - !6478 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - !6582 ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() - !6577 media: rc: bpf attach/detach requires write permission - !6560 IB/hfi1: Fix a memleak in init_credit_return - !6420 tty: fix read of tty->pgrp outside of ctrl_lock - !6436 dm: call the resume method on internal suspend - !6562 nfc: nci: free rx_data_reassembly skb on NCI device cleanup - !6481 CVE-2024-26875 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip - media: rc: bpf attach/detach requires write permission - !6495 RDMA/srpt: Do not register event handler until srpt device is fully setup - !6457 CVE-2024-26813 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup - IB/hfi1: Fix a memleak in init_credit_return - !6517 scsi: lpfc: Fix link down processing to address NULL pointer dereference - !6521 netfilter: nf_conntrack_h323: Add protection for bmp length out of range - !6454 CVE-2021-47182 - Bluetooth: Fix atomicity violation in {min,max}_key_size_set - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - netfilter: nf_conntrack_h323: Add protection for bmp length out of range - scsi: lpfc: Fix link down processing to address NULL pointer dereference - cachefiles: fix memory leak in cachefiles_add_cache() - RDMA/srpt: Do not register event handler until srpt device is fully setup - mm: oom_kill: fix KABI broken by "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup" - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup - sched: Allocate a new task_struct_resvd object for fork task - media: pvrusb2: fix uaf in pvr2_context_set_notify - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - vfio/platform: Create persistent IRQ handlers - vfio/platform: Disable virqfds on cleanup - scsi: core: Fix scsi_mode_sense() buffer length handling - scsi: core: Reshuffle response handling in scsi_mode_sense() - scsi: core: Fixup calling convention for scsi_mode_sense() - dm: call the resume method on internal suspend - tty: fix read of tty->pgrp outside of ctrl_lock - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve- !6313 fixup CVE-2024-26908 - !6447 can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock - !6309 v5 ima: Avoid blocking in RCU read-side critical section - !6405 wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() - !6466 bpf: Fix hashtab overflow check on 32-bit arches - !6396 tracing/trigger: Fix to return error if failed to alloc snapshot - !6278 Bluetooth: Avoid potential use-after-free in hci_error_reset - bpf: Fix hashtab overflow check on 32-bit arches - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock - !6203 ALSA: usb-audio: fix null pointer dereference on pointer cs_desc - !6292 aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts - !6301 v2 tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() - !6266 usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - tracing/trigger: Fix to return error if failed to alloc snapshot - !6290 CVE-2024-24861 - x86/xen: Add some null pointer checking to smp.c - ima: Avoid blocking in RCU read-side critical section - !6269 scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - !6276 wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() - !6277 gtp: fix use-after-free and null-ptr-deref in gtp_newlink() - !6275 arp: Prevent overflow in arp_req_get(). - !6280 scsi: advansys: Fix kernel pointer leak - !6177 arm64/mpam: Not allowed setting 0 to cache portion bit mask - !6176 arm64/mpam: return EOPNOTSUPP when changing rmid of monitor group or resource group with monitor - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts - media: xc4000: Fix atomicity violation in xc4000_get_frequency - !6075 Fix CVE-2024-26764 - scsi: advansys: Fix kernel pointer leak - Bluetooth: Avoid potential use-after-free in hci_error_reset - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach - arp: Prevent overflow in arp_req_get(). - !6084 netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - !6246 ubi: Check for too small LEB size in VTBL code - ubi: Check for too small LEB size in VTBL code - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc - arm64/mpam: Not allowed setting 0 to cache portion bit mask - arm64/mpam: return EOPNOTSUPP when changing rmid of monitor group or resource group with monitor - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio- !6231 v2 drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() - !6083 can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) - !6160 net/sched: act_mirred: don't override retval if we already lost the skb - drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() - !6152 Fix CVE-2024-26812 - !6139 iavf: free q_vectors before queues in iavf_disable_vf - !6164 CVE-2021-47194 - !6123 xen/events: close evtchn after mapping cleanup - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - net/sched: act_mirred: don't override retval if we already lost the skb - vfio/pci: Create persistent INTx handler - vfio: Introduce interface to flush virqfd inject workqueue - !6053 net: ip_tunnel: prevent perpetual headroom growth - !6002 KVM: s390: vsie: fix race during shadow creation - iavf: free q_vectors before queues in iavf_disable_vf - !6102 Fix CVE-2024-27437 - !6070 Fix CVE-2024-26686 - !6049 wifi: mac80211: fix race condition on enabling fast-xmit - !5916 ext4: fix double-free of blocks due to wrong extents moved_len - xen/events: close evtchn after mapping cleanup - !6099 vfio/pci: Lock external INTx masking ops - !6032 gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() - !5899 dm-crypt: don't modify the data when using authenticated encryption - vfio/pci: Disable auto-enable of exclusive INTx IRQ - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Lock external INTx masking ops - !6042 nilfs2: fix data corruption in dsync block recovery for small block sizes - !6030 Fix CVE-2024-26685 - !6015 btrfs: don't drop extent_map for free space inode on write error - !5963 btrfs: dev-replace: properly validate device names - can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) - fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats - fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() - fs/proc: do_task_stat: use __for_each_thread() - exit: Use the correct exit_code in /proc//stat - net: ip_tunnel: prevent perpetual headroom growth - wifi: mac80211: fix race condition on enabling fast-xmit - !5999 mm/swap: fix race when skipping swapcache - nilfs2: fix data corruption in dsync block recovery for small block sizes - !6019 net/sched: act_mirred: use the backlog for mirred ingress - !6010 PM / devfreq: Synchronize devfreq_monitor_[start/stop - !5846 ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() - !5994 ipv6: sr: fix possible use-after-free and null-ptr-deref - nilfs2: fix potential bug in end_buffer_async_write - nilfs2: fix buffer corruption due to concurrent device reads - !5951 RDMA/qedr: Fix qedr_create_user_qp error flow - net/sched: act_mirred: use the backlog for mirred ingress - btrfs: don't drop extent_map for free space inode on write error - PM / devfreq: Synchronize devfreq_monitor_[start/stop] - !5961 fbdev: savage: Error out if pixclock equals zero - KVM: s390: vsie: fix race during shadow creation - mm/swap: fix race when skipping swapcache - ipv6: sr: fix possible use-after-free and null-ptr-deref - !5875 v3 CVE-2024-26771 - !5926 RDMA/srpt: Support specifying the srpt_service_guid parameter - btrfs: dev-replace: properly validate device names - fbdev: savage: Error out if pixclock equals zero - !5778 ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() - RDMA/qedr: Fix qedr_create_user_qp error flow - !5830 fbdev: sis: Error out if pixclock equals zero - RDMA/srpt: Support specifying the srpt_service_guid parameter - ext4: fix double-free of blocks due to wrong extents moved_len - dm-crypt: don't modify the data when using authenticated encryption - !5807 nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() - dmaengine: ti: edma: Add some null pointer checks to the edma_probe - dmaengine: ti: edma: Fix error return code in edma_probe() - dmaengine: ti: edma: add missed operations - dmaengine: ti: edma: fix missed failure handling - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() - fbdev: sis: Error out if pixclock equals zero - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()- !5874 scsi: hisi_sas: Update disk locked timeout to 7 seconds - scsi: hisi_sas: Update disk locked timeout to 7 seconds - !5841 fixup CVE-2024-26751 - !5834 CVE-2021-47144 - ARM: ep93xx: Add terminator to gpiod_lookup_table - drm/amd/amdgpu: fix refcount leak - !5796 netfilter: nft_limit: reject configurations that cause integer overflow - netfilter: nft_limit: reject configurations that cause integer overflow - !5755 sh: push-switch: Reorder cleanup operations to avoid use-after-free bug - !5767 v5 net: fec: fix the potential memory leak in fec_enet_init() - !5718 CVE-2024-26654 - net: fec: fix the potential memory leak in fec_enet_init() - !5722 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug - !5727 fix CVE-2021-47101 - !5531 ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() - !5715 net: hns3: updates 2024.04.02 - !5710 v2 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() - asix: fix wrong return value in asix_check_host_enable() - asix: fix uninit-value in asix_mdio_read() - net: asix: fix uninit value bugs - btrfs: don't abort filesystem when attempting to snapshot deleted subvolume - !5700 sr9800: Add check for usbnet_get_endpoints - !5680 USB: usbfs: Don't WARN about excessively large memory allocations - !5679 fix CVE-2023-52587 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs - ALSA: aica: Fix a long-time build breakage - !5713 v2 tipc: wait and exit until all work queues are done - net: hns3: update hns3 version to 24.3.1 - net: hns3: fix port vlan filter not disabled problem in dynamic vlan mode - !5696 NFS: Fix an Oopsable condition in __nfs_pageio_add_request() - tipc: wait and exit until all work queues are done - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() - !5702 ext4: Validate inode pa before using preallocation blocks - !5694 tipc: skb_linearize the head skb when reassembling msgs - ext4: Validate inode pa before using preallocation blocks - !5674 mac80211: fix locking in ieee80211_start_ap error path - !5672 arm64/mpam_ctrlmon: Update ctrl group config with rdtgrp's partid - sr9800: Add check for usbnet_get_endpoints - !5528 btrfs: do not BUG_ON in link_to_fixup_dir - NFS: Fix an Oopsable condition in __nfs_pageio_add_request() - tipc: skb_linearize the head skb when reassembling msgs - !5522 md/raid5: fix atomicity violation in raid5_cache_count - USB: usbfs: Don't WARN about excessively large memory allocations - IB/ipoib: Fix mcast list locking - RDMA/IPoIB: Fix error code return in ipoib_mcast_join - mac80211: fix locking in ieee80211_start_ap error path - arm64/mpam: Allocate new partid for the created ctrl group - arm64/mpam_ctrlmon: Update ctrl group config with rdtgrp's partid - !5581 CVE-2023-52622 - !5658 v2 CVE-2021-47131 - !5645 [sync] PR-5493: arm64/mpam: Fix repeated enabling in mpam_enable() - !5559 fix CVE-2021-47173 - !5575 net: dsa: fix a crash if ->get_sset_count() fails - net/tls: Use RCU API to access tls_ctx->netdev - net/tls: Remove the context from the list in tls_device_down - tls: Fix context leak on tls_device_down - net/tls: Resolve KABI break when backport bugfix of CVE-2021-47131 - net/tls: Fix use-after-free after the TLS device goes down and up - net/tls: Replace TLS_RX_SYNC_RUNNING with RCU - !5625 i2c: i801: Don't generate an interrupt on bus reset - !5517 dm: revert partial fix for redundant bio-based IO accounting - arm64/mpam: Fix repeated enabling in mpam_enable() - !5481 jfs: fix array-index-out-of-bounds in dbAdjTree - !5572 mld: fix panic in mld_newpack() - !5565 tracing: Ensure visibility when inserting an element into tracing_map - !5571 v2 mm/mlock: return EINVAL for illegal user memory range in mlock - i2c: i801: Don't generate an interrupt on bus reset - !5587 Fix CVE-2021-47171 - !5579 mm: ksm: fix use-after-free kasan report in ksm_might_need_to_copy - !5573 Fix CVE-2021-47160 - !5564 serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - !5560 drm/amdgpu: Fix a use-after-free - net: usb: fix possible use-after-free in smsc75xx_bind - net: usb: fix memory leak in smsc75xx_bind - ext4: avoid online resizing failures due to oversized flex bg - ext4: unify the type of flexbg_size to unsigned int - ext4: remove unnecessary check from alloc_flex_gd() - mm: ksm: fix use-after-free kasan report in ksm_might_need_to_copy - !5558 net: fujitsu: fix potential null-ptr-deref - !5556 NFC: nci: fix memory leak in nci_allocate_device - net: dsa: fix a crash if ->get_sset_count() fails - net: dsa: mt7530: fix VLAN traffic leaks again - net: dsa: mt7530: fix VLAN traffic leaks - mld: fix panic in mld_newpack() - mm/mlock: return EINVAL for illegal user memory range in mlock - tracing: Ensure visibility when inserting an element into tracing_map - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - !5552 net/smc: remove device from smcd_dev_list after failed device_add() - !5290 crypto: algif_aead - Only wake up when ctx->more is zero - !5446 keys: safe concurrent user->{session,uid}_keyring access - drm/amdgpu: Fix a use-after-free - !5550 pciehp: clear p_slot->work.data after powering off a slot - usb: misc: fix improper handling of refcount in uss720_probe() - misc/uss720: fix memory leak in uss720_probe - !5515 netfilter: nf_tables: disallow timeout for anonymous sets - !5538 netfilter: nf_tables: disallow anonymous set with timeout flag - net: fujitsu: fix potential null-ptr-deref - NFC: nci: fix memory leak in nci_allocate_device - net/smc: remove device from smcd_dev_list after failed device_add() - pciehp: clear p_slot->work.data after powering off a slot - netfilter: nf_tables: disallow anonymous set with timeout flag - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() - btrfs: do not BUG_ON in link_to_fixup_dir - md/raid5: fix atomicity violation in raid5_cache_count - dm: revert partial fix for redundant bio-based IO accounting - netfilter: nf_tables: disallow timeout for anonymous sets - jfs: fix array-index-out-of-bounds in dbAdjTree - keys: safe concurrent user->{session,uid}_keyring access - crypto: af_alg - Work around empty control messages without MSG_MORE - crypto: af_alg - Fix regression on empty requests - crypto: algif_aead - Only wake up when ctx->more is zero- !5539 spi: spi-fsl-dspi: Fix a resource leak in an error handling path - !5542 round lts patches - !5520 scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() - l2tp: pass correct message length to ip6_append_data - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg - spi: spi-fsl-dspi: Fix a resource leak in an error handling path - !5514 CVE-2021-47110 - !5497 llc: Drop support for ETH_P_TR_802_2. - !5498 llc: make llc_ui_sendmsg() more robust against bonding changes - !5490 tcp: add sanity checks to rx zerocopy - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() - x86/kvm: Do not try to disable kvmclock if it was not enabled - x86/kvm: Disable kvmclock on all CPUs on shutdown - !5502 pstore/ram: Fix crash when setting number of cpus to an odd number - !5477 Fixed CVE-2021-47112 - pstore/ram: Fix crash when setting number of cpus to an odd number - llc: make llc_ui_sendmsg() more robust against bonding changes - llc: Drop support for ETH_P_TR_802_2. - tcp: add sanity checks to rx zerocopy - !5479 jfs: fix cve-2023-52600 - !5478 jfs: fix array-index-out-of-bounds in diNewExt - !5485 nfsd: fix use-after-free due to delegation race - nfsd: fix use-after-free due to delegation race - !5281 printk: avoid deadlock in panic - jfs: fix uaf in jfs_evict_inode - JFS: fix memleak in jfs_mount - jfs: fix array-index-out-of-bounds in diNewExt - x86/kvm: Teardown PV features on boot CPU as well - !5465 wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() - !5361 btrfs: abort in rename_exchange if we fail to insert the second ref - !5254 tomoyo: fix UAF write bug in tomoyo_write_control() - !5321 UBSAN: array-index-out-of-bounds in dtSplitRoot - !5455 CVE-2021-47114 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() - !5320 jfs: fix slab-out-of-bounds Read in dtSearch - ocfs2: issue zeroout to EOF blocks - ocfs2: fix zero out valid data - ocfs2: fix data corruption by fallocate - !5374 hwrng: core - Fix page fault dead lock on mmap-ed hwrng - !5418 [sync] PR-5317: KVM: s390: fix setting of fpc register - !5272 net/smc: fix illegal rmb_desc access in SMC-D connection dump - !5274 phonet/pep: refuse to enable an unbound pipe - !5359 CVE-2021-47121 and CVE-2021-47122 - KVM: s390: fix setting of fpc register - !5358 v5 CVE-2023-52595 - !5336 binder: fix race between mmput() and do_exit() - hwrng: core - Fix page fault dead lock on mmap-ed hwrng - btrfs: abort in rename_exchange if we fail to insert the second ref - net: caif: fix memory leak in caif_device_notify - net: caif: fix memory leak in cfusbl_device_notify - net: caif: add proper error handling - net: caif: added cfserl_release function - rt2x00: Fix kabi breakage in struct rt2x00lib_ops - wifi: rt2x00: restart beacon queue when hardware reset - rt2x00: clear up IV's on key removal - rt2x00: clear IV's on start to fix AP mode regression - rt2800: add pre_reset_hw callback - rt2800: do not nullify initialization vector data - binder: fix race between mmput() and do_exit() - UBSAN: array-index-out-of-bounds in dtSplitRoot - jfs: fix slab-out-of-bounds Read in dtSearch - printk: avoid deadlock in panic - phonet/pep: refuse to enable an unbound pipe - net/smc: fix illegal rmb_desc access in SMC-D connection dump - tomoyo: fix UAF write bug in tomoyo_write_control()- !5306 FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree - !5347 s390/ptrace: handle setting of fpc register correctly - !5309 drm/msm/dpu: Add mutex lock in control vblank irq - s390/ptrace: handle setting of fpc register correctly - !5267 llc: call sock_orphan() at release time - drm/msm/dpu: Add mutex lock in control vblank irq - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree - !5241 powerpc/lib: Validate size for vector operations - !5246 ceph: fix deadlock or deadcode of misusing dget() - !5268 crypto: algif_aead - fix uninitialized ctx->init - crypto: algif_aead - fix uninitialized ctx->init - llc: call sock_orphan() at release time - !5220 powerpc/mm: Fix null-pointer dereference in pgtable_cache_add - !5196 drm: Don't unref the same fb many times by mistake due to deadlock handling - ceph: fix deadlock or deadcode of misusing dget() - powerpc/lib: Validate size for vector operations - !5210 v2 Fix CVE-2022-48629 and CVE-2022-48630 - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add - !5175 arm64/mpam: Fix use-after-free when deleting resource groups - !5163 nfc: nci: assert requested protocol is valid - !5172 CVE-2023-52502 for openEuler-1.0-LTS - crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ - crypto: qcom-rng - ensure buffer for generate is completely filled - drm: Don't unref the same fb many times by mistake due to deadlock handling - !5177 net: nfc: llcp: Add lock when modifying device list - !5157 RDMA/srp: Do not call scsi_done() from srp_abort() - net: nfc: llcp: Add lock when modifying device list - arm64/mpam: Fix use-after-free when deleting resource groups - arm64/mpam: remove kernfs_get() calls() and add kernfs_put() calls to prevent refcount leak - !5142 arm64/mpam: Expand the monitor number of the resctrl root - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() - nfc: constify several pointers to u8, char and sk_buff - nfc: nci: assert requested protocol is valid - RDMA/srp: Do not call scsi_done() from srp_abort() - arm64/mpam: Expand the monitor number of the resctrl root- !5133 CVE-2021-46926 - !5136 NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds - !5052 v3 Remove WQ_FLAG_BOOKMARK flag - !5140 linux-4.19.y inclusion(4.19.305..4.19.307) part3 - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV - NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds - ALSA: hda: intel-sdw-acpi: harden detection of controller - soundwire: intel: filter SoundWire controller device search - !5114 fix CVE-2023-52578 - !5119 crypto: scomp - fix req->dst buffer overflow - !5101 EDAC/thunderx: Fix possible out-of-bounds string access - !5094 HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect - crypto: scomp - fix req->dst buffer overflow - net: fix kabi check warning - net: Fix unwanted sign extension in netdev_stats_to_stats64() - net: bridge: use DEV_STATS_INC() - net: add atomic_long_t to net_device_stats fields - !5092 wifi: mac80211: fix potential key use-after-free - EDAC/thunderx: Fix possible out-of-bounds string access - !5095 linux-4.19.y inclusion(4.19.305..4.19.307) part 2 - !5090 drm: bridge/panel: Cleanup connector on bridge detach - !5088 uio_hv_generic: Fix a memory leak in error handling paths - !4952 scsi: qedf: Add pointer checks in qedf_update_link_speed() - !5076 v3 CVE-2021-47074 - netfilter: nft_compat: reject unused compat flag - ppp_async: limit MRU to 64K - inet: read sk->sk_family once in inet_recv_error() - bonding: remove print in bond_verify_device_path - af_unix: fix lockdep positive in sk_diag_dump_icons() - net: ipv4: fix a memleak in ip_setup_cork - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses - virtio_net: Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk - SUNRPC: Fix a suspicious RCU usage warning - tcp: Add memory barrier to tcp_push() - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING - md: Whenassemble the array, consult the superblock of the freshest device - jbd2: correct the printing of write_flags in jbd2_write_superblock() - !5073 RDMA/rxe: Clear all QP fields if creation failed - !5077 RDMA/rxe: Return CQE error if invalid lkey was supplied - !5055 linux-4.19.y inclusion(4.19.305..4.19.307) part 1 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect - wifi: mac80211: fix potential key use-after-free - drm: bridge/panel: Cleanup connector on bridge detach - uio_hv_generic: Fix a memory leak in error handling paths - of: unittest: Fix of_count_phandle_with_args() expected value message - of: unittest: Fix compile in the non-dynamic case - RDMA/rxe: Return CQE error if invalid lkey was supplied - nvme-loop: fix memory leak in nvme_loop_create_ctrl() - nvme-loop: don't put ctrl on nvme_init_ctrl error - !5060 net: fix possible store tearing in neigh_periodic_work() - RDMA/rxe: Clear all QP fields if creation failed - net: fix possible store tearing in neigh_periodic_work() - of: Fix double free in of_parse_phandle_with_args_map - pmdomain: core: Move the unused cleanup to a _sync initcall - tick/sched: Preserve number of idle sleeps across CPU hotplug events - acpi: property: Let args be NULL in __acpi_node_get_property_reference - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug - ACPI: LPIT: Avoid u32 multiplication overflow - audit: Send netlink ACK before setting connection in auditd_set - crypto: scompress - return proper error code for allocation failure - crypto: af_alg - Disallow multiple in-flight AIO requests - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again - !5046 usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - sched: remove wait bookmarks - filemap: remove use of wait bookmarks - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - !4929 scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command - !4752 block: add check that partition length needs to be aligned with block size - !4735 blk-mq: fix IO hang from sbitmap wakeup race - !3864 nvme: sanitize metadata bounce buffer for reads - !4946 NFC: st21nfca: Fix memory leak in device probe and remove - !4999 CVE-2021-46984 - !4938 crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - !4990 vt: fix memory overlapping when deleting chars in the buffer - !4978 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() - !5018 ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - !4992 bnxt_en: Fix RX consumer index logic in the error path. - !4997 Fixed CVE-2023-52504 - !4982 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails - !4983 net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - !4995 mpam/mpam_ctrlmon: update monitor config with its parent's ctrl_val - !4974 arm64/mpam: set default feedback of last_cmd_status interface as null string - !4975 arm64/mpam: support resctrl fs to show mounting option - !4973 arm64/mpam: Skip updates of unrelated ctrl type - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - !4996 soundwire: stream: fix memory leak in stream config error path - !4817 v2 io_uring: fix overflows checks in provide buffers - kyber: fix kabi broken in ->bio_merge() - kyber: fix out of bounds access when preempted - x86/alternatives: Disable KASAN in apply_alternatives() - soundwire: stream: fix memory leak in stream config error path - mpam/mpam_ctrlmon: update monitor config with its parent's ctrl_val - bnxt_en: Fix RX consumer index logic in the error path. - !4969 CVE-2021-46990 - vt: fix memory overlapping when deleting chars in the buffer - !4945 ieee802154: ca8210: Fix a potential UAF in ca8210_probe - !4944 perf/x86/lbr: Filter vsyscall addresses - !4967 i2c: xiic: fix reference leak when pm_runtime_get_sync fails - !4970 binder: fix async_free_space accounting for empty parcels - !4919 v2 HID: usbhid: fix info leak in hid_submit_ctrl - !4980 net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg - !4949 CVE-2021-47024 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() - arm64/mpam: support resctrl fs to show mounting option - arm64/mpam: set default feedback of last_cmd_status interface as null string - arm64/mpam: Skip updates of unrelated ctrl type - binder: fix async_free_space accounting for empty parcels - powerpc/64s: Fix crashes when toggling entry flush barrier - i2c: xiic: fix reference leak when pm_runtime_get_sync fails - scsi: qedf: Add pointer checks in qedf_update_link_speed() - vsock/virtio: free queued packets when closing socket - vsock/virtio: discard packets only when socket is really closed - virtio_vsock: Fix race condition in virtio_transport_recv_pkt - NFC: st21nfca: Fix memory leak in device probe and remove - ieee802154: ca8210: Fix a potential UAF in ca8210_probe - perf/x86/lbr: Filter vsyscall addresses - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command - HID: usbhid: fix info leak in hid_submit_ctrl - io_uring: fix overflows checks in provide buffers - block: add check that partition length needs to be aligned with block size - blk-mq: fix IO hang from sbitmap wakeup race - nvme: sanitize metadata bounce buffer for reads- !4947 powerpc/64s: Fix pte update for kernel memory on radix - !4932 phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP - powerpc/64s: Fix pte update for kernel memory on radix - !4874 v2 net: openvswitch: limit the number of recursions from action sets - !4920 ARM: footbridge: remove personal server platform - !4887 KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU - !4918 v3 usb: hub: Guard against accesses to uninitialized BOS descriptors - !4936 i2c: validate user data in compat ioctl - i2c: validate user data in compat ioctl - !4898 platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - !4879 KVM: Stop looking for coalesced MMIO zones if the bus is destroyed - !4869 Fix CVE-2021-46941 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP - !4904 i2c: sprd: fix reference leak when pm_runtime_get_sync fails - !4859 hfsplus: prevent corruption in shrinking truncate - !4877 i2c: Fix a potential use after free - ARM: footbridge: fix PCI interrupt mapping - !4888 v3 media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: hub: Guard against accesses to uninitialized BOS descriptors - !4825 sched/membarrier: reduce the ability to hammer on sys_membarrier - !4882 Input: appletouch - initialize work before device registration - !4876 backport patch to fix CVE-2021-47077 - !4899 net: qualcomm: rmnet: fix global oob in rmnet_policy - i2c: sprd: fix reference leak when pm_runtime_get_sync fails - !4892 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security - !4881 i2c: cadence: fix reference leak when pm_runtime_get_sync fails - net: qualcomm: rmnet: fix global oob in rmnet_policy - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - !4865 Input: powermate - fix use-after-free in powermate_config_complete - !4860 apparmor: avoid crash when parsed profile name is empty - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security - media: dvbdev: Fix memory leak in dvb_media_device_free() - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU - Input: appletouch - initialize work before device registration - i2c: cadence: fix reference leak when pm_runtime_get_sync fails - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed - i2c: Fix a potential use after free - ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - net: openvswitch: limit the number of recursions from action sets - usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - usb: dwc3: core: balance phy init and exit - usb: dwc3: core: Do core softreset when switch mode - Input: powermate - fix use-after-free in powermate_config_complete - !4856 bus: qcom: Put child node before return - apparmor: avoid crash when parsed profile name is empty - hfsplus: prevent corruption in shrinking truncate - bus: qcom: Put child node before return - !4828 Drivers: hv: vmbus: Use after free in __vmbus_open() - !4806 v2 media: pvrusb2: fix use after free on context disconnection - !4777 drivers/amd/pm: fix a use-after-free in kv_parse_power_table - !4819 v2 fix CVE-2020-36782 - !4833 openvswitch: fix stack OOB read while fragmenting IPv4 packets - !4677 f2fs: fix to avoid dirent corruption - !4804 CVE-2023-52451 backport to 4.19 v2 - openvswitch: fix stack OOB read while fragmenting IPv4 packets - Drivers: hv: vmbus: Use after free in __vmbus_open() - !4778 v3 Revert "memcg: fix a UAF problem in drain_all_stock()" - sched/membarrier: reduce the ability to hammer on sys_membarrier - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails - PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter - !4812 parisc: Clear stale IIR value on instruction access rights trap - parisc: Clear stale IIR value on instruction access rights trap - media: pvrusb2: fix use after free on context disconnection - powerpc/pseries/memhp: Fix access beyond end of drmem array - powerpc/pseries/memhotplug: Quieten some DLPAR operations - !4758 binder: signal epoll threads of self-work - !4746 KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - Revert "memcg: fix a UAF problem in drain_all_stock()" - drivers/amd/pm: fix a use-after-free in kv_parse_power_table - !4751 [sync] PR-4623: i2c: Optimized the value setting of maxwrite limit to fifo depth - 1 - !4707 mtd: Fix gluebi NULL pointer dereference caused by ftl notifier - !4686 mlxsw: spectrum_acl_tcam: Fix stack corruption - binder: signal epoll threads of self-work - !4710 CVE-2021-46904 for openEuler1.0 - i2c: hisi: Add clearing tx aempty interrupt operation - i2c: hisi: Optimized the value setting of maxwrite limit to fifo depth - 1 - !4671 uio: Fix use-after-free in uio_open - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - net: hso: fix NULL-deref on disconnect regression - net: hso: fix null-ptr-deref during tty device unregistration - usb: hso: check for return value in hso_serial_common_create() - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier - mlxsw: spectrum_acl_tcam: Fix stack corruption - f2fs: fix to avoid dirent corruption - uio: Fix use-after-free in uio_open- !4701 v2 mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path - !4684 v3 CVE-2023-52435 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path - net: Fix compile warning in skb_segment() - net: prevent mss overflow in skb_segment() - !4643 f2fs: explicitly null-terminate the xattr list - f2fs: explicitly null-terminate the xattr list- !4601 v2 xen-netback: don't produce zero-size SKB frags - xen-netback: don't produce zero-size SKB frags - !4583 net: hns3: fix a bug and modify the hns3 driver version - net: hns3: update hns3 version to 24.2.1 - net: hns3: fix tm port shapping of fibre port is incorrect after driver initialization - !4552 v4 CVE-2023-52340 - !4526 v2 fs:/dcache.c: fix negative dentry flag warning in dentry_free - ipv6: fix kabi broken in struct dst_ops - ipv6: Document that max_size sysctl is deprecated - ipv6: remove max_size check inline with ipv4 - !4538 fix kprobe reenter bug - arm64/openeuler_defconfig: add not set config to fix compiling error - tracing/kprobes: Do the notrace functions check without kprobes on ftrace - fs:/dcache.c: fix negative dentry flag warning in dentry_free- !4454 netfilter: nf_tables: reject QUEUE/DROP verdict parameters - netfilter: nf_tables: reject QUEUE/DROP verdict parameters - !4411 v2 drm/atomic: Fix potential use-after-free in nonblocking commits - !4412 v3 Save and restore msg_namelen in sock_sendmsg - net: Save and restore msg_namelen in sock_sendmsg - net: prevent rewrite of msg_name in sock_sendmsg() - !4399 net: dst: Optimized route gc - drm/atomic: Fix potential use-after-free in nonblocking commits - !4392 linux-4.19.y inclusion - !4369 mm/filemap: avoid buffered read/write race to read inconsistent data - net/dst: use a smaller percpu_counter batch for dst entries accounting - net: add a route cache full diagnostic message - net: check dev->gso_max_size in gso_features_check() - net: warn if gso_type isn't set for a GSO SKB - mm: fix unmap_mapping_range high bits shift bug - x86/alternatives: Sync core before enabling interrupts - mm/filemap: avoid buffered read/write race to read inconsistent data - !4360 net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve - !4320 io_uring/af_unix: disable sending io_uring over sockets - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve - io_uring/af_unix: disable sending io_uring over sockets- !4277 fs:/dcache.c: fix negative dentry limit not complete problem - !4288 net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - !4299 smb: client: fix NULL deref in asn1_ber_decoder() - smb: client: fix NULL deref in asn1_ber_decoder() - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - !4228 fix spinlock already unlocked in inet_csk_reqsk_queue_add' bug - fs:/dcache.c: fix negative dentry limit not complete problem - !4235 nfc: nci: fix possible NULL pointer dereference in send_acknowledge() - !4255 drm/amdgpu: Fix potential fence use-after-free v2 - !4209 dhugetlb: skip unexpected migration - drm/amdgpu: Fix potential fence use-after-free v2 - !4231 crypto: hisilicon/qm - drop unnecessary IS_ENABLE(CONFIG_NUMA) check - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() - crypto: hisilicon/qm - drop unnecessary IS_ENABLE(CONFIG_NUMA) check - ipv6: init the accept_queue's spinlocks in inet6_create - tcp: make sure init the accept_queue's spinlocks once - !4212 netlink: fix potential sleeping issue in mqueue_flush_file - netlink: fix potential sleeping issue in mqueue_flush_file - dhugetlb: skip unexpected migration - dhugetlb: introduce page_belong_to_dynamic_hugetlb() function - !3944 time: Handle negative seconds correctly in timespec64_to_ns() - !3943 timerqueue: Use rb_entry_safe() in timerqueue_getnext() - !3942 efi/x86: Map the entire EFI vendor string before copying it - !4166 sched/fair: Fix qos_timer deadlock when cpuhp offline - sched/fair: Fix qos_timer deadlock when cpuhp offline - !4137 sctp: fix potential deadlock on &net->sctp.addr_wq_lock - sctp: fix potential deadlock on &net->sctp.addr_wq_lock - time: Handle negative seconds correctly in timespec64_to_ns() - timerqueue: Use rb_entry_safe() in timerqueue_getnext() - efi/x86: Map the entire EFI vendor string before copying it- !4101 netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - !2954 spi: phytium: fix phytium_spi_irq panic on boot - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - !4067 fix CVE-2022-48619 - !4080 rtnetlink: Reject negative ifindexes in RTM_NEWLINK - rtnetlink: Reject negative ifindexes in RTM_NEWLINK - Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" - !4065 smb: client: fix OOB in receive_encrypted_standard() - !4021 netfilter: nf_tables: Reject tables of unsupported family - Input: add bounds checking to input_set_capability() - smb: client: fix OOB in receive_encrypted_standard() - !4039 crypto: hisilicon/qm: fix several issues - !4025 crypto: hisilicon - replace 'smp_processor_id' with the raw version of the macro - !3980 vhost: use kzalloc() instead of kmalloc() followed by memset() - crypto: hisilicon/qm: fix several issues - crypto: hisilicon - replace 'smp_processor_id' with the raw version of the macro - netfilter: nf_tables: Reject tables of unsupported family - vhost: use kzalloc() instead of kmalloc() followed by memset() - spi: phytium: fix phytium_spi_irq panic on boot- !4006 crypto: hisilicon/sec2: fix memory use-after-free issue - crypto: hisilicon/sec2: fix memory use-after-free issue - !3923 net: bridge: multicast: fix UAF of net_bridge - net: bridge: multicast: fix UAF of net_bridge- !3768 iomap: add support to track dirty state of sub pages - !3845 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - !3847 nvmet: nul-terminate the NQNs passed in the connect command - !3863 linux-4.19.y inclusion(4.19.299..4.19.303) part2 - team: Fix use-after-free when an option instance allocation fails - packet: Move reference count in packet_sock to atomic_long_t - tcp: do not accept ACK of bytes we never sent - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() - ipv6: fix potential NULL deref in fib6_add() - ipv4: Correct/silence an endian warning in __ip_do_redirect - net: sched: fix race condition in qdisc_graft() - macvlan: Don't propagate promisc change to lower dev in passthru - ppp: limit MRU to 64K - tty: Fix uninit-value access in ppp_sync_receive() - net: annotate data-races around sk->sk_dst_pending_confirm - net: annotate data-races around sk->sk_tx_queue_mapping - !3862 linux-4.19.y inclusion(4.19.299..4.19.303) part1 - ring-buffer: Fix memory leak of free page - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation - Revert "PCI: acpiphp: Reassign resources on bridge if necessary" - x86/CPU/AMD: Check vendor in the AMD microcode callback - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() - audit: don't take task_lock() in audit_exe_compare() code path - nvmet: nul-terminate the NQNs passed in the connect command - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - !3823 [sync] PR-3822: ext4: fix kernel BUG in 'ext4_write_inline_data_end()' - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' - !3803 net/sched: cbs: Fix not adding cbs instance to list - net/sched: cbs: Fix not adding cbs instance to list - !3770 ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() - ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() - iomap: add support to track dirty state of sub pages - !3757 Fix bugs from LTS patches - devcoredump: Send uevent once devcd is ready - devcoredump : Serialize devcd_del work - driver core: Release all resources during unbind before updating device links - !3716 appletalk: Fix Use-After-Free in atalk_ioctl - !3667 net/rose: Fix Use-After-Free in rose_ioctl - appletalk: Fix Use-After-Free in atalk_ioctl - net/rose: Fix Use-After-Free in rose_ioctl- !3660 atm: Fix Use-After-Free in do_vcc_ioctl - !3687 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - !3672 smb: client: fix potential OOB in smb2_dump_detail() - !3671 smb: client: fix OOB in smbCalcSize() - !3627 jbd2: fix soft lockup in journal_finish_inode_data_buffers() - !3189 fs: don't audit the capability check in simple_xattr_list() - smb: client: fix potential OOB in smb2_dump_detail() - smb: client: fix OOB in smbCalcSize() - !3555 net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() - atm: Fix Use-After-Free in do_vcc_ioctl - !3592 CVE-2023-35827 patchset - !3449 Fix data-races around - jbd2: fix soft lockup in journal_finish_inode_data_buffers() - ravb: Fix races between ravb_tx_timeout_work() and net related ops - ravb: Fix use-after-free issue in ravb_tx_timeout_work() - net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - fs: don't audit the capability check in simple_xattr_list()- !3607 Fix CVE-2023-6546 - !3606 perf/core: Fix CVE-2023-6931 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - tty: n_gsm: fix restart handling via CLD command - perf: Fix perf_event_validate_size() lockdep splat - perf: Fix perf_event_validate_size() - !3417 SCSI: hisi_raid: support SPxxx serial RAID/HBA controllers - !3531 Fix kernel panic occurs during ISO installation on the 20.03 SP3/SP4 - i2c: hisi: Only handle the interrupt of the driver's transfer - i2c: hisi: Only use the completion interrupt to finish the transfer - i2c: hisi: Avoid redundant interrupts - !3483 net: Remove acked SYN flag from packet in the transmit queue correctly - net: Remove acked SYN flag from packet in the transmit queue correctly - SCSI: hisi_raid: support SPxxx serial RAID/HBA controllers- !3426 Revert "hrtimers: Push pending hrtimers away from outgoing CPU earlier" - Revert "hrtimers: Push pending hrtimers away from outgoing CPU earlier" - Revert "cpu/hotplug: fix kabi breakage in enum cpuhp_state"- !3347 tun: avoid double free in tun_free_netdev - tun: avoid double free in tun_free_netdev - !3239 net: hns: fix fake link up - !3113 KVM: arm64: limit PMU version to PMUv3 for ARMv8.1 - !3281 LTS patch backport - !3122 nvme: retain split access workaround for capability reads - !3262 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. - net: fix kabi broken in struct netns_xfrm - xfrm: fix a data-race in xfrm_gen_index() - !3276 linux-4.19.y inclusion - !3263 workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() - !3267 x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. - can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() - can: dev: can_restart(): don't crash kernel if carrier is OK - can: dev: move driver related infrastructure into separate subdir - ipv6: avoid atomic fragment on GSO packets - tcp_metrics: do not create an entry from tcp_init_metrics() - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() - tcp_metrics: add missing barriers on delete - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb - tcp: fix excessive TLP and RACK timeouts from HZ rounding - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() - ACPI: irq: Fix incorrect return value in acpi_register_gsi() - ext4: move 'ix' sanity check to corrent position - vfs: fix readahead(2) on block devices - overlayfs: set ctime when setting mtime and atime - quota: Fix slow quotaoff - mcb: remove is_added flag from mcb_device struct - sched,idle,rcu: Push rcu_idle deeper into the idle path - cgroup: Remove duplicates in cgroup v1 tasks file - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() - icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. - net: hns: update hns version to 23.12.1 - net: hns: fix fake link up on xge port - !3021 fix CFS bandwidth vs. hrtimer self deadlock - !3202 regmap: fix NULL deref on lookup - regmap: fix NULL deref on lookup - KVM: arm64: limit PMU version to PMUv3 for ARMv8.1 - arm64: cpufeature: Extract capped perfmon fields - nvme: retain split access workaround for capability reads - cpu/hotplug: fix kabi breakage in enum cpuhp_state - hrtimers: Push pending hrtimers away from outgoing CPU earlier- !3158 mm: don't let userspace spam allocations warnings - mm: don't let userspace spam allocations warnings - !2781 cpufreq: Abort show()/store() for half-initialized policies - !3118 sched: smart grid: check is active in affinity timer - sched: smart grid: check is active in affinity timer - !2977 Backport crypto bugfix - !3071 perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled - perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled - !3038 ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - !3031 x86/mce/amd: Publish the bank pointer only after setup has succeeded - !3030 x86/mce/inject: Fix a wrong assignment of i_mce.status - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - x86/mce/amd: Publish the bank pointer only after setup has succeeded - x86/mce/inject: Fix a wrong assignment of i_mce.status - crypto: fix kabi broken in struct crypto_instance - crypto: api - Use work queue in crypto_destroy_instance - cpufreq: make interface functions and lock holding state clear - cpufreq: Abort show()/store() for half-initialized policies- !3000 [openEuler-1.0-LTS] add Phytium drivers CONFIG - arm64: config: add config for Phytium drivers - !2908 mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page() - !2869 mm, memory_hotplug: update pcp lists everytime onlining a memory block - !2805 sched/fair: Refill bandwidth before scaling - !2804 signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal - !2960 Add script to check & update openeuler_defconfig - config: update openeuler_defconfig for arm64 - config: update openeuler_defconfig for x86 - kconfig: Add script to check & update openeuler_defconfig - kbuild: ensure full rebuild when the compiler is updated - mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page() - mm, memory_hotplug: update pcp lists everytime onlining a memory block - sched/fair: Refill bandwidth before scaling - signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal- !1935 [openEuler-1.0-LTS] Add Phytium optee driver support - !2895 netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one - !2873 Fix SAS start error with maxcpus=1 - genirq: Take the proposed affinity at face value if force==true - optee: add phytium optee driver - optee: model OP-TEE as a platform device/driver - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one - irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Always limit the affinity to online CPUs - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - !2508 [openEuler-1.0-LTS] jpeg: Add a Phytium JPEG Engine driver - !2522 [openEuler-1.0-LTS] Add support for Phytium SoC RNG - !2877 Revert "tcp: fix delayed ACKs for MSS boundary condition" - !2693 [openEuler-1.0-LTS] Add support for Phytium QSPI - !2402 [openEuler-1.0-LTS] Add Phytium w1 driver support - !2403 [openEuler-1.0-LTS] Add Phytium adc driver support - !1874 [openEuler-1.0-LTS] Add Phytium mailbox driver support - !2024 [openEuler-1.0-LTS] Add Phytium RTC driver support - !2682 [openEuler-1.0-LTS] Add support for Phytium MMC - !2671 [openEuler-1.0-LTS] phytium dwmac net driver - !2676 [openEuler-1.0-LTS] Add Phytium gpio driver support - !2604 [openEuler-1.0-LTS] Add support for Phytium SPI - !2540 [openEuler-1.0-LTS] Driver for the Phytium keypad port. - Revert "tcp: fix delayed ACKs for MSS boundary condition" - hwrng: Add support for Phytium SoC RNG - jpeg: Add a Phytium JPEG Engine driver - !2818 Fix memleak in disassociate_ctty() - !2810 drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c - drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c - rtc: add phytium rtc driver document - rtc: add rtc drivers for Phytium SOCs - gpio: add phytium gpio driver - dwmac:add phytium dwmac driver - mailbox:add phytium mailbox driver document - mailbox: add phytium mailbox driver - mmc: add phytium mmc driver DT binding docs - mmc: add support for Phytium MMC - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() - Revert "tty: fix pid memleak in disassociate_ctty()" - spi: add phytium spi driver DT binding docs - spi: add phytium spi support - qspi: add phytium qspi driver DT binding docs - qspi: add support for Phytium QSPI controller - gpio: add phytium gpio driver document - dwmac:add phytium dwmac driver DT binding docs - adc: add phytium adc driver - adc: add phytium adc driver document - w1: add phytium w1 driver - w1: add phytium w1 driver document - KEYPAD: Driver for the Phytium keypad port. - KEYPAD: Document for the Phytium keypad port.- !2803 drivers/gmjstcm: fix a dev_err() call in spi tcm device probe - !2841 drm/qxl: fix UAF on handle creation - !2785 [openEuler-1.0-LTS] SCSI: SSSRAID: Support 3SNIC 3S5XX serial RAID/HBA controllers - drm/qxl: fix UAF on handle creation - !2809 bugfix for CVE-2022-45884 - media: dvb-core: Fix use-after-free due to race at dvb_register_device() - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - drivers/gmjstcm: fix a dev_err() call in spi tcm device probe - SCSI: SSSRAID: Support 3SNIC 3S5XX serial RAID/HBA controllers- !2793 handle uninitialized numa nodes gracefully. - !2789 linux-4.19.y inclusion - arch/x86/mm/numa: Do not initialize nodes twice - mm: handle uninitialized numa nodes gracefully - mm, memory_hotplug: make arch_alloc_nodedata independent on CONFIG_MEMORY_HOTPLUG - !2713 Fix netfilter conntrack - !2651 sched/membarrier: fix missing local execution of ipi_sync_rq_state() - tcp: fix delayed ACKs for MSS boundary condition - tcp: fix quick-ack counting to count actual ACKs of new data - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() - team: fix null-ptr-deref when team device type is changed - af_unix: Fix data race around sk->sk_err. - af_unix: Fix data-races around sk->sk_shutdown. - af_unix: Fix data-race around unix_tot_inflight. - af_unix: Fix data-races around user->unix_inflight. - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr - net: read sk->sk_family once in sk_mc_loop() - skbuff: skb_segment, Call zero copy functions before using skbuff frags - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU - tcp: tcp_enter_quickack_mode() should be static - net: Avoid address overwrite in kernel_connect - md/raid1: fix error: ISO C90 forbids mixed declarations - md: raid1: fix potential OOB in raid1_remove_disk() - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer - autofs: fix memory leak of waitqueues in autofs_catatonic_mode - pstore/ram: Check start of empty przs during init - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() - fs: Fix error checking for d_hash_and_lookup() - !2767 crypto: hisilicon/qm - alloc reserve buffer to set and get xqc - crypto: hisilicon/qm - alloc reserve buffer to set and get xqc - !2760 fs: lockd: avoid possible wrong NULL parameter - !2164 Net: ethernet: Support 3snic 3s9xx network card - !2605 add CONFIG_NGBE for Wangxun 1G NIC for aarch64 - !1873 [openEuler-1.0-LTS] Add Phytium hda driver support - !2564 [openEuler-1.0-LTS] Add Phytium i2c driver support - !2636 kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - fs: lockd: avoid possible wrong NULL parameter - !2754 Sync LTS patches for openEuler-1.0-LTS - !2758 crypto: hisilicon - qm obtain the mailbox config at one time - crypto: hisilicon - qm obtain the mailbox config at one time - regmap: rbtree: Fix wrong register marked as in-cache when creating new node - regmap: rbtree: Use alloc_flags for memory allocations - !2730 PCI/IOV: Add pci_sriov_numvfs_lock to support enable pci sriov concurrently - !2722 net: sched: sch_qfq: Use non-work-conserving warning handler - !2650 sched/cpuacct: Fix charge cpuacct.usage_sys - PCI/IOV: Add pci_sriov_numvfs_lock to support enable pci sriov concurrently - net: sched: sch_qfq: Use non-work-conserving warning handler - arm64: config: add CONFIG_NGBE for Wangxun 1G NIC - netfilter: conntrack: fix infinite loop on rmmod - netfilter: conntrack: do not auto-delete clash entries on reply - netfilter: conntrack: allow insertion of clashing entries - netfilter: conntrack: split resolve_clash function - netfilter: conntrack: place confirm-bit setting in a helper - netfilter: conntrack: remove two args from resolve_clash - netfilter: conntrack: tell compiler to not inline nf_ct_resolve_clash - sched/membarrier: fix missing local execution of ipi_sync_rq_state() - sched/cpuacct: Fix charge cpuacct.usage_sys - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - hda: add phytium hda driver - hda: add phytium hda driver document - i2c: add Phytium i2c driver - i2c: add phytium i2c driver DT binding docs - Net: ethernet: Support 3snic 3s9xx network card- !2609 Fix CVE-2023-5717 - !2588 [openEuler-1.0-LTS] Add Phytium Display Engine support. - !2627 ubi: Refuse attaching if mtd's erasesize is 0 - !2473 Revert irq reentrant warm log - !1860 irqchip/gicv3-its: Add workaround for hip09 ITS erratum 162100801 - !2551 Avoid spin or livelock during panic - !2314 can: raw: add missing refcount for memory leak fix - !2396 efi: use 32-bit alignment for efi_guid_t literals - ubi: Refuse attaching if mtd's erasesize is 0 - !2446 audit: fix possible soft lockup in __audit_inode_child() - !2614 CVE-2022-44033 - DRM: Phytium display DRM document - DRM: Phytium display DRM driver - ASoC: hdmi-codec: Add an op to set callback function for plug event - char: pcmcia: remove all the drivers - tty: ipwireless: move Kconfig entry to tty - !1974 CAN driver for phytium CPUs - perf: Fix kabi breakage in struct perf_event - perf: Disallow mis-matched inherited group reads - !2577 media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 - can: can controller driver for phytium CPUs - !2550 xen/events: replace evtchn_rwlock with RCU - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 - !2557 Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO - printk: Drop console_sem during panic - printk: Avoid livelock with heavy printk during panic - printk: disable optimistic spin during panic - printk: Add panic_in_progress helper - xen/events: replace evtchn_rwlock with RCU - irqchip/gicv3-its: Add workaround for hip09 ITS erratum 162100801 - irqchip/gic-v3-its: Make is_v4 use a TYPER copy - Revert "genirq: Introduce warn log when irq be reentrant" - Revert "genirq: add printk safe in irq context" - audit: fix possible soft lockup in __audit_inode_child() - can: add phytium can driver document - efi: use 32-bit alignment for efi_guid_t literals - can: raw: add missing refcount for memory leak fix- !2334 ktask: add memory leak handling for ktask_works in ktask_init() - !2333 ktask: add null-pointer checks for ktask_works in ktask_init() - !2453 igb: set max size RX buffer when store bad packet is enabled - ktask: add memory leak handling for ktask_works in ktask_init() - ktask: add null-pointer checks for ktask_works in ktask_init() - !2441 netfilter: xt_u32: validate user space input - !2435 USB: ene_usb6250: Allocate enough memory for full object - igb: set max size RX buffer when store bad packet is enabled - netfilter: xt_u32: validate user space input - USB: ene_usb6250: Allocate enough memory for full object- !2466 x86/microcode/AMD: Make stub function static inline - !2461 perf/core: Fix reentry problem in perf_output_read_group() - x86/microcode/AMD: Make stub function static inline - perf/core: Fix reentry problem in perf_output_read_group() - !2409 netfilter: nfnetlink_osf: avoid OOB read - !2330 Add a check of uvhub_mask in init_per_cpu() - x86/platform/uv: Fix missing checks of kcalloc() return values - x86/platform/UV: Replace kmalloc() and memset() with k[cz]alloc() calls - !2412 netfilter: xt_sctp: validate the flag_info count - !2419 ext4: fix rec_len verify error - ext4: fix rec_len verify error - netfilter: xt_sctp: validate the flag_info count - netfilter: nfnetlink_osf: avoid OOB read - !2360 scsi: hisi_sas: Handle the NCQ error returned by D2H frame - scsi: hisi_sas: Handle the NCQ error returned by D2H frame- !2322 net/sched: Retire rsvp classifier - !2346 RDMA/irdma: Prevent zero-length STAG registration - !2349 net: ipv4: fix one memleak in __inet_del_ifa() - !2329 ipv4: fix null-deref in ipv4_link_failure - !2342 linux-4.19.y inclusion - !2345 Backport lts bugfix patch for macvlan - !2344 PCI: acpiphp: linux-4.19.y bugfixes backport - !2341 quota: fix warning in dqgrab() - net: ipv4: fix one memleak in __inet_del_ifa() - !1706 cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() - rtnetlink: Reject negative ifindexes in RTM_NEWLINK - netfilter: nf_queue: fix socket leak - net/sched: fix a qdisc modification with ambiguous command request - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure - net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled - sock: annotate data-races around prot->memory_pressure - !2337 mm: memory-failure: use rcu lock instead of tasklist_lock when collect_procs() - RDMA/irdma: Prevent zero-length STAG registration - bonding: fix macvlan over alb bond support - net: remove bond_slave_has_mac_rcu() - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus - PCI: acpiphp: Reassign resources on bridge if necessary - sock: Fix misuse of sk_under_memory_pressure() - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves - ip_vti: fix potential slab-use-after-free in decode_session6 - net: af_key: fix sadb_x_filter validation - net: xfrm: Fix xfrm_address_filter OOB read - serial: 8250: Fix oops for port->pm on uart_change_pm() - quota: Properly disable quotas when add_dquot_ref() fails - quota: fix warning in dqgrab() - !2335 x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms - mm: memory-failure: use rcu lock instead of tasklist_lock when collect_procs() - x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms - ipv4: fix null-deref in ipv4_link_failure - net/sched: Retire rsvp classifier - !2301 xfrm6: fix inet6_dev refcount underflow problem - !2303 cifs: Release folio lock on fscache read hit. - cifs: Release folio lock on fscache read hit. - !2294 netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c - xfrm6: fix inet6_dev refcount underflow problem - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c - !2276 cpuidle: Fix kobject memory leaks in error paths - cpuidle: Fix kobject memory leaks in error paths - cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks()- !2274 cec-api: prevent leaking memory through hole in structure - !2281 sdei_watchdog: Avoid exception during sdei handler - sdei_watchdog: Avoid exception during sdei handler - cec-api: prevent leaking memory through hole in structure - !2262 crypto: hisilicon - reset before init the device - crypto: hisilicon - reset before init the device - !2212 [sync] PR-2210: jbd2: Fix potential data lost in recovering journal raced with synchronizing fs bdev - jbd2: Fix potential data lost in recovering journal raced with synchronizing fs bdev- !2168 net: sched: sch_qfq: Fix UAF in qfq_dequeue() - !2226 crypto: hisilicon/qm - prevent soft lockup in qm_poll_qp()'s loop - !2225 media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() - crypto: hisilicon/qm - prevent soft lockup in qm_poll_qp()'s loop - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() - !2177 sched/qos: Fix warning in CPU hotplug scenarios - !2207 crypto:hisilicon/qm - cache write back before flr and poweroff - !2206 Fix booting failure on arm64 - crypto:hisilicon/qm - cache write back before flr and poweroff - !2205 crypto:hisilicon/sec - modify hw endian config - Revert "efi: Make efi_rts_work accessible to efi page fault handler" - Revert "efi/x86: Handle page faults occurring while running EFI runtime services" - Revert "efi: Fix debugobjects warning on 'efi_rts_work'" - Revert "efi: Fix build error due to enum collision between efi.h and ima.h" - Revert "x86/efi: fix a -Wtype-limits compilation warning" - Revert "arm64: efi: Restore register x18 if it was corrupted" - Revert "efi: fix userspace infinite retry read efivars after EFI runtime services page fault" - Revert "arm64: efi: Execute runtime services from a dedicated stack" - Revert "arm64: efi: Recover from synchronous exceptions occurring in firmware" - Revert "efi: rt-wrapper: Add missing include" - Revert "arm64: efi: Make efi_rt_lock a raw_spinlock" - crypto:hisilicon/sec - modify hw endian config - !2118 Compiler: Backport value profile support to openEuler 20.03 LTS SP3. - GCOV: Add value profile support for kernel. - sched/qos: Fix warning in CPU hotplug scenarios - !2154 netfilter: nftables: exthdr: fix 4-byte stack OOB write - net: sched: sch_qfq: Fix UAF in qfq_dequeue() - !2140 io_uring: ensure IOPOLL locks around deferred work - !2056 i2c: hisi: Add gpio bus recovery support - netfilter: nftables: exthdr: fix 4-byte stack OOB write - !2082 fix CVE-2023-20588 - io_uring: ensure IOPOLL locks around deferred work - i2c: hisi: Add gpio bus recovery support - x86/CPU/AMD: Fix the DIV(0) initial fix attempt - x86/CPU/AMD: Do not leak quotient data after a division by 0- !2084 af_unix: Fix null-ptr-deref in unix_stream_sendpage(). - !2071 【openEuler-1.0-LTS】net: openvswitch: don't send internal clone attribute to the userspace - net: openvswitch: don't send internal clone attribute to the userspace. - !2089 net/sched: sch_hfsc: Ensure inner classes have fsc curve - !335 efi: fix crash due to EFI runtime service page faults - net/sched: sch_hfsc: Ensure inner classes have fsc curve - !2088 [openEuler-1.0-LTS] bugfixes of scsi - scsi: fix kabi broken in struct Scsi_Host - scsi: don't fail if hostt->module is NULL - scsi: scsi_device_gets returns failure when the module is NULL. - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). - !2069 x86/speculation: Add Gather Data Sampling mitigation - !1692 Mainline bugfix patches backport 4.19 - !2075 x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 - !2079 [openEuler-1.0-LTS] stable inclusion from linux-4.19.y - scsi: core: raid_class: Remove raid_component_add() - scsi: core: Fix possible memory leak if device_add() fails - scsi: core: Fix legacy /proc parsing buffer overflow - serial: 8250_dw: Preserve original value of DLF register - serial: 8250_dw: split Synopsys DesignWare 8250 common functions - nbd: Add the maximum limit of allocated index in nbd_dev_add - integrity: Fix possible multiple allocation in integrity_inode_get() - !2070 net bugfixes inclusion from linux-4.19.y - drivers: net: prevent tun_build_skb() to exceed the packet size limit - net/packet: annotate data-races around tp->status - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen - tcp_metrics: annotate data-races around tm->tcpm_net - tcp_metrics: annotate data-races around tm->tcpm_vals[] - tcp_metrics: annotate data-races around tm->tcpm_lock - tcp_metrics: annotate data-races around tm->tcpm_stamp - tcp_metrics: fix addr_same() helper - virtio-net: set queues after driver_ok - virtio-net: fix race between set queues and probe - team: reset team's flags when down link is P2P device - bonding: reset bond's flags when down link is P2P device - tcp: annotate data-races around fastopenq.max_qlen - tcp: annotate data-races around tp->notsent_lowat - tcp: annotate data-races around rskq_defer_accept - tcp: annotate data-races around tp->linger2 - net: Replace the limit of TCP_LINGER2 with TCP_FIN_TIMEOUT_MAX - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() - net/sched: make psched_mtu() RTNL-less safe - udp6: fix udp6_ehashfn() typo - icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev(). - vrf: Increment Icmp6InMsgs on the original netdev - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free - tcp: annotate data races in __tcp_oow_rate_limited() - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode - ipvlan: Fix return value of ipvlan_queue_xmit() - netlink: do not hard code device address lenth in fdb dumps - netlink: Add __sock_i_ino() for __netlink_diag_dump(). - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 - !1987 tracing: Fix race issue between cpu buffer write and swap - !2067 memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() - netlink: fix potential deadlock in netlink_set_err() - x86/speculation: Mark all Skylake CPUs as vulnerable to GDS - x86: Move gds_ucode_mitigated() declaration to header - Documentation/x86: Fix backwards on/off logic about YMM support - KVM: Add GDS_NO support to KVM - x86/speculation: Add Kconfig option for GDS - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add cpu_show_gds() prototype - x86/speculation: Add Gather Data Sampling mitigation - !2063 cpu/hotplug: Prevent self deadlock on CPU hot-unplug - !2046 use precise io accounting apis - memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock() - cpu/hotplug: Prevent self deadlock on CPU hot-unplug - !2050 memcg: fix a UAF problem in drain_all_stock() - !1976 fix race between setxattr and write back - memcg: fix a UAF problem in drain_all_stock() - dm: switch to precise io accounting - block: add precise io accouting apis - tracing: Fix race issue between cpu buffer write and swap - ext2: dump current reservation window info - ext2: fix race between setxattr and write back - ext2: introduce flag argument for ext2_new_blocks() - ext2: remove ext2_new_block() - arm64: efi: Make efi_rt_lock a raw_spinlock - efi: rt-wrapper: Add missing include - arm64: efi: Recover from synchronous exceptions occurring in firmware - arm64: efi: Execute runtime services from a dedicated stack - efi: fix userspace infinite retry read efivars after EFI runtime services page fault - arm64: efi: Restore register x18 if it was corrupted - x86/efi: fix a -Wtype-limits compilation warning - efi: Fix build error due to enum collision between efi.h and ima.h - efi: Fix debugobjects warning on 'efi_rts_work' - efi/x86: Handle page faults occurring while running EFI runtime services - efi: Make efi_rts_work accessible to efi page fault handler - lib/genalloc.c: change return type to unsigned long for bitmap_set_ll - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE - iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE- !1964 crypto:padata: Fix return err for PADATA_RESET - !1955 fuse: revalidate: don't invalidate if interrupted - !1973 sched/smt: fix unbalance sched_smt_present dec/inc - sched/smt: fix unbalance sched_smt_present dec/inc - !1906 tracing: Fix memleak due to race between current_tracer and trace - !1958 block: don't get gendisk if queue has not been registered - crypto:padata: Fix return err for PADATA_RESET - block: don't get gendisk if queue has not been registered - fuse: revalidate: don't invalidate if interrupted - !1902 tracing: Fix cpu buffers unavailable due to 'record_disabled' missed - tracing: Fix memleak due to race between current_tracer and trace - tracing: Fix cpu buffers unavailable due to 'record_disabled' missed- !1863 nbd: pass nbd_sock to nbd_read_reply() instead of index - !1638 [openEuler-1.0-LTS] Add support for Hygon model 4h~6h processors - !1884 ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() - !1882 ip6mr: Fix skb_under_panic in ip6mr_cache_report() - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() - ip6mr: Fix skb_under_panic in ip6mr_cache_report() - EDAC/amd64: Add support for Hygon family 18h model 6h - x86/amd_nb: Add support for Hygon family 18h model 6h - hwmon/k10temp: Add support for Hygon family 18h model 5h - EDAC/amd64: Add support for Hygon family 18h model 5h - x86/amd_nb: Add support for Hygon family 18h model 5h - x86/cpu: Get LLC ID for Hygon family 18h model 5h - i2c-piix4: Remove the IMC detecting for Hygon SMBus - hwmon/k10temp: Add support for Hygon family 18h model 4h - EDAC/mce_amd: Use struct cpuinfo_x86.logical_die_id for Hygon NodeId - EDAC/amd64: Adjust address translation for Hygon family 18h model 4h - EDAC/amd64: Add support for Hygon family 18h model 4h - EDAC/amd64: Get UMC channel from the 6th nibble for Hygon - iommu/hygon: Add support for Hygon family 18h model 4h IOAPIC - x86/amd_nb: Add northbridge support for Hygon family 18h model 4h - x86/amd_nb: Add Hygon family 18h model 4h PCI IDs - x86/microcode/hygon: Add microcode loading support for Hygon processors - x86/cpu/hygon: Modify the CPU topology deriving method for Hygon - x86/MCE/AMD: Use an u64 for bank_map - EDAC/mc_sysfs: Increase legacy channel support to 12 - EDAC/amd64: Add new register offset support and related changes - EDAC/amd64: Set memory type per DIMM - rtc: mc146818-lib: Fix the AltCentury for AMD platforms - EDAC/amd64: Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh - EDAC: Add RDDR5 and LRDDR5 memory types - hwmon: (k10temp) Remove unused definitions - hwmon: (k10temp) Remove residues of current and voltage - hwmon: (k10temp) Rework the temperature offset calculation - hwmon: (k10temp) Don't show Tdie for all Zen/Zen2/Zen3 CPU/APU - x86/cstate: Allow ACPI C1 FFH MWAIT use on Hygon systems - x86/topology: Make __max_die_per_package available unconditionally - x86/cpu/amd: Set __max_die_per_package on AMD - hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs - EDAC: Add DDR5 new memory type - x86/topology: Set cpu_die_id only if DIE_TYPE found - EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId - x86/CPU/AMD: Save AMD NodeId as cpu_die_id - EDAC/amd64: Set proper family type for Family 19h Models 20h-2Fh - hwmon: (k10temp) Add support for Zen3 CPUs - x86/mce: Increase maximum number of banks to 64 - hwmon: (k10temp) Define SVI telemetry and current factors for Zen2 CPUs - hwmon: (k10temp) Create common functions and macros for Zen CPU families - i2c: designware: Add device HID for Hygon I2C controller - hwmon: (k10temp) make some symbols static - hwmon: (k10temp) Reorganize and simplify temperature support detection - hwmon: (k10temp) Swap Tdie and Tctl on Family 17h CPUs - hwmon: (k10temp) Display up to eight sets of CCD temperatures - hwmon: (k10temp) Don't show temperature limits on Ryzen (Zen) CPUs - hwmon: (k10temp) Show core and SoC current and voltages on Ryzen CPUs - hwmon: (k10temp) Report temperatures per CPU die - hmon: (k10temp) Convert to use devm_hwmon_device_register_with_info - hwmon: (k10temp) Use bitops - hwmon: Add convience macro to define simple static sensors - hwmon: (k10temp) Auto-convert to use SENSOR_DEVICE_ATTR_{RO, RW, WO} - hwmon: Introduce SENSOR_DEVICE_ATTR_{RO, RW, WO} and variants - x86/umip: Make the UMIP activated message generic - x86/umip: Print UMIP line only once - x86/microcode/AMD: Clean up per-family patch size checks - !1689 [openEuler-1.0-LTS] drm/atomic-helper: Bump vblank timeout to 100 ms - nbd: pass nbd_sock to nbd_read_reply() instead of index - !1807 Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb - !1844 net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() - !1785 README: Remove out-of-date contribution guide - !1849 fs: jfs: fix possible NULL pointer dereference in dbFree() - fs: jfs: fix possible NULL pointer dereference in dbFree() - !1836 tcp: Reduce chance of collisions in inet6_hashfn(). - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() - tcp: Reduce chance of collisions in inet6_hashfn(). - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb - README: Remove out-of-date contribution guide - drm/atomic-helper: Bump vblank timeout to 100 ms- !1831 fix NULL pointer dereference in __nf_nat_mangle_tcp_packet - netfilter: nat: fix kabi change - netfilter: nat: fix udp checksum corruption - netfilter: nat: remove csum_recalc hook - !1769 workqueue: Make flush_workqueue() also watch flush_work() - !1803 net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - !1767 bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves - workqueue: Assign a color to barrier work items - workqueue: Mark barrier work with WORK_STRUCT_INACTIVE - workqueue: Change the code of calculating work_flags in insert_wq_barrier() - workqueue: Change arguement of pwq_dec_nr_in_flight() - workqueue: Rename "delayed" (delayed by active management) to "inactive" - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves- !1762 xen/netback: Fix buffer overrun triggered by unusual packet - xen/netback: Fix buffer overrun triggered by unusual packet - !1761 fix CVE-2023-4194 - net: tap_open(): set sk_uid from current_fsuid() - net: tun_chr_open(): set sk_uid from current_fsuid() - !1728 fix CVE-2023-4128 - !1673 sched: disable sched_autogroup by default - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free - !1712 xfrm: add NULL check in xfrm_update_ae_params - xfrm: add NULL check in xfrm_update_ae_params - sched: disable sched_autogroup by default- !1699 dm bugfixes backport from mainline - !1697 x86/cpu/amd: Add a Zenbleed fix - md: Flush workqueue md_rdev_misc_wq in md_alloc() - dm: don't lock fs when the map is NULL during suspend or resume - dm: don't lock fs when the map is NULL in process of resume - dm: requeue IO if mapping table not yet available - Revert "dm: make sure dm_table is binded before queue request" - dm thin metadata: check fail_io before using data_sm - !1662 media: usb: siano: Fix CVE-2023-4132 - !1696 Revert "arm64/mpam: Fix mpam corrupt when cpu online" - x86/cpu/amd: Add a Zenbleed fix - !1694 linux-4.19.y bugfixes backport - Revert "arm64/mpam: Fix mpam corrupt when cpu online" - x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys - sch_netem: fix issues in netem_change() vs get_dist_table() - sch_netem: acquire qdisc lock in netem_change() - cgroup: Do not corrupt task iteration when rebinding subsystem - !1577 tracing: Fix warning in trace_buffered_event_disable() - !1663 tty: fix pid memleak in disassociate_ctty() - tty: fix pid memleak in disassociate_ctty() - media: usb: siano: Fix warning due to null work_func_t function pointer - media: usb: siano: Fix use after free bugs caused by do_submit_urb - !1629 can: raw: fix receiver memory leak - !1655 can: bcm: Fix UAF in bcm_proc_show() - can: bcm: Fix UAF in bcm_proc_show() - can: raw: fix lockdep issue in raw_release() - can: raw: fix receiver memory leak - !1625 Fix host zero page refcount overflow caused by kvm - !1595 net: nfc: Fix CVE-2023-3863 - KVM: Don't set Accessed/Dirty bits for ZERO_PAGE - KVM: fix overflow of zero page refcount with ksm running - net: nfc: Fix use-after-free caused by nfc_llcp_find_local - nfc: llcp: simplify llcp_sock_connect() error paths - nfc: llcp: nullify llcp_sock->dev on connect() error paths - nfc: Fix to check for kmemdup failure - tracing: Fix warning in trace_buffered_event_disable()- !1571 【openEuler-1.0-LTS】net: hns: fix wrong head when modify the tx feature when sending packets - !1570 【openEuler-1.0-LTS】net: hns3: bugfixes for hns3 drivers 2023.07.29 - net: hns: update hns version to 23.7.1 - net: hns: fix wrong head when modify the tx feature when sending packets - net: hns3: update hns3 version to 23.7.1 - net: hns3: fix tx timeout issue - net: hns3: fix incorrect hw rss hash type of rx packet - net: hns3: add barrier in vf mailbox reply process - net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg - net: hns3: fix not call nic_call_event() problem when reset failed - !1556 net/sched: cls_fw: Fix improper refcount update leads to use-after-free - !1568 net/sched: cls_u32: Fix reference counter leak leading to overflow - net/sched: cls_u32: Fix reference counter leak leading to overflow - net/sched: cls_fw: Fix improper refcount update leads to use-after-free - !1549 binder: fix UAF caused by faulty buffer cleanup - binder: fix UAF caused by faulty buffer cleanup- !1534 arm64/mpam: fix missing kfree domain's ctrl_val arrray - arm64/mpam: fix missing kfree domain's ctrl_val arrray - !1529 net/sched: sch_qfq: account for stab overhead in qfq_enqueue - net/sched: sch_qfq: account for stab overhead in qfq_enqueue - !1474 [openEuler-1.0-LTS] pmu: remove uncore code for Zhaoxin Platform - !1498 media: dvb-core: Fix use-after-free due on race condition at dvb_net - media: dvb-core: Fix use-after-free due on race condition at dvb_net - !1444 ring-buffer: Fix deadloop issue on reading trace_pipe - !1469 netfilter: nf_tables: prevent OOB access in nft_byteorder_eval - !1472 ipv6/addrconf: fix a potential refcount underflow for idev - pmu: remove uncore code for Zhaoxin Platform - ipv6/addrconf: fix a potential refcount underflow for idev - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() - ring-buffer: Fix deadloop issue on reading trace_pipe- !1435 fix CVE-2023-3117 - netfilter: nf_tables: unbind non-anonymous set if rule construction fails - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE - !1400 [openEuler-1.0-LTS] block: Try to handle busy underlying device on discard - !1416 Fix generic/299 fail - ext4: Add debug message to notify user space is out of free - Revert "ext4: Stop trying writing pages if no free blocks generated" - !1404 bpf: cpumap: Fix memory leak in cpu_map_update_elem - bpf: cpumap: Fix memory leak in cpu_map_update_elem - block: Try to handle busy underlying device on discard - !1377 [sync] PR-1376: jbd2: Check 'jh->b_transaction' before remove it from checkpoint - !1374 etmem: fix the div 0 problem in swapcache reclaim process - !177 net:bonding:support balance-alb interface with vlan to bridge - jbd2: Check 'jh->b_transaction' before remove it from checkpoint - etmem: fix the div 0 problem in swapcache reclaim process - bonding: fix reference count leak in balance-alb mode - net:bonding:support balance-alb interface with vlan to bridge- !1361 fix CVE-2023-1295 - io_uring: get rid of intermediate IORING_OP_CLOSE stage - fs: provide locked helper variant of close_fd_get_file() - file: Rename __close_fd_get_file close_fd_get_file - Remove DECnet support from kernel - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report - net: tcp: fix kabi breakage in struct sock - tcp: deny tcp_disconnect() when threads are waiting - ping6: Fix send to link-local addresses with VRF. - net: sched: fix possible refcount leak in tc_chain_tmplt_add() - rfs: annotate lockless accesses to RFS sock flow table - rfs: annotate lockless accesses to sk->sk_rxhash - xfrm: Check if_id in inbound policy/secpath match - udp6: Fix race condition in udp6_sendmsg & connect - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set - af_packet: do not use READ_ONCE() in packet_bind() - af_packet: Fix data-races of pkt_sk(sk)->num. - ipv{4,6}/raw: fix output xfrm lookup wrt protocol - ipv6: Fix out-of-bounds access in ipv6_find_tlv() - net: fix skb leak in __skb_tstamp_tx() - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() - af_key: Reject optional tunnel/BEET mode templates in outbound policies - net: Catch invalid index in XPS mapping - af_unix: Fix data races around sk->sk_shutdown. - af_unix: Fix a data race of sk->sk_receive_queue->qlen. - net: datagram: fix data-races in datagram_poll() - tcp: factor out __tcp_close() helper - net: annotate sk->sk_err write from do_recvmmsg() - netlink: annotate accesses to nlk->cb_running - quota: simplify drop_dquot_ref() - quota: fix dqput() to follow the guarantees dquot_srcu should provide - quota: add new helper dquot_active() - quota: rename dquot_active() to inode_quota_active() - quota: factor out dquot_write_dquot() - quota: add dqi_dirty_list description to comment of Dquot List Management - quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list - kernel/extable.c: use address-of operator on section symbols - arm64/mm: mark private VM_FAULT_X defines as vm_fault_t - x86/mm: Avoid incomplete Global INVLPG flushes - sched: Fix KCSAN noinstr violation - serial: 8250: Reinit port->pm on port specific driver unbind - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects - ACPI: EC: Fix oops when removing custom query handlers - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() - lib: cpu_rmap: Avoid use after free on rmap->obj array entries - ext4: improve error recovery code paths in __ext4_remount() - scsi: core: Improve scsi_vpd_inquiry() checks - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock - loop: loop_set_status_from_info() check before assignment - loop: Check for overflow while configuring loop - Revert "loop: Check for overflow while configuring loop" - block: don't set GD_NEED_PART_SCAN if scan partition failed - block: return -EBUSY when there are open partitions in blkdev_reread_part - blk-wbt: make enable_state more accurate - block: Limit number of items taken from the I/O scheduler in one go - crypto: cryptd - Protect per-CPU resource by disabling BH. - random: fix data race on crng_node_pool - x86/kprobes: Fix the error judgment for debug exceptions - ext4: turning quotas off if mount failed after enable quotas - ext4: forbid commit inconsistent quota data when errors=remount-ro - quota: fixup *_write_file_info() to return proper error code - ipmi_si: fix a memleak in try_smi_init() - net: add vlan_get_protocol_and_depth() helper - net: tap: check vlan with eth_type_vlan() method - !1317 ext4: Stop trying writing pages if no free blocks generated - !1323 jbd2: fix several checkpoint - jbd2: fix checkpoint cleanup performance regression - jbd2: remove __journal_try_to_free_buffer() - jbd2: fix a race when checking checkpoint buffer busy - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint - jbd2: remove journal_clean_one_cp_list() - nbd: fix null-ptr-dereference while accessing 'nbd->config' - nbd: factor out a helper to get nbd_config without holding 'config_lock' - nbd: fold nbd config initialization into nbd_alloc_config() - ext4: Stop trying writing pages if no free blocks generated - ipvlan:Fix out-of-bounds caused by unclear skb->cb- sched: Fix null pointer derefrence for sd->span - scsi: hisi_sas: Fix Null point exception after call debugfs_remove_recursive() - scsi: hisi_sas: Fix normally completed I/O analysed as failed - drm/msm/dpu: Add check for pstates - usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition- HID: intel_ish-hid: Add check for ishtp_dma_tx_map - media: saa7134: fix use after free bug in saa7134_finidev due to race condition - config: enable CONFIG_QOS_SCHED_SMART_GRID by default - mm: oom: move memcg_print_bad_task() out of mem_cgroup_scan_tasks() - media: dm1105: Fix use after free bug in dm1105_remove due to race condition - sched: Fix memory leak for smart grid - sched: Delete redundant updates to p->prefer_cpus - nbd: fix incomplete validation of ioctl arg - nbd: validate the block size in nbd_set_size - relayfs: fix out-of-bounds access in relay_file_read - kernel/relay.c: fix read_pos error when multiple readers - net/sched: flower: fix possible OOB write in fl_set_geneve_opt()- sched: Adjust few parameters range for smart grid - sched: clear credit count in error branch - sched: Fix memory leak on error branch - sched: fix dereference NULL pointers - sched: Fix timer storm for smart grid - memstick: r592: Fix UAF bug in r592_remove due to race condition - fbcon: Check font dimension limits - sched/rt: Fix possible warn when push_rt_task - !1152 pci: workaround multiple functions can be assigned to only one VM - pci: workaround multiple functions can be assigned to only one VM - sched: Fix negative count for jump label - sched: Fix possible deadlock in tg_set_dynamic_affinity_mode - sched: fix WARN found by deadlock detect - sched: fix smart grid usage count - sched: Add static key to reduce noise - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() - !1134 【openEuler-1.0-LTS】cpufreq:conservative: Fix load in fast_dbs_update() - firewire: fix potential uaf in outbound_phy_packet_callback() - cpufreq: conservative: fix load in fast_dbs_update()- arm64: Add AMPERE1 to the Spectre-BHB affected list - sctp: Call inet6_destroy_sock() via sk->sk_destruct(). - net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). - dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() - sched: smart grid: init sched_grid_qos structure on QOS purpose - sched: Introduce smart grid scheduling strategy for cfs - ipmi: fix SSIF not responding under certain cond. - ipmi_ssif: Rename idle state and check - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH - af_packet: Don't send zero-byte data in packet_sendmsg_spkt(). - nohz: Add TICK_DEP_BIT_RCU - perf/core: Fix hardlockup failure caused by perf throttle - of: Fix modalias string generation - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. - ipv4: Fix potential uninit variable access bug in __ip_make_skb() - crypto: drbg - Only fail when jent is unavailable in FIPS mode - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors - net/packet: convert po->auxdata to an atomic flag - net/packet: convert po->origdev to an atomic flag - ring-buffer: Sync IRQ works before buffer destruction - dccp: Call inet6_destroy_sock() via sk->sk_destruct(). - inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). - tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). - lib/cmdline: fix get_option() for strings starting with hyphen - of: overlay: fix for_each_child.cocci warnings - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list - fs: hfsplus: fix UAF issue in hfsplus_put_super - block: Fix the partition start may overflow in add_partition() - block: refactor blkpg_ioctl - nbd: get config_lock before sock_shutdown - ipv6: sr: fix out-of-bounds read when setting HMAC data. - dm: add disk before alloc dax - dm thin: Fix ABBA deadlock by resetting dm_bufio_client- !932 [sync] PR-922: jbd2: fix checkpoint inconsistent - jbd2: remove t_checkpoint_io_list - jbd2: recheck chechpointing non-dirty buffer - irqchip/gic-v3-its: Balance initial LPI affinity across CPUs - irqchip/gic-v3-its: Track LPI distribution on a per CPU basis - power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition - net: sched: fix NULL pointer dereference in mq_attach- !841 【openEuler-1.0-LTS】cpufreq: conservative: Add a switch to enable fast mode - x86/pm: Fix false positive kmemleak report in msr_build_context() - drm: Lock pointer access in drm_master_release() - drm: Fix use-after-free read in drm_getunique() - cpufreq: conservative: Add a switch to enable fast mode - of: overlay: kmemleak in dup_and_fixup_symbol_prop() - iommu/dma: Fix MSI reservation allocation - lib/stackdepot.c: fix global out-of-bounds in stack_slabs - rcu: Use *_ONCE() to protect lockless ->expmask accesses - iommu: Don't print warning when IOMMU driver only supports unmanaged domains - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum- netfilter: nf_tables: deactivate anonymous set from preparation phase - x86/msr-index: make SPEC_CTRL_IBRS assembler-portable - xfs: verify buffer contents when we skip log replay - !586 [openEuelr-1.0-LTS] kvm: arm64: fix some pvsched bugs - kvm: arm64: fix some pvsched bugs- net: sctp: update stream->incnt after successful allocation of stream_in - !741 [openEuler-1.0-LTS] openeuler_defconfig: Add configuration items for zhaoxin - !752 arm64/mpam: modify mpam irq register error log - arm64/mpam: modify mpam irq register error log - !437 [openEuler-1.0-LTS] USB: HCD: Fix URB giveback issue in tasklet function - openeuler_defconfig: Add configuration items for zhaoxin - bluetooth: Perform careful capability checks in hci_sock_ioctl() - netrom: Fix use-after-free caused by accept on already connected socket - !689 Fix compile error in allyesconfigs - !441 [openEuler-1.0-LTS] Add support for Zhaoxin SM3 and SM4 instruction - !438 [openEuler-1.0-LTS] Add Zhaoxin I2C driver - i2c: Add Zhaoxin I2C driver - !432 [openEuler-1.0-LTS] Add Zhaoxin ACE driver - mm: memcontrol: switch to rcu protection in drain_all_stock() - !429 [openEuler-1.0.-LTS] ACPI, x86: Improve Zhaoxin processors support for NONSTOP TSC - !428 [openEuelr-1.0-LTS] x86/acpi/cstate: Optimize ARB_DISABLE on Centaur CPUs - !687 [HUST CSE] fix a use-after-free bug in uncore_pci_remove() - scsi/hifc: Fix compile error in allyesconfigs - net/hinic: Fix compile error in allyesconfigs - x86/perf: fix use-after-free bug in uncore_pci_remove() - crypto: Driver for Zhaoxin GMI SM4 Block Cipher Algorithm - crypto: Driver for Zhaoxin GMI SM3 Secure Hash algorithm - !433 [openEuler-1.0-LTS] Add support of turbo boost control interface for Zhaoxin CPUs - !431 [openEuler-1.0-LTS] Add Zhaoxin rng driver - crypto: Add Zhaoxin ACE driver - cpufreq: ACPI: Add Zhaoxin/Centaur turbo boost control interface support - hwrng: Add Zhaoxin rng driver - USB: HCD: Fix URB giveback issue in tasklet function - ACPI, x86: Improve Zhaoxin processors support for NONSTOP TSC - x86/acpi/cstate: Optimize ARB_DISABLE on Centaur CPUs- ipv6: Fix an uninit variable access bug in __ip6_make_skb() - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() - verify_pefile: relax wrapper length check - udp6: fix potential access to stale information - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() - ftrace: Mark get_lock_parent_ip() __always_inline - perf/core: Fix the same task check in perf_event_set_output - net: don't let netpoll invoke NAPI if in xmit context - icmp: guard against too small mtu - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized - dm stats: check for and propagate alloc_percpu failure - dm thin: fix deadlock when swapping to thin device - genirq: introduce handle_fasteoi_edge_irq for phytium - genirq: introduce handle_fasteoi_edge_irq flow handler - Revert "genirq: Remove irqd_irq_disabled in __irq_move_irq" - Revert "config: enbale irq pending config for openeuler" - Revert "genirq: introduce CONFIG_GENERIC_PENDING_IRQ_FIX_KABI" - Revert "irqchip/gic-v3-its: introduce CONFIG_GENERIC_PENDING_IRQ" - scsi: dpt_i2o: Remove obsolete driver - md: extend disks_mutex coverage - md: use msleep() in md_notify_reboot() - md: fix double free of mddev->private in autorun_array() - block/badblocks: fix badblocks loss when badblocks combine - block/badblocks: fix the bug of reverse order - block: Only set bb->changed when badblocks changes - md: fix sysfs duplicate file while adding rdev - md: replace invalid function flush_rdev_wq() with flush_workqueue() - bonding: Fix memory leak when changing bond type to Ethernet - dm ioctl: fix nested locking in table_clear() to remove deadlock concern - timers/nohz: Last resort update jiffies on nohz_full IRQ entry - bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails - bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change - net: qcom/emac: Fix use after free bug in emac_remove due to race condition - ovl: get_acl: Fix null pointer dereference at realinode in rcu-walk mode - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg - ext4: only update i_reserved_data_blocks on successful block allocation - mm: mem_reliable: Use zone_page_state to count free reliable pages - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs - sctp: leave the err path free in sctp_stream_init to sctp_stream_free - RDMA/core: Refactor rdma_bind_addr - Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow" - fix kabi broken due to import new inode operation get_inode_acl - ovl: enable RCU'd ->get_acl() - vfs: add rcu argument to ->get_acl() callback- RDMA/hns: Add check for user-configured max_inline_data value - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition - !430 [openEuler-1.0-LTS] ata: sata_zhaoxin: Update Zhaoxin Serial ATA product name - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() - audit: fix a memleak caused by auditing load module - !595 [openEuler-1.0-LTS] iommu/arm-smmu-v3: Fix UAF when handle evt during iommu group removing - tcp: restrict net.ipv4.tcp_app_win - x86/speculation: Allow enabling STIBP with legacy IBRS - iommu/arm-smmu-v3: Fix UAF when handle evt during iommu group removing - ata: sata_zhaoxin: Update Zhaoxin Serial ATA product name- KVM: nVMX: add missing consistency checks for CR0 and CR4 - drm/vmwgfx: Validate the box size for the snooped cursor - net/sched: Retire tcindex classifier - Documentation/hw-vuln: Fix rST warning - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - x86/speculation: Identify processors vulnerable to SMT RSB predictions - cpu/SMT: create and export cpu_smt_possible() - nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition- hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition - xirc2ps_cs: Fix use after free bug in xirc2ps_detach - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition - !566 linux-4.19.y bugfixes backport - bpf: add missing header file include - uaccess: Add speculation barrier to copy_from_user() - random: always mix cycle counter in add_latent_entropy() - x86/mm: Fix use of uninitialized buffer in sme_enable() - ext4: fail ext4_iget if special inode unallocated - ext4: zero i_disksize when initializing the bootloader inode - irqdomain: Drop bogus fwspec-mapping error handling - irqdomain: Fix disassociation race - irqdomain: Fix association race - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic - x86/bugs: Reset speculation control settings on init - timers: Prevent union confusion from unexpected restart_syscall() - crypto: rsa-pkcs1pad - Use akcipher_request_complete - crypto: seqiv - Handle EBUSY correctly - ACPI: battery: Fix missing NUL-termination with large strings - ACPICA: nsrepair: handle cases without a return value correctly - genirq: Fix the return type of kstat_cpu_irqs_sum() - ACPI: NFIT: fix a potential deadlock during NFIT teardown - alarmtimer: Prevent starvation by small intervals and SIG_IGN - ring-buffer: Fix race while reader and writer are on the same page - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock - cgroup/cpuset: Change cpuset_rwsem and hotplug lock order - Revert "cgroup/cpuset: Change cpuset_rwsem and hotplug lock order" - Revert "cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock" - Revert "cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()" - block: fix wrong mode for blkdev_put() from disk_scan_partitions() - block: fix scan partition for exclusively open device again - block: fix kabi broken in ioctl.c - block: merge disk_scan_partitions and blkdev_reread_part - block: cleanup partition scanning in register_disk - block: Revert "block: check 'bd_super' before rescanning partition" - md: fix kabi broken in struct mddev - md: use interruptible apis in idle/frozen_sync_thread - md: wake up 'resync_wait' at last in md_reap_sync_thread() - md: refactor idle/frozen_sync_thread() - md: add a mutex to synchronize idle and frozen in action_store() - md: refactor action_store() for 'idle' and 'frozen' - mm: mem_reliable: Initialize reliable_nr_page when mm_init() - md: fix soft lockup in status_resync - md: don't update recovery_cp when curr_resync is ACTIVE - md: Ensure resync is reported after it starts - md: Use enum for overloaded magic numbers used by mddev->curr_resync - loop: Add parm check in loop_control_ioctl - block/wbt: enable wbt after switching cfq to other schedulers - Fix double fget() in vhost_net_set_backend() - sched/fair: Sanitize vruntime of entity being migrated - sched/fair: sanitize vruntime of entity being placed - Revert "sched: Reinit task's vruntime if a task sleep over 200 days" - btrfs: fix race between quota disable and quota assign ioctls- ext4: Fix i_disksize exceeding i_size problem in paritally written case - ext4: ext4_put_super: Remove redundant checking for 'sbi->s_journal_bdev' - ext4: Fix reusing stale buffer heads from last failed mounting - kvm: initialize all of the kvm_debugregs structure before sending it to userspace - net: virtio_net_hdr_to_skb: count transport header in UFO - net: be more gentle about silly gso requests coming from user - ext4: fix race between writepages and remount- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF - ftrace: Fix invalid address access in lookup_rec() when index is 0 - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead - scsi: scsi_dh_alua: fix memleak for 'qdata' in alua_activate() - RDMA/core: Don't infoleak GRH fields - !480 mm bugfixes backport - cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() - cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock - cgroup/cpuset: Change cpuset_rwsem and hotplug lock order - mm: memcontrol: fix cannot alloc the maximum memcg ID- net/sched: tcindex: search key must be 16 bits - net/sched: tcindex: update imperfect hash filters respecting rcu - rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() - x86/speculation: Add RSB VM Exit protections - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current - x86/speculation: Disable RRSBA behavior - x86/bugs: Add Cannon lake to RETBleed affected CPU list - x86/cpu/amd: Enumerate BTC_NO - x86/common: Stamp out the stepping madness - x86/speculation: Fill RSB on vmexit for IBRS - KVM: VMX: Fix IBRS handling after vmexit - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS - x86/speculation: Remove x86_spec_ctrl_mask - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit - x86/speculation: Fix SPEC_CTRL write on SMT state change - x86/speculation: Fix firmware entry SPEC_CTRL handling - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n - x86/speculation: Change FILL_RETURN_BUFFER to work with objtool - intel_idle: Disable IBRS during long idle - x86/bugs: Report Intel retbleed vulnerability - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS - x86/bugs: Optimize SPEC_CTRL MSR writes - x86/entry: Add kernel IBRS implementation - x86/entry: Remove skip_r11rcx - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value - x86/bugs: Add AMD retbleed= boot parameter - x86/bugs: Report AMD retbleed vulnerability - x86/cpufeatures: Move RETPOLINE flags to word 11 - x86/cpu: Add a steppings field to struct x86_cpu_id - x86/cpu: Add consistent CPU match macros - x86/devicetable: Move x86 specific macro out of generic code - x86/cpufeature: Fix various quality problems in the header - x86/cpufeature: Add facility to check for min microcode revisions - Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" - Revert "x86/speculation: Add RSB VM Exit protections" - x86/nospec: Fix i386 RSB stuffing - ext4: make sure fs error flag setted before clear journal error - ext4: commit super block if fs record error when journal record without error - hugetlb: fix hugepages_setup when deal with pernode - hugetlb: fix wrong use of nr_online_nodes - tty: fix out-of-bounds access in tty_driver_lookup_tty() - arm64: errata: Remove AES hwcap for COMPAT tasks - kernel: Initialize cpumask before parsing - genirq: Disable interrupts for force threaded handlers - softirq: Don't try waking ksoftirqd before it has been spawned - scsi: hisi_sas: Clear interrupt status when exiting channel int0 for v3 hw - scsi: hisi_sas: Handle NCQ error when IPTT is valid - scsi: hisi_sas: Grab sas_dev lock when traversing the members of sas_dev.list - act_mirred: use the backlog for nested calls to mirred ingress - net/sched: act_mirred: refactor the handle of xmit - net: sched: don't expose action qstats to skb_tc_reinsert() - net: sched: protect against stack overflow in TC act_mirred - net: sched: refactor reinsert action - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() - ext4: fix another off-by-one fsmap error on 1k block filesystems- tipc: add an extra conn_get in tipc_conn_alloc - tipc: set con sock in tipc_conn_alloc - mm/oom_kill.c: fix oom_cpuset_eligible() comment - oom: decouple mems_allowed from oom_unkillable_task - mm, oom: remove redundant task_in_mem_cgroup() check - mm, oom: refactor dump_tasks for memcg OOMs - block: Fix wrong offset in bio_truncate() - fs: move guard_bio_eod() after bio_set_op_attrs - block: add bio_truncate to fix guard_bio_eod - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() - cifs: Fix use-after-free in rdata->read_into_pages() - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()- scsi: cancel the inflight async device probe when remove scsi_target - scsi: fix use-after-free problem in scsi_remove_target - HID: asus: use spinlock to safely schedule workers - HID: asus: use spinlock to protect concurrent accesses - HID: asus: Remove check for same LED brightness on set - blk-wbt: don't enable throttling if default elevator is bfq - block: Fix kabi broken by "block: split .sysfs_lock into two locks" - block: fix comment and add lockdep assert - block: don't release queue's sysfs lock during switching elevator - block: fix race between switching elevator and removing queues - block: split .sysfs_lock into two locks - crypto: rsa-pkcs1pad - restore signature length check - fs/proc: task_mmu.c: don't read mapcount for migration entry - migrate: hugetlb: check for hugetlb shared PMD in node migration - mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps - ipv6: Fix tcp socket connection with DSCP. - ipv6: Fix datagram socket connection with DSCP. - aio: fix mremap after fork null-deref - bpf: Always return target ifindex in bpf_fib_lookup - serial: 8250_dma: Fix DMA Rx rearm race - serial: 8250_dma: Fix DMA Rx completion race - x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL - ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() - netlink: annotate data races around sk_state - netlink: annotate data races around dst_portid and dst_group - netlink: annotate data races around nlk->portid - netlink: remove hash::nelems check in netlink_insert - net: fix UaF in netns ops registration error path - netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state - binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 - binder: Address corner cases in deferred copy and fixup - binder: fix pointer cast warning - binder: defer copies of pre-patched txn data - binder: read pre-translated fds from sender buffer - binder: avoid potential data leakage when copying txn - binder: fix handling of error during copy - binder: use cred instead of task for getsecid - binder: don't detect sender/target during buffer cleanup - binder: make sure fd closes complete - binder: Remove bogus warning on failed same-process transaction - binder: fix incorrect calculation for num_valid - binder: Prevent repeated use of ->mmap() via NULL mapping - binder: Don't modify VMA bounds in ->mmap handler - binder: Set end of SG buffer area properly. - binder: return errors from buffer copy functions - binder: check for overflow when alloc for security context - binder: fix BUG_ON found by selinux-testsuite - binder: fix handling of misaligned binder object - binder: use userspace pointer as base of buffer space - binder: remove user_buffer_offset - binder: remove kernel vm_area for buffer space - binder: avoid kernel vm_area for buffer fixups - binder: add function to copy binder object from buffer - binder: add functions to copy to/from binder buffers - binder: create userspace-to-binder-buffer copy function - binder: fix use-after-free due to ksys_close() during fdget() - binder: fix kerneldoc header for struct binder_buffer - binder: create node flag to request sender's security context - binder: Add BINDER_GET_NODE_INFO_FOR_REF ioctl. - binder: use standard functions to allocate fds - block: fix kabi change since add bd_write_openers and bd_part_write_openers - block: add info when opening an exclusive opened block device for write - block: add info when opening a write opend block device exclusively - Revert "block: add info when opening an exclusive opened block device for write" - Revert "block: add info when opening a write opend block device exclusively" - ext4: fix WARNING in mb_find_extent - sctp: fail if no bound addresses can be used for a given scope- HID: check empty report_list in hid_validate_values() - dhugetlb: use mutex lock in update_reserve_pages() - ntfs: fix out-of-bounds read in ntfs_attr_find() - ntfs: fix use-after-free in ntfs_ucsncmp() - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() - phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function - netfilter: nf_tables: fix null deref due to zeroed list head - tcp: Fix listen() regression in 5.15.88. - tap: tap_open(): correctly initialize socket uid - tun: tun_chr_open(): correctly initialize socket uid - net: add sock_init_data_uid() - rds: rds_rm_zerocopy_callback() use list_first_entry()- !423 genirq bugfix for arm64 - genirq: Remove irqd_irq_disabled in __irq_move_irq - !422 iscsi bugfixes backport - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress - !420 backport CVEs and bugfixes - net: mpls: fix stale pointer if allocation fails during device rename - nbd: fix assignment error for first_minor in nbd_dev_add - selinux: further adjust init order for cred_* hooks - selinux: further adjust init order for file_alloc_security hook - !415 mainline bugfix backport - selinux: reorder hooks to make runtime disable less broken - evm: Fix a small race in init_desc() - evm: Check also if *tfm is an error pointer in init_desc() - iommu: Properly export iommu_group_get_for_dev() - of: resolver: Add of_node_put() before return and break - of: unittest: Add of_node_put() before return - drivers/iommu: Allow IOMMU bus ops to be unregistered - drivers/iommu: Export core IOMMU API symbols to permit modular drivers - component: do not dereference opaque pointer in debugfs - ipmi: use %*ph to print small buffer - crypto: algif_skcipher - Use chunksize instead of blocksize - crypto: algif_skcipher - EBUSY on aio should be an error - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() - dhugetlb: isolate hwpoison hugepage when release - mm/sharepool: Fix null-pointer-deference in sp_free_area- !213 net: bonding: Inherit MPLS features from slave devices - x86/unwind: Fix check_paravirt() calls orc_find() before declaration - dhugetlb: set hpool to NULL for cont-bit hugepage - arm64/ascend: Delete CONFIG_ASCEND_AUTO_TUNING_HUGEPAGE in hulk_defconfig - arm64/ascend: Delete unused feature auto-tuning hugepage - mm/memcg_memfs_info: fix potential oom_lock recursion deadlock - net: bridge: mcast: add and enforce query interval minimum - net: bridge: mcast: add and enforce startup query interval minimum - !396 anolis: bond: broadcast ARP or ND messages to all slaves - anolis: bond: broadcast ARP or ND messages to all slaves - net: bonding: Inherit MPLS features from slave devices- block, bfq: switch 'bfqg->ref' to use atomic refcount apis - x86/bugs: Flush IBP in ib_prctl_set() - media: vivid: fix compose size exceed boundary - cifs: do not include page data when checking signature - SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails - net: stream: purge sk_error_queue in sk_stream_kill_queues() - net: stream: don't purge sk_error_queue in sk_stream_kill_queues() - ext4: fix deadlock due to mbcache entry corruption - mbcache: automatically delete entries from cache on freeing - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths - mm/khugepaged: fix GUP-fast interaction by sending IPI - mm: gup: fix the fast GUP race against THP collapse - prlimit: do_prlimit needs to have a speculation check - arm64: cmpxchg_double*: hazard against entire exchange variable - net/ulp: prevent ULP without clone op from entering the LISTEN status - driver core: Fix bus_type.match() error handling in __driver_attach() - md: fix a crash in mempool_free - bpf: pull before calling skb_postpull_rcsum() - SUNRPC: ensure the matching upcall is in-flight upon downcall - ovl: Use ovl mounter's fsuid and fsgid in ovl_link() - pnode: terminate at peers of source - cifs: Fix uninitialized memory read for smb311 posix symlink create - device_cgroup: Roll back to original exceptions after copy failure - PCI/sysfs: Fix double free in error path - PCI: Fix pci_device_is_present() for VFs by checking PF - ipmi: fix use after free in _ipmi_destroy_user() - ima: Fix a potential NULL pointer access in ima_restore_measurement_list - ipmi: fix long wait in unload when IPMI disconnect - binfmt: Fix error return code in load_elf_fdpic_binary() - chardev: fix error handling in cdev_device_add() - mrp: introduce active flags to prevent UAF when applicant uninit - bpf: make sure skb->len != 0 when redirecting to a tunneling device - ipmi: fix memleak when unload ipmi driver - ACPICA: Fix error code path in acpi_ds_call_control_method() - skbuff: Account for tail adjustment during pull operations - serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. - serial: amba-pl011: avoid SBSA UART accessing DMACR register - class: fix possible memory leak in __class_register() - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak - blktrace: Fix output non-blktrace event when blk_classic option enabled - SUNRPC: Fix missing release socket in rpc_sockname() - bonding: uninitialized variable in bond_miimon_inspect() - pinctrl: pinconf-generic: add missing of_node_put() - ima: Fix misuse of dereference of pointer in template_desc_init_fields() - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() - md/raid1: stop mdx_raid1 thread when raid1 array run failed - blk-mq: fix possible memleak when register 'hctx' failed - perf: Fix possible memleak in pmu_dev_alloc() - cpuidle: dt: Return the correct numbers of parsed idle states - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP - pstore/ram: Fix error return code in ramoops_probe() - perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init() - sched/rt: Optimize checking group RT scheduler constraints - md: protect md_unregister_thread from reentrancy - hugetlbfs: fix off-by-one error in hugetlb_vmdelete_list() - lib/list_debug.c: Detect uninitialized lists - crypto: tcrypt - avoid signed overflow in byte count - mm: sharepool: fix hugepage_rsvd count increase error - config: enbale irq pending config for openeuler - genirq: introduce CONFIG_GENERIC_PENDING_IRQ_FIX_KABI - irqchip/gic-v3-its: introduce CONFIG_GENERIC_PENDING_IRQ - md: fix uaf in md_wakeup_thread - genirq: add printk safe in irq context - jbd2: Fix data missing when reusing bh which is ready to be checkpointed - x86/unwind: Fix orc entry for paravirt {save,restore}_fl - cifs: sanitize multiple delimiters in prepath - drm/i915/gvt: fix double free bug in split_2MB_gtt_entry- ring-buffer: Fix race between reset page and reading page - block: don't allow a disk link holder to itself - ext4: fix use-after-free in ext4_orphan_cleanup - ext4: lost matching-pair of trace in ext4_truncate - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames - mm/swapfile: add cond_resched() in get_swap_pages() - hugetlbfs: don't delete error page from pagecache - mm: hwpoison: refactor refcount check handling - dhugetlb: set DYNAMIC_HUGETLB to y for hulk_defconfig - dhugetlb: use enable_dhugetlb to disable huge_memory - dhugetlb: skip dissolve hugepage belonging to dynamic hugetlb - dhugetlb: only support 1G/2M hugepage and ARM64_4K_PAGES - dhugetlb: isolate dynamic hugetlb code - dhugetlb: backport dynamic hugetlb feature - !344 mm: fix false-positive OVERCOMMIT_GUESS failures - cfq: fix memory leak for cfqq - mm: fix false-positive OVERCOMMIT_GUESS failures- bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal - of/fdt: Don't calculate initrd size from DT if start > end - lib/cmdline: avoid page fault in next_arg - genirq: Introduce warn log when irq be reentrant - net: sched: disallow noqueue for qdisc classes - net: sched: atm: dont intepret cls results when asked to drop - block: check 'bd_super' before rescanning partition - net: sched: cbq: dont intepret cls results when asked to drop - swapfile: fix soft lockup in scan_swap_map_slots - Huawei BMA: Fix iBMA driver bug- USB: Fix kABI for usb_device->reset_in_progress - rndis_wlan: Prevent buffer overflow in rndis_query_oid - mm: fix unexpected changes to {failslab|fail_page_alloc}.attr - ima: Directly assign the ima_default_policy pointer to ima_rules - driver core: Don't probe devices after bus_type.match() probe deferral - KEYS: trusted: Fix migratable=1 failing - certs: Fix blacklist flag type confusion - crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() - ipc/sem: Fix dangling sem_array access in semtimedop race - ipv6: avoid use-after-free in ip6_fragment() - nvme initialize core quirks before calling nvme_init_subsystem - memcg: fix possible use-after-free in memcg_write_event_control() - x86/ioremap: Fix page aligned size calculation in __ioremap_caller() - nvme: restrict management ioctls to admin - arm64: errata: Fix KVM Spectre-v2 mitigation selection for Cortex-A57/A72 - arm64: Fix panic() when Spectre-v2 causes Spectre-BHB to re-allocate KVM vectors - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE - net: tun: Fix use-after-free in tun_detach() - of: property: decrement node refcount in of_fwnode_get_reference_args() - af_key: Fix send_acquire race with pfkey_register - audit: fix undefined behavior in bit shift for AUDIT_BIT - USB: core: Fix RST error in hub.c - USB: core: Prevent nested device-reset calls - ima: Do not print policy rule with inactive LSM labels - lsm: Resolve KABI changes on lsm_notifier - ima: Evaluate error in init_ima() - ima: ima/lsm policy rule loading logic bug fixes - ima: Handle -ESTALE returned by ima_filter_rule_match() - ima: use the lsm policy update notifier - LSM: switch to blocking policy update notifiers - mm/hwpoison: do not lock page again when me_huge_page() successfully recovers- arm64: Kconfig: default unset ARCH_LLC_128_LINE_SIZE - mm/sharepool: clean up ABI breakage - timekeeping: Avoiding false sharing in field access of tk_core - mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED - mm/memory-failure.c: fix race with changing page more robustly - mm,memory_failure: always pin the page in madvise_inject_error - kobject: Fix slab-out-of-bounds in fill_kobj_path() - tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line - i2c: ismt: Fix an out-of-bounds bug in ismt_access() - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os - mm/sharepool: Charge Buddy hugepage to memcg- dm thin: Use last transaction's pmd->root when commit failed - drm: mali-dp: potential dereference of null pointer - power: supply: wm8350-power: Add missing free in free_charger_irq - sched: Reinit task's vruntime if a task sleep over 200 days - media: dvb-core: Fix UAF due to refcount races at releasing - drm/amdkfd: Check for null pointer after calling kmemdup - !325 Support enabling dirty log gradually in small chunks - KVM: arm64: Support enabling dirty log gradually in small chunks - KVM: x86: enable dirty log gradually in small chunks - KVM: Introduce KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2 - KVM: Fix kvm_clear_dirty_log_protect off-by-(minus-)one - KVM: Fix the bitmap range to copy during clear dirty - kvm_main: fix some comments - KVM: fix KVM_CLEAR_DIRTY_LOG for memory slots of unaligned size - Revert "KVM: Eliminate extra function calls in kvm_get_dirty_log_protect()" - KVM: validate userspace input in kvm_clear_dirty_log_protect() - kvm: introduce manual dirty log reprotect - kvm: rename last argument to kvm_get_dirty_log_protect - kvm: make KVM_CAP_ENABLE_CAP_VM architecture agnostic- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del() - Bluetooth: L2CAP: Fix build errors in some archs - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put - hv_netvsc: Add check for kvmalloc_array - xen/netback: don't call kfree_skb() with interrupts disabled - xen/netback: fix build warning - xen/netback: Ensure protocol headers don't fall in the non-linear area - !273 [openEuler-1.0-LTS] Fix mouse enumeration issue after wakeup from s4 - arm64: fix a concurrency issue in emulation_proc_handler() - dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata - sched/qos: Don't unthrottle cfs_rq when cfs_rq is throttled by qos - media: mceusb: Use new usb_control_msg_*() routines - media: mceusb: fix control-message timeouts - USB: add usb_control_msg_send() and usb_control_msg_recv() - Fix mouse enumeration issue after wakeup from s4- mm/sharepool: Fix a double free problem caused by init_local_group - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() - macvlan: enforce a consistent minimal mtu - net: macvlan: fix memory leaks of macvlan_common_newlink - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network - net: gso: fix panic on frag_list with mixed head alloc types - tcp/udp: Make early_demux back namespacified. - ipv6: fix WARNING in ip6_route_net_exit_late() - net, neigh: Fix null-ptr-deref in neigh_table_clear() - tcp: fix indefinite deferral of RTO with SACK reneging - net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed - serial: 8250: Flush DMA Rx on RLSI - serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs - capabilities: fix potential memleak on error path from vfs_getxattr_alloc() - security: commoncap: fix -Wstringop-overread warning - ring_buffer: Do not deactivate non-existant pages - ftrace: Fix null pointer dereference in ftrace_add_mod() - ftrace: Optimize the allocation for mcount entries - kprobe: reverse kp->flags when arm_kprobe failed - mm: fs: initialize fsdata passed to write_begin/write_end interface - nfs4: Fix kmemleak when allocate slot failed - kernfs: fix use-after-free in __kernfs_remove - mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages - mm: /proc/pid/smaps_rollup: fix no vma's null-deref - signal handling: don't use BUG_ON() for debugging - ida: don't use BUG_ON() for debugging- !272 [openEuler-1.0-LTS] Add MWAIT Cx support for Zhaoxin CPUs. - Bluetooth: L2CAP: Fix u8 overflow - l2tp: Don't sleep and disable BH under writer-side sk_callback_lock - l2tp: Serialize access to sk_user_data with sk_callback_lock - !288 Add support for ConnectX6 Lx and ConnectX6Dx with openEuler inbox driver - net/mlx5: Update the list of the PCI supported devices - net/mlx5: Update the list of the PCI supported devices - drivers: net: slip: fix NPD bug in sl_tx_timeout() - staging: rtl8712: fix use after free bugs - Add MWAIT Cx support for Zhaoxin CPUs.- x86/tsc: use topology_max_packages() in tsc watchdog check - scsi: hisi_sas: Set iptt aborted flag when receiving an abnormal CQ - ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0- svm: Delete unused ioctl command - Revert "posix-cpu-timers: Make timespec to nsec conversion safe" - block: limit request dispatch loop duration - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM - Bluetooth: L2CAP: Fix attempting to access uninitialized memory - block: check flags of claimed slave bdev to fix uaf for bd_holder_dir- block: fix use after free for bd_holder_dir - Revert "block: Fix UAF in bd_link_disk_holder()" - init/main.c: return 1 from handled __setup() functions - x86/pm: Save the MSR validity status at context setup - x86/speculation: Restore speculation related MSRs during S3 resume - x86/cpu: Load microcode during restore_processor_state() - genirq: Synchronize interrupt thread startup - nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices - once: add DO_ONCE_SLOW() for sleepable contexts - inet: fully convert sk->sk_rx_dst to RCU rules - ext4: continue to expand file system when the target size doesn't reach - nvme: copy firmware_rev on each init - net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory - can: bcm: check the result of can_send() in bcm_can_tx() - xfrm: Update ipcomp_scratches with NULL when freed - tcp: annotate data-race around tcp_md5sig_pool_populated - tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited - ext4: fix null-ptr-deref in ext4_write_info - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" - ima: Free the entire rule if it fails to parse - ima: Free the entire rule when deleting a list of rules - ima: Have the LSM free its audit rule - mm/migrate_device.c: flush TLB while holding PTL - mm: prevent page_frag_alloc() from corrupting the memory - mm/page_alloc: fix race condition between build_all_zonelists and page allocation - net: team: Unsync device addresses on ndo_stop - mm/slub: fix to return errno if kmalloc() fails - of: fdt: fix off-by-one error in unflatten_dt_nodes()- net: tun: fix bugs for oversize packet when napi frags enabled - tcp: fix a signed-integer-overflow bug in tcp_add_backlog() - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent - ext4: fix bad checksum after online resize - blktrace: remove unnessary stop block trace in 'blk_trace_shutdown' - blktrace: fix possible memleak in '__blk_trace_remove' - blktrace: introduce 'blk_trace_{start,stop}' helper - kabi: net: fix kabi broken in sk_buff - io_uring/af_unix: defer registered files gc to io_uring release - nbd: refactor size updates - nbd: move the task_recv check into nbd_size_update - nbd: remove the call to set_blocksize - wifi: Fix potential buffer overflow in 'brcmf_fweh_event_worker' - fs: fix UAF/GPF bug in nilfs_mdt_destroy - dm: Fix UAF in run_timer_softirq() - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() - ext4: record error information when insert extent failed in 'ext4_split_extent_at' - livepatch/core: Fix livepatch/state leak on error path - !130 [openEuler-1.0-LTS] update pmu for Zhaoxin CPUs - update pmu for Zhaoxin CPUs- uacce: add the reference counter protection - nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level() - usb: mon: make mmapped memory read only - !185 [openEuler-1.0-LTS] Add support sata lpm for Zhaoxin CPUs - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode - ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode - ext4: add helper to check quota inums - ext4: fix bug_on in __es_tree_search caused by bad quota inode - atm: idt77252: fix use-after-free bugs caused by tst_timer - ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate - !94 [openEuler-1.0-LTS] rtc: Fix set RTC time delay 500ms on some Zhaoxin SOCs - !88 [openEuler-1.0-LTS] XHCI:Fix some device identify fail when enable xHCI runtime suspend - !92 [openEuler-1.0-LTS] x86/tsc: Make cur->adjusted values in package#1 to be the same - !93 [openEuler-1.0-LTS] Driver for Zhaoxin CPU core temperature monitoring - !89 [openEuler-1.0-LTS] EHCI: Clear wakeup signal locked in S0 state when device plug in - scsi: stex: Properly zero out the passthrough command structure - !192 x86/apic/vector: Fix ordering in vector assignment - nilfs2: fix leak of nilfs_root in case of writer thread creation failure - vsock: Fix memory leak in vsock_connect() - x86/apic/vector: Fix ordering in vector assignment - Add support for PxSCT.LPM set based on actual LPM circumstances - Add support for disabling PhyRdy Change Interrupt based on actual LPM capability - Driver for Zhaoxin CPU core temperature monitoring - rtc: Fix set RTC time delay 500ms on some Zhaoxin SOCs - x86/tsc: Make cur->adjusted values in package#1 to be the same - EHCI: Clear wakeup signal locked in S0 state when device plug in - XHCI:Fix some device identify fail when enable xHCI runtime suspend- sch_sfb: Also store skb len before calling child enqueue - sch_sfb: Don't assume the skb is still around after enqueueing to child - ipv6: Fix data races around sk->sk_prot. - ipv6: annotate some data-races around sk->sk_prot - ipv6: provide and use ipv6 specific version for {recv, send}msg - inet: factor out inet_send_prepare() - nilfs2: fix use-after-free bug of struct nilfs_root- nfp: fix use-after-free in area_cache_get() - mISDN: fix use-after-free bugs in l1oip timer handlers - tcp: Fix data races around icsk->icsk_af_ops. - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu - !134 scsi: megaraid_sas: Add support for MegaRAID Aero controllers - !138 vfio-pci: Mask cap zero - bnx2x: fix potential memory leak in bnx2x_tpa_stop() - r8152: Rate limit overflow messages - scsi: megaraid_sas: Add support for MegaRAID Aero controllers - vfio-pci: Mask cap zero - tcp/udp: Fix memory leak in ipv6_renew_options(). - net: mvpp2: fix mvpp2 debugfs leak - !159 PCI: Add ACS quirk for Broadcom NICs - !137 net: bonding: Add support for IPV6 ns/na to balance-alb/balance-tlb mode - kcm: avoid potential race in kcm_tx_work - net: bonding: Add support for IPV6 ns/na to balance-alb/balance-tlb mode - !139 nvme: Assign subsys instance from first ctrl - fbdev: smscufx: Fix use-after-free in ufx_ops_open() - nvme: fix controller instance leak - nvme: Assign subsys instance from first ctrl - PCI: Add ACS quirk for Broadcom BCM5750x NICs - PCI: Add ACS quirk for Broadcom BCM57414 NIC- binder: fix UAF of ref->proc caused by race condition - arm64: fix oops in concurrently setting insn_emulation sysctls - mm/hotplug: silence a lockdep splat with printk() - init/Kconfig: Add SMP to the dependencies of QOS_SCHED - mm/rmap: Fix kabi broken in anon_vma - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse - HID: roccat: Fix use-after-free in roccat_read() - ext4: fix dir corruption when ext4_dx_add_entry() fails - quota: Add more checking after reading from quota file - quota: Replace all block number checking with helper function - quota: Check next/prev free block number after reading from quota file - Revert "quota: Check next/prev free block number after reading from quota file" - Revert "quota: Replace all block number checking with helper function" - Revert "quota: Add more checking after reading from quota file" - tracefs: Only clobber mode/uid/gid on remount if asked - netfilter: ebtables: fix memory leak when blob is malformed - netfilter: ebtables: reject blobs that don't provide all entry points - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() - SUNRPC: use _bh spinlocking on ->transport_lock - tcp: fix early ETIMEDOUT after spurious non-SACK RTO - netfilter: br_netfilter: Drop dst references before setting. - debugfs: add debugfs_lookup_and_remove() - tcp: annotate data-race around challenge_timestamp - Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" - net: neigh: don't call kfree_skb() under spin_lock_irqsave() - neigh: fix possible DoS due to net iface start/stop loop - mm/hugetlb: fix hugetlb not supporting softdirty tracking - asm-generic: sections: refactor memory_intersects - loop: Check for overflow while configuring loop - net: Fix a data-race around sysctl_somaxconn. - net: Fix a data-race around netdev_budget_usecs. - net: Fix a data-race around netdev_budget. - net: Fix a data-race around sysctl_net_busy_read. - net: Fix a data-race around sysctl_net_busy_poll. - net: Fix a data-race around sysctl_tstamp_allow_data. - ratelimit: Fix data-races in ___ratelimit(). - net: Fix data-races around netdev_tstamp_prequeue. - net: Fix data-races around weight_p and dev_weight_[rt]x_bias. - net: ipvtap - add __init/__exit annotations to module init/exit funcs - bonding: 802.3ad: fix no transmission of LACPDUs - xfrm: fix refcount leak in __xfrm_policy_check() - audit: fix potential double free on error path from fsnotify_add_inode_mark - dm: return early from dm_pr_call() if DM device is suspended - NFSv4: Fix races in the legacy idmapper upcall- netfilter: nf_conntrack_irc: Fix forged IP logic - ext4: fix check for block being out of directory size - ext4: check if directory block is within i_size - block: Fix UAF in bd_link_disk_holder() - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC - block: add a new config to control dispatching bios asynchronously - block: fix kabi broken in request_queue - md: enable dispatching bio asynchronously for raid10 by default - arm64/topology: getting preferred sibling's cpumask supported by platform - block: support to dispatch bio asynchronously - block: add new fields in request_queue - md/raid10: convert resync_lock to use seqlock - md/raid10: prevent unnecessary calls to wake_up() in fast path - !122 【kernel-openEuler-1.0-LTS】kernel:fix some issues with 4.19 kernel on openEuler 22.03 system - mm: sharepool: fix potential AA deadlock - mm: sharepool: check size=0 in mg_sp_make_share_k2u() - mm: sharepool: delete redundant check in __sp_remap_get_pfn - Revert "cifs: fix double free race when mount fails in cifs_get_root()" - scsi: hisi_sas: Release resource directly in hisi_sas_abort_task() when NCQ error - scsi: hisi_sas: Enable force phy when SATA disk directly connected - scsi: hisi_sas: Modify v3 HW ATA completion process when SATA disk is in error status - sched: Fix invalid free for tsk->se.dyn_affi_stats - scsi: target: tcmu: Fix warning: 'page' may be used uninitialized - scsi: target: tcmu: Fix crash on ARM during cmd completion - scsi: target: tcmu: Optimize use of flush_dcache_page - scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range - signal: fix deadlock caused by calling printk() under sighand->siglock - mm: fix missing handler for __GFP_NOWARN - perf bench futex-wake: Restore thread count default to online CPU count - selftests/bpf: Enlarge select() timeout for test_maps - xfs: preserve default grace interval during quotacheck - i40e: Fix kernel crash during module removal - i40e: Fix use-after-free in i40e_client_subtask() - EDAC: skx_common: downgrade message importance on missing PCI device - x86/entry/64: Don't compile ignore_sysret if 32-bit emulation is enabled - x86: Fix early boot crash on gcc-10, third try - objtool: Don't fail on missing symbol table- KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog - KVM: x86: Adjust counter sample period after a wrmsr - KVM: x86: Fix perfctr WRMSR for running counters - perf/core: Provide a kernel-internal interface to recalibrate event period - media: em28xx: initialize refcount before kref_get - mm: avoid potential deadlock tirgged by writing slab-attr-file - ext4: fix use-after-free in ext4_ext_shift_extents - quota: Add more checking after reading from quota file - quota: Replace all block number checking with helper function - quota: Check next/prev free block number after reading from quota file - efi: capsule-loader: Fix use-after-free in efi_capsule_write - ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header - mm/sharepool: Fix UAF reported by KASAN - blk-mq: avoid extending delays of active hctx from blk_mq_delay_run_hw_queues - mm: mem_reliable: Start fallback if no suitable zone found - net: hns3: update hns3 version to 22.9.2 - net: hns3: fix error resume keep alive when remove hclgevf - net: hns3: update hns3 version to 22.9.1 - net: hns3: fix keep alive can not resume problem when system busy- jfs: prevent NULL deref in diFree - jfs: fix GPF in diFree- mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write- KVM: x86: do not report a vCPU as preempted outside instruction boundaries - KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE - netfilter: nf_conntrack_irc: Tighten matching on DCC message - ext4: avoid resizing to a partial cluster size - locking/atomic: Make test_and_*_bit() ordered on failure - geneve: do not use RT_TOS for IPv6 flowlabel - SUNRPC: Reinitialise the backchannel request buffers before reuse - NFSv4/pnfs: Fix a use-after-free bug in open - NFSv4.1: RECLAIM_COMPLETE must handle EACCES - tcp: fix over estimation in sk_forced_mem_schedule() - ext4: fix extent status tree race in writeback error recovery path - ext4: update s_overhead_clusters in the superblock during an on-line resize - ext4: make sure ext4_append() always allocates new block - kprobes: Forbid probing on trampoline and BPF code areas - kfifo: fix kfifo_to_user() return type - profiling: fix shift too large makes kernel panic - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() - mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release - can: error: specify the values of data[5..7] of CAN error frames - fs: check FMODE_LSEEK to control internal pipe splicing - tcp: make retransmitted SKB fit into the send window - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() - bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() - x86/pmem: Fix platform-device leak in error path - selinux: Add boundary check in put_entry() - ACPI: LPSS: Fix missing check in register_device_clock() - fs: Add missing umask strip in vfs_tmpfile - vfs: Check the truncate maximum size in inode_newsize_ok() - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. - tcp: Fix a data-race around sysctl_tcp_autocorking. - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. - tcp: Fix a data-race around sysctl_tcp_min_tso_segs. - igmp: Fix data-races around sysctl_igmp_qrv. - net: ping6: Fix memleak in ipv6_renew_options(). - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. - tcp: Fix a data-race around sysctl_tcp_nometrics_save. - tcp: Fix a data-race around sysctl_tcp_frto. - tcp: Fix a data-race around sysctl_tcp_adv_win_scale. - tcp: Fix a data-race around sysctl_tcp_app_win. - tcp: Fix data-races around sysctl_tcp_dsack. - mm/mempolicy: fix uninit-value in mpol_rebind_policy() - tcp: Fix data-races around sysctl_tcp_max_reordering. - tcp: Fix a data-race around sysctl_tcp_rfc1337. - tcp: Fix a data-race around sysctl_tcp_stdurg. - tcp: Fix a data-race around sysctl_tcp_retrans_collapse. - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. - tcp: Fix data-races around sysctl_tcp_recovery. - tcp: Fix a data-race around sysctl_tcp_early_retrans. - tcp: Fix data-races around sysctl_tcp_fastopen. - tcp: Fix a data-race around sysctl_tcp_tw_reuse. - tcp: Fix a data-race around sysctl_tcp_notsent_lowat. - tcp: Fix data-races around some timeout sysctl knobs. - tcp: Fix data-races around sysctl_tcp_reordering. - igmp: Fix a data-race around sysctl_igmp_max_memberships. - igmp: Fix data-races around sysctl_igmp_llm_reports. - tcp: Fix a data-race around sysctl_tcp_probe_interval. - tcp: Fix a data-race around sysctl_tcp_probe_threshold. - tcp: Fix data-races around sysctl_tcp_mtu_probing. - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. - ip: Fix a data-race around sysctl_fwmark_reflect. - ip: Fix data-races around sysctl_ip_nonlocal_bind. - ip: Fix data-races around sysctl_ip_fwd_use_pmtu. - block: fix the problem of io_ticks becoming smaller - blk-mq: Fix memory leak in blk_mq_init_allocated_queue error handling - block, bfq: save & resume weight on a queue merge/split - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 - acpi/nfit: improve bounds checking for 'func' - ACPICA: Do not increment operation_region reference counts for field units - ACPICA: Fix exception code class checks - ACPI: configfs: add missing check after configfs_register_default_group() - ACPI: custom_method: fix potential use-after-free issue - ACPI: custom_method: fix a possible memory leak - ACPI: APD: Check for NULL pointer after calling devm_ioremap() - ACPI/IORT: Fix PMCG node single ID mapping handling - ACPI/IORT: Check node revision for PMCG resources - kprobes: don't call disarm_kprobe() for disabled kprobes - x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry - usb: gadget: function: printer: fix use-after-free in __lock_acquire - video: fbdev: i740fb: Error out if 'pixclock' equals zero - lightnvm: disable the subsystem - configfs: fix a race in configfs_lookup() - configfs: fold configfs_attach_attr into configfs_lookup - configfs: make configfs_create() return inode - configfs: factor dirent removal into helpers - configfs: simplify the configfs_dirent_is_ready - configfs: return -ENAMETOOLONG earlier in configfs_lookup- dm-thin: Resume failed in FAIL mode - tpm: fix reference counting for struct tpm_chip - af_key: Do not call xfrm_probe_algs in parallel - net: usb: ax88179_178a: Fix packet receiving - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup - net: usb: ax88179_178a: fix packet alignment padding- tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: drop tty_schedule_flip() - tty: the rest, stop using tty_schedule_flip() - tty: drivers/tty/, stop using tty_schedule_flip() - can: bcm/raw/isotp: use per module netdevice notifier - CIFS: Fix retry mid list corruption on reconnects - KVM: arm64: vgic-its: Change default outer cacheability for {PEND, PROP}BASER - xhci: Fix a logic issue when display Zhaoxin XHCI root hub speed - dm verity: set DM_TARGET_IMMUTABLE feature flag - scsi: hisi_sas: Add SATA_DISK_ERR bit handling for v3 hw - Revert "scsi: hisi_sas: Modify v3 HW I/O processing when SATA_DISK_ERR bit is set and NCQ Error occurs" - netfilter: nf_tables: do not allow RULE_ID to refer to another chain - netfilter: nf_tables: do not allow SET_ID to refer to another table- x86/speculation: Add LFENCE to RSB fill sequence - x86/speculation: Add RSB VM Exit protections - Revert "blk-mq: fix null pointer dereference in blk_mq_queue_tag_busy_ite" - blk-mq: fix null pointer dereference in blk_mq_queue_tag_busy_ite - arm64: Avoid premature usercopy failure for __arch_copy_to_user_generic_read - net_sched: cls_route: remove from list when handle is 0- Revert "x86/unwind/orc: Change REG_SP_INDIRECT" - Phytium/S2500: kdump: Avoid vmcore saving failure across multi-socket - PCI: Add config control for phytium ACS quirks - scsi: libiscsi: Teardown iscsi_cls_conn gracefully - scsi: libiscsi: Add iscsi_cls_conn to sysfs after initialization - scsi: iscsi: Add helper functions to manage iscsi_cls_conn - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls - sched: Fix null-ptr-deref in free_fair_sched_group - RDMA/ib_srp: Fix a deadlock - mm/slub: add missing TID updates on slab deactivation - block: fix regression for dm - blk-mq: handle bio after queue is initialized - x86: Clear .brk area at early boot - signal/seccomp: Dump core when there is only one live thread - x86/unwind/orc: Recheck address range after stack info was updated - x86/unwind/orc: Silence warnings caused by missing ORC data - x86/unwind/orc: Change REG_SP_INDIRECT- netfilter: nf_queue: do not allow packet truncation below transport header offset - openvswitch: fix OOB access in reserve_sfa_size() - dm thin: use refcount_t for thin_c reference counting - exec: Force single empty string when argv is empty - usb: gadget: rndis: prevent integer overflow in rndis_set_response() - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle - serial: 8250: fix return error code in serial8250_request_std_resource() - ipv4: Fix data-races around sysctl_ip_dynaddr. - icmp: Fix a data-race around sysctl_icmp_ratemask. - icmp: Fix a data-race around sysctl_icmp_ratelimit. - icmp: Fix data-races around sysctl. - net: Fix data-races around sysctl_mem. - inetpeer: Fix data-races around sysctl. - usbnet: fix memory leak in error case - esp: limit skb_page_frag_refill use to a single page - net: tun: avoid disabling NAPI twice - net: bonding: fix use-after-free after 802.3ad slave unbind - net: bonding: fix possible NULL deref in rlb code - usbnet: fix memory allocation in helpers - net: tun: stop NAPI when detaching queues - net: tun: unlink NAPI from device on destruction - virtio-net: fix race between ndo_open() and virtio_device_ready() - SUNRPC: Fix READ_PLUS crasher - virtio_net: fix xdp_rxq_info bug after suspend/resume - erspan: do not assume transport header is always set - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers - ext4: make variable "count" signed - serial: 8250: Store to lsr_save_flags after lsr read - irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions - irqchip/gic/realview: Fix refcount leak in realview_gic_of_init - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr - io_uring: add missing item types for various requests - net/sched: cls_u32: fix possible leak in u32_init_knode() - fq_codel: reject silly quantum parameters - net: sched: sch_teql: fix null-pointer dereference - rcu: Set a maximum limit for back-to-back callback invocation - mm: Fix page counter mismatch in shmem_mfill_atomic_pte - scsi: mpt3sas: Fix unlock imbalance - io-wq: Switch io_wqe_worker's fs before releasing request - ath9k: fix use-after-free in ath9k_hif_usb_rx_cb - Revert "iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()"- fbcon: Prevent that screen size is smaller than font size - fbcon: Disallow setting font bigger than screen size - fbmem: Check virtual screen sizes in fb_set_var() - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() - scsi: core: Fix race between handling STS_RESOURCE and completion - block: prevent lockdep false positive warning about 'bd_mutex' - dm verity: allow only one error handling mode - dm verity: Fix compilation warning - dm verity: add root hash pkcs#7 signature verification - jbd2: Fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted - dm btree spine: show warning if node_check failed in node_prep_for_write() - dm btree spine: remove paranoid node_check call in node_prep_for_write() - ext4: Fix race when reusing xattr blocks - ext4: Unindent codeblock in ext4_xattr_block_set() - ext4: Remove EA inode entry from mbcache on inode eviction - mbcache: Add functions to delete entry if unused - mbcache: Don't reclaim used entries - perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()- inotify: show inotify mask flags in proc fdinfo - io_uring: always grab file table for deferred statx - bpf: Don't redirect packets with invalid pkt_len - config: enable CONFIG_QOS_SCHED_DYNAMIC_AFFINITY by default - sched: Add statistics for scheduler dynamic affinity - sched: Adjust cpu range in load balance dynamicly - sched: Adjust wakeup cpu range according CPU util dynamicly - cpuset: Introduce new interface for scheduler dynamic affinity - sched: Introduce dynamic affinity for cfs scheduler - crypto: hisilicon/sec - don't sleep when in softirq - video: fbdev: sm712fb: Fix crash in smtcfb_write() - video: fbdev: sm712fb: Fix crash in smtcfb_read() - scsi: ses: fix slab-out-of-bounds in ses_enclosure_data_process - block: don't delete queue kobject before its children - etmem:fix kernel stack overflow in do_swapcache_reclaim - etmem:fix kasan slab-out-of-bounds in do_swapcache_reclaim - nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed - blk-throttle: fix io hung due to configuration updates - block: fix NULL pointer dereference in disk_release() - block, bfq: make bfq_has_work() more accurate - blk-mq: fix panic during blk_mq_run_work_fn() - blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() - blk-mq: move cancel of hctx->run_work to the front of blk_exit_queue - ext4: fix race condition between ext4_ioctl_setflags and ext4_fiemap- block: fix that part scan is disabled in device_add_disk() - Revert "block: rename bd_invalidated" - Revert "block: move the NEED_PART_SCAN flag to struct gendisk" - Revert "block:Fix kabi broken" - rcu/tree: Mark functions as notrace - netfilter: nf_tables: stricter validation of element data - net: rose: fix UAF bugs caused by timer handler - xen/arm: Fix race in RB-tree based P2M accounting - vt: drop old FONT ioctls - dm thin: Fix crash in dm_sm_register_threshold_callback() - xen/blkfront: force data bouncing when backend is untrusted - xen/netfront: force data bouncing when backend is untrusted - xen-netfront: fix potential deadlock in xennet_remove() - xen/netfront: fix leaking data in shared pages - xen/blkfront: fix leaking data in shared pages - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() - tmpfs: fix the issue that the mount and remount results are inconsistent. - tmpfs: fix undefined-behaviour in shmem_reconfigure() - mm/sharepool: Check sp_is_enabled() before show spa_stat- x86: Fix return value of __setup handlers - x86/delay: Fix the wrong asm constraint in delay_loop() - ACPI: sysfs: Fix BERT error region memory mapping - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd - nbd: fix io hung while disconnecting device - nbd: fix race between nbd_alloc_config() and module removal - nbd: call genl_unregister_family() first in nbd_cleanup() - ip_gre: test csum_start instead of transport header - net: xfrm: unexport __init-annotated xfrm4_protocol_init() - SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() - af_unix: Fix a data-race in unix_dgram_peer_wake_me(). - NFSv4: Don't hold the layoutget locks across multiple RPC calls - tcp: tcp_rtx_synack() can be called from process context - serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 - md: fix an incorrect NULL check in md_reload_sb - md: fix an incorrect NULL check in does_sb_need_changing - ext4: avoid cycles in directory h-tree - ext4: verify dir block before splitting it - proc: fix dentry/inode overinstantiating under /proc/${pid}/net - drivers/base/node.c: fix compaction sysfs file leak - fsnotify: fix wrong lockdep annotations - PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() - fat: add ratelimit to fat*_ent_bread() - nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags - bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes - dm stats: add cond_resched when looping over entries - zsmalloc: fix races between asynchronous zspage free and page migration - netfilter: conntrack: re-fetch conntrack after insertion - assoc_array: Fix BUG_ON during garbage collect - net: af_key: check encryption module availability consistency - x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests - net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. - ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 - ARM: 9196/1: spectre-bhb: enable for Cortex-A15 - block:Fix kabi broken - block: Fix warning in bd_link_disk_holder() - block: move the NEED_PART_SCAN flag to struct gendisk - block: rename bd_invalidated - scsi: hisi_sas: Modify v3 HW I/O processing when SATA_DISK_ERR bit is set and NCQ Error occurs - scsi: hisi_sas: enable use_clustering - scsi: hisi_sas: Change DMA setup lock timeout to 2.5s - x86/speculation/mmio: Print SMT warning - KVM: x86/speculation: Disable Fill buffer clear within guests - x86/speculation/mmio: Reuse SRBDS mitigation for SBDS - x86/speculation/srbds: Update SRBDS mitigation selection - x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data - x86/speculation/mmio: Enable CPU Fill buffer clearing on idle - x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations - x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data - x86/speculation: Add a common function for MD_CLEAR mitigation update - x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug - Documentation: Add documentation for Processor MMIO Stale Data - x86/cpu: Add another Alder Lake CPU to the Intel family - x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family - x86/cpu: Add Jasper Lake to Intel family - cpu/speculation: Add prototype for cpu_show_srbds() - x86/cpu: Add Elkhart Lake to Intel family - block: open accurate iostat account by default - block: use "precise_iostat" to switch accurate iostat account - block/diskstats: more accurate approximation of io_ticks for slow disks - fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages- ext4: correct the misjudgment in ext4_iget_extra_inode - ext4: correct max_inline_xattr_value_size computing - ext4: fix use-after-free in ext4_xattr_set_entry - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h - tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing - swiotlb: skip swiotlb_bounce when orig_addr is zero - KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated - mm/sharepool: Fix using uninitialized sp_flag - mm/sharepool: Add a task_struct parameter for sp_get_local_group() - mm/sharepool: Don't check the DVPP address space range before merging - mm/sharepool: Configure the DVPP range for process - mm/sharepool: Introduce SPG_NON_DVPP flag for sp_group_add_task - mm/sharepool: Update sp_mapping structure - mm/sharepool: Clear the initialization of sp-associated structure for a process - mm/sharepool: Unify the memory allocation process - mm/sharepool: Use vm_private_data to store the spa - mm/sharepool: Share pool statistics adaption - mm/sharepool: Release the sp addr based on the id - mm/sharepool: Add an interface to obtain an id - mm/sharepool: Address space management for sp_group - mm/sharepool: Create global normal and dvpp mapping - mm/sharepool: Delete single-group mode - io_uring: io_close: Set owner as current->files if req->work.files uninitialized- mm/memcontrol: fix wrong vmstats for dying memcg - ext4: recover csum seed of tmp_inode after migrating to extents - xfs: show the proper user quota options - drivers core: node: Use a more typical macro definition style for ACCESS_ATTR - drivers core: Use sysfs_emit for shared_cpu_map_show and shared_cpu_list_show - mm: and drivers core: Convert hugetlb_report_node_meminfo to sysfs_emit - drivers core: Miscellaneous changes for sysfs_emit - drivers core: Remove strcat uses around sysfs_emit and neaten - drivers core: Use sysfs_emit and sysfs_emit_at for show(device *...) functions- arm64: fix out-of-range error when adapting for ARM64_SPECTRE_BHB - xfs: replace -EIO with -EFSCORRUPTED for corrupt metadata - xfs: namecheck directory entry names before listing them - xfs: namecheck attribute names before listing them - xfs: check attribute leaf block structure - xfs: check attribute name validity - xfs: check directory name validity - xfs: scrub should flag dir/attr offsets that aren't mappable with xfs_dablk_t - xfs: abort xattr scrub if fatal signals are pending - tcp: increase source port perturb table to 2^16 - tcp: change source port randomizarion at connect() time - arm64: fix extra cpucaps setup problem - Revert "sched: Fix sched_fork() access an invalid sched_task_group" - Revert "sched: Fix yet more sched_fork() races" - powerpc/32: Fix overread/overwrite of thread_struct via ptrace - sctp: use call_rcu to free endpoint - ext4: convert from atomic_t to refcount_t on ext4_io_end->count - ext4: correct the judgment of BUG in ext4_mb_normalize_request - ext4: fix bug_on ext4_mb_use_inode_pa - HID: holtek: fix mouse probing - HID: check for valid USB device for many HID drivers - HID: wacom: fix problems when device is not a valid USB device - HID: add USB_HID dependancy on some USB HID drivers - HID: add USB_HID dependancy to hid-chicony - HID: add USB_HID dependancy to hid-prodikeys - HID: add hid_is_usb() function to make it simpler for USB detection - netfilter: nf_tables: disallow non-stateful expression in sets earlier - NFSv4: fix open failure with O_ACCMODE flag - Revert "NFSv4: Handle the special Linux file open access mode"- x86: Pin task-stack in __get_wchan() - x86: Fix __get_wchan() for !STACKTRACE - x86/unwind/orc: Fix premature unwind stoppage due to IRET frames - x86/unwind: Prevent false warnings for non-current tasks - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock - ALSA: pcm: Fix races among concurrent prealloc proc writes - ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls - ALSA: pcm: Fix races among concurrent read/write and buffer changes - ALSA: pcm: Fix races among concurrent hw_params and hw_free calls - NFC: netlink: fix sleep in atomic bug when firmware download timeout - nfc: replace improper check device_is_registered() in netlink related functions - ext4: fix super block checksum incorrect after mount - block: remove the bd_openers checks in blk_drop_partitions - block: fix busy device checking in blk_drop_partitions again - block: fix busy device checking in blk_drop_partitions - ext4: add reserved GDT blocks check- ping: fix address binding wrt vrf - tcp: resalt the secret every 10 seconds - netlink: do not reset transport header in netlink_recvmsg() - ipv4: drop dst in multicast routing path - net: Fix features skip in for_each_netdev_feature() - VFS: Fix memory leak caused by concurrently mounting fs with subtype - mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() - mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() - dm: interlock pending dm_io and dm_wait_for_bios_completion - dm: fix mempool NULL pointer race when completing IO - tcp: make sure treq->af_specific is initialized - net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() - x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 - tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT - ip_gre: Make o_seqno start from 0 in native mode - tcp: md5: incorrect tcp_header_len for incoming connections - mtd: rawnand: Fix return value check of wait_for_completion_timeout - mtd: rawnand: fix ecc parameters for mt7622 - hex2bin: fix access beyond string end - serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device - serial: 8250: Also set sticky MCR bits in console restoration - ext4: force overhead calculation if the s_overhead_cluster makes no sense - ext4: fix overhead calculation to account for the reserved gdt blocks - ext4: limit length to bitmap_maxbytes - blocksize in punch_hole - arm_pmu: Validate single/group leader events - netlink: reset network and mac headers in netlink_dump() - net/packet: fix packet_sock xmit return value checking - mm: page_alloc: fix building error on -Werror=array-compare - etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead - smp: Fix offline cpu check in flush_smp_call_function_queue() - ipv6: fix panic when forwarding a pkt with no in6 dev - mm: kmemleak: take a full lowmem check in kmemleak_*_phys() - mm, page_alloc: fix build_zonerefs_node() - cifs: potential buffer overflow in handling symlinks - veth: Ensure eth header is in skb's linear part - mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning - mm: don't skip swap entry even if zap_details specified - irqchip/gic-v3: Fix GICR_CTLR.RWP polling - mm/mempolicy: fix mpol_new leak in shared_policy_replace - mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) - mm: fix race between MADV_FREE reclaim and blkdev direct IO read - NFS: swap-out must always use STABLE writes. - NFS: swap IO handling is slightly different for O_DIRECT IO - SUNRPC/call_alloc: async tasks mustn't block waiting for memory - NFSv4: Protect the state recovery thread against direct reclaim - macvtap: advertise link netns via netlink - dm ioctl: prevent potential spectre v1 gadget - ipv4: Invalidate neighbour for broadcast address upon address addition - mm/memcontrol: return 1 from cgroup.memory __setup() handler - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data - ext4: don't BUG if someone dirty pages without asking ext4 first - PM: core: keep irq flags in device_pm_check_callbacks() - ACPI/APEI: Limit printable size of BERT table data - ACPICA: Avoid walking the ACPI Namespace if it is not there - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options - NFS: remove unneeded check in decode_devicenotify_args() - serial: 8250: Fix race condition in RTS-after-send handling - serial: 8250_mid: Balance reference count for PCI DMA device - tcp: ensure PMTU updates are processed during fastopen - af_netlink: Fix shift out of bounds in group mask calculation - mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init - mtd: onenand: Check for error irq - printk: fix return value of printk.devkmsg __setup handler - perf/core: Fix address filter parser for multiple filters - ACPI: APEI: fix return value of __setup handlers - crypto: authenc - Fix sleep in atomic context in decrypt_tail - PCI: pciehp: Clear cmd_busy bit in polling mode - ACPI: properties: Consistently return -ENOENT if there are no more references - mm,hwpoison: unmap poisoned page before invalidation - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands - mempolicy: mbind_range() set_policy() after vma_merge() - mm: invalidate hwpoison page cache page in fault path - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node - NFSD: prevent integer overflow on 32 bit systems - SUNRPC: avoid race between mod_timer() and del_timer_sync() - xfrm: fix tunnel model fragmentation behavior - sched/fair: Fix enqueue_task_fair() warning some more - sched/fair: Fix enqueue_task_fair warning - floppy: disable FDRAWCMD by default - perf: Fix sys_perf_event_open() race against self - KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID- net: hns3: update hns3 version to 22.5.1 - net: hns3: fix vf link setting failed when no vf driver loaded - arm64: Add memmap reserve range check to avoid conflict - ext4: fix bug_on in ext4_writepages - ext4: fix warning in ext4_handle_inode_extension - ext4: fix use-after-free in ext4_rename_dir_prepare - uce: coredump scenario support kernel recovery - NULL pointer dereference on rmmod iptable_mangle.obs-worker-backend-test-0001 17169572014.19.90-2405.5.0.0251.oe14.19.90-2405.5.0.0251.oe1debugusrsbinbpftool-4.19.90-2405.5.0.0251.oe1.x86_64.debug/usr/lib//usr/lib/debug//usr/lib/debug/usr//usr/lib/debug/usr/sbin/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/openEuler/openEuler-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection obs://private/openEuler:20.03:LTS:SP1/standard_x86_64/538c31220673aee2841e1df79b8e1c35-kernelcpioxz2x86_64-openEuler-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter \004, BuildID[sha1]=69260e26058af5718755af575e64d643c507ea11, for GNU/Linux 3.2.0, with debug_info, not stripped8!)6'iDxutf-847d715c120a20e4a98220fce975c41c0f0987db353a82c1ce0602b1cc9ba955b?@7zXZ !#,M5] b2u jӫ`(y0~g0qh\tRbw ڽX.K)"~llSz16\Н%4_ wam4pšK[w;}*Z3oV^Z${I\YlC,pטȻwrD.Sx% j0x(;M)R+CY9VvXA1}i'0 s{$b?*H,q9i:)ަO֮HH>{%t>(rl5h~KZ%s.RFQ?oje_JZU3)<ɐK )|(7:r|kwԾ|B/<~ҿK<@~4ET̟P0UwH6V퀺^1k/j:gr] j;7'+Nҕl)6 {/:jv@DAo$ w@EC{t{xbЯ~P9$y+5uہz#c-\Ի-‰K rI]-X.IQ%K`9zyVWH֦Mf/+T+ B#Z|' ш//h SjXEe{%ƴn{gE|reUd0cm\#x7M88tqp?>{8eEUit.ho֣᏿D:oߍ6ęvJ0wgH°䕚Jr&_mgqY4u74K]?x}m/ X!53R+Ld[ezn05BMm!y 3*SIu8z592X\B_ (eOYI {  ,AACq+}.5>蝎7y@Df~ٚ+OBp)3~Aat-.q)?HPOǷ*;}lg_KGmNMLĽ‘Kpe$L-oD@α 妥{M,M諦Ĺk(бs`yG1i?fçɱΕgQC+덈ÏRcVpyF[P-) -K.;uxџmNwFeٌGUeBa$e?\8<s "{cAuP%3$H6&B8p\KܜHkp vq5&Nz85Kxam_s*@`{j1Ybfd*Iߕ$iXyjVigC)F'1DQ@fH~69B>[Ŝ(,$.'1[,slO]3κ<ÙQ*b n!6Cz ɌIHī/"|H0R_\ᷠ9:~>+c{&io^Ǟ(cֈՑ@M^k@Hz0S65kTXY"g*[;ZG;]K9)(ټ?HJs;Šx:A+G;}ea(O4x^)/N»g9̮ܝ}\':CO^܌Қ!-~2BNq~z{Y˼Pjx.Wz9B.ePIe*\c)E-|IhzϣtϽI {?E>|L+K*nzpm?-12D%ǵem}. e'/. ?u!ҏGMYY& hhmt}} ?T+Qdf6`EV~bs?SvXx$:ŔtӆBxi`v$.D8?/)Cg˨ٝ"uF~}hw޷PL9êOq*eDz!&qb'S]pf8;'7Fir84L? DfmV%ZɦA Jí4 N<MOM/)EcF u so8!(=Do#F(YxԈaGgIj[6)K~¹ [vȁE Dåy jѩK726ƀw*M?Dv8ҼO>H#ʵvppմ0Chf/֔q/7X"Zbˍ$cn v@śklZ kϪN*FHk"kaf09H(.KќzB ,7<d&L(E,(~Z ofvȖmBp ~u9(㪙YH(7/Y58i澑3UGJ'r KęlNwW8dƑo7G?]+ҏZYho=0a]\%7@yuC~ SP EG29¢|/;FEA{L%@UFls:e)0RBbPs /ʖs \*0 smT 0ᑋ!c'"\Eڲ5^@Kr:dfXܴ­>Hw6ͫi{iOil*Ot]ӣ|Ƽ1Km_Y el#CUQ.=PXu:˃:{m&8MC} QQ-G54N=rӎ$H[ e%)$';U9zکtpy[lukoWYT䅙:|n3~\ E>(vc[* `ɾwgw:D콅LC6m53 X3 'WX˵QfsپQ^ Jԋ$xx*+'#m%l5& fESqy-:] .XeڃS&3Ӳb2ٖdUZO|cBlv0}PvIxT֭s\DEP{Md!?u͞t*-FcF~1]}_'֯{32 ,/VVE+ @2`~;֚Pm2&0L*!8T7Iڈ 0H*Ğ^?cK/07=P.=wf;&cMOAaz̺Bx>2%EPc4Yۮp@b (Ⲙ:ںaL~K#n/Jom-/9{;:R0PAd*'`TGk@B~pYv{`Zztt"l-^toxH yyUa }`kevzqdʗoտW-X43MPN0dBn`#IkP I(ԳvX*UҧkŒ}Ώk!?'dwG$di)-mRm EU&.*{Yْ͒V\*m!pqZ7 8 !uͱ^ TZ"T4u/@JOP|7 H-X4|O ʪ_0i̤b.vI$F٥eeq]M븲P'c[&è/rPdLB۾pwB?1|ru9TUZfh'p^^^q0y̽H Bc`pJd]WcDD.tQȂk#~e$P7X:&7@R\= Hk^33[O /3R  \MV`(EmVJ ?̗_ۅ0co*$-,aV7C edܑÆ!&!jz$jhQߴg [͐37RJFfna5/ ʜ a(䨴D+).]݇ +^YϪ ZH7ת h|/H\1P~anJ1t]tp@ 'I97w S-A!44^zAYKLWҔQ~-OI 8e-GԬ`^t͢^Zb˄012>Xɱd4F Ivgh0=gr;(H\H0XP|]S+\6qd=Hcg{Lx69CLM|ha/^5=EEBx+^W~,@Pavg1Ya( XJ"'lxj`1 ۏ_9t4eL 6XŒi(/H{hV2ɸgmQD H%w%b+Q!$fF)Bdҵ*g~KbI2ZTI*xjXXZ0Q8 2&'P G FmE巚YQ-m`<ߕm;MwFO#|^:^)g3<+f_ٚ MVfe6hhI% WpnASRC_o_4:AZ!9ن:BjEʦ@~4chp,k-Nۻm-mEqLȂSmLG؉9;gck y8Akv6V * X, Q# lx >gi/LyÔX=~|UpXSbx< q?ʮ ]x7yc ݡ/Y6e~JɓHPWXD|ɱP@lRN~T /yЂLf*,00֔?6"E҆)^)Gqu],}%yϠ7W.$ wE^`4fAPE _), mM9UJmEz<,=䐒IQQC՜1S[Ø󏾷J@ 0*<["D}xA%4;EdaR ~9*r'Z7{GYAkJ .i#g$fmM׃k{tՆm)`\%=Ҝ=NAGbx3n|JWjb3OtP vPiLus4VO6j&h 1ƀ[Ict@KhO-x]$a]QhGhySZCRNc/lnz*´.ׅ8mA+ ֔ `͌ܔT&h-]){mSAA~5ϔwfWAMrA PY3 FJ{(["Ne>؈=}@$O {O;hB&U35NnRu`>z)UT؉h!3kɱ)Dʩ巉-? 穭kGi2bA_"{J"~H%kMJ4ýwPeA<+˾&, (`OHkq4oa|9j?a úz!EPѓG#XG1?t>t߻+8?t/\Ϊk|5p[K_,x4A@`m)ZhAyg . R18,!l"c>wAݏqƨq7*S!(SgԂ]A{4m9Jd&^UKF9"ʇz1$ȺBQ=iGBKl悏OU$Xw_iR'!=R <"?sv|PXޚN}m 9><K=wq@0l6P8ɞs{_EY+y.ȗ =(#*ܫRQ>2+j81 XȀê<'E_=,p.ˮjhֿvbuP íj%(Q^eh>aGcһgc5NH`גX+/]S͝س"ؚ EsEh]a'F{qT)k 9C[JىddW d!>x4jc">Kb_@Ml3Z&KLg}:bO1NecCL/cA1]_bccT˹}O,Drt Mnmzv#v NK.A/TjՑ׸ؾϤ,i ܩe4B9AȌpTF ŴRݿAO7̽2WH͌2e<>%%_"]  I`,f.x+[q9ǬGSq&GQko;LdLR\UL3@L =t ﱏ`8O)?_; Dh /Gϊ"S}OԺ#/ $Ţ1),-O6iT>[f,`o^> /] FT~& Wn|ne -Ek!eYyXb*ƁrWy=*j3dKǕ+PpQhG7ҵx NRy] .6DeB7{`JͣEg89%\l xz i>Ns T殺KTXA5`ԴS;S%m9~|e6^V&N5bѼ-"#1㡓"h~'~mZ'AJbGR.D ^C9GA gni$e[g5;~b`Shau.f-öx*\I>GX q*#iBp%ZQqH'B1[+94kӷ>&rq+z]8I8Jʭᙔ5Ŵ.+066b*H)fYZjoS|C"r4c+zi(f=^DVh]ƜZ&W&mjV0uk-jʽJ]*5UL.4!-L\:gZ_lcK)bQO_K,VwZE }wްԂ W?B {j\rZb;n6"qW'3j D ɫqakSnܬF/w% PLJ~^#cm\NUP)xYȦ!OheZQ'Ed t_)p0y K DV[tU==K/M /(ضp ֱ׺]u*%i(+-\_T^]cà*8k ̡pIӘ}yz*^aOUA`/@$h 8F _y/ޒ[ą q}F'D p^_:׃6AZ/r-#GlH/c,al\H›s$?O1왥Q#*+Y4hiod[1 bi7Y.mVO"a~,P;筌3Ez{]g6+Q▀=^τxG|%qT ;`VGyec 'MϢb $v+r4hF̳.y$ b֌Oq ՊV:ίP"'roy9 h\̪ ÖVTB`wh>hӻXVyZ-^ri;1չк6+ ڇqj[ H5Vj%R!];9>҉kY H{Y ?ض =*(@S[k4mO@22QrFB Zl[VxC <(l*k~1[3ySIĸ`2ؿG/Zd;<9٣x#LҐM:t)JX#u}d7`E|x|GhTئKAowm] GDΖCt\}=fҕ6vL{g[˝!4F={;E0w5mSڭ8Tfd~0$JxÕƧYlPb#IH6)Bԙk>g0QnsIB{\ѥf$"^隺 7'gOHRQ Iؗjbr bx{N B ~6{22O75x4сx!CshBvRa[KyZ޽E[f^ ێPxME7v~? IX[ ޮ#AG#xĢl?i<#F餆x$Hz H+&:z[~FNGQW8B}3%(?(_5i64!~ s[oLvOʽؑ%Ea,@;Y8wi']\ʰdjPF{ȭ#bPGD|}8,ۏ'WLUM3J[PsXk2 \T豎Ӈ hJiZ,Ȑuc%5J.0/-Cry_2!( ǘľOKGm'k6⁔ ʥZkhvf=üp1cFF ?g)\53,FW:7hl16xF' EDIjU9PC&s &MD{cüRh cTۯo aj lO# (B^2U+*͑1R8iurf6J[kao#tBG+BjdQT~ggX}ZrT0:}N'H;Ua3k7N>ۂVC;5N3_YunHes%`7x?EUG`>sMЎ۳.S@ Ye-$1Ey9TTpf}]1J=/A$ˇUsܬ UUGmc+:;O8&FR#WEE~- H*@kZB J3G'&`qds򌬢ga#Hq dKhEVlFN⣺}+Wyf:^Vex5 kyz]t%G >KGp[F jM`]l'PHk dYs>ĠGצl?8'2mۃ_?pr:yHh!98*/?4˲Aq+g۾A'LwdTթlq>;E_(+yIͻ}D8j~佟f]DW۬Q\WzL(\DEƝ9F%8%*2"i :>S vAinrj%b_&NԲSSKu͞ 1?U)s9_4!ݏ|r[\?ܞHc=`%糷 ZesƜ&ٵ)\}%61 ߥ,OR蘻4Σbx$IPc\笶nQ;*HO["Cdue sE i>}SOvAqX`.bAH_gyQX 2ҵR|EP]d]AE?YQn-mN w Q]:YoYbah/JU#K!Bϵ̤I/U [L1\ tec 0xZkNc->X wf(aXNHHu9J q-/M[J~D48̖gڻMA%w!bn,zE8ѯhf\N^WyIoـХE±o9%vgݸur-[Y-w P=!bi֤ 6 YK1Qv 8YbI)5/W!rʲ^ԗX$:]%xy//+%ƿOe1 Fs]uF;$2h) ;1yrpySrANrAh0R󫴗?Je$т0;"#>t~ЪBU  :XDR̸7+(wퟐ2zń=NpqYa#V&8j7{H&H!863rbp}F&}8خE`LK<FBf\w|B(6}J5vT&[bb9NqOE%A?DEM\QT92cPYo(q,mJj>WtQt`>:QG::B>hr-fap; B $#5)u'{+tjB&Iz`:Yk u7ԕSsbwjO̭ n2uP Vϳx/Z(-!N̈́F1q[Lb?55>L?2gF6NPw r3MCM;kN>qlY}_qs~k:!~G.0oM/}+f.˕A=pMԌ][gS dՆwn(oFtɏaj v`Wu^C4$݃C@d(B$,`ZR:uszLϥiopZI2h-oP)Дr[¤Hv99H v݃ rX.szg7okTE4aXv?" \s%R,&/P_Uw{6muXW:va!4 )(ˉ [{&Y9"Dʵ;rQ wiW%u^.>W,8<1 byӆ˼^.] HCZ>w! Kտ<+a;P*:4A+~R)6CU}4/w3#W/aq[dK$,;4UK_kW/E\EEsC^p[bGR J|=]L\Z{B_UC#vq^adŸ'j>J~ƛ,+ioT7bwXn%=IWĭhЂϩ?pi0 jP t f +o>fԊW^}Qp #k@[Cy3 n$D4?2ҹ':pNgIXV.W +2hϘc_ޚ,YlɼN45g8[#6NX#9`̥Ĺ !Ec*9?Z$o{D'V?&شօcl^ MS _ޅJ@߫N6fn9~:u`Э gr|OfvchI(P_#LN!om{Lݫ2 >eJgZIKv5ۼFͲ&[ЌhWvSGܜAC).f8R Bq[xiOkI nQr1KL}ל/I³L䊖\M^&gR99Y!=UiWB»O£O m-zl)^j)$5$Y8s(?i-3*{f eNJA⼰D],%估u6e 8rqT~Ey|?dVOMh +!3~Ng3f:NdWt]PV+Qͅ(Cz^_34j3%ѵFgbÀ AK9!ȏōm1pL54 )W.TVLUӹ'PKчfjSaM.M#,4F*G/LxľGne ]Jψ4 XG0S {31!nϽƠ>O>l~Q|\UњRҖbu"EFt]K!<Oq'',;rM=zB8H`qĎxO.d ǎ'y*Yjh`_z Hs4nRa~cl>o-4l A&+fUkH~ߗ^ P6 -pR9bm'^ŁB ؤ,&lqBt<dcϖ?'moq摀yDSۃ/O*mGk tgu2=]57X׊g ^-xpb$jo} ŇVE o} .p Mp1G0;W%)MW_0cN%j[o,q^J>}TjaI'uעqtHh<@Hx.Ec<&6dTl >a~Nq"H$QYLkiݴ9?\$Gu}YURL]rsEh30x[ 4u@N*˚*VH &%Brd늦qb Ǻ@Ui0My@|yr&;+n'x1 @RЦV^޸xC#ӏm?4NS5]=KL(ou_سb , :W߽iQoۻKbR%nh" ]< p6%erR`>6v05g2g:X]Zd,Ipt x쐼-$ }6[!]'y1D$a k I0N6ACk*ǟ*rFl&VW ~R3jܑP 㿼*k_7RC5ML|g]]N{6NjFM9p hxqq˲t|! C98C=,(LNGk_yQyĝxC]8Qnoa61mV>OU@;O )f1aZE5:RaY?DZX'ucl$GuߐF(>_(z1hGWy\(c4vwL@c @713Zq5WV Ϯ ha4)e"4e4Z2gs̛|ԭS:V;<se NSSO.|XֈTa`2؛M b c,3Hq3^ L*_.1Y.I=ql4Q)"`ʹ6T HmPdkDĜ~ h ns AXw8'3h9iel8vM]Op:JK< ;fm QU$t8e'8-'!+SroSq4NW/KMa$;q=^:f0l"Bp=ްI8ʕVaYAFL4vxz ~Yў"R}uT`՞a 5VvΎC?`VJ`H@M:`1Ռ~ѺgrlW|dwDrTMǒ+O|Lvj޶r;[B\CKpa-/Յz-BxK6:T5ֆVYgj|2UkC \(HԼLJgǸW,&f*>{X+u ` b c.LCMhDڗ=M :UCkٹx/u=4 7:ɔ"h.of AlJn~)g_8ihKbQX]'Зd2WV'JKLYwR=̎Uskm=>Xqb6S p<2^nh2^\72w<f-wHGO|mqacB(,~&*pfK80pc[(0ުtݑZ&_?]Ѫe}@Ei'7`5/˛|UntX0!P>e=-愤++`=_.nj|Ѷ:L`L|e vo.vuuij:w 92tԙ9? >"ka0rMС=R.V0$*y~9-"9`LN? ~ ] `.SK(aejNN6za] 惮J߳ ̙zco}n ǂ$YMC-5fl"Z-{Kx%ļ;|n䮫J7UXCYTm#8'ZSTQWL{}o~JJDYu:vtlqyE98"'t~|_lJ'̵ ԰}r?yf5nSEc"ZBqJF\Yj{9#_y6'(.$Qԇf>>UJf!j( r151tn,ߟYj[ί-ѣJM<>k`@oxRѦ s?^0m^" 38 Fr6:f3iޏ;)sb=a>y[74%E w#7>eꃙާ71IIAO)631aT0+7{?8}]\ME1I3*8j`P̑%E \ڔl\׼M2a,a~Kdٚ%Tzp5,2;P2 Uqqv`x9"|RE#o8ip HRI|˾^'*^_C!2'a VFEl6,:RBBQ.ë\ȅ˧ox1:LW{$糑\,C{ey KTyjᖓ>G=8g%Grr-gX9U:gO6D@8eZ| Pך 9;Ʉ(=7\]2"#oՀMd+YZ#A9H1-+^`f iơܚ~}2>bf3iQ&Y]s|pAKF#34BYn'ut'2Nωs_uڠj lR22&; p;8gX^o0ݺ(VWXQmQDXD ,p `Dd.=yt[bS/V v)66EjX#8o%':h&:camo+OAdzǶiJɱ]X/ͩ@&s̜*^m22 _"|jr k䭐v-rPrw)j` (qndY1Zv0`#LDBʓ~*b4C4"_+Ye)Oʂme2#B-ם HZ`AgJtCiS4gqxcG`+$r*,ABg12ЗUYA]GMl_nJ?4V).||r 3_߻ #^]y`BdvV ߚ%HwH\gpZUiV ~C4ՍBNFywl"2w.ai" 0B_eg%Ҭic&kc(ʂ0iZ"|xf!G1d.qU/8R߻ Dy g4!oYH ,~~9G\c]A"㟷^eI\<ӑ?D%\kږzڻߟ1+0j+"O)VJ<}FΏgZU:ʙ DD[֞OhԘ19E1wyy[ ̭չшm~} K_$AB$.9mlջ#_ 惹@̇F(9ob]ǧí4U}]]He,K@~c9a.CxG0Z[0Nu>~;,@p3'|cC*R#ػfR&E"5!^\QM]+]A{eV\h~6X-2=)~6u0k6A]gh7ѡzҊiעL ࡟Z9$&UIbHFVsZ>%?|a+)lc Tݝ!<[\cE jZ0NuL~ISzĨJLp @Jw-@/3Z2䊊j.Kɮ"!xR:I^bٔV[1}sb 9m,bb֘^f?J"]NDT}ۍ2vн6GȥUu"/2S6h.6{fڦW:Z S-&V2Qd_(`eID,E7:_aV΁=|q1;RyrGjGܺb R*Y(r9<_F~al,ϟ[^y&=r&GtL11# _,*QOcyPqׯGx$p At3oJ^yߔ!YcQHB;[*Н)`f^uvt}m7~~$[mC*~~$VÕ'M| G-ˊ4qFMci"Jenggli +;1ѝcj{@pz foHs!Ҩ{ìej^ͪ ʕhov<\'ӏFGЯ ډE"g(}A탮T A)k:>&vE.,gz}S#ٽ ؂9D^5EXoN8L_ .뾡npރL?jj-ɚ]rT,s C|O?cD%F"J@+cjA?2bߜn ;~47Z^Lud58f,k*U~ ć5sS? \Y^M2]X0QCq34 Vr*DQX7PNBv6!O(bJ>cfԫR"P9vksR"|,2]r/JuonfDo+UNb "J1U7aS~$ϳV Pk̮~'Sm9[|&=+lޜ{m?JSa+7?[& lJ#7.PyiN& `:1A:/$R8}W<[R[ %7oxTi|r^VѳPuYu<,^3%n6oмd>&/7*U*JvES{ lSɴCt5hQnzFµWCg_!Hb01_sIucD=r~D[GY_ +{vLzcHDcumw(nSLmDq;5vN=52"RqźXi7- z=6jSg;F .8+`.76 Aɰcja ]Ev8KjmhGeìZM27P"b[er^A\þs'#j` (nx[ 6;D;HA2WK҄ )|IO ='-%$)k`6!o |z:TŃT."A#"E'觢]b$|q\l:p<2;I)+\5 5x0g?Kǒ (s!|}lƫ}0ՙJ'1AGQ/`+I[&m雜#8^ #:k^:g'KٞMY7aq*3=nvrhֿr#M[LP†XXѤ ߃ nc{e b1.JIqR^ bޥA#YJܯ52A;o(qwPR3snVX:4-{$*#B ^JN2ftsSIf8Zً-ŵig&K}g=+y'*uuEY*A8 6Dn5Ď CZot{y?Ơ73H@5ww wq E8YE}&Jت+QtQU]ZA3*wrۡL^>|Sr4dECa'(!'MߒɽIߔhWaTHXmi+-=1W/-zr=.!Ys n'#[i^Os" ω+f>3)& xD:hz}#J5L9:9T6VHrεƻ3h+dR{-D1 q ڍo6\8&PHٞJ. g{hZu ryn;_1o {i)%nDW{6th^7ۉאu&nLbXTվA8俩5$N:4.Xb6lt$1q}RwC|l99FWғա1&D99[5ʋJRx)70\KQrl$$5-:a)ljocŃd}{!1 'H _wj9+A3L"3ٲJ= ?tRZ*t'%E\N2Z䊞_)򳠐N!@V&#F qϾ y:1ڽN▊n)(ML2S4H~̄uK :LK5s b 犵!^0+0/:"8P('aT<~q$ ?M{'<_ 'dOs.Ex/949"PF%)T)KY(I 6AoMC킱Wq+ָW{fA79LLF&ގ F%c+Hq9̊ j>֨hKW.І6 "8x`vw..^~ٸ/fzuQpɠ-?P黫8P9Ԯ%ڃ cH@zsݮG[4.&xğ ϩ{kIL3؞Tm!tq֔ % M(g@Al؄>x9v 1[­}&T&HC.qB$ݩg8o%HXF_.6Qf"8g5tj(Kf#Qԑc+19{QE) lMCv=k>D_lIO|.&Alb{ os);O\eqV|ǻ,$ %1/u" zJUi|fn|/il!t1nᚤMN`+_m/'/vjW{ZnJly`Y,nhf_[9@6gyvZ5<3i4)\=CN\$ dӖ6XOk}{J`|eik@R{Gq}6 XAЁx7FL`څ6[JyAmy dT "8La/+A.Zu:ryǃM|om r=Yh#NMGrѲO "z$W>yT2k -&#d 1:(2VEMg/b־!\b#b l_63,H+;(Aj9Z:|󉠧>%k n=Z^/:me.Ͱg4N@ȿyyBt)߂_s[ְK_?G'~UhS~r¦D۫q|&>f/9-')Rb&-9*kǬؼQĒg ϋ'iUJ&-|s-΄`2JL(lh?UP.[e@(nrk[/k08],H{/WM? \uSo< ug/:9B"n /LT٠#Qȝ8h:2uyÞ}S .`NH:"K)ĺ4EoY)GO?1!/hUݑ˺VК:}ڂi~Եli~38#/ Y}_%ݚxOb2+f nI=^W=J혊. )$Qa3WCQ/w5eˆcJSbfnh`)UKiVxǵ|C̹0n7nX=Tԣ#hMSqqv:|٫Oqh͉y\Uz#P1^/Ih^=6NH_Id MAa0"e߯"RJbRg]7֦wıݴG"*P­4mE+ L5(Lm\\c@~kb :Dۃ%T8]R[[6e^Z͏"%8\o>&:&Fۧ RM V~9ּ)Kmb|ܠC]_|`}&9w  !hU0SM4GC>,[ڱd9Z`l~u{"w 78f;?:UI b괖ڿxX'h]A[\0bXއEWXo"8׈N7B)7!|f pW#7,ٕ=j2 o@qSY,n+6AdwMpFK.Z?dgNypf14UaEB#-5huFLg?e,JO{Bxc^ /Rm?LF02$w6e>DfgА]h+6 碑srx3| Z7a+iXvJqϦ(g1 i M5i8lii5S)*Ǥn#@K& M1<_&*ŋwj92%Y=Q%*qt(ʻj1^Ms _ (jkҒ{ŏt?x6zb;'e6 aщ~z/>9;9VxG)Gʞ`>qj?6mhdA->OEƖmg&VdݠfGAegYqe}3*w:9u'{<)ʯQvpFI{J\m0cGxO۲{uɳY^yi8CBފ|{u zQ2tv`ò 8.PE7ڹ03!HZ&Mk-3H&b [VdT٤KMSc[ UKN ?zI5K42Y 2>+ R*.D2#.r i;/*;tXjbZ05$V [T;2|,p[0!`qМ䶆W4GΛx5kg[&kTq5>j8彾Ghm23D?\*ux|{*N 7|w%߭\_$)L&VS 7|YPD!!K, OWn,A>չ5C:6aDOW 3 w"A`2F;?i#|4z|ՔR(SB !fMz1vV-2j\^%Ęd7&=aS{:0 82c1{[ܜH@4Rr `ۅ}K[r!1x]5Ҧj=@)Q0759ngixy9U<2#|]'wh>#6 p{XD~E!mxӉh7[ WzͶXUpór\(ZƔm,II֘k(QgnS U(vmGߑhmDWy(k&5:$.n;W x~R΀!N۶a&>kehjrUR+_DGV7\3sB9-=d۶-.!?3;h?榔li}U[%Ȑ?D]S`==rj ;#yPn*@kaY2w/b/s2K-N Ts?LYá? ̚#U Z9'kܱw )T - 3gtU/ޏTx̾>23qۥ)ObǕ~=t2$P6F.7QOV|~zrxy.ml a$$^10^M6Cqj͢!gVer7/Py08<L= V.ly0r8B< )iy1Dшޚ]LZ5]fjfL(5${t%Q`W؎YDXArVCY|: gTj(RY(5Q))v'ƚ%CF3WKDfᣤ=BU*j*VoI߅SqT$Űl> d!jrvnBvT mZY3.+|aPԲ͡3oEwFq[jgBď$-53b" T:D -vfhu'?*BW_yL.slG@ m 1 ~/URn usb݂H&&ߢrTk}Wب4n?b!2z>b8}DoPnNd+~쇞R7vz:>hXݾoШIN@6 8VUVU7gXV;kԡ etZW:4%rr!2k8'dooCaO땒YU;cDw:lڂg(Sj׵7sN#7(hju5ﴈ ?< blq茜Ƶ|\z}BgeS3,_ g05Y@/`S 5ယ./ 4%-|èo/Sۮ|̸ۢCI >ݸAmBK9}ГIXV]Ո37`T" LZ);_MF F\ Gz ;,oh֮`65tIJ a|TLGEcgk`lҮ$=UvjO@.; eL;1x\M>M#Te#4bV zY/!빖} ^0iz`4qƫMD{=I,p &s'vHqw 9now(_G Ɨ{ـ9tQ*!YE +/E0μJU#w#'c/gp_S^fV/9HY*WrKvZﳓ ݨϷ# Β? '1-aP146U]k_<5WO4䤀_ ؉ܲBvxh'XyҔ&YYe20Ƚg j K>]̕`gTogAḪ_teஶ w?( jDCa2 ÑW1B=-:H\^'G2} Xjh>II}^)]v 9;ZR,,Q '%J5U:}lX,.[#FHVgw_vɯ.q#A*MN *ώ1&Cz` U`('[kOkPG. 7==[NDrC„ uQ$B,3 JB)@KW^)%)&#A!{UEw# FD$zyu`v9k_=e@Mowu0ĪMx"z*@H)Plݤ 458k&RRvdJw [-^ Yd/Ƴ =Fu8xԝSn34f[}”Lfx:W #(owѦ󊁲?+gvluHm5LϢ@hvؖv6iH.+8pyb籶Nsֳ]liyj\ެ2XO94dC^)1$4[ {gT.QW6r!\BCaPQYjH2oѕҌS2pQgJ?]dpFJ:'[6;s.m2AZܼ]zOX…\8ks*65Y:v:4 }3$ u_en'1fT|6 Q);ؾ" 9oaAaehUr^U.y'%9o TՙPwJ̦GGU\> b6Gm&"_]VH0Ҁ#7 RF4>@v^Hd޾|:L<:J>?=ƪ'kdMDv~3GRߦ/Ym~1k|K <ܼ4E1zszr"<$B~{+_c@ ݡb 4Q(NZ} nZ%a|˭fċXj0DV;@uɯ|>~~n:~y/ k *~}PC'g0 \4oTE &xcSYr;/ig =V go-|hݵ^جEdEF*LY:Z-(:j4gB󙨍˂̄˜k~&'n"{濬~+Y0nr }ip'z& ŮMqu|Wb_{ZW'׷`sNPY>A׶ a=w9wfRv|v3\Tt[.:l4Pn&GSen`8iu4nN]ÕoU0FԊ4~^ SFKS1 "hgZG2zDiRu%uGYErix{`*wN⻰6 ԓ>׃jO GFT„_%2BI};Oizv!svp1edm:_5B? b`+?4I|ũBvg&D)P6NHi׽rϕoxfgTq= G?[wS5ֿ|:]dWpCr/RөoB+"oґ^9V'Ju@ZǞm9UےjBf{Cwc_ Z2DEd~F}cg am%\aPp }UG$bn:h8%,6 :) k+A5.|'-wM׫,Z7mfhYDt:Z4'I&)MM~*Awz e0E;p>.k=Y{^9̥X(a.b^+Lͩp .I*cCf/S!D x=vj0sǭ{4l9E rT3W7GPxnȅa??Byq:Pߨ]Y3Q5͚eVH"d#WXN=N/n#Y0sܡJtgE>{b +j>Ƣ /'Tq6͸VC?۟0LLؑ0keOs-Y͆A?y҄Q K "4ǒXe{"1] 0D[PT#7}~-YL;&:@GQI 16H@ xk]a9om؅}3bE`Kc]l%lD&姏SNesQ3Bb:k7C5k=(^)oc3i^Չ dm;a߆B{*,蚅\&-v*5: 3=QIi899$[PV$>Cj;O!'ֽ41(`iԿ@Q?sy1lK\}_(=D^F@@~2R8 W}ciZ-Z̸~AsMwFh(M!av,r&1OB|l:7fR\ypJбF$MEg"G*D.XM(y+".S6u5{q{ vP#7 ,&2 % BK4QݰDm^+_xYA,/+Xݥ0Xwu8];G B dFvǍ P_('ܪ1Q: b 8q[^zskATJg D:H.QZ@ CI`\gE>, PQ1vʬηAȇˣ Kǡmdq nܵ]!vnVpS:wJ~OJ@ٛ4:.Nf%D3+TKHGK4len\ 6%3Dz pBt^GASU4:<14hsQm?Qe}{TZ[Ui)T6bg SvSy :{Y;؀3,3'-ګbI?L1Ptcq`J>U]j<ýPpgRIeMQ!-Y -jUiiށ@D35M8_K"5 b@nPQdv,XlT!)2F`S uv79Eu8QP36A gE@yAAWas5wnYvt횝R;ˢ{PU)| !$ј95쭝Y3_p )'*.SdؓLྈw٭o(끡tI#s0#:|bDiDcA,۠z%{eA.}W BS~nEu\ax Y/Fu0ڐ*D~c4`! V J}-SI]4/ d,iN,u!3)D,#IH G.=*o{VbūU: t؞+W̏[Gflsd">Wԉ?Lf[j^y_N_G6BI"@ٴB%enhcWevUéЙ N<qEH {sN5M/Gtlf}Ml@5" z>5 %N?ˑ ӻX\'h7zvx  )]j֑tx* 0/8yHtOLmIk_F 0l$z,F+AM^Acm'"@7;9< nQ2 atN~u`ʇ}]LzTú!#*YjkYaͬjxyƋ 5L]֗nP:xc?7E¾IY֍h.пYB:ye/IE,l4-KfT 0ӳ|Uj^ !] 끄VX‹zaqBm._ DUpߋg2'I*hY$soB{S  %E꟎amy?V!tt,/+DW-TLŷD-IdUx0ԽL^S2 (wTǸ{x973}hTv}[#)I$du*L%LmO z2(ְ 2V,6NDIMSIgI2i1 A>^4c+s~ q$ЏW 'A|Q"/)N'갡JD*ԣ<0 <aMռf[40jesVg!S 9Glw`-])QpdqRI9ɉh~3W4LG^ˆgN|xA{R" -΁L[FWq ^Og^{oQ[%NCg&+cWW6TS\#m}Rn?<>8`b3 ܛco z3.jǪYh|LԀmA{fN83Kx}^nO71&4f1kO|O̳B`rT?6"v6Bȯa#d\CVLt䥣cwo%fɊi>4أ.7F}ܩ|\V'턿.>^bO 9 /9r83É>QsVn m+/{W+y\.A*v a#HT @B_Qv+1^3 #LZΒ\&y Ca+VsoMiL5k =ٔi?63UZ.}We-!Cb_\)otF)ܘsX.-r)-(}S59xFD z~L`%6@wDāmJZPm$me`x !oA9c~.b ۻ=Dr\=S9ΪT䯆}QZ|46p`]y![l+]- -oNt [JN*}Є6XY/ѕ r];1KKI6腱gZ 6TV1A3^+K$"W@دMphw)DG4Z8'x̨@8U$.,ԗHwC7ŵ7Kzh>d.rQePtbkY1.mcOgW:wQbGBǘ'3rPPJA񂃧5ahʚ&MoR_LR\;kX'BHgx9v~UxnC.S1'Տ=h0ҵ4;=K& oI=I.,6q2) C8V`Xְ]VB؋.0*~џ' {Td!fD}e3vP<1f= ;.0Kݚ5V'j&%_lz4#k:뱪i3IG^Ҍ!IS.Ro$yʎ42b ~Uh0@T|nHG2a7_@1t(5Kw8a!BRe&-L:i&Vոi_@0գw6Vo·tHb7xTHDb|]CT_+c4{?% z\/{ xWbGX R~7_""u((n>H~FrcjYTqCH[tW;=!TZ]BT:p^D$j00‹1O| v6#Q>%1a?bv:a /j\ O:Մڔ*Zw(Uz}ŗ]SE5u&θaU`ߋ۔_DwqusiqF)zTşAW6ߪrJL_ZÙ}>L8qv~q/h j8"8hӳy}HȠR&b]WrSu*1O^dW[؊:7hPrfUvT #"RD뢸UYnyVch F %\Q#\RӴVru2+H(vt7cR7o޲}T*1a##ف% rMOV;42L[m~y6B]d,[Y Gdses͉?Og8GN/ZNf_ \ -O&G1 QY p4ACLE}sAp)a$~.B]dx3&{UBq"ky8a(lOW=ej!.Ls,sak5dV5#](ET^v| Jr\"!=ۃO&>GWޜ ^ "'Y241Z\/5CŖ+M.zFb>N(6SNvss`oep`;RWE[:}fw0g=?3d{zpnG):2z"^|DdxI;C>E. f~%4igz,Iz\$bGiQ l*ջ:{W2 h Mlp'Y;ZR4i%fBUܩ)?uN"< `-.K_.ژ:7WAY&3ahP:P"ЛCm'S:3m+eAN ґPBE%hhks=@P^U-m]~V _RabEy.p-[d-6xSpPZ:р㼊b.[fpj Zf33"ᚺR"|:@$[q17jY -.{E=GӔdy%G(iʐ9o uO 1HJ(=_fz}{d+r;4('p5:aMK^֒NF}ssJ5!2^ WosdQRh:n=N7 =G̈*+|pd\ؿLmFi#e8c\I5Iix=9',<][ a;4NzQs¿SXav_iSq1,RLps/IeWCxL|$krMdpdBQ$IXcoU>^*5Yʽl,҄ZwMG@b~qv2!0B+E9vBTo{?T<e1 Oa ,l J U +):ZR @ʄHovɵ׿nt=?'.ȑ7 僌CrP:;TV&'~ BM*bK(9z|LNDZW@ԡۺ g0\XJE5䕙L!? o9(OO5. ēx:%Ȗڥ]*y:/)]ZKVǖ#mONl L^[6n^Oׇ:6Re8.#v?ڝ/fUVTې-=޻>K@K]L~ۻXzyWi3Wq1)P<<74`shbG¹ˑj;ykCѥu6+Lvgfھͨ*Oq6W+!T0͖}@zO;V>4πOZ=mn1)]EgzwY/ݕw>#hMD;4F=j.rh>zݽUwj_<ς0L8Ħ>&xvef5F~T)ˎ]٩ـtXw  4[W%6x^|'!icGqQ{e,#bElYf丯?կ!ݾŪ#dԻ Dؐ@allРW\t l 2QGbZ8¶"oOVX w^;o)1+4iF¤KI,ƕ0 [ fO- I6`#~gB]tX4 G#*S +ħrv6gzǝ%"mX:ݟM ˼wi9|u-XmӀSV4@*)ksO j/36u*8|_)4%S$qWr<Ǩ2@ &f.8t|Bw,z +*Em!,Y$gBM+8aLbOVZdݬKT]ք[/C#tՋd>xUv8/\X+fd\*hr`$9m=cnyִCevj)M9G!gvQm9 {R/>G2qׄ|w=#p>pvn,񩌳8Gۄ`U\13H%w~ j'043M`m)ӿlTl|Lm}>bnb>sHM$b6䴾֭I1J==7vH&9MKliɛnl;3V?.@^ԫ:g,l;?zڡfz p]à>󤦒r/G))<[Sxj)jws\%1ѣ)ogȈ 35GX$.^oǤsI`4h9E1UO#2*R(;G&}dkΤ.7~t?AK犗bWw5 |`L ˃H[p`ˮZî'#ĝ7KP.}ƋEM0Dͼv jR*s4,CQdHFf]}95\apo\u h*sB)_\I'&-Vn5O BrٙGe-|0,hOج9~5崕ZȁZO(5 g -X8ߞaŇl@sobqu0IBP芻``\0qG1`%2]qLݕ-XrSMWZUU\#;R$>fl. hszڅoX#pZ.w;i$Q>S쿛ca  2ЛoGQ#3ulؠܧN#\T'2+Z~zf'38 ]@|FlYvw\e݂?!wNwCgҚ,u\_vD| 2mہ.(fqRn2:4{ERFhLr#겉 z|4\sE]~M$ mVX< M(C~M(j 8:H8|RI=13젟qi<8gr7۬k>l&&V.t1SR-8q52ձj\}?j9Fg4-7Ύ>AˎQvD=Tetέ؇}4nܷnZs3/>ڤʣRj%&--^&zX ܕVZamOve`!ݝ[ V!'0N Qi!n2u@n$'00F=j&%xogxȦțBgSZN=, =QJY=rgk _a(YCگ-2gf\)Ӏ˕a62h|ǔDҫoiDGpt0D'%l"8;`F* d_^Vp2AN|ir.)d7?}_.wz,OEʃl>54|ռ6nȒ-|aYz9WEf$.BY(JV*es)xh`2?,Ζ*`/nkVw,t _Cո˳~o`iOa/2jE.ҮNԚ]UHwOkd##7+[dKRN2>+o>9QW*guwc~29 1}s k@ⴹET؃Kk a<NjEȻ~WpVg, M5Sh<-`BuQEo%%C7d͜+Nzĸ| G;ѬG@w&{Ny%R=PspD^+ 595bBHkQz]M~)?5CDUm.$`NvY ƿ*]$ {k[0*ELY]8RJ,m9b5i纰y+&v5LxLT~ lj H׆TaC D@|Q@E9Όُoea+V'BL͚e2)!W_MHeXt]9(nEv~ԋ1"LA}"{7o xLmm+ai u⯮ΨUyoG~y3MrtfL%'r|h4&W̄*~i\EIԟE0bE#̀R2%(ÌsR9| <bOL( |BXa a[-'Np+lˋV7?$Dh[D@&˃MԴӌ+,U,EDhQ̝}ByZvT`_(P <|E^2i X4nVsgmvyv b /ۜ<&uE2 bT WYLU!-3A8yW<*& b1HO_GKbaOuM=eS~2S;RzZ<^*+/d[).`±t):5)@+ ' VDJn9W`WJ߻r! V+a ?ͩ0IR6 sb},ϨMp."Zl nߜ2ElHSYCiQW㲥;HhXw]C8pA͹Ir>UsNƌ*88Pyo=x vId$i- -bN=%2},YQ @ؖUz!Οy @㌇è}g>=:*WzoרѦ,ԂGGu˄Y JBcڕ`3ڈ*9O^4i1*!87 :l"튄!tX%RtZA w!q m6Oo !į4*dq岙'3  TJjvэ5 ED1MU lΊo!G(hmxEpI'&4 G7<ñ i/+4qRvIrp01o3(3/Zӆ\H;X1L?Jsjfşůhzy.hvgj-^ u n ;jl\Au쉮@y,C ӯ,z 2|Fĥń%5憪>@qǪ*{ F&Jg__6I-:r:T?DJ}IiX0 jO y\H' uds50m8T%"fXǹjK jCjG:IhT  :b?SM@Ǒ0z8HmBG1CYH-ϖPtS&hO4!h(g'r{>_L]?&ޗh4yoP+%([9C?Avwn'S;̼|Ok@^&GCENZh] #?9q,p]T3s,nEN8#%YF\ұ} jBizӗy 73ҕC(4Eu6|0) ނ)$ GĻ=$GљzTG2{#c\I?JWTo*^+#V!՞c!1BBo\GѴ},V?eW~6)%1u1k}΄&QCC4yW7qݝnҹi9MR ( +tyԖSn&hǔ Gegd1$Cd9P.DRE[bu>r%=A_Zgj&S.BO :ϭJ`ߘTgvXMl#S|* ? >IoqОjZұxx6m⚼ե`SLxHV}zʵ0w$8QMx:qٌ6>gmҜ2*df]ą"D*|9Y85D> 'Lum~a#5:.kآ raIfG?Z_ܲ{fUgz-ujQף9On̵FuvJ(]=X'ݻ3s4jWR1X=sџ$8j)s7 s~ou~<jiD_7\ 4&2D`=f(Z_Nhdlz3& }B `1& 3l {#oIUpXAo!$&boɖV#3<^kwΟ2#jun;oஐ6O'ȭOkgU| "#*ocM1#PYYBH#ͼiS(5|a{zt3F6PwoPqh]*<$ӈzVQI"3FhzW@aLTxɷ8N<٘e Hl WBzsD[-[CTf}wjckfqĘSĄ?RS@E ]ZsGEJ.ʔ  42ҭ0,Kpr:Q_'0l@RvICdVzr+# QtCNzפ4|p[Wkkȋ₇j3Ggr;6B|Xb*~K CnV` Ni@ҩ!J)?͒ȸQyD>NnO&-EmeQYiLp͍|5xUng*I9^:b=PjyWqzjpC>b{~ڊww.=CP', # |ڍiJ53dnf39^k9=l<'UWڃ4uV[؝ye{@Q]ﻱf:*/14NQ&82X&O=ᡧ?.'`n v9-NأWv [";fK!ii&*]10CoU~HR(RuMeZϗq$Vj*ק>2--NVObFn|\16K ۩)s<;W%;&z>{nϪ.tgN͉$$ʿZ :,*,uHd:遺b!KKirdcPt =xpU'R&Ow߀f=؟!'G;u#ϛBЪ<)#jR9C-=`i1K&ǥ\\ݝץ)3q-YDza?s2)f37 +T:hU~W߆Ǚ1La!{ƻ ,%Y<|6xuDS=T3k V lኲ6{a<##W]H+@舛;S!xK(gɦUQC >DloF6 ((aH)药Eč!jίt{(yjB^w].@unKe*Xc)U` - UC5A9poN|5Τw y^,?ӺѴw{6բ:VNRԳ/hR5֍A`%^4wQ&bԲ2W)̜r>y\Snԏ=l:͉{у3j${lt!'vwG 2U-/U&ADB0䤘n ŅJڶYKeRJp>\'+Xf$Y\y{"7lJ攎}xkޥ2(9.3;ìP\2ôMyTB4Ҡ{bq$P|8}_ $_|;s/d<0]BLhYRm̱|^J·FȞS]bocĩ?_/C+ʇ/s֪7E^pwfB권Gv^=eZFĠ*|}/!͗>@U1ZR&ϥ oq}R. Q1P5PoY13IQR_uof߇6fB0Vws|{ԩP ;uFQtc~6+3=EX'=[~m\ 'u7S 'gȹ.:9ruyD;}{A$*ALZ4#8 lRkm ,^C/U"ٞ&߈w_ IkK`|c<?(0tI񭀵42:;0xb ɩW[e >R̀= :REBA?&Xm=Ys)I0A4]he<{"+X'J˴d;_nGG(4IZ G"{}W UjQSW'QbUMf~͓P$<ٕ TIP*+H/}J;Es+U3v0 1`Gщ͠Bj:`>kiTE!rz:梡ļ8Jj=ZB T6xTi*P}BN$ .{7!V"G%"UÙIB 8r,|k#f4P,2rj~tG;Ϫ^@MddJbJHߗ{;φoDI5 ޮ1 'B`p˯FXQBv{Gyņu+(Z;ѮFRCes,Jqα,sȩL4נ&!/B҈Y$얟?xӒדO,}!@b}#m O!쀪1-1+#шhq.2{+Np$>G*:YY%QqXG&/ X4 ~>ĝóSE='Г0# [=rVM=L>Q1i =5GJ3p5x/jOH57"zL]ʣ3Ptu,J2 V;lD<`:0 OXI2qm-QO[qƤ&d4zm^ .(q@x)5 H褨$\@ y~;pL˥)B_|z xpB3ٗ jg0%:1D%ɇ!Niv}nh<7tPZg)6V/h>P sRj86.y-MB'+pgXչ[\xVfxU"TLu /JI{pG#+h RW:#)Hm#a8[~'w6_w0;@կQ(j<+' zADmaƹ ۡKf@k^ ֝h\q(eIGE pt7 uB0jKjsZ0{UKZs /*UD?zj~*P )JlNHOq靈V%XPӴMϩ"&AB}_|V`6x3 7şWBm!cpś$PVWʾB寯#,p)Q뵒]\ϛRJ(v1>U#K)xW"V8]\Vyqsشnh1uYx:*cBIj⪤aA#n7/1.h!׎<,wr?W*/?nB,@U\Ip_tS^RlX [,I[MOcYnxɝV"[LF+-PNF-Sp&aów4 Vtp>bD*`sĔCP8T]͐ 18*s aIDQ~t8}59Lƌw_bzÍ&i&M>ͥ'{M-4ekxS/fo0X87M.uN+o/qf?|#^H6yLu'.IZWfΏ bE:~V)<3>kEI{cڛǡ!fa !ը{p_d*9ٔ~^֨*+An%XZ< ofqfC$n2gp(cja(#++*4qCr'wkuD[QJM+bE^z6`Atݸ1 :Ny_@ȟ;n{;-VHG4anAPU,JŅӔ(е؅%XL b>w۔V8'*tN1Xq;@#qAH QsOvA)^0ã!§ٴDsc=`ش;NeT[uAU-Gu?: Z!sl%K 7V=l2!η?a|zNfxILpC e)(-&}]g Q'!5pR?P;5waU2*@&O@Yj"}AX*|Va`Ӭ6:aty`Rv/~yiݙ v&b kIGJ0Ls O.b`Vjѥ\j7 _?Ր[U3@4_UHdwZb-itJjd/ӂ/B2F/ݴ5c &ΏJ"Aw"֘kN}-՜~Y7gC浴ݺ.c 1όa+ǭ"K&%'sgP9 F|Ԯ%$!G<{TyN'9-{snzW[a&1,9b=cRT6d`Zg Kd^LXʬ51L Knp~$9fc:l8\̾\).ؠzno`tp ClM'ێbN~B&W(IEMq?0#bQ$:]G b?[*K"k,{sdLֺ-L lX(##Al?^T^?! FJ ůP [Td` gIW7~ 䊖aْI$@e_3ް;'Gu`o>nWU,)-ꚪ.;cKzjsHZvVģ xki$w ;R;5oř$9oR$̇aBoP[%*">a^6 S N*eG$2}ԆQ6y\ Yָ޿ HW`8Rz]oYs7 r1 JC,M Q A(43MpZRjUFkޥ? TD6N!Zwȟ)qqVZ[A3ًW{λq ɇd ,Qns\7W')0 +q9`F5;y_Ⳗ/= G= A/ԦtK9k*ȅ+,2Hi~B=V>2Cj ֟/BbUMʚQ^`o*:8 {Iq;O68(P5E}Ǒnu3~y$|#QJWbW3!c;DR-c[EK !_'(6 +ELx [z1ho=t-V>0tt EwvW5_ OP1hۧ~B(PitwXk)/Z*mr˼'KzzoZ8W3arxT =+HX[ ti\Ɖڃz? lὶInP2V;éC%s%<,aNP@N6T# ' `^n} o b> ɽNTm`ܮc2Q"ڠ\#p֬ E]yH,Ė׶f=aѐ.h#KD=͊Ac~ۙc3Cquoؗ\ВZd6:`t\\&hJvp4'^ m.&rC\5ǠMVNʪ\ׂšą~Ya{m峍yk?HPLZ! (bEy~қVwJ*G|gK=+/CRwYr$w㸌oZފtsv❵ײKp֡b[8tLNz'oja:1VRC?9U_ Zc?ߺo!Xg #/؛闞֔7yVt am学WXyo|}if79*~!9Bs*~^ -~sgo>N$u8I! ˏ?ej5f İͥXas`i;aY{`s5?lM< JUtDLJ)Wόor j0 1J#㸫*L {Z<5#EF]VNmXYLc_M# {^t tD%ށF y_lCl}zBZ|fm+?]4C|%^d㐂b "8z&7T Y' nGo"|г B"P#jFM\%U\6N̆VZfAvrR'm.|t JYy)^ݐ%Цtb(O/F ߮lId(\.ۨĩߖh$ eV>h)vAz,wībosElAp& @oPs=C,6}-^qXɸB(Q9n;<\ވxF;vb55\&Ljn |Iw,^+PSê \di:`mC@_Kđ Z`DĢw!Vh&$Y.OG=7 .|IшnVZS26]g-΅F>d)}R>K(BIpƛqߵrA|"ةIPw=4<];!:wvܔh: [ģ7oky:*B-rɊ !38 ՖΆ ehѕX2X3l9߭ 5x_  Y>!~tE|#S:]9{0FaxH!U=TolAgӿJG[<='546G&PP,^zj\#W56bZdfɎp1FzuqVl  ALr<1Tg׾ :*Q?:Un_[*L믩 b'u_M+V`ߴVXGIu@܄)0oŅ$ڢA)K aL)BCX<@iƻ 4M8޿w"W 'j]gQ *ZNE3Y\ +-Pz18>KR qљt'aJ˕G_-#C{J[v)~(x\"łGXy DT>(9|Mi_/\-8{j.l۞)bp(9&;r1͆ cz 6IeLb53:v]0Nxxz:f2GK!!>fby#rNwQ2effq;+9AH=\6x|Z_ SyW-j]Zd[[(.)2Vo (暆́#ކDcdwG4 MRrB'+\_2h Vd#~caAkJ& (RbJZ &Z9Me0|*лfP hy8)#3LS 9 4ev3@ })5 tKj(䆳"r>( &jN;(AFL䐫-D qP% iB[Lp5}Zl]xq~#<S5;<5 &ά)WK,њ D[MV6[vUÔ/tϔ.7:)?7YYeM˾oBD3ELMf}g$")'ߡUM`ֱB=e2qozc,=}OE~NMV0fɒO eǀiAn3bY\=T$8׌*crsHڤ T`qUp%W b_J>RwGeIVޢhi;MN h95vD*]9hvIy&V< +~jLt-! -&ȩze'l#XNF2yf53DQ`B`C20pLNENDz-7q\iPߓ@x:ҬgNZsjy/ gd=N/:Et*#MBDLmӥCp9D T'd9Zv}# ;)d,?iibZ^ w|fޯ^WJy¥oU+縯 KC:1l#8z7Tb^=Aě#SvWq#jjEÑ^~LЃ!x|%iT~_i;aܚ*Jpzx=Qx6}G%DJCl-I17;Wz:xRp0]@49A%{rK˛CiV:943y9q,$֍ߙ:MKgM0 lxo$rfo* mTLn>S6G 湦P3nXNNIyyrP)n;)JS(^.R_6:~\,܎̱Kā4i+#[ʯ׽=/:YEL[u_Bs4;õ,vw0{u-^ $&浉70}F.\ ;h+dVw,J3nz|5LKXG$ Qlp΃1Jx*{XWG1q+ "MrⓂ6I6BKnD\u!Nj [E6)݁ˏpv%5X%0'|:׋lJ~տBr_h><{k׋sn@׵|Ge1J" N/JX>B ^D pس>T4&,j[yٶ;7r݋ Xy;-SЀ?ej*6Mu K"2j.>m)AdJA+r7F{&#LjVy?Qo)1Bl4`nB5w/BjR~GQ{+onmوk'lm>WgR{>ÛnWF ޛ9n qWo \&fAFLtZXyсuSnѴa4KmM w x,`q`w;ޑ(. ):=E9LnfyE#IגhA<^0*7SN%))" S~Swk.J2U2/ë3$A)3.~h><["S |tR=5^>6YwD+%%P{iG6L5"[Y(Ӹ\~#(Ww8lo6fHKzX"ewR|훶FKr_וDL!K,{! >aG!B:z;|C@÷J{peÄ4ī ΐ+Cxq_쭮V4{Xxr}y3.m [yE5W=}Zs tps٨1s'>@"VX|~j ۜViP'"R<"ŪaX@3w;vvDR(~d_ -$,)KQdKvҠ=8[˔LԤ6 dGAq/B_]w퇌4 GdR)#|J?xQF@@dtD`ޟ_Bs8 'غLIA` wGL_BEN nPA_Zׂ67'rZ]w?%H6ڸ r|HMJqgRdfZ{p2K2fkOYZ |+P%abz'X7p ?ViVGں.Af28AKO}N_sBPgoe`Ow5g.?Da =$^Dj*hFV/7i_c n YD6;8ϭԿ9@a߭r:|N>ඦagsHtPY0k읦 r{z }^lt=knwYQCљuCZk(&UG@`6]"'ZO6c-QLs6e{cЭ ;9t(q'nf*BDS5ovA5: pR?*Av ُ@7OlZ{+<׽ 31h'9[4faV@|j[/~ҩt'~*~('œk}Dt!ȼBƮrjx&Tp^eC9y v+?LGRe90W򒟲hwX󘓦^)׼ 0MV'` Ԇ $>NkyA# Qƕ}-j32Ë::~ZKޥcLF-oᲇ<@$JIq ar:z*0D>0g",睶)p.aA rb,:`1MA^[<,Czuڽv8jȨqL@||) %cC2 Ji;PlP/wz /e- Uh0'j[Qp-{xǂ mg$? $R]㚊61΅Tȩx$d]dwd:FPdIbV:,EAs W6mFAu;;. \ޥ/ ]ʹ5-$024 |ԭ?$, ՚QJa YռRv$(URBrס4 `:ȽC٢SGIh]U/Jߋ_(E 8KtEa0]}(e-ܠ.sN^^sB{MOU+*' ]ZsA{{ *|ߜxxۤ)͏uaff׸wj̀6>vvpΐJwu *;4bV(u%(U zxA^>(%Hyv^ W bU綮ɯ(!"y8}X{f% M'6&cfα鼠 O:7[CjWɋ,(ĂlL9W`)=zO*kר[}mZA[RlZ:`^' 2 ɝ!G%ޠ!2&xQ.&t?PH)) 6NIӾ!TBݞfo/!PYCJPپy䯅c>Yб)?5N/^/gG-+4w*i >2w7HDjgHD(^$L!= 7cVBE-q]DVNi rgyo'}c1Fd3l/A53Eq N6|Pvea^+}F087A-dT 9!['јVPI(PHjdp(:Q\_۝w5pI*nl=v^[71֟Y[RqRIY5H_|0v*Ă0f c?msmU| f85\jװqU8 }hE8^Zy~Z hNʚ?Z2ↁrVXTד6ī:%CZ Jmd%T֏[|}l#Mඛ]EϏ ѹ*~&ۯU(A6CP+܆  ^j`RTٺ&DwdhTAtۛݽ)}ɋGw["cr7sjtL 3Xa[{+yT2F~.+_ه^1tmDy+7t-*C؇Gſ %#f,B)os7[-$dn/bB5S29 g>Wʌ_J)< RdsVqAq1No態&4.!U<*B˯[fXNft)hc5h+)FT{3h**]R/gj|q<{͏BlJ<Ȩ{ r־A:%|nQUƠqYNo2n/Sڷ0PEpUinJ G/-?d:t{fpdE\ k7kM\2Uif[SRں N`0J.i<"XG8d"N0Ӆ@m/zg23xyOw=Ƀ>wQ/z 7RX7S$Iva6UrI-rTfLy2H GoojeLbF K).Xa[ rzC96;8IU#ǤMa"# 8-~¸s־$ o>otPU_F{6Rd~Da%(qc)p_zHrEf(uj*Ƥܥ`*mtt`A{NC iָz#y)8Iz鎓'b TAˀɕ>ZS3CMI ΫT1LgƵ⁢eq2d/7K*%,alliAjhITDr `|Ƒn_nA1᭽aj$ZPVS^aKXٛ`_(*Ssr'?NlXx6&wme'>nƖ+acr6 bvEK^ai o-?펥jC} J"yXŭ NOaX qHBPou5B-x٧J@ϭ?)>O&94NeKXr7l[6V3=B+,g; h&9n#oW010aeU:N4J FxIǠ_=f}+x P5 'LlE୮ :ڷ􃕴~q3)P[Cm>Z;:OK @c.M>Z|_wENF>}bř^6YAbțbʅd RX4qI28ckO ԏ@8dCc.'5uraT?Lw{oQ|'$r "`e{qH*2oRefӷ(,{|kBkr+a#VY꧄]Rq[APǐKH*A;6ւ &* |Ai; cj̛.=WZ >8TAIցH-w ERR!N wFB-tm:6HߗW%ŀwјExZYC! o} vCD#P])֜pU;K!*3Y{8<|CaUt99ur|~CՑ4tD]I[Zu/4"bɓ̯a4 #ǴR!yJ"̠O /OX< ވDЏ)#f!6֐vG:b)ziu怣G%j5@( @8l[ऻ2q^Ǵ'`Ar%J&5͙YN.ƨMG?2A"5%c/&EjEǵnV鼃ľAUHC5|D>jn˗oxQZ.z }Mi\;H,KEy WA߲TLKY zvbc ! ;λ 7-;+Z>۪\&89~N"R{yz pU O͂YQͳm)%GãjWNsgpw`vz? dPF=2^a -@s vR)W2ٮיޱ +4PF5olyms ء&vv6>Ěk4ZU0˞\h=D/Ww:o]xz~i'R'ۂ>d𣏕Ҙh/TI,ӷ6( F ~ohTkm괄O #>(Ubú[4j䘁#> /|=i@sdɜ1\lU*m~z: +)wfgVg85E7nbbRL <l#mީRGmN*&V\me!TG 40#QMV;xwrGtOR'q)d!U;)\ ,!$S9R!#B>5ND"Cӹ>+\8_1S ]D:!; f/4T:$;JnAuomSIl!A Bl}ѿwO V18: R@䂵EbbۀOb݃ 4~ڸuÑd@hs34m}#~ #;MiY=&zQqc2fRcdAR+XF&=5K@^1'M씪<N|*"od'ֱpu5F[!m8r)grqs 7]-)J#3%/;nprC"1ckZ5HW~hvFji|ÒW2S*n!hc?6nvC|ߋlb`S&S 'AlهًWݾ=^31xX  YZ