kernel-tools-4.19.90-2411.3.0.0303.oe2003sp40>    g4_ ;G|`u`  ~uR 82òs5e +.PW|&O+4-F"bjUp8ʵa>Ae=j],-J+6t}hᓷ!S/WwÌ- R]^o0߇t7DKmmo1Y?9 oog  !mfVK]мA3e|VQUU v#W#ks߬cwm9I[cZā#q ax }iGګZڻZ ;Hg 9Vhc;@um}*X"P1vVN [E}%#Fm23DBꘊ!]\ kK#ZPȲJ.ޠLa`ƴZ <7e9e8bcc252e3b440ccfd977a49c2987f902d802523412104f246422f353bc3fb280cd9d4231692e3f02cf570c7b303d5e46271d1v$P"Ap>EK?Kd / X #%$% n% % L%  1%  l%%%r%8!<!Y!(8C9C:$C>3?3@3B3F3G3%H4%I5 %X5PY5lZ5[5\6%]6%^9ob:d;e;f;l;t<%u<%v=8wH%xIT%yIczKtKKKKCkernel-tools4.19.902411.3.0.0303.oe2003sp4Assortment of tools for the Linux kernelThis package contains the tools/ directory from the kernel source and the supporting documentation.g4Ydc-64g.compass-ci(GPLv2http://openeuler.orgUnspecifiedhttp://www.kernel.org/linuxx86_64/sbin/ldconfig if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ] ; then # Initial installation /usr/bin/systemctl --no-reload preset cpupower.service || : fi if [ $1 -eq 0 ] && [ -x /usr/bin/systemctl ] ; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable --now cpupower.service || : fi/sbin/ldconfig 8@68@8@xx8XP8@z&g.""!%s 4  *큤A큤g4\g4\g4[g4[g4[g4[g4[g4[g4[g4Yg4[g4[g4[g4[g4[g4[g4[g4[Cg4[g4\g4Yg4[g4[g4[g4[g4[g4[g4[g4[g4[g4[g4[g4[g4[g4[Gg4[g4[4438c54a0c203287662105c2afbb799157725268ebe3cb243c0abeeabe8b53b4d8497c5a2d14dcb646eeccd7cc8b279ce591da78b9388f9ac5b1b8e5119291715056f752a9fb3514030df4696c3ac46b2c191905e49485d14ce43790cf6dcb542ac75a1717891f610d5f9d67534cfafc33332b0bc4ebe5d3dff3f8a3a3d94a924a03625d1c945f6bde717eb1f97ff3452543c30c0029d10cb3b82d7e7bf3397981f590d7d21b51a664ec762853c02ab40ddc880a29a05800885069e6354af35d0d4604dd8f11e0b4cbe054dca701628ee4825c0b1051786086dda61df4f59676e98465392f983ba25483d7b9b8c964a8b62c96c427d23d52bd6c7ce862fbe54792eb14d9fd6a74c9560c3cbcca7a5ccf163d78826d94e6848ceec2380c2bd66c74bfca3775db2035d62d6dedf5ecc7c0af4c6af82adbebb0203cbbddabf217f1da59aae998aa8b9a80a4844d336a8afbfc4b246ebb01b916f414cd6bde3a91e87411e64592e99c0af2421114fc820db1f2fb1ee33d0ea65b1e43bea6823590305bbd97d16b4e30dc2db7197e29ac6a63f9be0cb4d3cc70012450ee7e78e41628a04e54afc6997e366eb8a1f7765f353d5b790cc07584c1ae46045a927cb47e3f2b5efaf71003a41696814d40570da49b119e28d970140da17ccea430aa5478129da7c36991ce74a32d6e53c6e540b938084fd897ae012c82b419e7b7c6bb7e29b057fe9e5d0e8c36f485818286b80e3eba8ff66ff44797940e99b1fd5361bb98efe0bb5314d93d2915a300fd705530b53fbb222c56bc60e8565ef790283e7005ee5808b032a67f587d3541099d46de34f5bec8cd5976114ba07f1299ee6001ffd6e9b61145a3f72620423c80f591b0ede49300d35a78772e8e2136e34b4e10dfa703e82ab8f1e1f62febe97525dcff98b1dbbd63e5a2afd5df708c962e6941df88e20c8927e641ad20e4b63e752ebd504837654c90ea0906ad7099eba2898ffd2a5123deeb73519db6ad3b0b46c87f35a43f7fb495e7ad613a447491f6c035b44285af9fedb132039e8b084ef8b806afd4189b6a363e2db41b83bd5b0753662d8349d3677800300978e6ac93a7a12fb922b9b1e8b33987c8810c38151c801d7cdffe39ba5a4216a389203030a652c165caf3c67f45cee8118c46e5fe0f1838f5d133dfb6d4298fbc105c13e5d3de66d1ceb33a61a39626e65107971f18842ddec585bb8ab43536ae9f92afdf0792d9a89c63b5092ca47033d4307e1c34af0f41d7c751837f1940b50e5090acc2fffacb133b3e0185d233532d7472b86b0f4ae65d7a88d687d047662e1542343a0798c831d7e711a68e3a6f240908cef9363f600f47b3185ce2590d068716602ee0cd73f6d8fef9208951139f8b89483a0d145548ab3d71c3fc408cb6a5c9df3c7f66ef834dbdfb6ce5fde4cec8a94ffdcffb760d2b99a71af81cc653e71c2631e57a72a2028b77cda88aecd8512fcc4954178483d96a5af5d9a10d4b55273566513cbd2244b935d0b534ca5e38086935b141614691d520bc707ce6dd5fca528bfa364b149112249f60c4a14ca44d8e6951dd7clibcpupower.so.0.0.1rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkernel-4.19.90-2411.3.0.0303.oe2003sp4.src.rpmconfig(kernel-tools)cpufreq-utilscpufrequtilskernel-toolskernel-tools(x86-64)kernel-tools-libslibcpupower.so.0()(64bit) @@@@@@@@@@@@@@@@@@@@@@@@    @/bin/sh/bin/sh/bin/sh/usr/bin/pythonconfig(kernel-tools)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.6)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcpupower.so.0()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)libncursesw.so.6()(64bit)libpanelw.so.6()(64bit)libpci.so.3()(64bit)libpci.so.3(LIBPCI_3.0)(64bit)libpci.so.3(LIBPCI_3.5)(64bit)libpci.so.3(LIBPCI_3.8)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)librt.so.1()(64bit)librt.so.1(GLIBC_2.2.5)(64bit)libtinfo.so.6()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.19.90-2411.3.0.0303.oe2003sp43.0.4-14.6.0-14.0-15.2-14.15.1g4g+Z@g @ggY@gf@fX@fo@f4f@fͿfą@fJf@ff@f`f&@ff|fqvfifh<@f`S@fWfM@fDf:f(@ff-f @ee@eZeeeBeeee@eeee@exK@epb@ek@ee@ee@eae_>e]@e[J@e[J@eWUeWUeTeSa@eSa@eReReN@eLeJ&chenyi - 4.19.90-2411.3.0.0303chenyi - 4.19.90-2411.2.0.0302chenyi - 4.19.90-2411.1.0.0301chenyi - 4.19.90-2410.3.0.0300chenyi - 4.19.90-2410.2.0.0299chenyi - 4.19.90-2410.1.0.0298chenyi - 4.19.90-2409.6.0.0297yushi - 4.19.90-2409.4.0.0296chenyi - 4.19.90-2409.4.0.0295chenyi - 4.19.90-2409.3.0.0294chenyi - 4.19.90-2409.1.0.0293chenyi - 4.19.90-2408.5.0.0292chenyi - 4.19.90-2408.4.0.0291chenyi - 4.19.90-2408.3.0.0290chenyi - 4.19.90-2408.2.0.0289chenyi - 4.19.90-2408.1.0.0288chenyi - 4.19.90-2407.5.0.0287chenyi - 4.19.90-2407.4.0.0286chenyi - 4.19.90-2407.3.0.0285chenyi - 4.19.90-2407.1.0.0284chenyi - 4.19.90-2406.4.0.0283chenyi - 4.19.90-2406.3.0.0282chenyi - 4.19.90-2406.2.0.0281chenyi - 4.19.90-2406.1.0.0280chenyi - 4.19.90-2406.1.0.0279chenyi - 4.19.90-2405.5.0.0278hongrongxuan - 4.19.90-2405.4.0.0277chenyi - 4.19.90-2405.3.0.0276chenyi - 4.19.90-2405.1.0.0275chenyi - 4.19.90-2404.3.0.0274chenyi - 4.19.90-2404.2.0.0273hongrongxuan - 4.19.90-2404.1.0.0272hongrongxuan - 4.19.90-2403.4.0.0271hongrongxuan - 4.19.90-2403.3.0.0270hongrongxuan - 4.19.90-2403.2.0.0269hongrongxuan - 4.19.90-2403.1.0.0268hongrongxuan - 4.19.90-2402.6.0.0267hongrongxuan - 4.19.90-2402.5.0.0266yangjunshuo - 4.19.90-2402.4.0.0265hongrongxuan - 4.19.90-2402.4.0.0264hongrongxuan - 4.19.90-2402.1.0.0263hongrongxuan - 4.19.90-2401.5.0.0262YunYi Yang - 4.19.90-2401.4.0.0261YunYi Yang - 4.19.90-2401.3.0.0260YunYi Yang - 4.19.90-2401.1.0.0259YunYi Yang - 4.19.90-2312.6.0.0258YunYi Yang - 4.19.90-2312.4.0.0257YunYi Yang - 4.19.90-2312.3.0.0256YunYi Yang - 4.19.90-2312.1.0.0255Zhang Mingqian - 4.19.90-2311.5.0.0254Yuan Zhang - 4.19.90-2311.5.0.0253Li Xiaodong - 4.19.90-2311.5.0.0252Zhou Kaiqi - 4.19.90-2311.4.0.0251Keyi Zhong - 4.19.90-2311.4.0.0250Luo Shengwei - 4.19.90-2311.4.0.0249YunYi Yang - 4.19.90-2311.3.0.0248Yu Liao - 4.19.90-2311.3.0.0247Zhou Kaiqi - 4.19.90-2311.3.0.0246Li Xiaodong - 4.19.90-2311.3.0.0245Luo Shengwei - 4.19.90-2311.3.0.0244YunYi Yang - 4.19.90-2311.2.0.0243Li Xiaodong - 4.19.90-2311.2.0.0242mingqian218472 - 4.19.90-2311.1.0.0241Yu Liao - 4.19.90-2311.1.0.0240hongrongxuan - 4.19.90-2311.1.0.0239Kunkun Jiang - 4.19.90-2311.1.0.0238YaQiang Chen - 4.19.90-2311.1.0.0237- !13165 security/keys: fix slab-out-of-bounds in key_task_permission - !13150 net: fix data-races around sk->sk_forward_alloc - security/keys: fix slab-out-of-bounds in key_task_permission - net: fix data-races around sk->sk_forward_alloc - !13068 nfs: fix rpc_task use-after-free when open and close different files concurrently - nfs: fix rpc_task use-after-free when open and close different files concurrently- !13007 CVE-2024-49950 - !13041 tty: n_gsm: Fix use-after-free in gsm_cleanup_mux - !13052 ext4: fix CVE-2024-47701 - !12959 ext4: update orig_path in ext4_find_extent() - ext4: avoid OOB when system.data xattr changes underneath the filesystem - ext4: explicitly exit when ext4_find_inline_entry returns an error - ext4: return error on ext4_find_inline_entry - ext4: ext4_search_dir should return a proper error - ext4: fix RENAME_WHITEOUT handling for inline directories - !12899 ext4: fix double brelse() the buffer of the extents path - !12895 ext4: aovid use-after-free in ext4_ext_insert_extent() - !13011 CVE-2024-49878 - !13001 iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - !12997 net: fix crash when config small gso_max_size/gso_ipv4_max_size - tty: n_gsm: Fix use-after-free in gsm_cleanup_mux - resource: fix region_intersects() vs add_memory_driver_managed() - mm/resource: Use resource_overlaps() to simplify region_intersects() - Bluetooth: L2CAP: Fix uaf in l2cap_connect - Bluetooth: Return whether a connection is outbound - !12891 ext4: avoid use-after-free in ext4_ext_show_leaf() - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() - net: fix crash when config small gso_max_size/gso_ipv4_max_size - !12860 drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer - !12924 CVE-2022-48966 - !12938 ASoC: soc-pcm: Add NULL check in BE reparenting - !12863 CVE-2022-49020 - !12873 tipc: guard against string buffer overrun - ext4: update orig_path in ext4_find_extent() - !12919 ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate - !12925 RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency - !12792 HID: core: fix shift-out-of-bounds in hid_report_raw_event - !12743 net/xen-netback: prevent UAF in xenvif_flush_hash() - !12846 ACPI: sysfs: validate return type of _STR method - ASoC: soc-pcm: Add NULL check in BE reparenting - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency - net: mvneta: Fix an out of bounds check - net: mvneta: Prevent out of bounds read in mvneta_config_rss() - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate - !12804 ext4: fix CVE-2024-49884 - !12783 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() - !12782 net: hisilicon: Fix potential use-after-free in hisi_femac_rx() - !12784 net: hisilicon: Fix potential use-after-free in hix5hd2_rx() - !12785 slip: make slhc_remember() more robust against malicious packets - !12852 iio: health: afe4403: Fix oob read in afe4403_read_raw - !12813 serial: protect uart_port_dtr_rts() in uart_shutdown() too - ext4: fix double brelse() the buffer of the extents path - ext4: aovid use-after-free in ext4_ext_insert_extent() - !12842 NFSv4: release seqid when open failed for nfs4.0 - ext4: avoid use-after-free in ext4_ext_show_leaf() - !12887 nfs: fix memory lead and nfs_server uaf - !12882 Bluetooth: Fix not cleanup led when bt_init fails - !12881 igb: Initialize mailbox message for VF reset - nfs: maintain nfs_server in the reclaim process - nfs: fix memory leak in error path of nfs4_do_reclaim - Bluetooth: Fix not cleanup led when bt_init fails - igb: Initialize mailbox message for VF reset - tipc: guard against string buffer overrun - net/9p: Fix a potential socket leak in p9_socket_open - drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer - !12815 media: venus: fix use after free bug in venus_remove due to race condition - !12814 iio: health: afe4404: Fix oob read in afe4404_[read|write - iio: health: afe4403: Fix oob read in afe4403_read_raw - ACPI: sysfs: validate return type of _STR method - NFSv4: release seqid when open failed for nfs4.0 - !12757 drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error - !12777 selinux: add the processing of the failure of avc_add_xperms_decision() - !12750 usb: gadget: uvc: Prevent buffer overflow in setup handler - !12760 smack: tcp: ipv4, fix incorrect labeling - media: venus: fix use after free bug in venus_remove due to race condition - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw - serial: protect uart_port_dtr_rts() in uart_shutdown() too - !12732 net: phy: fix null-ptr-deref while probe() failed - !12721 ppp: fix ppp_async_encode() illegal access - ext4: fix slab-use-after-free in ext4_split_extent_at() - ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path - HID: core: fix shift-out-of-bounds in hid_report_raw_event - slip: make slhc_remember() more robust against malicious packets - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() - net: hisilicon: Fix potential use-after-free in hisi_femac_rx() - selinux: add the processing of the failure of avc_add_xperms_decision() - smack: tcp: ipv4, fix incorrect labeling - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error - !12614 writeback: Fix inode->i_io_list not be protected by inode->i_lock error - usb: gadget: uvc: Prevent buffer overflow in setup handler - !12366 fix CVE-2022-49011 - !12704 fix CVE-2024-49924 - !12519 fix CVE-2024-47742 - net/xen-netback: prevent UAF in xenvif_flush_hash() - net: phy: fix null-ptr-deref while probe() failed - ppp: fix ppp_async_encode() illegal access - !12683 nilfs2: fix state management in error path of log writing function - fbdev: pxafb: Fix possible use after free in pxafb_task() - nilfs2: fix state management in error path of log writing function - init: Initialize noop_backing_dev_info early - writeback: Fix inode->i_io_list not be protected by inode->i_lock error - firmware_loader: Block path traversal - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()- !12501 nbd: fix race between timeout and normal completion - !12659 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() - !12638 net: do not delay dst_entries_add() in dst_release() - !12669 drm/amd/display: Fix index out of bounds in degamma hardware format translation - drm/amd/display: Fix index out of bounds in degamma hardware format translation - !12627 NFC: nci: Bounds check struct nfc_target arrays - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() - net: do not delay dst_entries_add() in dst_release() - !12623 hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - NFC: nci: Bounds check struct nfc_target arrays - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails - !12592 of/irq: Prevent device address out-of-bounds read in interrupt map walk - !12593 pinctrl: single: fix potential NULL dereference in pcs_get_function() - !12606 swap: stop add to avail list if swap is full - !8931 v2 ext4: avoid deadlock in fs reclaim with page writeback - !12566 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event - !12558 Fix CVE-2024-49900 - !12577 gpio: amd8111: Fix PCI device reference count leak - swap: stop add to avail list if swap is full - !12441 hwmon: (coretemp) Check for null before removing sysfs attrs - !12572 media: pci: cx23885: check cx23885_vdev_init() return - !12403 drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error - !12414 nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - pinctrl: single: fix potential NULL dereference in pcs_get_function() - of/irq: Prevent device address out-of-bounds read in interrupt map walk - !12412 btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - !12413 udf: Fix preallocation discarding at indirect extent boundary - gpio: amd8111: Fix PCI device reference count leak - media: pci: cx23885: check cx23885_vdev_init() return - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event - jfs: Fix uninit-value access of new_ea in ea_buffer - !12486 gtp: Fix CVE-2024-46677 - !12475 v2 mm/swapfile: skip HugeTLB pages for unuse_vma - !12502 svm: fix UAF/Double Free in svm - !12384 drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number - !12380 fix CVE-2024-46675 - svm: fix UAF/Double Free in svm - nbd: fix race between timeout and normal completion - gtp: fix a potential NULL pointer dereference - gtp: make sure only SOCK_DGRAM UDP sockets are accepted - mm/swapfile: skip HugeTLB pages for unuse_vma - !12378 cgroup: Protect css->cgroup write under css_set_lock - hwmon: (coretemp) Check for null before removing sysfs attrs - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() - udf: Fix preallocation discarding at indirect extent boundary - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error - drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number - usb: dwc3: core: Prevent USB core invalid event buffer address access - usb: dwc3: core: Skip setting event buffers for host only controllers - cgroup: Protect css->cgroup write under css_set_lock - !12353 ida: Fix crash in ida_free when the bitmap is empty - ida: Fix crash in ida_free when the bitmap is empty - !12316 backport some LTS patches - net: busy-poll: use ktime_get_ns() instead of local_clock() - SUNRPC: Fix a race to wake a sync task - net: linkwatch: use system_unbound_wq - ext4: avoid deadlock in fs reclaim with page writeback- !12299 v2 ACPI&PCI LTS patches 2024.10 - !12278 hwmon: (nct6775-core) Fix underflows seen when writing limit attributes - ACPI: processor: Fix memory leaks in error paths of processor_add() - ntp: Safeguard against time_constant overflow - ntp: Clamp maxerror and esterror to operating range - Revert "ntp: Avoid undefined behaviour in second_overflow()" - arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to NUMA_NO_NODE - hrtimer: Prevent queuing of hrtimer without a function callback - smp: Add missing destroy_work_on_stack() call in smp_call_on_cpu() - ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() - !12270 pinctrl: core: fix possible memory leak when pinctrl_enable() fails - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes - pinctrl: core: fix possible memory leak when pinctrl_enable() fails - !12220 Fix CVE-2024-46826 - !12268 selinux: fix potential counting error in avc_add_xperms_decision() - selinux: fix potential counting error in avc_add_xperms_decision() - !12138 md/raid1: don't free conf on raid0_run failure - ELF: Fix mixed declarations and code of "snapshot_randomize_va_space" - ELF: fix kernel.randomize_va_space double read - md/raid1: don't free conf on raid0_run failure- !8720 net: USB: Fix wrong-direction WARNING in plusb.c - !12116 [sync] PR-11856: acpi/arm64: Do not add CPU to node_to_cpumask_map in acpi_map_cpu() - acpi/arm64: Do not add CPU to node_to_cpumask_map in acpi_map_cpu() - !12071 btrfs: clean up our handling of refs == 0 in snapshot delete - !12069 platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses - btrfs: clean up our handling of refs == 0 in snapshot delete - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses - !12026 ASoC: meson: axg-card: fix 'use-after-free' - !12040 drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links - !12012 rtmutex: Drop rt_mutex::wait_lock before scheduling - drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links - ASoC: meson: axg-card: fix 'use-after-free' - rtmutex: Drop rt_mutex::wait_lock before scheduling - net: USB: Fix wrong-direction WARNING in plusb.c- !12007 Fix CVE-2024-44958 for 4.19 - !11785 perf/x86: Serialize set_attr_rdpmc() - sched/smt: Fix unbalance sched_smt_present dec/inc - sched/smt: Introduce sched_smt_present_inc/dec() helper - sched: Revert fix unbalance sched_smt_present dec/inc - !11918 dhugetlb: make spin_lock irq save - !11968 drm/amdgpu: fix mc_data out-of-bounds read warning - drm/amdgpu: fix mc_data out-of-bounds read warning - !11863 memcg_write_event_control(): fix a user-triggerable oops - !11921 hwmon: (lm95234) Fix underflows seen when writing limit attributes - !11924 nilfs2: protect references to superblock parameters exposed in sysfs - !11842 CVE-2024-46771 - nilfs2: protect references to superblock parameters exposed in sysfs - hwmon: (lm95234) Fix underflows seen when writing limit attributes - dhugetlb: make free_huge_page_to_dhugetlb_pool irq safe - dhugetlb: avoid lockdep warning with spin_lock_nested - dhugetlb: Use helper function to lock/unlock - !11789 ALSA: line6: Fix racy access to midibuf - !11905 scsi: aacraid: Fix double-free on probe failure - !11888 pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv - !11855 VMCI: Fix use-after-free when removing resource in vmci_resource_remove() - scsi: aacraid: Fix double-free on probe failure - !11877 usb: dwc3: st: fix probed platform device ref count on probe error path - !11878 PCI: Add missing bridge lock to pci_bus_lock() - !11861 hwmon: (w83627ehf) Fix underflows seen when writing limit attributes - !11803 CVE-2024-46781 - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv - PCI: Add missing bridge lock to pci_bus_lock() - usb: dwc3: st: fix probed platform device ref count on probe error path - !11818 uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind - memcg_write_event_control(): fix a user-triggerable oops - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes - !11703 binder: fix UAF caused by offsets overwrite - !11854 fix CVE-2024-46777 for 4.19 - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() - udf: Avoid excessive partition lengths - udf: Define EFSCORRUPTED error code - !11809 apparmor: fix possible NULL pointer dereference - !11777 blktrace: fix blktrace is disabled when CONFIG_BLK_DEBUG_FS is disabled - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). - can: bcm: Remove proc entry when dev is unregistered. - uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind - apparmor: fix possible NULL pointer dereference - nilfs2: fix missing cleanup on rollforward recovery error - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput - ALSA: line6: Fix racy access to midibuf - perf/x86: Serialize set_attr_rdpmc() - blktrace: fix blktrace is disabled when CONFIG_BLK_DEBUG_FS is disabled - binder: fix UAF caused by offsets overwrite- !11816 v3 tools: fix implicit declaration of function __ALIGN_KERNEL - tools: fix implicit declaration of function __ALIGN_KERNEL - !11786 LTS patch backport - !11759 sch/netem: fix use after free in netem_dequeue - arm64: cpufeature: Fix the visibility of compat hwcaps - arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space - irqchip/armada-370-xp: Do not allow mapping IRQ 0 and 1 - irqchip/gic-v3-its: Remove BUG_ON in its_vpe_irq_domain_alloc - irqchip/mbigen: Fix mbigen node address layout - !11737 hwmon: (adc128d818) Fix underflows seen when writing limit attributes - !11692 fix CVE-2024-46723 - !11695 wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() - !11734 Input: MT - limit max slots - sch/netem: fix use after free in netem_dequeue - !11722 Squashfs: sanity check symbolic link size - !11697 Fix iBMA bug and change version - !11700 x86/mm: Fix pti_clone_pgtable() alignment assumption - hwmon: (adc128d818) Fix underflows seen when writing limit attributes - Input: MT - limit max slots - Squashfs: sanity check symbolic link size - x86/mm: Fix pti_clone_pgtable() alignment assumption - BMA: Fix edma driver initialization problem and change the version number. - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() - !11671 v4 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup - drm/amdgpu: fix ucode out-of-bounds read warning - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup - !11645 block: backport debugfs patches - !11544 Fix CVE-2024-45025 - !11560 mm/ksm: fix possible UAF of stable_node - !11652 media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" - media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" - block: fix kabi broken in struct request_queue - block: protect blk_mq_debugfs_register/unregister_hctx() with 'debugfs_mutex' - block: shutdown blktrace in blk_release_queue() - block: remove per-disk debugfs files in blk_unregister_queue - block: serialize all debugfs operations using q->debugfs_mutex - blk-mq: Fix spurious debugfs directory creation during initialization - block: create the request_queue debugfs_dir on registration - blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created - blk-mq: fix up placement of debugfs directory of queue files - blk-mq: no need to check return value of debugfs_create functions - blktrace: annotate required lock on do_blk_trace_setup() - blktrace: Avoid sparse warnings when assigning q->blk_trace - blktrace: break out of blktrace setup on concurrent calls - !11616 mmc: mmc_test: Fix NULL dereference on allocation failure - !11610 Input: uinput - reject requests with unreasonable number of slots - mmc: mmc_test: Fix NULL dereference on allocation failure - Input: uinput - reject requests with unreasonable number of slots - !11596 gtp: pull network headers in gtp_dev_xmit() - gtp: pull network headers in gtp_dev_xmit() - mm/ksm: fix possible UAF of stable_node - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE - s390/cio: rename bitmap_size() -> idset_bitmap_size() - bitmap: introduce generic optimized bitmap_size()- net/core: Replace driver version to be kernel version- !11557 xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration - !11520 ipv6: prevent UAF in ip6_send_skb() - !11532 v2 Fix CVE-2023-52915 - media: dvb-usb-v2: af9035: fix missing unlock - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer - !11525 v2 usb: gadget: core: Check for unset descriptor - usb: gadget: core: Check for unset descriptor - !11512 x86/mtrr: Check if fixed MTRRs exist before saving them - ipv6: prevent UAF in ip6_send_skb() - x86/mtrr: Check if fixed MTRRs exist before saving them- !11434 v3 cifs: Fix pages leak when cifs_writedata allocate fails in cifs_writedata_direct_alloc() - cifs: Fix pages leak when cifs_writedata allocate fails in cifs_writedata_direct_alloc() - !11418 md/raid5: avoid BUG_ON() while continue reshape after reassembling - !11426 nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() - nfc: pn533: initialize struct pn533_out_arg properly - nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() - !11404 usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - !11406 net: hns3: do not allow call hns3_nic_net_open repeatedly - md/raid5: avoid BUG_ON() while continue reshape after reassembling - !11177 dma: fix call order in dmam_free_coherent - !11387 usb: gadget: rndis: add spinlock for rndis response list - !8301 tty: fix hang on tty device with no_room set - !7809 net-memcg: Fix scope of sockmem pressure indicators - net: hns3: do not allow call hns3_nic_net_open repeatedly - !11386 v5 support block hierarchy stats - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() - !11349 jfs: Fix array-index-out-of-bounds in diFree - !11350 devres: Fix memory leakage caused by driver API devm_free_percpu() - !11378 drm/i915/gem: Fix Virtual Memory mapping boundaries calculation - !11370 nilfs2: handle inconsistent state in nilfs_btnode_create_block() - !11367 ibmvnic: free reset-work-item when flushing - !11388 dev/parport: fix the array out-of-bounds risk - dev/parport: fix the array out-of-bounds risk - usb: gadget: rndis: add spinlock for rndis response list - blk-io-hierarchy: support new stage for bio lifetime - blk-io-hierarchy: support new rq based stage rq_driver - blk-io-hierarchy: support new rq based stage requeue - blk-io-hierarchy: support new rq based stage hctx - blk-io-hierarchy: support new rq based stage kyber - blk-io-hierarchy: support new rq based stage bfq - blk-io-hierarchy: support new rq based stage mq-deadline - blk-io-hierarchy: support new rq based stage plug - blk-io-hierarchy: support new bio based stage gettag - blk-mq: remove blk_mq_put_ctx() - blk-io-hierarchy: support new bio based stage blk-wbt - blk-io-hierarchy: support new bio based stage blk-throtl - blk-io-hierarchy: support to recored the number of slow IO - block-io-hierarchy: core hierarchy iodump implementation - block-io-hierarchy: core hierarchy stats implementation - block: support to record when request is completed - blk-mq-debugfs: factor out a new helper to show allocated request - block: block: fix kabi broken for struct blk_mq_alloc_data - block: support to recored bio allocation task in request - block: fix kabi broken for struct request - block: support to recored bio allocation time in request - block: support to recored bio allocation task - block: support to recored bio allocation time - block: fix kabi broken in struct blk_plug - block: fix that blk_time_get_ns() doesn't update time after schedule - block: limit block time caching to in_task() context - block: update cached timestamp post schedule/preemption - block: cache current nsec time in struct blk_plug - block: add blk_time_get_ns() and blk_time_get() helpers - blk-mq: export blk-mq-debugfs apis - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation - nilfs2: handle inconsistent state in nilfs_btnode_create_block() - ibmvnic: free reset-work-item when flushing - devres: Fix memory leakage caused by driver API devm_free_percpu() - jfs: Fix array-index-out-of-bounds in diFree - dma: fix call order in dmam_free_coherent - tty: fix hang on tty device with no_room set - net-memcg: Fix scope of sockmem pressure indicators- !11383 perf/core: Fix missing wakeup when waiting for context reference - !11384 fs/proc: fix softlockup in __read_vmcore - !11351 regulator: da9211: Use irq handler when ready - !11364 hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() - fs/proc: fix softlockup in __read_vmcore - perf/core: Fix missing wakeup when waiting for context reference - !11242 CVE-2024-43892 - !11301 ext4: remove the redundant folio_wait_stable() - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() - !11333 jbd2: avoid mount failed when commit block is partial submitted - !11345 netfilter: ctnetlink: use helper function to calculate expect ID - regulator: da9211: Use irq handler when ready - !11220 io_uring: add a schedule point in io_add_buffers() - netfilter: ctnetlink: use helper function to calculate expect ID - jbd2: avoid mount failed when commit block is partial submitted - !11290 Add exception protection processing for vd in axi_chan_handle_err function - !11258 net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - !11215 Fix CVE-2024-40901 - !11186 Backport bugfix for AMD SMN - !11265 mtd: rawnand: hynix: fixed typo - !11264 media: xc2028: avoid use-after-free in load_firmware_cb() - !11234 efi: fix NULL-deref in init error path - ext4: remove the redundant folio_wait_stable() - !11266 serial: core: check uartclk for zero to avoid divide by zero - Add exception protection processing for vd in axi_chan_handle_err function - !11216 scsi: qla2xxx: validate nvme_local_port correctly - !11254 mm: avoid overflows in dirty throttling logic - serial: core: check uartclk for zero to avoid divide by zero - !11189 tcp: fix race in tcp_v6_syn_recv_sock() - mtd: rawnand: hynix: fixed typo - media: xc2028: avoid use-after-free in load_firmware_cb() - !11154 xen/netfront: destroy queues before real_num_tx_queues is zeroed - !11259 ACPI: processor_idle: Fix invalid comparison with insertion sort for latency - !11260 ACPI: EC: Abort address space access upon error - !11261 ACPI: EC: Avoid returning AE_OK on errors in address space handler - !11114 sysctl: always initialize i_uid/i_gid - !11167 f2fs: let's avoid panic if extent_tree is not created - ACPI: EC: Avoid returning AE_OK on errors in address space handler - ACPI: EC: Abort address space access upon error - ACPI: processor_idle: Fix invalid comparison with insertion sort for latency - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() - mm: avoid overflows in dirty throttling logic - !11164 usb: vhci-hcd: Do not drop references before new references are gained - !11173 tracing: Fix overflow in get_free_elt() - memcg: protect concurrent access to mem_cgroup_idr - efi: fix NULL-deref in init error path - !11185 kobject_uevent: Fix OOB access within zap_modalias_env() - !11178 irqchip/alpine-msi: Fix off-by-one in allocation error path - io_uring: add a schedule point in io_add_buffers() - scsi: qla2xxx: validate nvme_local_port correctly - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory - scsi: mpt3sas: Gracefully handle online firmware update - scsi: mpt3sas: Add ioc_ logging macros - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() - !11193 net/ipv6: Fix the RT cache flush via sysctl using a previous delay - !11209 LTS patches round - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() - net: tcp better handling of reordering then loss cases - tcp: tcp_mark_head_lost is only valid for sack-tcp - tcp: add ece_ack flag to reno sack functions - net/ipv6: Fix the RT cache flush via sysctl using a previous delay - tcp: fix race in tcp_v6_syn_recv_sock() - x86/amd_nb: Check for invalid SMN reads - PCI: Add PCI_ERROR_RESPONSE and related definitions - kobject_uevent: Fix OOB access within zap_modalias_env() - irqchip/alpine-msi: Fix off-by-one in allocation error path - tracing: Fix overflow in get_free_elt() - f2fs: let's avoid panic if extent_tree is not created - usb: vhci-hcd: Do not drop references before new references are gained - xen/netfront: destroy queues before real_num_tx_queues is zeroed - sysctl: always initialize i_uid/i_gid- !11130 iio: adc: men_z188_adc: Fix a resource leak in an error handling path - !11132 KVM: x86/mmu: make apf token non-zero to fix bug - !11192 af_packet: do not call packet_read_pending() from tpacket_destruct_skb() - af_packet: do not call packet_read_pending() from tpacket_destruct_skb() - !11150 protect the fetch of ->fd[fd - !11117 net/iucv: fix use after free in iucv_sock_close() - !11122 fix CVE-2023-52893 - !11089 f2fs: fix to don't dirty inode for readonly filesystem - !11078 nilfs2: fix general protection fault in nilfs_btree_insert() - !11047 filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 - protect the fetch of ->fd[fd] in do_dup2() from mispredictions - !11095 exec: Fix ToCToU between perm check and set-uid/gid usage - KVM: x86/mmu: make apf token non-zero to fix bug - iio: adc: men_z188_adc: Fix a resource leak in an error handling path - !11121 scsi: qla2xxx: During vport delete send async logout explicitly - !11113 mISDN: Fix a use after free in hfcmulti_tx() - gsmi: fix null-deref in gsmi_get_variable - scsi: qla2xxx: During vport delete send async logout explicitly - net/iucv: fix use after free in iucv_sock_close() - !11074 wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() - mISDN: Fix a use after free in hfcmulti_tx() - !11072 drm/virtio: Fix GEM handle creation UAF - exec: Fix ToCToU between perm check and set-uid/gid usage - !11086 thermal: int340x: fix memory leak in int3400_notify() - f2fs: fix to don't dirty inode for readonly filesystem - thermal: int340x: fix memory leak in int3400_notify() - !11061 Fix CVE-2023-52898 - nilfs2: fix general protection fault in nilfs_btree_insert() - !11068 Fix CVE-2024-39501 - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() - drm/virtio: Fix GEM handle creation UAF - !11060 parisc: Fix data TLB miss in sba_unmap_sg - !11065 i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr - !11062 ocfs2: add bounds checking to ocfs2_check_dir_entry() - driver core: Fix uevent_show() vs driver detach race - selftests: forwarding: devlink_lib: Wait for udev events after reloading - drivers: core: synchronize really_probe() and dev_uevent() - !10992 media: venus: fix use after free in vdec_close - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr - ocfs2: add bounds checking to ocfs2_check_dir_entry() - !11001 tipc: Return non-zero value from tipc_udp_addr2str() on error - !10987 RDMA/iwcm: Fix a use-after-free related to destroying CM IDs - xhci: Fix null pointer dereference when host dies - xhci: avoid race between disable slot command and host runtime suspend - parisc: Fix data TLB miss in sba_unmap_sg - filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 - !11037 s390/sclp: Fix sclp_init() cleanup on failure - !11021 net: usb: qmi_wwan: fix memory leak for not ip packets - s390/sclp: Fix sclp_init() cleanup on failure - net: usb: qmi_wwan: fix memory leak for not ip packets - !10966 perf: Optimize perf_pmu_migrate_context() - tipc: Return non-zero value from tipc_udp_addr2str() on error - media: venus: fix use after free in vdec_close - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs - perf: Optimize perf_pmu_migrate_context()- !10978 CVE-2024-42304 - !10946 drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes - !10957 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures - ext4: make sure the first directory block is not a hole - ext4: check dot and dotdot of dx_root before making dir indexed - !10954 leds: trigger: Unregister sysfs attributes before calling deactivate() - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures - !10930 libceph: fix race between delayed_work() and ceph_monc_stop() - leds: trigger: Unregister sysfs attributes before calling deactivate() - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes - libceph: fix race between delayed_work() and ceph_monc_stop() - !10841 ALSA: gus: fix null pointer dereference on pointer block - !10913 sched/cputime: Fix mul_u64_u64_div_u64() precision for cputime - !10915 usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() - sched/cputime: Fix mul_u64_u64_div_u64() precision for cputime - !10894 v2 netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers - !10892 crypto: aead,cipher - zeroize key buffer after use - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers - crypto: aead,cipher - zeroize key buffer after use - ALSA: gus: fix null pointer dereference on pointer block- !10895 drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep - !10897 v2 orangefs: fix out-of-bounds fsid access - !10858 v4 powerpc/pseries: Whitelist dtl slub object for copying to userspace - orangefs: fix out-of-bounds fsid access - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep - !10891 CVE-2024-42105 - nilfs2: fix inode number range checks - !10871 USB: serial: mos7840: fix crash on resume - !10643 USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor - USB: serial: mos7840: fix crash on resume - !10865 Revert "NFS: Don't interrupt file writeout due to fatal errors" - !10825 Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - Revert "NFS: Don't interrupt file writeout due to fatal errors" - !10730 filelock: Remove locks reliably when fcntl/close race is detected - powerpc/pseries: Whitelist dtl slub object for copying to userspace - !10802 media: dvb-frontends: tda10048: Fix integer overflow - !10703 x86: stop playing stack games in profile_pc() - !10838 bnx2x: Fix multiple UBSAN array-index-out-of-bounds - bnx2x: Fix multiple UBSAN array-index-out-of-bounds - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" - !10806 tcp_metrics: validate source addr length - !10803 s390/pkey: Wipe sensitive data on failure - !10786 CVE-2024-41034 - tcp_metrics: validate source addr length - s390/pkey: Wipe sensitive data on failure - !10700 ethernet: Fix error handling in xemaclite_of_probe - !10777 Fix CVE-2024-42160 - media: dvb-frontends: tda10048: Fix integer overflow - !10532 ftruncate: pass a signed offset - !10623 ata: libata-core: Fix double free on error - !10664 v2 ASoC: fsl-asoc-card: set priv->pdev before using it - nilfs2: fix kernel bug on rename operation of broken directory - nilfs2: return the mapped address from nilfs_get_page() - nilfs2: Remove check for PageError - f2fs: Add inline to f2fs_build_fault_attr() stub - f2fs: check validation of fault attrs in f2fs_build_fault_attr() - filelock: Remove locks reliably when fcntl/close race is detected - x86: stop playing stack games in profile_pc() - ethernet: Fix error handling in xemaclite_of_probe - ASoC: fsl-asoc-card: set priv->pdev before using it - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor - ata: libata-core: Fix double free on error - ftruncate: pass a signed offset- !10629 v2 hfsplus: fix uninit-value in copy_name - !10723 net/iucv: Avoid explicit cpumask var allocation on stack - !10646 net: dsa: mv88e6xxx: Correct check for empty list - !10609 wifi: cfg80211: wext: add extra SIOCSIWSCAN data check - !10608 CVE-2024-41044 - net/iucv: Avoid explicit cpumask var allocation on stack - !10693 drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes - !10571 ila: block BH in ila_output() - !10593 fix CVE-2024-41046 - !10521 xfs: add bounds checking to xlog_recover_process_data - !10597 drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes - !10562 nilfs2: add missing check for inode numbers on directory entries - !10706 jfs: don't walk off the end of ealist - !10699 drm/amd/display: Skip finding free audio for unknown engine_id - !10672 inet_diag: Initialize pad field in struct inet_diag_req_v2 - !10684 ocfs2: fix DIO failure due to insufficient transaction credits - !10565 gpio: davinci: Validate the obtained number of IRQs - !10389 pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER - jfs: don't walk off the end of ealist - drm/amd/display: Skip finding free audio for unknown engine_id - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes - ocfs2: fix DIO failure due to insufficient transaction credits - inet_diag: Initialize pad field in struct inet_diag_req_v2 - !10641 usb: atm: cxacru: fix endpoint checking in cxacru_bind() - !10601 IB/core: Implement a limit on UMAD receive List - net: dsa: mv88e6xxx: Correct check for empty list - usb: atm: cxacru: fix endpoint checking in cxacru_bind() - hfsplus: fix uninit-value in copy_name - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check - ppp: reject claimed-as-LCP but actually malformed packets - ppp: ensure minimum packet size in ppp_write() - IB/core: Implement a limit on UMAD receive List - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes - net: ethernet: lantiq_etop: fix double free in detach - net: lantiq_etop: add blank line after declaration - !10320 thermal: Fix NULL pointer dereferences in of_thermal_ functions - !10529 Bluetooth: hci_core: cancel all works upon hci_unregister_dev() - ila: block BH in ila_output() - gpio: davinci: Validate the obtained number of IRQs - nilfs2: add missing check for inode numbers on directory entries - !10471 ALSA: emux: improve patch ioctl data validation - !10479 jffs2: Fix potential illegal address access in jffs2_free_inode - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() - xfs: add bounds checking to xlog_recover_process_data - !10386 filelock: Fix fcntl/close race recovery compat path - !10485 fix CVE-2024-42086 - !10492 drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc - !10400 Fix CVE-2024-41069 - !10270 HID: core: remove unnecessary WARN_ON() in implement() - !10472 v2 xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() - !10359 v2 PCI/ROM: Fix PCI ROM header check bug - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc - iio: chemical: bme680: Fix overflows in compensate() functions - jffs2: Fix potential illegal address access in jffs2_free_inode - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() - ALSA: emux: improve patch ioctl data validation - !10341 net/sched: initialize noop_qdisc owner - ASoC: topology: Fix route memory corruption - ASoC: topology: Fix references to freed memory - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER - filelock: Fix fcntl/close race recovery compat path - PCI/ROM: Fix PCI ROM header check bug - net/sched: initialize noop_qdisc owner - thermal: Fix NULL pointer dereferences in of_thermal_ functions - HID: core: remove unnecessary WARN_ON() in implement()- !10327 NFC: port100: fix use-after-free in port100_send_complete - !10325 kobject: Fix global-out-of-bounds in kobject_action_type() - !10337 drm/radeon: fix UBSAN warning in kv_dpm.c - !10368 v2 jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error - !10227 MIPS: smp: fill in sibling and core maps earlier - drm/radeon: fix UBSAN warning in kv_dpm.c - !10324 BMA: Fix iBMA bug and change - NFC: port100: fix use-after-free in port100_send_complete - kobject: Fix global-out-of-bounds in kobject_action_type() - !10315 jfs: xattr: fix buffer overflow for invalid xattr - BMA/cdev_veth_drv: Fix softlockup problem - BMA/kbox_drv: Change the version number. - BMA/veth_drv: Fix soft interrupt loops and change the version number - BMA/cdev_drv: Change the version number. - BMA/edma_drv: Fix DMA reset problem and change the version number. - !10173 netrom: Fix a memory leak in nr_heartbeat_expiry() - !10249 fbdev: savage: Handle err return when savagefb_check_var failed - !10306 mISDN: Fix memory leak in dsp_pipeline_build() - jfs: xattr: fix buffer overflow for invalid xattr - !10198 scsi: qedi: Fix crash while reading debugfs attribute - !10310 batman-adv: bypass empty buckets in batadv_purge_orig_ref() - !10307 wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects - !10296 Backport dvb-usb bugfix - batman-adv: bypass empty buckets in batadv_purge_orig_ref() - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects - mISDN: Fix memory leak in dsp_pipeline_build() - media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() - USB: move snd_usb_pipe_sanity_check into the USB core - fbdev: savage: Handle err return when savagefb_check_var failed - MIPS: smp: fill in sibling and core maps earlier - scsi: qedi: Fix crash while reading debugfs attribute - netrom: Fix a memory leak in nr_heartbeat_expiry()- !10125 nvme-rdma: fix possible use-after-free in transport error_recovery work - !10112 ftrace: Fix use-after-free for dynamic ftrace_ops - !10276 net: ieee802154: at86rf230: Stop leaking skb's - net: ieee802154: at86rf230: Stop leaking skb's - !9917 powerpc/pseries: Enforce hcall result buffer validity and size - !10240 CVE-2024-41007 - !10251 sctp: fix kernel-infoleak for SCTP sockets - !10241 USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages - sctp: fix kernel-infoleak for SCTP sockets - !10229 staging: gdm724x: fix use after free in gdm_lte_rx() - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages - tcp: avoid too many retransmit packets - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() - net: tcp: fix unexcepted socket die when snd_wnd is 0 - tcp: refactor tcp_retransmit_timer() - tcp: fix incorrect undo caused by DSACK of TLP retransmit - staging: gdm724x: fix use after free in gdm_lte_rx() - !10137 NFSD: Fix ia_size underflow - !10183 v3 ima: Fix use-after-free on a dentry's dname.name - !10121 usb: f_fs: Fix use-after-free for epfile - !10016 drm/exynos/vidi: fix memory leak in .get_modes() - !10211 fix CVE-2022-48865 - !10206 gianfar: ethtool: Fix refcount leak in gfar_get_ts_info - tipc: fix kernel panic when enabling bearer - tipc: fix NULL pointer dereference in tipc_disc_rcv() - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info - !10186 vsock: remove vsock from connected table when connect is interrupted by a signal - !10190 Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj - vsock: remove vsock from connected table when connect is interrupted by a signal - !10141 vt_ioctl: fix array_index_nospec in vt_setactivate - ima: Fix use-after-free on a dentry's dname.name - !10152 wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() - !10026 liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet - !10147 CVE-2022-48836 - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() - Input: aiptek - properly check endpoint type - Input: aiptek - fix endpoint sanity check - vt_ioctl: fix array_index_nospec in vt_setactivate - !10095 CVE-2024-40968 - !10130 wifi: iwlwifi: mvm: don't read past the mfuart notifcation - NFSD: Fix ia_size underflow - !10123 CVE-2022-48838 - !10122 wifi: iwlwifi: mvm: check n_ssids before accessing the ssids - !10081 drm/amdgpu: fix UBSAN warning in kv_dpm.c - wifi: iwlwifi: mvm: don't read past the mfuart notifcation - !10092 usb: host: ohci-tmio: check return value after calling platform_get_resource() - nvme-rdma: fix possible use-after-free in transport error_recovery work - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids - usb: f_fs: Fix use-after-free for epfile - !10094 net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() - ftrace: Fix use-after-free for dynamic ftrace_ops - !10054 vmci: prevent speculation leaks by sanitizing event in event_deliver() - MIPS: Octeon: Add PCIe link status check - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() - usb: host: ohci-tmio: check return value after calling platform_get_resource() - !10033 ipv6: prevent possible NULL dereference in rt6_probe() - drm/amdgpu: fix UBSAN warning in kv_dpm.c - !9996 netpoll: Fix race condition in netpoll_owner_active - !9948 ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." - vmci: prevent speculation leaks by sanitizing event in event_deliver() - ipv6: prevent possible NULL dereference in rt6_probe() - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet - drm/exynos/vidi: fix memory leak in .get_modes() - netpoll: Fix race condition in netpoll_owner_active - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." - powerpc/pseries: Enforce hcall result buffer validity and size- !9925 ocfs2: fix races between hole punching and AIO+DIO - !9874 crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak - !9830 mmc: davinci: Don't strip remove function when driver is builtin - !9870 cifs: Fix deadlock in cifs_writepages during reconnect - !9895 bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() - ocfs2: fix races between hole punching and AIO+DIO - !9891 ipv6: sr: fix memleak in seg6_hmac_init_algo - !9856 btrfs: fix memory ordering between normal and ordered work functions - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() - ipv6: sr: fix memleak in seg6_hmac_init_algo - !9492 netlabel: fix out-of-bounds memory accesses - !9868 usb: musb: tusb6010: check return value after calling platform_get_resource() - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak - cifs: Fix deadlock in cifs_writepages during reconnect - usb: musb: tusb6010: check return value after calling platform_get_resource() - !9858 khugepaged: fix null-pointer dereference due to race - !9819 kdb: Fix buffer overflow during tab-complete - khugepaged: fix null-pointer dereference due to race - btrfs: fix memory ordering between normal and ordered work functions - !9842 net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove - net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove - mmc: davinci: Don't strip remove function when driver is builtin - kdb: Fix buffer overflow during tab-complete - netlabel: fix out-of-bounds memory accesses- !9803 v2 x86/ftrace: Disable lockdep check when execute ftrace_int3_handler() - x86/ftrace: Disable lockdep check when execute ftrace_int3_handler() - !9797 sch_cake: do not call cake_destroy() from cake_init() - sch_cake: do not call cake_destroy() from cake_init() - !9786 drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() - drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() - !9777 CVE-2024-23848 - media: cec: cec-api: add locking in cec_release() - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh - !9765 i40e: Fix queues reservation for XDP - !9760 CVE-2024-26816 - !9754 net: openvswitch: fix overwriting ct original tuple for ICMPv6 - !9367 v2 net: qcom/emac: fix UAF in emac_remove - !9512 drm: vc4: Fix possible null pointer dereference - !9755 wifi: ar5523: enable proper endpoint verification - i40e: Fix queues reservation for XDP - !9744 Fix CVE-2024-36949 - !9741 scsi: qedf: Ensure the copied buf is NUL terminated - !9727 net: amd-xgbe: Fix skb data length underflow - x86/boot: Ignore relocations in .notes sections in walk_relocs() too - x86, relocs: Ignore relocations in .notes section - !9743 USB: core: Fix hang in usb_kill_urb by adding memory barriers - wifi: ar5523: enable proper endpoint verification - net: openvswitch: fix overwriting ct original tuple for ICMPv6 - !9674 ax25: Fix reference count leak issue of net_device - !9729 seg6: fix the iif in the IPv6 socket control block - !9725 v2 net: Fix CVE-2022-48757 - !9737 net/9p: fix uninit-value in p9_client_rpc() - amd/amdkfd: sync all devices to wait all processes being evicted - drm/amdkfd: Rework kfd_locked handling - USB: core: Fix hang in usb_kill_urb by adding memory barriers - scsi: qedf: Ensure the copied buf is NUL terminated - net/9p: fix uninit-value in p9_client_rpc() - !9710 CVE-2022-48738 - !9568 media: mxl111sf: change mutex_init() location - !9570 net: ieee802154: ca8210: Stop leaking skb's - seg6: fix the iif in the IPv6 socket control block - !9700 v2 crypto: bcm - Fix pointer arithmetic - !9684 greybus: lights: check return of get_channel_from_mode - net: amd-xgbe: Fix skb data length underflow - !9666 ftrace: Fix rcu warn in ftrace_location() - net: fix kabi breakage in struct packet_type - net: fix information leakage in /proc/net/ptype - !9724 Fix CVE-2024-35915 - nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() - nfc: nci: Fix uninit-value in nci_rx_work - nfc: nci: Fix kcov check in nci_rx_work() - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet - !9658 KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - !9698 Fix CVE-2021-47270 - !9699 dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - !9550 scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - !9707 nilfs2: fix use-after-free of timer for log writer thread - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - nilfs2: fix use-after-free of timer for log writer thread - !9655 nfc: fix segfault in nfc_genl_dump_devices_done - !9654 mac80211: validate extended element ID is present - !9653 ecryptfs: Fix buffer size for tag 66 packet - !9652 ALSA: timer: Set lower bound of start tick time - !9697 v3 Fix CVE-2024-38567 - !9633 CVE-2024-38582 - !9692 netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() - crypto: bcm - Fix pointer arithmetic - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS - usb: fix various gadgets null ptr deref on 10gbps cabling. - wifi: carl9170: add a proper sanity check for endpoints - USB: core: Add routines for endpoint checks in old drivers - !9597 ASoC: max9759: fix underflow in speaker_gain_control_put() - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() - !9626 fix uaf when proc_cpuset_show - !9660 nilfs2: fix potential kernel bug due to lack of writeback flag waiting - greybus: lights: check return of get_channel_from_mode - ax25: Fix reference count leak issue of net_device - ftrace: Fix rcu warn in ftrace_location() - !9553 CVE-2024-37356 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting - KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak - nfc: fix segfault in nfc_genl_dump_devices_done - mac80211: validate extended element ID is present - ecryptfs: Fix buffer size for tag 66 packet - ALSA: timer: Set lower bound of start tick time - nilfs2: fix potential hang in nilfs_detach_log_writer() - nilfs2: fix unexpected freezing of nilfs_segctor_sync() - cgroup: fix uaf when proc_cpuset_show - ASoC: max9759: fix underflow in speaker_gain_control_put() - net: ieee802154: ca8210: Stop leaking skb's - media: mxl111sf: change mutex_init() location - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). - params: lift param_set_uint_minmax to common code - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() - drm: vc4: Fix possible null pointer dereference - net: qcom/emac: fix UAF in emac_remove- !9629 stm class: Fix a double free in stm_register_device() - !9646 phonet: fix rtm_phonet_notify() skb allocation - !9628 m68k: Fix spinlock race in kernel thread creation - !9623 v2 net/nfc/rawsock.c: fix a permission check bug - !9648 backport two patches from 5.10 to fix some bugs for GuestOS - !9617 mac80211: track only QoS data frames for admission control - !9637 ipv6: sr: fix invalid unregister error path - !9607 enic: Validate length of nl attributes in enic_set_vf_port - !9606 drm/nouveau: fix off by one in BIOS boundary checking - !9605 scsi: bfa: Ensure the copied buf is NUL terminated - irqchip: gic-v3: Collection table support muti pages - scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids - phonet: fix rtm_phonet_notify() skb allocation - ipv6: sr: fix invalid unregister error path - stm class: Fix a double free in stm_register_device() - m68k: Fix spinlock race in kernel thread creation - !9076 RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests - net/nfc/rawsock.c: fix a permission check bug - mac80211: track only QoS data frames for admission control - enic: Validate length of nl attributes in enic_set_vf_port - drm/nouveau: fix off by one in BIOS boundary checking - !9600 CVE-2024-38597 - scsi: bfa: Ensure the copied buf is NUL terminated - !9409 drm/mediatek: Add 0 size check to mtk_drm_gem_obj - !9452 jffs2: prevent xattr node from overflowing the eraseblock - eth: sungem: remove .ndo_poll_controller to avoid deadlocks - net: fec: remove .ndo_poll_controller to avoid deadlocks - !8163 v2 mmc: sdio: fix possible resource leaks in some error paths - !9535 igbvf: fix double free in `igbvf_probe` - !9590 s390/ap: Fix crash in AP internal function modify_bitmap() - !9584 ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound - !9537 virtio: delete vq in vp_find_vqs_msix() when request_irq() fails - !9585 net/mlx5e: Avoid field-overflowing memcpy() - s390/ap: Fix crash in AP internal function modify_bitmap() - net/mlx5e: Avoid field-overflowing memcpy() - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound - !9534 rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev - !9419 mm/migrate: set swap entry values of THP tail pages properly. - !9560 net: systemport: Add global locking for descriptor lifecycle - !9526 media: lgdt3306a: Add a check against null-pointer-def - !9539 ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() - net: systemport: Add global locking for descriptor lifecycle - !9340 serial: max3100: Lock port->lock when calling uart_handle_cts_change() - !9330 ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - !9382 serial: max3100: Update uart_driver_registered on driver removal - !9503 v2 watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger - !9464 quota: Fix rcu annotations of inode dquot pointers - !9530 v2 Backport LTS patches - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails - !9435 fix CVE-2024-38621 - igbvf: fix double free in `igbvf_probe` - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev - !9381 vfio/pci: fix potential memory leak in vfio_intx_enable() - !9497 netrom: fix possible dead-lock in nr_rt_ioctl() - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() - pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map - media: lgdt3306a: Add a check against null-pointer-def - !9505 CVE-2024-38587 - !9473 um: Add winch to winch_handlers before registering winch IRQ - !9407 drm/arm/malidp: fix a possible null pointer dereference - !9400 Fix CVE-2024-31076 - speakup: Fix sizeof() vs ARRAY_SIZE() bug - !9439 CVE-2022-48715 - !9133 net: ethernet: fix potential use-after-free in ec_bhf_remove - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger - netrom: fix possible dead-lock in nr_rt_ioctl() - !9265 ring-buffer: Fix a race between readers and resize checks - !9390 NFS: Fix an off by one in root_nfs_cat() - um: Add winch to winch_handlers before registering winch IRQ - quota: Fix rcu annotations of inode dquot pointers - fs/quota: erase unused but set variable warning - jffs2: prevent xattr node from overflowing the eraseblock - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe - media: stk1160: fix bounds checking in stk1160_copy_video() - mm/migrate: set swap entry values of THP tail pages properly. - drm/mediatek: Add 0 size check to mtk_drm_gem_obj - drm/arm/malidp: fix a possible null pointer dereference - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline - NFS: Fix an off by one in root_nfs_cat() - serial: max3100: Update uart_driver_registered on driver removal - vfio/pci: fix potential memory leak in vfio_intx_enable() - serial: max3100: Lock port->lock when calling uart_handle_cts_change() - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() - ring-buffer: Fix a race between readers and resize checks - net: ethernet: fix potential use-after-free in ec_bhf_remove - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests - mmc: sdio: fix possible resource leaks in some error paths- !9471 CVE-2021-47434 - xhci: Fix commad ring abort, write all 64 bits to CRCR register. - xhci: Fix command ring pointer corruption while aborting a command - !8935 wifi: nl80211: don't free NULL coalescing rule - !9444 CVE-2022-48737 - !8493 rpmsg: virtio: Free driver_override when rpmsg_remove() - !8473 scsi: mpt3sas: Fix kernel panic during drive powercycle test - ASoC: ops: Fix bounds check for _sx controls - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() - !9322 drm/amd/display: Fix potential index out of bounds in color transformation function - !9366 macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" - !9392 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - !9232 batman-adv: Avoid WARN_ON timing related checks - !9351 Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped." - !9393 net: lts v4.311 backport - !9286 mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations - !9206 v2 sched: smart_grid: fix potential NULL pointer dereference - !9314 spi: Fix deadlock when adding SPI controllers on SPI buses - net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() - ipv6: fib6_rules: flush route cache when rule is changed - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable - !8360 v2 loop: use lo->lo_disk for kobject_uevent - !9343 firmware: arm_scpi: Fix string overflow in SCPI genpd driver - !9326 af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" - !9285 of: module: add buffer overflow check in of_modalias() - !9316 CVE-2022-48755 - Revert "x86/mm/ident_map: Use gbpages only where full GB page should be mapped." - !9344 round lts patches - !8769 atl1c: Work around the DMA RX overflow issue - !9292 net: bridge: xmit: make sure we have at least eth header len bytes - net: bridge: fix corrupted ethernet header on multicast-to-unicast - net: bridge: fix multicast-to-unicast with fraglist GSO - net: mark racy access on sk->sk_rcvbuf - net l2tp: drop flow hash on forward - firmware: arm_scpi: Fix string overflow in SCPI genpd driver - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg - !9324 v2 Linux 4.19.312-313 LTS patches - vxlan: Fix regression when dropping packets due to invalid src addresses - udp: preserve the connected status if only UDP cmsg - vxlan: drop packets from invalid src-address - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr - SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int - drm/amd/display: Fix potential index out of bounds in color transformation function - powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06 - spi: fix kabi breakage in struct spi_controller - spi: Fix deadlock when adding SPI controllers on SPI buses - !9278 CVE-2021-47231 - !8783 v2 arm64 mpam fix patch - !9270 inet_diag: fix kernel-infoleak for UDP sockets - !9140 v2 CVE-2024-36971 - !8847 wl1251: Fix possible buffer overflow in wl1251_cmd_scan - !9260 v3 ftrace: Fix possible use-after-free issue in ftrace_location() - net: bridge: xmit: make sure we have at least eth header len bytes - mm, vmscan: prevent infinite loop for costly GFP_NOIO | __GFP_RETRY_MAYFAIL allocations - of: module: add buffer overflow check in of_modalias() - !9061 iio: mma8452: Fix trigger reference couting - can: mcba_usb_start(): add missing urb->transfer_dma initialization - can: mcba_usb: fix memory leak in mcba_usb - inet_diag: fix kernel-infoleak for UDP sockets - ftrace: Fix possible use-after-free issue in ftrace_location() - !9227 kprobes: Fix possible use-after-free issue on kprobe registration - !9228 coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() - !9225 can: sja1000: fix use after free in ems_pcmcia_add_card() - !8656 mm, slub: fix potential memoryleak in kmem_cache_open() - !8937 firewire: ohci: mask bus reset interrupts between ISR and bottom half - !8691 Fix page corruption caused by racy check in __free_pages - batman-adv: Avoid WARN_ON timing related checks - coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() - kprobes: Fix possible use-after-free issue on kprobe registration - can: sja1000: fix use after free in ems_pcmcia_add_card() - !9179 CVE-2021-47232 - !9004 media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - !8130 v2 CVE-2021-47493 - !9006 media: tc358743: register v4l2 async device only after successful setup - !9144 serial: 8250_exar: Don't remove GPIO device on suspend - sched: smart_grid: fix potential NULL pointer dereference - can: j1939: fix Use-after-Free, hold skb ref while in use - can: j1939: transport: j1939_session_tx_dat(): fix use-after-free read in j1939_tp_txtimer() - can: j1939: transport: add j1939_session_skb_find_by_offset() function - !8800 ALSA: usb-audio: Stop parsing channels bits when all channels are found. - !8798 hid: cp2112: Fix duplicate workqueue initialization - !8799 usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete - serial: 8250_exar: Don't remove GPIO device on suspend - net: fix kabi breakage in struct dst_ops - net: fix __dst_negative_advice() race - iio: mma8452: Fix trigger reference couting - media: tc358743: register v4l2 async device only after successful setup - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() - firewire: ohci: mask bus reset interrupts between ISR and bottom half - wifi: nl80211: don't free NULL coalescing rule - wl1251: Fix possible buffer overflow in wl1251_cmd_scan - ALSA: usb-audio: Stop parsing channels bits when all channels are found. - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete - hid: cp2112: Fix duplicate workqueue initialization - arm64/mpam: Fix softlockup when reading mondata - arm64/mpam: Fix wrong seconds to jiffies conversion - arm64/mpam: change allocation mode from GFP_KERNEL to GFP_NOWAIT - mpam/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup - mpam/resctrl: Clean up resctrl_group_rmdir_[ctrl/mon]() - mpam/resctrl: Clean up unused function parameter in mkdir path - mpam/resctrl: Fix a deadlock due to inaccurate reference - atl1c: Work around the DMA RX overflow issue - Fix page corruption caused by racy check in __free_pages - mm, slub: fix potential memoryleak in kmem_cache_open() - rpmsg: virtio: Free driver_override when rpmsg_remove() - scsi: mpt3sas: Fix kernel panic during drive powercycle test - loop: use lo->lo_disk for kobject_uevent - jbd2: export jbd2_journal_[grab|put]_journal_head - ocfs2: fix a deadlock when commit trans - ocfs2: fix race between searching chunks and release journal_head from buffer_head- !9086 v2 dhugetlb: use rcu lock to protect hpool - !8796 CVE-2023-52810 - !8699 wifi: cfg80211: check A-MSDU format more carefully - !9123 staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() - !9005 scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload - !9113 IB/qib: Protect from buffer - !9119 PCI: aardvark: Fix kernel panic during PIO transfer - !9058 watchdog: Fix possible use-after-free by calling del_timer_sync() - !9053 soc: fsl: qbman: Use raw spinlock for cgr_lock - PCI: aardvark: Fix kernel panic during PIO transfer - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response - PCI: aardvark: Don't rely on jiffies while holding spinlock - !9091 RDMA/cma: Fix rdma_resolve_route() memory leak - IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields - !9037 fix CVE-2021-47509 - RDMA/cma: Fix rdma_resolve_route() memory leak - dhugetlb: use rcu lock to protect hpool - !8291 Fix CVE-2023-52836 - !8574 net: ieee802154: fix null deref in parse dev addr - !9017 misc/libmasm/module: Fix two use after free in ibmasm_init_one - !9045 ALSA: seq: Fix race of snd_seq_timer_open() - !9046 net: rds: fix memory leak in rds_recvmsg - !8632 phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() - !8695 net: macb: fix use after free on rmmod - !4633 Add support for Hygon family 18h model 5h HD-Audio - !9057 CVE-2021-47261 - !8637 dyndbg: fix old BUG_ON in >control parser - !8698 net: batman-adv: fix error handling - !8715 net/sched: act_skbmod: prevent kernel-infoleak - !8775 llc: verify mac len before reading mac header - watchdog: Fix possible use-after-free by calling del_timer_sync() - IB/mlx5: Fix initializing CQ fragments buffer - soc: fsl: qbman: Use raw spinlock for cgr_lock - !9022 wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() - !8786 tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc - !8704 usb: fix various gadget panics on 10gbps cabling - !9013 net: encx24j600: check error in devm_regmap_init_encx24j600 - net: rds: fix memory leak in rds_recvmsg - ALSA: seq: Fix race of snd_seq_timer_open() - !9036 IB/hfi1: Restore allocated resources on failed copyout - !4620 Some fixes for Hygon model 4h~6h processors - !4630 Add support for Hygon model 6h L3 PMU - ALSA: pcm: oss: Limit the period size to 16MB - ALSA: pcm: oss: Fix potential out-of-bounds shift - !8549 batman-adv: Avoid infinite loop trying to resize local TT - !8763 tipc: fix UAF in error path - IB/hfi1: Restore allocated resources on failed copyout - !8956 net: ti: fix UAF in tlan_remove_one - !8959 comedi: vmk80xx: fix bulk-buffer overflow - !8740 CVE-2024-36914 - !8824 igb: Fix use-after-free error during reset - !8987 bna: ensure the copied buf is NUL terminated - !9026 tty: n_gsm: fix possible out-of-bounds in gsm0_receive() - !8923 i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc - !8961 nfp: Fix memory leak in nfp_cpp_area_cache_add() - !8875 drm/vmwgfx: Fix invalid reads in fence signaled events - !8883 scsi: lpfc: Move NPIV's transport unregistration to after resource clean up - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() - misc/libmasm/module: Fix two use after free in ibmasm_init_one - net: encx24j600: check error in devm_regmap_init_encx24j600 - !8998 i2c: acpi: fix resource leak in reconfiguration device addition - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload - !8991 clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data - !8992 fix CVE-2024-36905 - i2c: acpi: fix resource leak in reconfiguration device addition - !8868 ipv6: prevent NULL dereference in ip6_output() - net: relax socket state check at accept time. - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets - !8737 ubifs: Set page uptodate in the correct place - !8668 phonet/pep: fix racy skb_queue_empty() use - clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data - bna: ensure the copied buf is NUL terminated - nfp: Fix memory leak in nfp_cpp_area_cache_add() - comedi: vmk80xx: fix bulk-buffer overflow - net: ti: fix UAF in tlan_remove_one - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up - drm/vmwgfx: Fix invalid reads in fence signaled events - ipv6: prevent NULL dereference in ip6_output() - igb: Fix use-after-free error during reset - fs/jfs: Add check for negative db_l2nbperpage - jfs: jfs_dmap: Validate db_l2nbperpage while mounting - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc - llc: verify mac len before reading mac header - tipc: fix UAF in error path - drm/amd/display: Skip on writeback when it's not applicable - ubifs: Set page uptodate in the correct place - net/sched: act_skbmod: prevent kernel-infoleak - usb: fix various gadget panics on 10gbps cabling - wifi: cfg80211: check A-MSDU format more carefully - net: batman-adv: fix error handling - net: macb: fix use after free on rmmod - phonet/pep: fix racy skb_queue_empty() use - dyndbg: fix old BUG_ON in >control parser - phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() - net: ieee802154: fix null deref in parse dev addr - batman-adv: Avoid infinite loop trying to resize local TT - locking/ww_mutex/test: Fix potential workqueue corruption - EDAC/amd64: Adjust UMC channel for Hygon family 18h model 6h - x86/amd_nb: Get DF ID from F5 device for Hygon family 18h model 6h - EDAC/amd64: Fix intlv_num_chan for Hygon family 18h model 4h - EDAC/amd64: Revert hi_addr_offset for Hygon family 18h model 4h - ALSA: hda: Fix single byte write failure issue for Hygon - ALSA: hda: Add Hygon HD-Audio support - perf/x86/uncore: Add L3 PMU support for Hygon family 18h model 6h- !8895 net: fix out-of-bounds access in ops_init - !8694 clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data - !8858 PCI/PM: Drain runtime-idle callbacks before driver removal - !8626 fs/9p: only translate RWX permissions for plain 9P2000 - !8490 scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() - !8777 memory: fsl_ifc: fix leak of IO mapping on probe failure - !8806 media: zr364xx: fix memory leak in zr364xx_start_readpipe - !8664 mmc: mmc_spi: fix error handling in mmc_spi_probe() - !8865 staging: rtl8712: fix use-after-free in rtl8712_dl_fw - !8888 nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). - !8825 watchdog: Fix possible use-after-free in wdt_startup() - !8654 nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - !8358 perf report: Fix memory leaks around perf_tip() - !8552 tipc: fix a possible memleak in tipc_buf_append - !8851 ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() - net: fix out-of-bounds access in ops_init - !8802 CVE-2021-47294 - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). - staging: rtl8712: fix use-after-free in rtl8712_dl_fw - PCI/PM: Drain runtime-idle callbacks before driver removal - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() - !8628 erspan: make sure erspan_base_hdr is present in skb->head - !8716 CVE-2024-35910 - !8325 ocfs2: fix data corruption after conversion from inline format - !8729 tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). - !8636 ipv6: Fix potential uninit-value access in __ip6_make_skb() - watchdog: Fix possible use-after-free in wdt_startup() - !8773 sched: remove WARN_ON on checking rq->tmp_alone_branch - media: zr364xx: fix memory leak in zr364xx_start_readpipe - !8678 can: pch_can: pch_can_rx_normal: fix use after free - netrom: Fix use-after-free of a listening socket. - netrom: Decrease sock refcount when sock timers expire - !8676 net: tulip: de4x5: fix the problem that the array 'lp->phy[8 - !8708 media: imon: fix access to invalid resource for the second interface - !8707 regmap: Fix possible double-free in regcache_rbtree_exit() - !8706 isdn: mISDN: Fix sleeping function called from invalid context - !8705 usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency - !8357 nilfs2: fix underflow in second superblock position calculations - !8681 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation - !8484 scsi: megaraid_sas: Fix resource leak in case of probe failure - memory: fsl_ifc: fix leak of IO mapping on probe failure - sched: remove WARN_ON on checking rq->tmp_alone_branch - !8620 CVE-2024-35896 - !8526 SUNRPC: Fix RPC client cleaned up the freed pipefs dentries - !8336 tcp: fix page frag corruption on page fault - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). - !8521 isofs: Fix out of bound access for corrupted isofs image - !7786 powerpc/powernv: Add a null pointer check in opal_event_init() - !8568 gfs2: Fix use-after-free in gfs2_glock_shrink_scan - tcp: properly terminate timers for kernel sockets - mptcp: add sk_stop_timer_sync helper - !8478 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY - !8366 net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - !8544 CVE-2021-47358 - !8577 mmc: sdhci-msm: pervent access to suspended controller - !8579 net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - !8603 rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - media: imon: fix access to invalid resource for the second interface - regmap: Fix possible double-free in regcache_rbtree_exit() - isdn: mISDN: Fix sleeping function called from invalid context - usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency - !8516 CVE-2021-47409 - !8465 drm/amd/display: Avoid NULL dereference of timing generator - !8500 pwm: Fix double shift bug - clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation - can: pch_can: pch_can_rx_normal: fix use after free - net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound - !8402 i40e: Fix freeing of uninitialized misc IRQ vector - !8398 comedi: ni_usb6501: fix NULL-deref in command paths - mmc: mmc_spi: fix error handling in mmc_spi_probe() - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done - !8464 i2c: smbus: fix NULL function pointer dereference - !8434 iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - !8411 platform/x86: wmi: Fix opening of char device - ipv6: Fix potential uninit-value access in __ip6_make_skb() - !8307 s390/dasd: protect device queue against concurrent access - !8444 CVE-2021-47511 - !8443 v2 ipack: ipoctal: fix module reference leak - !8611 smackfs: restrict bytes count in smk_set_cipso() - !8610 media: gspca: cpia1: shift-out-of-bounds in set_flicker - !8609 can: peak_pci: peak_pci_remove(): fix UAF - !8430 drm/sched: Avoid data corruptions - !8557 net: cdc_eem: fix tx fixup skb leak - !8365 efi/capsule-loader: fix incorrect allocation size - !8333 soc: qcom: llcc: Handle a second device without data corruption - erspan: make sure erspan_base_hdr is present in skb->head - fs/9p: only translate RWX permissions for plain 9P2000 - netfilter: complete validation of user input - netfilter: validate user input for expected length - smackfs: restrict bytes count in smk_set_cipso() - media: gspca: cpia1: shift-out-of-bounds in set_flicker - can: peak_pci: peak_pci_remove(): fix UAF - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() - mmc: sdhci-msm: pervent access to suspended controller - gfs2: Fix use-after-free in gfs2_glock_shrink_scan - net: cdc_eem: fix tx fixup skb leak - tipc: fix a possible memleak in tipc_buf_append - staging: greybus: uart: fix tty use after free - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries - isofs: Fix out of bound access for corrupted isofs image - usb: dwc2: Fix memory leak in dwc2_hcd_init - usb: dwc2: check return value after calling platform_get_resource() - pwm: Fix double shift bug - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() - scsi: megaraid_sas: Fix resource leak in case of probe failure - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY - drm/amd/display: Avoid NULL dereference of timing generator - i2c: smbus: fix NULL function pointer dereference - ALSA: pcm: oss: Fix negative period/buffer sizes - ALSA: pcm: oss: Fix a few more UBSAN fixes - ipack: ipoctal: fix module reference leak - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove - drm/sched: Avoid data corruptions - platform/x86: wmi: Fix opening of char device - i40e: Fix freeing of uninitialized misc IRQ vector - comedi: ni_usb6501: fix NULL-deref in command paths - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() - efi/capsule-loader: fix incorrect allocation size - perf report: Fix memory leaks around perf_tip() - nilfs2: fix underflow in second superblock position calculations - tcp: fix page frag corruption on page fault - soc: qcom: llcc: Handle a second device without data corruption - ocfs2: fix data corruption after conversion from inline format - s390/dasd: protect device queue against concurrent access - powerpc/powernv: Add a null pointer check in opal_event_init()- scsi: hisi_sas: Allocate DFX memory during dump trigger- !8437 comedi: dt9812: fix DMA buffers on stack - !8515 v2 *** CVE-2021-47356 *** - !8582 v2 bcache: avoid oversized read request in cache missing code path - !8522 smb: client: fix use-after-free bug in cifs_debug_data_proc_show() - !8499 udf: Fix NULL pointer dereference in udf_symlink function - !8498 Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout - !8570 net: hamradio: fix memory leak in mkiss_close - !8506 CVE-2024-36015 - !8508 memory: fsl_ifc: fix leak of private memory on probe failure - !8470 v2 CVE-2024-35808 - !8050 block: prevent division by zero in blk_rq_stat_sum() - !8469 watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() - !8482 v2 Fix hugetlb deadlock - bcache: avoid oversized read request in cache missing code path - !8327 wifi: mac80211: don't return unset power in ieee80211_get_tx_power() - !8316 net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path - net: hamradio: fix memory leak in mkiss_close - !8310 jfs: fix two - !8507 tty: vcc: Add check for kstrdup() in vcc_probe() - !8441 pinctrl: core: delete incorrect free in pinctrl_enable() - !8414 backport for CVE-2023-52750 - !8449 drm/amd/pm: Update intermediate power state for SI - !8453 net: fix uninit-value in caif_seqpkt_sendmsg - !6800 block: fix overflow in blk_ioctl_discard() - !8068 CVE-2021-47427 - !8102 v2 sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl - !8413 NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - !8417 NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - !8403 can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv - !8393 4.19: fix CVE-2024-35978 - !8349 perf hist: Fix memory leak of a perf_hpp_fmt - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() - mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq - mISDN: fix possible use-after-free in HFC_cleanup() - memory: fsl_ifc: fix leak of private memory on probe failure - tty: vcc: Add check for kstrdup() in vcc_probe() - !8296 atm: iphase: fix possible use-after-free in ia_module_exit() - !8297 v2 powerpc/mm: Fix lockup on kernel exec fault - !8405 tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - ppdev: Add an error check in register_device - ppdev: Remove usage of the deprecated ida_simple_xx() API - !8423 mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - udf: Fix NULL pointer dereference in udf_symlink function - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout - !8354 CVE-2021-47277 - !8386 drm/nouveau/debugfs: fix file release memory leak - !8452 Fix CVE-2021-47438 - !8308 mac80211: fix use-after-free in CCMP/GCMP RX - !8341 net/mlx5: Properly link new fs rules into the tree - hugetlb: pass head page to remove_hugetlb_page() - hugetlbfs: fix hugetlbfs_statfs() locking - hugetlb: make free_huge_page irq safe - hugetlb: change free_pool_huge_page to remove_pool_huge_page - hugetlb: call update_and_free_page without hugetlb_lock - hugetlb: create remove_hugetlb_page() to separate functionality - Revert "hugetlb: make free_huge_page irq safe" - Revert "hugetlbfs: fix hugetlbfs_statfs() locking" - !8075 v2 HID: betop: fix slab-out-of-bounds Write in betop_probe - md/dm-raid: don't clear MD_RECOVERY_FROZEN after setting frozen - md/dm-raid: don't call md_reap_sync_thread() directly - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() - !8191 HID: usbhid: free raw_report buffers in usbhid_stop - !8314 mcb: fix error handling in mcb_alloc_bus() - !7852 CVE-2021-47407 - net: fix uninit-value in caif_seqpkt_sendmsg - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path - !8276 usb: udc: remove warning when queue disabled ep - !8142 i40e: Do not use WQ_MEM_RECLAIM flag for workqueue - !8410 iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() - drm/amd/pm: Update intermediate power state for SI - !8175 jfs: fix array-index-out-of-bounds in diAlloc - pinctrl: core: delete incorrect free in pinctrl_enable() - comedi: dt9812: fix DMA buffers on stack - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap - !8292 netfilter: conntrack: serialize hash resizes and cleanups - NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer - arm64: Make CPU_BIG_ENDIAN depend on ld.bfd or ld.lld 13.0.0+ - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path - !8348 ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv - !8324 drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga - !8394 hugetlbfs: fix hugetlbfs_statfs() locking - !8188 v2 ACPI: video: check for error while searching for backlight device parent - hugetlbfs: fix hugetlbfs_statfs() locking - Bluetooth: Fix memory leak in hci_req_sync_complete() - !8303 ipvlan: add ipvlan_route_v6_outbound() helper - drm/nouveau/debugfs: fix file release memory leak - !8211 fix CVE-2024-35877 - !7964 v2 vt: fix unicode buffer corruption when deleting characters - !8160 v2 ipack: ipoctal: fix stack information leak - !8100 arch related major bugfix before 2023 - !8192 atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - kvm: fix previous commit for 32-bit builds - kvm: avoid speculation-based attacks from out-of-range memslot accesses - !8181 v3 cpu/hotplug: Don't offline the last non-isolated CPU - perf hist: Fix memory leak of a perf_hpp_fmt - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() - !8205 fix hugetlb deadlock - !8061 *** CVE-2021-47475 *** - !8252 sysv: don't call sb_bread() with pointers_lock held - !8248 gfs2: ignore negated quota changes - !8206 RDMA: Verify port when creating flow rule - net/mlx5: Properly link new fs rules into the tree - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() - drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga - !8219 tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING - !8223 CVE-2023-52804 - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path - mcb: fix error handling in mcb_alloc_bus() - jfs: fix array-index-out-of-bounds in dbFindLeaf - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev - mac80211: fix use-after-free in CCMP/GCMP RX - !8209 net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() - !8257 v5 can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds - ipvlan: add ipvlan_route_v6_outbound() helper - powerpc/mm: Fix lockup on kernel exec fault - atm: iphase: fix possible use-after-free in ia_module_exit() - netfilter: conntrack: serialize hash resizes and cleanups - !8062 CVE-2024-35789 - usb: udc: remove warning when queue disabled ep - can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds - !7804 v2 selinux: avoid dereference of garbage after mount failure - sysv: don't call sb_bread() with pointers_lock held - !8186 ALSA: hda: Fix possible null-ptr-deref when assigning a stream - !8208 ocfs2: mount fails with buffer overflow in strlen - !8207 drm/msm: Fix null pointer dereference on pointer edp - gfs2: ignore negated quota changes - !7470 x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ - !7699 CVE-2023-52669 - !7868 CVE-2024-35995 - fs/jfs: Add validity check for db_maxag and db_agpref - fs: jfs: fix shift-out-of-bounds in dbAllocAG - jfs: fix divide error in dbNextAG - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING - x86/mm/pat: fix VM_PAT handling in COW mappings - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() - ocfs2: mount fails with buffer overflow in strlen - drm/msm: Fix null pointer dereference on pointer edp - !8180 Fix CVE-2021-47495 - RDMA: Verify port when creating flow rule - hugetlb: make free_huge_page irq safe - mm/hugetlb: defer freeing of huge pages if in non-task context - !8146 pinctrl: single: fix potential NULL dereference - !8164 sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - !8131 scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() - atm: nicstar: Fix possible use-after-free in nicstar_cleanup() - HID: usbhid: free raw_report buffers in usbhid_stop - ACPI: video: check for error while searching for backlight device parent - ALSA: hda: Fix possible null-ptr-deref when assigning a stream - cpu/hotplug: Don't offline the last non-isolated CPU - usbnet: fix error return code in usbnet_probe() - usbnet: sanity check for maxpacket - jfs: fix array-index-out-of-bounds in diAlloc - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb - ipack: ipoctal: fix stack information leak - pinctrl: single: fix potential NULL dereference - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl - x86/ioapic: Unbreak check_timer() - irqchip/gic-v3: Ensure pseudo-NMIs have an ISB between ack and handling - genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() - HID: betop: fix slab-out-of-bounds Write in betop_probe - scsi: iscsi: Fix iscsi_task use after free - scsi: iscsi: Have abort handler get ref to conn - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN - comedi: vmk80xx: fix expression for tx buffer size - comedi: vmk80xx: fix transfer-buffer overflows - block: prevent division by zero in blk_rq_stat_sum() - vt: fix unicode buffer corruption when deleting characters - ACPI: CPPC: Fix access width used for PCC registers - ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro - ACPI: CPPC: Use access_width over bit_width for system memory accesses - ACPI: CPPC: Fix up I/O port access in cpc_read() - ACPI: CPPC: Implement support for SystemIO registers - KVM: x86: Handle SRCU initialization failure during page track init - selinux: avoid dereference of garbage after mount failure - crypto: s390/aes - Fix buffer overread in CTR mode - x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ - block: fix overflow in blk_ioctl_discard()- !8066 drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 - !8038 CVE-2023-52817 - !8106 usb: dwc3: ep0: fix NULL pointer exception - !8059 soc: fsl: qbman: Always disable interrupts when taking cgr_lock - !8017 perf/core: Bail out early if the request AUX area is out of bound - !8064 isdn: mISDN: netjet: Fix crash in nj_probe: - !8049 xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING - usb: dwc3: ep0: fix NULL pointer exception - !8055 drm/client: Fully protect modes[ - !8000 v2 net/tls: Fix flipped sign in tls_err_abort() calls - !8032 netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 - isdn: mISDN: netjet: Fix crash in nj_probe: - !8056 scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() - !7999 HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up - soc: fsl: qbman: Always disable interrupts when taking cgr_lock - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() - drm/client: Fully protect modes[] with dev->mode_config.mutex - xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING - !7817 netfilter: nft_flow_offload: reset dst in route object after setting up flow - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() - !7965 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - !7951 sched/rt: Fix rt_runtime leaks with cpu hotplug and RT_RUNTIME_SHARE - perf/core: Bail out early if the request AUX area is out of bound - !7981 Fix CVE-2021-47455 - !7901 f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances - !7700 scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() - !7682 dm snapshot: fix lockup in dm_exception_table_exit - !7867 media: bttv: fix use after free error due to btv->timeout timer - !7421 x86/CPU/AMD: Update the Zenbleed microcode revisions - !7415 cpu/SMT: Make SMT control more robust against enumeration failures - !7451 v2 ip: Treat IPv4 segment's lowest address as unicast - !7393 v2 scsi: sr: Do not leak information in ioctl - !7971 fbmon: prevent division by zero in fb_videomode_from_videomode() - net/tls: Fix flipped sign in tls_err_abort() calls - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up - !7963 ipv6: Fix infinite recursion in fib6_dump_done(). - !7979 drm/radeon: fix a possible null pointer dereference - ptp: fix code indentation issues - ptp: Fix possible memory leak in ptp_clock_register() - drm/radeon: fix a possible null pointer dereference - fbmon: prevent division by zero in fb_videomode_from_videomode() - !7944 v2 netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells - ipv6: Fix infinite recursion in fib6_dump_done(). - sched/rt: Fix rt_runtime leaks with cpu hotplug and RT_RUNTIME_SHARE - netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries - !7811 Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() - !7892 CVE-2023-52868 - !7910 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs - !7851 netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser - f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances - thermal: core: prevent potential string overflow - !7854 net/mlx5e: fix a double-free in arfs_create_groups - !7794 v2 Fix CVE-2023-52656 - media: bttv: fix use after free error due to btv->timeout timer - !7840 netrom: Fix a data-race around sysctl_netrom_transport_timeout - net/mlx5e: fix a double-free in arfs_create_groups - netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser - !7770 drm/amd/pm: fix a double-free in si_dpm_init - netrom: Fix a data-race around sysctl_netrom_transport_timeout - !7589 irqchip/gic-v3-its: Prevent double free on error - !7713 CVE-2024-35936 - !7751 Fix CVE-2023-52698 - netfilter: nft_flow_offload: reset dst in route object after setting up flow - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() - io_uring: drop any code related to SCM_RIGHTS - io_uring/unix: drop usage of io_uring socket - !7742 netrom: Fix data-races around sysctl_net_busy_read - !7748 drm/radeon: possible buffer overflow - drm/amd/pm: fix a double-free in si_dpm_init - calipso: fix memory leak in netlbl_calipso_add_pass() - netlabel: remove unused parameter in netlbl_netlink_auditinfo() - net: netlabel: Fix kerneldoc warnings - drm/radeon: possible buffer overflow - netrom: Fix data-races around sysctl_net_busy_read - !7669 btrfs: send: handle path ref underflow in header iterate_inode_ref() - btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() - dm snapshot: fix lockup in dm_exception_table_exit - btrfs: send: handle path ref underflow in header iterate_inode_ref() - irqchip/gic-v3-its: Prevent double free on error - ip: Treat IPv4 segment's lowest address as unicast - x86/CPU/AMD: Update the Zenbleed microcode revisions - cpu/SMT: Make SMT control more robust against enumeration failures - scsi: sr: Do not leak information in ioctl- !7694 Bluetooth: af_bluetooth: Fix deadlock - !7701 ext4: fix corruption during on-line resize - !7676 sched/all: Change all BUG_ON() instances in the scheduler to WARN_ON_ONCE() - ext4: fix corruption during on-line resize - Bluetooth: af_bluetooth: Fix deadlock - !7573 pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() - sched/all: Change all BUG_ON() instances in the scheduler to WARN_ON_ONCE() - !7547 btrfs: fix information leak in btrfs_ioctl_logical_to_ino() - !7586 powerpc/imc-pmu: Add a null pointer check in update_events_in_group() - powerpc/imc-pmu: Add a null pointer check in update_events_in_group() - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() - !7477 firewire: nosy: ensure user_length is taken into account when fetching packet contents - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() - !7483 Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout - Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout - firewire: nosy: ensure user_length is taken into account when fetching packet contents - !7425 net: gtp: Fix Use-After-Free in gtp_dellink - !7434 net: openvswitch: Fix Use-After-Free in ovs_ct_exit - net: openvswitch: Fix Use-After-Free in ovs_ct_exit - net: gtp: Fix Use-After-Free in gtp_dellink - !7228 s390/zcrypt: fix reference counting on zcrypt card objects - !7193 CVE-2024-26921 - !7096 fix CVE-2024-26865 - s390/zcrypt: fix reference counting on zcrypt card objects - sk_buff: Fix KABI break for the modification of struct sk_buff - inet: inet_defrag: prevent sk release while still in use - inet: frags: re-introduce skb coalescing for local delivery - net: Fix KABI break for introducing is_skb_wmem() - skb_expand_head() adjust skb->truesize incorrectly - skbuff: introduce skb_expand_head() - tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() - tcp: Clean up kernel listener's reqsk in inet_twsk_purge()- !7194 s390/dasd: fix double module refcount decrement - !7059 nilfs2: prevent kernel bug at submit_bh_wbc() - !7163 v2 usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error - !7104 KVM: Always flush async #PF workqueue when vCPU is being destroyed - !7203 NTB: fix possible name leak in ntb_register_device() - NTB: fix possible name leak in ntb_register_device() - s390/dasd: fix double module refcount decrement - !7158 v2 Squashfs: check the inode number is not the invalid value of zero - !7181 nfs: fix UAF in direct writes - !7091 nouveau: lock the client object tree. - !7120 v2 clk: zynq: Prevent null pointer dereference caused by kmalloc failure - !7089 nilfs2: fix failure to detect DAT corruption in btree and direct mappings - !7151 v2 scsi: sd: Fix sd_do_mode_sense() buffer length handling - nfs: fix UAF in direct writes - !7033 Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" - !7079 nvmet: fix a use-after-free - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error - !7140 media: usbtv: Remove useless locks in usbtv_video_free() - Squashfs: check the inode number is not the invalid value of zero - scsi: sd: Fix sd_do_mode_sense() buffer length handling - !7137 v2 SUNRPC: fix a memleak in gss_import_v2_context - !7138 SUNRPC: fix some memleaks in gssx_dec_option_array - !7100 netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() - !7095 CVE-2024-27020 - media: usbtv: Remove useless locks in usbtv_video_free() - SUNRPC: fix some memleaks in gssx_dec_option_array - SUNRPC: fix a memleak in gss_import_v2_context - !7114 v2 backport patch for thp deferred list for 4.19 - !7034 fix CVE-2024-27001 for 4.19 - !7032 clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays - !7115 drm/radeon: add a force flush to delay work when radeon - !7055 scsi: qla2xxx: Fix command flush on cable pull - !7109 fix CVE-2024-26960 - clk: zynq: Prevent null pointer dereference caused by kmalloc failure - !6260 packet: move from strlcpy with unused retval to strscpy - drm/radeon: add a force flush to delay work when radeon - THP: avoid lock when check whether THP is in deferred list - mm/mmu_gather: limit free batch count and add schedule point in tlb_batch_pages_flush - mm, thp: do not queue fully unmapped pages for deferred split - !7046 USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command - mm: swap: fix race between free_swap_and_cache() and swapoff() - mm/swapfile.c: use __try_to_reclaim_swap() in free_swap_and_cache() - !7053 CVE-2024-27024 - KVM: Always flush async #PF workqueue when vCPU is being destroyed - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() - !6970 ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - !6995 v2 net/mlx5e: Prevent deadlock while disabling aRFS - !7038 i40e: Fix NULL ptr dereference on VSI filter sync - !7037 media: v4l2-tpg: fix some memleaks in tpg_alloc - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() - netfilter: nf_tables: __nft_expr_type_get() selects specific family type - nouveau: lock the client object tree. - nilfs2: fix failure to detect DAT corruption in btree and direct mappings - !6992 media: edia: dvbdev: fix a use-after-free - nvmet: fix a use-after-free - !7045 v2 b43: fix CVE-2023-52644 - !7017 v2 net: ath9k: fix CVE-2024-26897 - nilfs2: prevent kernel bug at submit_bh_wbc() - !7016 v3 Fix CVE-2022-48693 - !7012 clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays - scsi: qla2xxx: Fix command flush on cable pull - net/rds: fix possible cp null dereference - net/rds: fix WARNING in rds_conn_connect_if_down - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command - !6991 mac802154: fix llsec key resources release in mac802154_llsec_key_del - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled - b43: dma: Fix use true/false for bool type variable - !7005 media: ttpci: fix two memleaks in budget_av_attach - !7014 nilfs2: fix OOB in nilfs_set_de_type - !7001 fix CVE-2024-27010 - i40e: Fix NULL ptr dereference on VSI filter sync - media: v4l2-tpg: fix some memleaks in tpg_alloc - !6880 media: go7007: fix a memleak in go7007_load_encoder - comedi: vmk80xx: fix incomplete endpoint checking - Revert "tracing/trigger: Fix to return error if failed to alloc snapshot" - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays - !6984 clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays - !6893 cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - !6958 netfilter: nf_tables: fix memleak in map from abort path - !6820 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - !6940 drm: nv04: Fix out of bounds access - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete - ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet() - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe - nilfs2: fix OOB in nilfs_set_de_type - !6968 CVE-2024-26974 - clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays - !6976 nfp: flower: handle acti_netdevs allocation failure - media: ttpci: fix two memleaks in budget_av_attach - !6944 USB: core: Fix deadlock in usb_deauthorize_interface() - net/sched: fix kabi change in struct Qdisc - net/sched: Fix mirred deadlock on device recursion - !6870 scsi: mpt3sas: Fix use-after-free warning - net/mlx5e: Prevent deadlock while disabling aRFS - media: edia: dvbdev: fix a use-after-free - !6966 speakup: Avoid crash on very long word - !6963 v2 CVE-2024-27000 - mac802154: fix llsec key resources release in mac802154_llsec_key_del - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays - !6942 v2 ima: fix deadlock when traversing "ima_default_rules". - !6951 v2 spi: spi-mt65xx: Fix NULL pointer access in interrupt handler - nfp: flower: handle acti_netdevs allocation failure - ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() - crypto: qat - resolve race condition during AER recovery - crypto: qat - fix double free during reset - !6881 v4 CVE-2024-26846 - !6894 tun: limit printing rate when illegal packet received by tun dev - speakup: Avoid crash on very long word - serial: core: fix kernel-doc for uart_port_unlock_irqrestore() - serial: mxs-auart: add spinlock around changing cts state - serial: core: Provide port lock wrappers - !6883 Bluetooth: Fix TOCTOU in HCI debugfs implementation - !6856 media: dvb-frontends: avoid stack overflow warnings with clang - netfilter: nf_tables: fix memleak in map from abort path - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler - !6839 CVE-2023-52650 - !6869 v2 media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity - !6867 v2 nouveau: fix instmem race condition around ptr stores - USB: core: Fix deadlock in usb_deauthorize_interface() - !6852 serial/pmac_zilog: Remove flawed mitigation for rx irq flood - ima: fix deadlock when traversing "ima_default_rules". - drm: nv04: Fix out of bounds access - tun: limit printing rate when illegal packet received by tun dev - cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value - Bluetooth: Fix TOCTOU in HCI debugfs implementation - nvme-fc: do not wait in vain when unloading module - nvme-fc: remove err_work work item - media: go7007: fix a memleak in go7007_load_encoder - scsi: mpt3sas: Fix use-after-free warning - media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity - nouveau: fix instmem race condition around ptr stores - media: dvb-frontends: avoid stack overflow warnings with clang - serial/pmac_zilog: Remove flawed mitigation for rx irq flood - drm/tegra: dsi: Add missing check for of_find_device_by_node - s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup - packet: move from strlcpy with unused retval to strscpy- !6858 CVE-2024-26883 - !6836 fs: sysfs: Fix reference leak in sysfs_break_active_protection() - !6845 erofs: fix pcluster use-after-free on UP platforms - !6827 fat: fix uninitialized field in nostale filehandles - !6807 CVE-2024-26923 - !6847 ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - bpf: Fix stackmap overflow check on 32-bit arches - bpf: Check for integer overflow when using roundup_pow_of_two() - !6758 CVE-2022-48664 - ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() - erofs: fix pcluster use-after-free on UP platforms - fs: sysfs: Fix reference leak in sysfs_break_active_protection() - !6795 rtmutex: Add acquire semantics for rtmutex lock acquisition slow path - fat: fix uninitialized field in nostale filehandles - !6777 tun: Fix xdp_rxq_info's queue_index when detaching - !6803 scsi: target: core: Add TMF to tmr_list handling - af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). - af_unix: Fix garbage collector racing against connect() - scsi: target: core: Add TMF to tmr_list handling - !6705 quota: fix CVE-2024-26878 - rtmutex: Add acquire semantics for rtmutex lock acquisition slow path - tun: Fix xdp_rxq_info's queue_index when detaching - !6674 cifs: fix underflow in parse_server_interfaces() - !6494 v2 oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup - !6745 PCI/IOV: Improve performance of creating VFs concurrently - !6754 binder: check offset alignment in binder_get_object() - !6746 v3 openEuler-1.0-LTS: bugfix for mm - !6716 CVE-2024-26922 - btrfs: fix hang during unmount when stopping a space reclaim worker - Btrfs: fix crash during unmount due to race with delayed inode workers - binder: check offset alignment in binder_get_object() - !6652 geneve: make sure to pull inner header in geneve_rx() - mm/madvise: fix potential pte_unmap_unlock pte error - PCI/IOV: Improve performance of creating VFs concurrently - !6664 drm/bridge: adv7511: fix crash on irq during probe - !6653 net/ipv6: avoid possible UAF in ip6_route_mpath_notify() - !6510 cachefiles: fix memory leak in cachefiles_add_cache() - drm/amdgpu: validate the parameters of bo mapping operations more clearly - amdgpu: validate offset_in_bo of drm_amdgpu_gem_va - drm/amdgpu: restrict bo mapping within gpu address limits - drm/amdgpu: check alignment on CPU page for bo map - quota: Fix potential NULL pointer dereference - quota: check time limit when back out space/inode change - quota: code cleanup for __dquot_alloc_space() - !6662 sched/rt: Disallow writing invalid values to sched_rt_period_us - !6661 sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset - !6659 sched/rt: Fix sysctl_sched_rr_timeslice intial value - !6578 drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip - !6641 CVE-2024-26863 - cifs: fix underflow in parse_server_interfaces() - !6646 fix race between rebuild scheduler domains and hotplug work - drm/bridge: adv7511: fix crash on irq during probe - sched/rt: Disallow writing invalid values to sched_rt_period_us - sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset - sched/rt: Fix sysctl_sched_rr_timeslice intial value - !6642 v3 x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() - geneve: make sure to pull inner header in geneve_rx() - !6621 amdkfd: use calloc instead of kzalloc to avoid integer overflow - cpuset: fix race between rebuild scheduler domains and hotplug work - !6617 net/bnx2x: Prevent access to a freed page in page_pool - !6611 net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() - x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails - hsr: Fix uninit-value access in hsr_get_node() - net: hsr: fix placement of logical operator in a multi-line statement - !6397 btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve - !6616 drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - amdkfd: use calloc instead of kzalloc to avoid integer overflow - net/bnx2x: Prevent access to a freed page in page_pool - drm/amdgpu: Reset IH OVERFLOW_CLEAR bit - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() - !6525 v2 CVE-2024-24860 bugfix - !6478 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - !6582 ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() - !6577 media: rc: bpf attach/detach requires write permission - !6560 IB/hfi1: Fix a memleak in init_credit_return - !6420 tty: fix read of tty->pgrp outside of ctrl_lock - !6436 dm: call the resume method on internal suspend - !6562 nfc: nci: free rx_data_reassembly skb on NCI device cleanup - !6481 CVE-2024-26875 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip - media: rc: bpf attach/detach requires write permission - !6495 RDMA/srpt: Do not register event handler until srpt device is fully setup - !6457 CVE-2024-26813 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup - IB/hfi1: Fix a memleak in init_credit_return - !6517 scsi: lpfc: Fix link down processing to address NULL pointer dereference - !6521 netfilter: nf_conntrack_h323: Add protection for bmp length out of range - !6454 CVE-2021-47182 - Bluetooth: Fix atomicity violation in {min,max}_key_size_set - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - netfilter: nf_conntrack_h323: Add protection for bmp length out of range - scsi: lpfc: Fix link down processing to address NULL pointer dereference - cachefiles: fix memory leak in cachefiles_add_cache() - RDMA/srpt: Do not register event handler until srpt device is fully setup - mm: oom_kill: fix KABI broken by "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup" - oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup - sched: Allocate a new task_struct_resvd object for fork task - media: pvrusb2: fix uaf in pvr2_context_set_notify - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak - vfio/platform: Create persistent IRQ handlers - vfio/platform: Disable virqfds on cleanup - scsi: core: Fix scsi_mode_sense() buffer length handling - scsi: core: Reshuffle response handling in scsi_mode_sense() - scsi: core: Fixup calling convention for scsi_mode_sense() - dm: call the resume method on internal suspend - tty: fix read of tty->pgrp outside of ctrl_lock - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve- !6313 fixup CVE-2024-26908 - !6447 can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock - !6309 v5 ima: Avoid blocking in RCU read-side critical section - !6405 wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() - !6466 bpf: Fix hashtab overflow check on 32-bit arches - !6396 tracing/trigger: Fix to return error if failed to alloc snapshot - !6278 Bluetooth: Avoid potential use-after-free in hci_error_reset - bpf: Fix hashtab overflow check on 32-bit arches - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock - !6203 ALSA: usb-audio: fix null pointer dereference on pointer cs_desc - !6292 aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts - !6301 v2 tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() - !6266 usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - tracing/trigger: Fix to return error if failed to alloc snapshot - !6290 CVE-2024-24861 - x86/xen: Add some null pointer checking to smp.c - ima: Avoid blocking in RCU read-side critical section - !6269 scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - !6276 wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() - !6277 gtp: fix use-after-free and null-ptr-deref in gtp_newlink() - !6275 arp: Prevent overflow in arp_req_get(). - !6280 scsi: advansys: Fix kernel pointer leak - !6177 arm64/mpam: Not allowed setting 0 to cache portion bit mask - !6176 arm64/mpam: return EOPNOTSUPP when changing rmid of monitor group or resource group with monitor - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts - media: xc4000: Fix atomicity violation in xc4000_get_frequency - !6075 Fix CVE-2024-26764 - scsi: advansys: Fix kernel pointer leak - Bluetooth: Avoid potential use-after-free in hci_error_reset - gtp: fix use-after-free and null-ptr-deref in gtp_newlink() - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach - arp: Prevent overflow in arp_req_get(). - !6084 netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() - usb: typec: tipd: Remove WARN_ON in tps6598x_block_read - !6246 ubi: Check for too small LEB size in VTBL code - ubi: Check for too small LEB size in VTBL code - ALSA: usb-audio: fix null pointer dereference on pointer cs_desc - arm64/mpam: Not allowed setting 0 to cache portion bit mask - arm64/mpam: return EOPNOTSUPP when changing rmid of monitor group or resource group with monitor - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion - fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio- !6231 v2 drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() - !6083 can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) - !6160 net/sched: act_mirred: don't override retval if we already lost the skb - drm/vkms: call drm_atomic_helper_shutdown before drm_dev_put() - !6152 Fix CVE-2024-26812 - !6139 iavf: free q_vectors before queues in iavf_disable_vf - !6164 CVE-2021-47194 - !6123 xen/events: close evtchn after mapping cleanup - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type - net/sched: act_mirred: don't override retval if we already lost the skb - vfio/pci: Create persistent INTx handler - vfio: Introduce interface to flush virqfd inject workqueue - !6053 net: ip_tunnel: prevent perpetual headroom growth - !6002 KVM: s390: vsie: fix race during shadow creation - iavf: free q_vectors before queues in iavf_disable_vf - !6102 Fix CVE-2024-27437 - !6070 Fix CVE-2024-26686 - !6049 wifi: mac80211: fix race condition on enabling fast-xmit - !5916 ext4: fix double-free of blocks due to wrong extents moved_len - xen/events: close evtchn after mapping cleanup - !6099 vfio/pci: Lock external INTx masking ops - !6032 gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() - !5899 dm-crypt: don't modify the data when using authenticated encryption - vfio/pci: Disable auto-enable of exclusive INTx IRQ - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Lock external INTx masking ops - !6042 nilfs2: fix data corruption in dsync block recovery for small block sizes - !6030 Fix CVE-2024-26685 - !6015 btrfs: don't drop extent_map for free space inode on write error - !5963 btrfs: dev-replace: properly validate device names - can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) - fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats - fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() - fs/proc: do_task_stat: use __for_each_thread() - exit: Use the correct exit_code in /proc//stat - net: ip_tunnel: prevent perpetual headroom growth - wifi: mac80211: fix race condition on enabling fast-xmit - !5999 mm/swap: fix race when skipping swapcache - nilfs2: fix data corruption in dsync block recovery for small block sizes - !6019 net/sched: act_mirred: use the backlog for mirred ingress - !6010 PM / devfreq: Synchronize devfreq_monitor_[start/stop - !5846 ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() - gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() - !5994 ipv6: sr: fix possible use-after-free and null-ptr-deref - nilfs2: fix potential bug in end_buffer_async_write - nilfs2: fix buffer corruption due to concurrent device reads - !5951 RDMA/qedr: Fix qedr_create_user_qp error flow - net/sched: act_mirred: use the backlog for mirred ingress - btrfs: don't drop extent_map for free space inode on write error - PM / devfreq: Synchronize devfreq_monitor_[start/stop] - !5961 fbdev: savage: Error out if pixclock equals zero - KVM: s390: vsie: fix race during shadow creation - mm/swap: fix race when skipping swapcache - ipv6: sr: fix possible use-after-free and null-ptr-deref - !5875 v3 CVE-2024-26771 - !5926 RDMA/srpt: Support specifying the srpt_service_guid parameter - btrfs: dev-replace: properly validate device names - fbdev: savage: Error out if pixclock equals zero - !5778 ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() - RDMA/qedr: Fix qedr_create_user_qp error flow - !5830 fbdev: sis: Error out if pixclock equals zero - RDMA/srpt: Support specifying the srpt_service_guid parameter - ext4: fix double-free of blocks due to wrong extents moved_len - dm-crypt: don't modify the data when using authenticated encryption - !5807 nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() - dmaengine: ti: edma: Add some null pointer checks to the edma_probe - dmaengine: ti: edma: Fix error return code in edma_probe() - dmaengine: ti: edma: add missed operations - dmaengine: ti: edma: fix missed failure handling - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() - fbdev: sis: Error out if pixclock equals zero - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()- !5874 scsi: hisi_sas: Update disk locked timeout to 7 seconds - scsi: hisi_sas: Update disk locked timeout to 7 seconds - !5841 fixup CVE-2024-26751 - !5834 CVE-2021-47144 - ARM: ep93xx: Add terminator to gpiod_lookup_table - drm/amd/amdgpu: fix refcount leak - !5796 netfilter: nft_limit: reject configurations that cause integer overflow - netfilter: nft_limit: reject configurations that cause integer overflow - !5755 sh: push-switch: Reorder cleanup operations to avoid use-after-free bug - !5767 v5 net: fec: fix the potential memory leak in fec_enet_init() - !5718 CVE-2024-26654 - net: fec: fix the potential memory leak in fec_enet_init() - !5722 btrfs: don't abort filesystem when attempting to snapshot deleted subvolume - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug - !5727 fix CVE-2021-47101 - !5531 ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() - !5715 net: hns3: updates 2024.04.02 - !5710 v2 ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() - asix: fix wrong return value in asix_check_host_enable() - asix: fix uninit-value in asix_mdio_read() - net: asix: fix uninit value bugs - btrfs: don't abort filesystem when attempting to snapshot deleted subvolume - !5700 sr9800: Add check for usbnet_get_endpoints - !5680 USB: usbfs: Don't WARN about excessively large memory allocations - !5679 fix CVE-2023-52587 - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs - ALSA: aica: Fix a long-time build breakage - !5713 v2 tipc: wait and exit until all work queues are done - net: hns3: update hns3 version to 24.3.1 - net: hns3: fix port vlan filter not disabled problem in dynamic vlan mode - !5696 NFS: Fix an Oopsable condition in __nfs_pageio_add_request() - tipc: wait and exit until all work queues are done - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() - !5702 ext4: Validate inode pa before using preallocation blocks - !5694 tipc: skb_linearize the head skb when reassembling msgs - ext4: Validate inode pa before using preallocation blocks - !5674 mac80211: fix locking in ieee80211_start_ap error path - !5672 arm64/mpam_ctrlmon: Update ctrl group config with rdtgrp's partid - sr9800: Add check for usbnet_get_endpoints - !5528 btrfs: do not BUG_ON in link_to_fixup_dir - NFS: Fix an Oopsable condition in __nfs_pageio_add_request() - tipc: skb_linearize the head skb when reassembling msgs - !5522 md/raid5: fix atomicity violation in raid5_cache_count - USB: usbfs: Don't WARN about excessively large memory allocations - IB/ipoib: Fix mcast list locking - RDMA/IPoIB: Fix error code return in ipoib_mcast_join - mac80211: fix locking in ieee80211_start_ap error path - arm64/mpam: Allocate new partid for the created ctrl group - arm64/mpam_ctrlmon: Update ctrl group config with rdtgrp's partid - !5581 CVE-2023-52622 - !5658 v2 CVE-2021-47131 - !5645 [sync] PR-5493: arm64/mpam: Fix repeated enabling in mpam_enable() - !5559 fix CVE-2021-47173 - !5575 net: dsa: fix a crash if ->get_sset_count() fails - net/tls: Use RCU API to access tls_ctx->netdev - net/tls: Remove the context from the list in tls_device_down - tls: Fix context leak on tls_device_down - net/tls: Resolve KABI break when backport bugfix of CVE-2021-47131 - net/tls: Fix use-after-free after the TLS device goes down and up - net/tls: Replace TLS_RX_SYNC_RUNNING with RCU - !5625 i2c: i801: Don't generate an interrupt on bus reset - !5517 dm: revert partial fix for redundant bio-based IO accounting - arm64/mpam: Fix repeated enabling in mpam_enable() - !5481 jfs: fix array-index-out-of-bounds in dbAdjTree - !5572 mld: fix panic in mld_newpack() - !5565 tracing: Ensure visibility when inserting an element into tracing_map - !5571 v2 mm/mlock: return EINVAL for illegal user memory range in mlock - i2c: i801: Don't generate an interrupt on bus reset - !5587 Fix CVE-2021-47171 - !5579 mm: ksm: fix use-after-free kasan report in ksm_might_need_to_copy - !5573 Fix CVE-2021-47160 - !5564 serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - !5560 drm/amdgpu: Fix a use-after-free - net: usb: fix possible use-after-free in smsc75xx_bind - net: usb: fix memory leak in smsc75xx_bind - ext4: avoid online resizing failures due to oversized flex bg - ext4: unify the type of flexbg_size to unsigned int - ext4: remove unnecessary check from alloc_flex_gd() - mm: ksm: fix use-after-free kasan report in ksm_might_need_to_copy - !5558 net: fujitsu: fix potential null-ptr-deref - !5556 NFC: nci: fix memory leak in nci_allocate_device - net: dsa: fix a crash if ->get_sset_count() fails - net: dsa: mt7530: fix VLAN traffic leaks again - net: dsa: mt7530: fix VLAN traffic leaks - mld: fix panic in mld_newpack() - mm/mlock: return EINVAL for illegal user memory range in mlock - tracing: Ensure visibility when inserting an element into tracing_map - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' - !5552 net/smc: remove device from smcd_dev_list after failed device_add() - !5290 crypto: algif_aead - Only wake up when ctx->more is zero - !5446 keys: safe concurrent user->{session,uid}_keyring access - drm/amdgpu: Fix a use-after-free - !5550 pciehp: clear p_slot->work.data after powering off a slot - usb: misc: fix improper handling of refcount in uss720_probe() - misc/uss720: fix memory leak in uss720_probe - !5515 netfilter: nf_tables: disallow timeout for anonymous sets - !5538 netfilter: nf_tables: disallow anonymous set with timeout flag - net: fujitsu: fix potential null-ptr-deref - NFC: nci: fix memory leak in nci_allocate_device - net/smc: remove device from smcd_dev_list after failed device_add() - pciehp: clear p_slot->work.data after powering off a slot - netfilter: nf_tables: disallow anonymous set with timeout flag - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() - btrfs: do not BUG_ON in link_to_fixup_dir - md/raid5: fix atomicity violation in raid5_cache_count - dm: revert partial fix for redundant bio-based IO accounting - netfilter: nf_tables: disallow timeout for anonymous sets - jfs: fix array-index-out-of-bounds in dbAdjTree - keys: safe concurrent user->{session,uid}_keyring access - crypto: af_alg - Work around empty control messages without MSG_MORE - crypto: af_alg - Fix regression on empty requests - crypto: algif_aead - Only wake up when ctx->more is zero- !5539 spi: spi-fsl-dspi: Fix a resource leak in an error handling path - !5542 round lts patches - !5520 scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() - l2tp: pass correct message length to ip6_append_data - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg - spi: spi-fsl-dspi: Fix a resource leak in an error handling path - !5514 CVE-2021-47110 - !5497 llc: Drop support for ETH_P_TR_802_2. - !5498 llc: make llc_ui_sendmsg() more robust against bonding changes - !5490 tcp: add sanity checks to rx zerocopy - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() - x86/kvm: Do not try to disable kvmclock if it was not enabled - x86/kvm: Disable kvmclock on all CPUs on shutdown - !5502 pstore/ram: Fix crash when setting number of cpus to an odd number - !5477 Fixed CVE-2021-47112 - pstore/ram: Fix crash when setting number of cpus to an odd number - llc: make llc_ui_sendmsg() more robust against bonding changes - llc: Drop support for ETH_P_TR_802_2. - tcp: add sanity checks to rx zerocopy - !5479 jfs: fix cve-2023-52600 - !5478 jfs: fix array-index-out-of-bounds in diNewExt - !5485 nfsd: fix use-after-free due to delegation race - nfsd: fix use-after-free due to delegation race - !5281 printk: avoid deadlock in panic - jfs: fix uaf in jfs_evict_inode - JFS: fix memleak in jfs_mount - jfs: fix array-index-out-of-bounds in diNewExt - x86/kvm: Teardown PV features on boot CPU as well - !5465 wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() - !5361 btrfs: abort in rename_exchange if we fail to insert the second ref - !5254 tomoyo: fix UAF write bug in tomoyo_write_control() - !5321 UBSAN: array-index-out-of-bounds in dtSplitRoot - !5455 CVE-2021-47114 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() - !5320 jfs: fix slab-out-of-bounds Read in dtSearch - ocfs2: issue zeroout to EOF blocks - ocfs2: fix zero out valid data - ocfs2: fix data corruption by fallocate - !5374 hwrng: core - Fix page fault dead lock on mmap-ed hwrng - !5418 [sync] PR-5317: KVM: s390: fix setting of fpc register - !5272 net/smc: fix illegal rmb_desc access in SMC-D connection dump - !5274 phonet/pep: refuse to enable an unbound pipe - !5359 CVE-2021-47121 and CVE-2021-47122 - KVM: s390: fix setting of fpc register - !5358 v5 CVE-2023-52595 - !5336 binder: fix race between mmput() and do_exit() - hwrng: core - Fix page fault dead lock on mmap-ed hwrng - btrfs: abort in rename_exchange if we fail to insert the second ref - net: caif: fix memory leak in caif_device_notify - net: caif: fix memory leak in cfusbl_device_notify - net: caif: add proper error handling - net: caif: added cfserl_release function - rt2x00: Fix kabi breakage in struct rt2x00lib_ops - wifi: rt2x00: restart beacon queue when hardware reset - rt2x00: clear up IV's on key removal - rt2x00: clear IV's on start to fix AP mode regression - rt2800: add pre_reset_hw callback - rt2800: do not nullify initialization vector data - binder: fix race between mmput() and do_exit() - UBSAN: array-index-out-of-bounds in dtSplitRoot - jfs: fix slab-out-of-bounds Read in dtSearch - printk: avoid deadlock in panic - phonet/pep: refuse to enable an unbound pipe - net/smc: fix illegal rmb_desc access in SMC-D connection dump - tomoyo: fix UAF write bug in tomoyo_write_control()- !5306 FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree - !5347 s390/ptrace: handle setting of fpc register correctly - !5309 drm/msm/dpu: Add mutex lock in control vblank irq - s390/ptrace: handle setting of fpc register correctly - !5267 llc: call sock_orphan() at release time - drm/msm/dpu: Add mutex lock in control vblank irq - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree - !5241 powerpc/lib: Validate size for vector operations - !5246 ceph: fix deadlock or deadcode of misusing dget() - !5268 crypto: algif_aead - fix uninitialized ctx->init - crypto: algif_aead - fix uninitialized ctx->init - llc: call sock_orphan() at release time - !5220 powerpc/mm: Fix null-pointer dereference in pgtable_cache_add - !5196 drm: Don't unref the same fb many times by mistake due to deadlock handling - ceph: fix deadlock or deadcode of misusing dget() - powerpc/lib: Validate size for vector operations - !5210 v2 Fix CVE-2022-48629 and CVE-2022-48630 - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add - !5175 arm64/mpam: Fix use-after-free when deleting resource groups - !5163 nfc: nci: assert requested protocol is valid - !5172 CVE-2023-52502 for openEuler-1.0-LTS - crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ - crypto: qcom-rng - ensure buffer for generate is completely filled - drm: Don't unref the same fb many times by mistake due to deadlock handling - !5177 net: nfc: llcp: Add lock when modifying device list - !5157 RDMA/srp: Do not call scsi_done() from srp_abort() - net: nfc: llcp: Add lock when modifying device list - arm64/mpam: Fix use-after-free when deleting resource groups - arm64/mpam: remove kernfs_get() calls() and add kernfs_put() calls to prevent refcount leak - !5142 arm64/mpam: Expand the monitor number of the resctrl root - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() - nfc: constify several pointers to u8, char and sk_buff - nfc: nci: assert requested protocol is valid - RDMA/srp: Do not call scsi_done() from srp_abort() - arm64/mpam: Expand the monitor number of the resctrl root- !5133 CVE-2021-46926 - !5136 NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds - !5052 v3 Remove WQ_FLAG_BOOKMARK flag - !5140 linux-4.19.y inclusion(4.19.305..4.19.307) part3 - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV - NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds - ALSA: hda: intel-sdw-acpi: harden detection of controller - soundwire: intel: filter SoundWire controller device search - !5114 fix CVE-2023-52578 - !5119 crypto: scomp - fix req->dst buffer overflow - !5101 EDAC/thunderx: Fix possible out-of-bounds string access - !5094 HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect - crypto: scomp - fix req->dst buffer overflow - net: fix kabi check warning - net: Fix unwanted sign extension in netdev_stats_to_stats64() - net: bridge: use DEV_STATS_INC() - net: add atomic_long_t to net_device_stats fields - !5092 wifi: mac80211: fix potential key use-after-free - EDAC/thunderx: Fix possible out-of-bounds string access - !5095 linux-4.19.y inclusion(4.19.305..4.19.307) part 2 - !5090 drm: bridge/panel: Cleanup connector on bridge detach - !5088 uio_hv_generic: Fix a memory leak in error handling paths - !4952 scsi: qedf: Add pointer checks in qedf_update_link_speed() - !5076 v3 CVE-2021-47074 - netfilter: nft_compat: reject unused compat flag - ppp_async: limit MRU to 64K - inet: read sk->sk_family once in inet_recv_error() - bonding: remove print in bond_verify_device_path - af_unix: fix lockdep positive in sk_diag_dump_icons() - net: ipv4: fix a memleak in ip_setup_cork - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses - virtio_net: Fix Fix "‘%d’ directive writing between 1 and 11 bytes into a region of size 10" warnings - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk - SUNRPC: Fix a suspicious RCU usage warning - tcp: Add memory barrier to tcp_push() - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING - md: Whenassemble the array, consult the superblock of the freshest device - jbd2: correct the printing of write_flags in jbd2_write_superblock() - !5073 RDMA/rxe: Clear all QP fields if creation failed - !5077 RDMA/rxe: Return CQE error if invalid lkey was supplied - !5055 linux-4.19.y inclusion(4.19.305..4.19.307) part 1 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect - wifi: mac80211: fix potential key use-after-free - drm: bridge/panel: Cleanup connector on bridge detach - uio_hv_generic: Fix a memory leak in error handling paths - of: unittest: Fix of_count_phandle_with_args() expected value message - of: unittest: Fix compile in the non-dynamic case - RDMA/rxe: Return CQE error if invalid lkey was supplied - nvme-loop: fix memory leak in nvme_loop_create_ctrl() - nvme-loop: don't put ctrl on nvme_init_ctrl error - !5060 net: fix possible store tearing in neigh_periodic_work() - RDMA/rxe: Clear all QP fields if creation failed - net: fix possible store tearing in neigh_periodic_work() - of: Fix double free in of_parse_phandle_with_args_map - pmdomain: core: Move the unused cleanup to a _sync initcall - tick/sched: Preserve number of idle sleeps across CPU hotplug events - acpi: property: Let args be NULL in __acpi_node_get_property_reference - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug - ACPI: LPIT: Avoid u32 multiplication overflow - audit: Send netlink ACK before setting connection in auditd_set - crypto: scompress - return proper error code for allocation failure - crypto: af_alg - Disallow multiple in-flight AIO requests - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again - !5046 usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - sched: remove wait bookmarks - filemap: remove use of wait bookmarks - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. - !4929 scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command - !4752 block: add check that partition length needs to be aligned with block size - !4735 blk-mq: fix IO hang from sbitmap wakeup race - !3864 nvme: sanitize metadata bounce buffer for reads - !4946 NFC: st21nfca: Fix memory leak in device probe and remove - !4999 CVE-2021-46984 - !4938 crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - !4990 vt: fix memory overlapping when deleting chars in the buffer - !4978 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() - !5018 ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - !4992 bnxt_en: Fix RX consumer index logic in the error path. - !4997 Fixed CVE-2023-52504 - !4982 i2c: img-scb: fix reference leak when pm_runtime_get_sync fails - !4983 net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - !4995 mpam/mpam_ctrlmon: update monitor config with its parent's ctrl_val - !4974 arm64/mpam: set default feedback of last_cmd_status interface as null string - !4975 arm64/mpam: support resctrl fs to show mounting option - !4973 arm64/mpam: Skip updates of unrelated ctrl type - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit - !4996 soundwire: stream: fix memory leak in stream config error path - !4817 v2 io_uring: fix overflows checks in provide buffers - kyber: fix kabi broken in ->bio_merge() - kyber: fix out of bounds access when preempted - x86/alternatives: Disable KASAN in apply_alternatives() - soundwire: stream: fix memory leak in stream config error path - mpam/mpam_ctrlmon: update monitor config with its parent's ctrl_val - bnxt_en: Fix RX consumer index logic in the error path. - !4969 CVE-2021-46990 - vt: fix memory overlapping when deleting chars in the buffer - !4945 ieee802154: ca8210: Fix a potential UAF in ca8210_probe - !4944 perf/x86/lbr: Filter vsyscall addresses - !4967 i2c: xiic: fix reference leak when pm_runtime_get_sync fails - !4970 binder: fix async_free_space accounting for empty parcels - !4919 v2 HID: usbhid: fix info leak in hid_submit_ctrl - !4980 net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send - i2c: img-scb: fix reference leak when pm_runtime_get_sync fails - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg - !4949 CVE-2021-47024 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() - arm64/mpam: support resctrl fs to show mounting option - arm64/mpam: set default feedback of last_cmd_status interface as null string - arm64/mpam: Skip updates of unrelated ctrl type - binder: fix async_free_space accounting for empty parcels - powerpc/64s: Fix crashes when toggling entry flush barrier - i2c: xiic: fix reference leak when pm_runtime_get_sync fails - scsi: qedf: Add pointer checks in qedf_update_link_speed() - vsock/virtio: free queued packets when closing socket - vsock/virtio: discard packets only when socket is really closed - virtio_vsock: Fix race condition in virtio_transport_recv_pkt - NFC: st21nfca: Fix memory leak in device probe and remove - ieee802154: ca8210: Fix a potential UAF in ca8210_probe - perf/x86/lbr: Filter vsyscall addresses - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init - scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command - HID: usbhid: fix info leak in hid_submit_ctrl - io_uring: fix overflows checks in provide buffers - block: add check that partition length needs to be aligned with block size - blk-mq: fix IO hang from sbitmap wakeup race - nvme: sanitize metadata bounce buffer for reads- !4947 powerpc/64s: Fix pte update for kernel memory on radix - !4932 phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP - powerpc/64s: Fix pte update for kernel memory on radix - !4874 v2 net: openvswitch: limit the number of recursions from action sets - !4920 ARM: footbridge: remove personal server platform - !4887 KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU - !4918 v3 usb: hub: Guard against accesses to uninitialized BOS descriptors - !4936 i2c: validate user data in compat ioctl - i2c: validate user data in compat ioctl - !4898 platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - !4879 KVM: Stop looking for coalesced MMIO zones if the bus is destroyed - !4869 Fix CVE-2021-46941 - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP - !4904 i2c: sprd: fix reference leak when pm_runtime_get_sync fails - !4859 hfsplus: prevent corruption in shrinking truncate - !4877 i2c: Fix a potential use after free - ARM: footbridge: fix PCI interrupt mapping - !4888 v3 media: dvbdev: Fix memory leak in dvb_media_device_free() - usb: hub: Guard against accesses to uninitialized BOS descriptors - !4825 sched/membarrier: reduce the ability to hammer on sys_membarrier - !4882 Input: appletouch - initialize work before device registration - !4876 backport patch to fix CVE-2021-47077 - !4899 net: qualcomm: rmnet: fix global oob in rmnet_policy - i2c: sprd: fix reference leak when pm_runtime_get_sync fails - !4892 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security - !4881 i2c: cadence: fix reference leak when pm_runtime_get_sync fails - net: qualcomm: rmnet: fix global oob in rmnet_policy - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios - !4865 Input: powermate - fix use-after-free in powermate_config_complete - !4860 apparmor: avoid crash when parsed profile name is empty - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security - media: dvbdev: Fix memory leak in dvb_media_device_free() - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU - Input: appletouch - initialize work before device registration - i2c: cadence: fix reference leak when pm_runtime_get_sync fails - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed - i2c: Fix a potential use after free - ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook - net: openvswitch: limit the number of recursions from action sets - usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup - usb: dwc3: core: balance phy init and exit - usb: dwc3: core: Do core softreset when switch mode - Input: powermate - fix use-after-free in powermate_config_complete - !4856 bus: qcom: Put child node before return - apparmor: avoid crash when parsed profile name is empty - hfsplus: prevent corruption in shrinking truncate - bus: qcom: Put child node before return - !4828 Drivers: hv: vmbus: Use after free in __vmbus_open() - !4806 v2 media: pvrusb2: fix use after free on context disconnection - !4777 drivers/amd/pm: fix a use-after-free in kv_parse_power_table - !4819 v2 fix CVE-2020-36782 - !4833 openvswitch: fix stack OOB read while fragmenting IPv4 packets - !4677 f2fs: fix to avoid dirent corruption - !4804 CVE-2023-52451 backport to 4.19 v2 - openvswitch: fix stack OOB read while fragmenting IPv4 packets - Drivers: hv: vmbus: Use after free in __vmbus_open() - !4778 v3 Revert "memcg: fix a UAF problem in drain_all_stock()" - sched/membarrier: reduce the ability to hammer on sys_membarrier - i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails - PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter - !4812 parisc: Clear stale IIR value on instruction access rights trap - parisc: Clear stale IIR value on instruction access rights trap - media: pvrusb2: fix use after free on context disconnection - powerpc/pseries/memhp: Fix access beyond end of drmem array - powerpc/pseries/memhotplug: Quieten some DLPAR operations - !4758 binder: signal epoll threads of self-work - !4746 KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - Revert "memcg: fix a UAF problem in drain_all_stock()" - drivers/amd/pm: fix a use-after-free in kv_parse_power_table - !4751 [sync] PR-4623: i2c: Optimized the value setting of maxwrite limit to fifo depth - 1 - !4707 mtd: Fix gluebi NULL pointer dereference caused by ftl notifier - !4686 mlxsw: spectrum_acl_tcam: Fix stack corruption - binder: signal epoll threads of self-work - !4710 CVE-2021-46904 for openEuler1.0 - i2c: hisi: Add clearing tx aempty interrupt operation - i2c: hisi: Optimized the value setting of maxwrite limit to fifo depth - 1 - !4671 uio: Fix use-after-free in uio_open - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - net: hso: fix NULL-deref on disconnect regression - net: hso: fix null-ptr-deref during tty device unregistration - usb: hso: check for return value in hso_serial_common_create() - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier - mlxsw: spectrum_acl_tcam: Fix stack corruption - f2fs: fix to avoid dirent corruption - uio: Fix use-after-free in uio_open- !4701 v2 mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path - !4684 v3 CVE-2023-52435 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path - net: Fix compile warning in skb_segment() - net: prevent mss overflow in skb_segment() - !4643 f2fs: explicitly null-terminate the xattr list - f2fs: explicitly null-terminate the xattr list- !4601 v2 xen-netback: don't produce zero-size SKB frags - xen-netback: don't produce zero-size SKB frags - !4583 net: hns3: fix a bug and modify the hns3 driver version - net: hns3: update hns3 version to 24.2.1 - net: hns3: fix tm port shapping of fibre port is incorrect after driver initialization - !4552 v4 CVE-2023-52340 - !4526 v2 fs:/dcache.c: fix negative dentry flag warning in dentry_free - ipv6: fix kabi broken in struct dst_ops - ipv6: Document that max_size sysctl is deprecated - ipv6: remove max_size check inline with ipv4 - !4538 fix kprobe reenter bug - arm64/openeuler_defconfig: add not set config to fix compiling error - tracing/kprobes: Do the notrace functions check without kprobes on ftrace - fs:/dcache.c: fix negative dentry flag warning in dentry_free- !4524 fix spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected- !4454 netfilter: nf_tables: reject QUEUE/DROP verdict parameters - netfilter: nf_tables: reject QUEUE/DROP verdict parameters - !4411 v2 drm/atomic: Fix potential use-after-free in nonblocking commits - !4412 v3 Save and restore msg_namelen in sock_sendmsg - net: Save and restore msg_namelen in sock_sendmsg - net: prevent rewrite of msg_name in sock_sendmsg() - !4399 net: dst: Optimized route gc - drm/atomic: Fix potential use-after-free in nonblocking commits - !4392 linux-4.19.y inclusion - !4369 mm/filemap: avoid buffered read/write race to read inconsistent data - net/dst: use a smaller percpu_counter batch for dst entries accounting - net: add a route cache full diagnostic message - net: check dev->gso_max_size in gso_features_check() - net: warn if gso_type isn't set for a GSO SKB - mm: fix unmap_mapping_range high bits shift bug - x86/alternatives: Sync core before enabling interrupts - mm/filemap: avoid buffered read/write race to read inconsistent data - !4360 net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve - !4320 io_uring/af_unix: disable sending io_uring over sockets - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve - io_uring/af_unix: disable sending io_uring over sockets- !4277 fs:/dcache.c: fix negative dentry limit not complete problem - !4288 net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - !4299 smb: client: fix NULL deref in asn1_ber_decoder() - smb: client: fix NULL deref in asn1_ber_decoder() - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - !4228 fix spinlock already unlocked in inet_csk_reqsk_queue_add' bug - fs:/dcache.c: fix negative dentry limit not complete problem - !4235 nfc: nci: fix possible NULL pointer dereference in send_acknowledge() - !4255 drm/amdgpu: Fix potential fence use-after-free v2 - !4209 dhugetlb: skip unexpected migration - drm/amdgpu: Fix potential fence use-after-free v2 - !4231 crypto: hisilicon/qm - drop unnecessary IS_ENABLE(CONFIG_NUMA) check - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() - crypto: hisilicon/qm - drop unnecessary IS_ENABLE(CONFIG_NUMA) check - ipv6: init the accept_queue's spinlocks in inet6_create - tcp: make sure init the accept_queue's spinlocks once - !4212 netlink: fix potential sleeping issue in mqueue_flush_file - netlink: fix potential sleeping issue in mqueue_flush_file - dhugetlb: skip unexpected migration - dhugetlb: introduce page_belong_to_dynamic_hugetlb() function - !3944 time: Handle negative seconds correctly in timespec64_to_ns() - !3943 timerqueue: Use rb_entry_safe() in timerqueue_getnext() - !3942 efi/x86: Map the entire EFI vendor string before copying it - !4166 sched/fair: Fix qos_timer deadlock when cpuhp offline - sched/fair: Fix qos_timer deadlock when cpuhp offline - !4137 sctp: fix potential deadlock on &net->sctp.addr_wq_lock - sctp: fix potential deadlock on &net->sctp.addr_wq_lock - time: Handle negative seconds correctly in timespec64_to_ns() - timerqueue: Use rb_entry_safe() in timerqueue_getnext() - efi/x86: Map the entire EFI vendor string before copying it- !4101 netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - !2954 spi: phytium: fix phytium_spi_irq panic on boot - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval() - !4067 fix CVE-2022-48619 - !4080 rtnetlink: Reject negative ifindexes in RTM_NEWLINK - rtnetlink: Reject negative ifindexes in RTM_NEWLINK - Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" - !4065 smb: client: fix OOB in receive_encrypted_standard() - !4021 netfilter: nf_tables: Reject tables of unsupported family - Input: add bounds checking to input_set_capability() - smb: client: fix OOB in receive_encrypted_standard() - !4039 crypto: hisilicon/qm: fix several issues - !4025 crypto: hisilicon - replace 'smp_processor_id' with the raw version of the macro - !3980 vhost: use kzalloc() instead of kmalloc() followed by memset() - crypto: hisilicon/qm: fix several issues - crypto: hisilicon - replace 'smp_processor_id' with the raw version of the macro - netfilter: nf_tables: Reject tables of unsupported family - vhost: use kzalloc() instead of kmalloc() followed by memset() - spi: phytium: fix phytium_spi_irq panic on boot- !4006 crypto: hisilicon/sec2: fix memory use-after-free issue - crypto: hisilicon/sec2: fix memory use-after-free issue - !3923 net: bridge: multicast: fix UAF of net_bridge - net: bridge: multicast: fix UAF of net_bridge- !3768 iomap: add support to track dirty state of sub pages - !3845 netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - !3847 nvmet: nul-terminate the NQNs passed in the connect command - !3863 linux-4.19.y inclusion(4.19.299..4.19.303) part2 - team: Fix use-after-free when an option instance allocation fails - packet: Move reference count in packet_sock to atomic_long_t - tcp: do not accept ACK of bytes we never sent - ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() - ipv6: fix potential NULL deref in fib6_add() - ipv4: Correct/silence an endian warning in __ip_do_redirect - net: sched: fix race condition in qdisc_graft() - macvlan: Don't propagate promisc change to lower dev in passthru - ppp: limit MRU to 64K - tty: Fix uninit-value access in ppp_sync_receive() - net: annotate data-races around sk->sk_dst_pending_confirm - net: annotate data-races around sk->sk_tx_queue_mapping - !3862 linux-4.19.y inclusion(4.19.299..4.19.303) part1 - ring-buffer: Fix memory leak of free page - arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify - asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation - Revert "PCI: acpiphp: Reassign resources on bridge if necessary" - x86/CPU/AMD: Check vendor in the AMD microcode callback - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware - audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() - audit: don't take task_lock() in audit_exe_compare() code path - nvmet: nul-terminate the NQNs passed in the connect command - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() - !3823 [sync] PR-3822: ext4: fix kernel BUG in 'ext4_write_inline_data_end()' - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' - !3803 net/sched: cbs: Fix not adding cbs instance to list - net/sched: cbs: Fix not adding cbs instance to list - !3770 ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() - ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() - iomap: add support to track dirty state of sub pages - !3757 Fix bugs from LTS patches - devcoredump: Send uevent once devcd is ready - devcoredump : Serialize devcd_del work - driver core: Release all resources during unbind before updating device links - !3716 appletalk: Fix Use-After-Free in atalk_ioctl - !3667 net/rose: Fix Use-After-Free in rose_ioctl - appletalk: Fix Use-After-Free in atalk_ioctl - net/rose: Fix Use-After-Free in rose_ioctl- !3660 atm: Fix Use-After-Free in do_vcc_ioctl - !3687 Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg - !3672 smb: client: fix potential OOB in smb2_dump_detail() - !3671 smb: client: fix OOB in smbCalcSize() - !3627 jbd2: fix soft lockup in journal_finish_inode_data_buffers() - !3189 fs: don't audit the capability check in simple_xattr_list() - smb: client: fix potential OOB in smb2_dump_detail() - smb: client: fix OOB in smbCalcSize() - !3555 net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() - atm: Fix Use-After-Free in do_vcc_ioctl - !3592 CVE-2023-35827 patchset - !3449 Fix data-races around - jbd2: fix soft lockup in journal_finish_inode_data_buffers() - ravb: Fix races between ravb_tx_timeout_work() and net related ops - ravb: Fix use-after-free issue in ravb_tx_timeout_work() - net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() - ip: Fix data-races around sysctl_ip_no_pmtu_disc. - ip: Fix data-races around sysctl_ip_fwd_update_priority. - fs: don't audit the capability check in simple_xattr_list()- !3607 Fix CVE-2023-6546 - !3606 perf/core: Fix CVE-2023-6931 - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux - tty: n_gsm: fix restart handling via CLD command - perf: Fix perf_event_validate_size() lockdep splat - perf: Fix perf_event_validate_size() - !3417 SCSI: hisi_raid: support SPxxx serial RAID/HBA controllers - !3531 Fix kernel panic occurs during ISO installation on the 20.03 SP3/SP4 - i2c: hisi: Only handle the interrupt of the driver's transfer - i2c: hisi: Only use the completion interrupt to finish the transfer - i2c: hisi: Avoid redundant interrupts - !3483 net: Remove acked SYN flag from packet in the transmit queue correctly - net: Remove acked SYN flag from packet in the transmit queue correctly - SCSI: hisi_raid: support SPxxx serial RAID/HBA controllers- !3426 Revert "hrtimers: Push pending hrtimers away from outgoing CPU earlier" - Revert "hrtimers: Push pending hrtimers away from outgoing CPU earlier" - Revert "cpu/hotplug: fix kabi breakage in enum cpuhp_state"- !3347 tun: avoid double free in tun_free_netdev - tun: avoid double free in tun_free_netdev - !3239 net: hns: fix fake link up - !3113 KVM: arm64: limit PMU version to PMUv3 for ARMv8.1 - !3281 LTS patch backport - !3122 nvme: retain split access workaround for capability reads - !3262 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. - net: fix kabi broken in struct netns_xfrm - xfrm: fix a data-race in xfrm_gen_index() - !3276 linux-4.19.y inclusion - !3263 workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() - !3267 x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs - dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. - can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() - can: dev: can_restart(): don't crash kernel if carrier is OK - can: dev: move driver related infrastructure into separate subdir - ipv6: avoid atomic fragment on GSO packets - tcp_metrics: do not create an entry from tcp_init_metrics() - tcp_metrics: properly set tp->snd_ssthresh in tcp_init_metrics() - tcp_metrics: add missing barriers on delete - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single skb - tcp: fix excessive TLP and RACK timeouts from HZ rounding - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() - ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() - ACPI: irq: Fix incorrect return value in acpi_register_gsi() - ext4: move 'ix' sanity check to corrent position - vfs: fix readahead(2) on block devices - overlayfs: set ctime when setting mtime and atime - quota: Fix slow quotaoff - mcb: remove is_added flag from mcb_device struct - sched,idle,rcu: Push rcu_idle deeper into the idle path - cgroup: Remove duplicates in cgroup v1 tasks file - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() - icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr. - net: hns: update hns version to 23.12.1 - net: hns: fix fake link up on xge port - !3021 fix CFS bandwidth vs. hrtimer self deadlock - !3202 regmap: fix NULL deref on lookup - regmap: fix NULL deref on lookup - KVM: arm64: limit PMU version to PMUv3 for ARMv8.1 - arm64: cpufeature: Extract capped perfmon fields - nvme: retain split access workaround for capability reads - cpu/hotplug: fix kabi breakage in enum cpuhp_state - hrtimers: Push pending hrtimers away from outgoing CPU earlier- !3158 mm: don't let userspace spam allocations warnings - mm: don't let userspace spam allocations warnings - !2781 cpufreq: Abort show()/store() for half-initialized policies - !3118 sched: smart grid: check is active in affinity timer - sched: smart grid: check is active in affinity timer - !2977 Backport crypto bugfix - !3071 perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled - perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled - !3038 ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - !3031 x86/mce/amd: Publish the bank pointer only after setup has succeeded - !3030 x86/mce/inject: Fix a wrong assignment of i_mce.status - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet - x86/mce/amd: Publish the bank pointer only after setup has succeeded - x86/mce/inject: Fix a wrong assignment of i_mce.status - crypto: fix kabi broken in struct crypto_instance - crypto: api - Use work queue in crypto_destroy_instance - cpufreq: make interface functions and lock holding state clear - cpufreq: Abort show()/store() for half-initialized policies- bug fix for enfs, when diconnect many sockets io is hang- arm64: cpufeature: Extract capped perfmon fields - KVM: arm64: limit PMU version to PMUv3 for ARMv8.1- !3000 [openEuler-1.0-LTS] add Phytium drivers CONFIG - arm64: config: add config for Phytium drivers - !2908 mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page() - !2869 mm, memory_hotplug: update pcp lists everytime onlining a memory block - !2805 sched/fair: Refill bandwidth before scaling - !2804 signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal - !2960 Add script to check & update openeuler_defconfig - config: update openeuler_defconfig for arm64 - config: update openeuler_defconfig for x86 - kconfig: Add script to check & update openeuler_defconfig - kbuild: ensure full rebuild when the compiler is updated - mm/migrate.c: fix potential indeterminate pte entry in migrate_vma_insert_page() - mm, memory_hotplug: update pcp lists everytime onlining a memory block - sched/fair: Refill bandwidth before scaling - signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal- Revert "genirq: Increase the number of IRQ descriptors"- crypto: hisilicon - Add value profile support for kernel- !1935 [openEuler-1.0-LTS] Add Phytium optee driver support - !2895 netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one - !2873 Fix SAS start error with maxcpus=1 - genirq: Take the proposed affinity at face value if force==true - optee: add phytium optee driver - optee: model OP-TEE as a platform device/driver - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one - irqchip/gic-v3: Always trust the managed affinity provided by the core code - genirq: Always limit the affinity to online CPUs - genirq/msi: Shutdown managed interrupts with unsatifiable affinities - !2508 [openEuler-1.0-LTS] jpeg: Add a Phytium JPEG Engine driver - !2522 [openEuler-1.0-LTS] Add support for Phytium SoC RNG - !2877 Revert "tcp: fix delayed ACKs for MSS boundary condition" - !2693 [openEuler-1.0-LTS] Add support for Phytium QSPI - !2402 [openEuler-1.0-LTS] Add Phytium w1 driver support - !2403 [openEuler-1.0-LTS] Add Phytium adc driver support - !1874 [openEuler-1.0-LTS] Add Phytium mailbox driver support - !2024 [openEuler-1.0-LTS] Add Phytium RTC driver support - !2682 [openEuler-1.0-LTS] Add support for Phytium MMC - !2671 [openEuler-1.0-LTS] phytium dwmac net driver - !2676 [openEuler-1.0-LTS] Add Phytium gpio driver support - !2604 [openEuler-1.0-LTS] Add support for Phytium SPI - !2540 [openEuler-1.0-LTS] Driver for the Phytium keypad port. - Revert "tcp: fix delayed ACKs for MSS boundary condition" - hwrng: Add support for Phytium SoC RNG - jpeg: Add a Phytium JPEG Engine driver - !2818 Fix memleak in disassociate_ctty() - !2810 drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c - drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c - rtc: add phytium rtc driver document - rtc: add rtc drivers for Phytium SOCs - gpio: add phytium gpio driver - dwmac:add phytium dwmac driver - mailbox:add phytium mailbox driver document - mailbox: add phytium mailbox driver - mmc: add phytium mmc driver DT binding docs - mmc: add support for Phytium MMC - tty: tty_jobctrl: fix pid memleak in disassociate_ctty() - Revert "tty: fix pid memleak in disassociate_ctty()" - spi: add phytium spi driver DT binding docs - spi: add phytium spi support - qspi: add phytium qspi driver DT binding docs - qspi: add support for Phytium QSPI controller - gpio: add phytium gpio driver document - dwmac:add phytium dwmac driver DT binding docs - adc: add phytium adc driver - adc: add phytium adc driver document - w1: add phytium w1 driver - w1: add phytium w1 driver document - KEYPAD: Driver for the Phytium keypad port. - KEYPAD: Document for the Phytium keypad port.- config: arm64: Enable dubugfs config of hisi sas - scsi: hisi_sas_v3_hw: Remove extra function calls for runtime pm - scsi: hisi_sas_v3_hw: Don't use PCI helper functions - scsi: hisi_sas: Check usage count only when the runtime PM status is RPM_SUSPENDING - scsi: hisi_sas: Work around build failure in suspend function - scsi: hisi_sas: Block requests before take debugfs snapshot - scsi: hisi_sas: Add slave_destroy interface for v3 hw - scsi: hisi_sas: Configure the initialization registers according to HBA model - scsi: hisi_sas: Increase debugfs_dump_index after dump is completed - scsi: hisi_sas: Ensure all enabled PHYs up during controller reset - scsi: hisi_sas: Exit suspending state when usage count is greater than 0 - scsi: hisi_sas: Set a port invalid only if there are no devices attached when refreshing port id - Revert "scsi: hisi_sas: Disable SATA disk phy for severe I_T nexus reset failure" - scsi: hisi_sas: Disable-SATA-disk-phy-for-severe-I_T-nexus reset failure - scsi: hisi_sas: Use abort task set to reset SAS disks when discovered - scsi: hisi_sas: Undo RPM resume for failed notify phy event for v3 HW - scsi: hisi_sas: Fix rescan after deleting a disk - scsi: hisi_sas: Modify v3 HW SSP underflow error processing - scsi: hisi_sas: Fix phyup timeout on FPGA - scsi: hisi_sas: Prevent parallel controller reset and control phy command - scsi: hisi_sas: Limit users changing debugfs BIST count value - scsi: hisi_sas: Use autosuspend for the host controller - scsi: hisi_sas: Keep controller active between ISR of phyup and the event being processed - scsi: hisi_sas: Add more logs for runtime suspend/resume - scsi: hisi_sas: Wait for phyup in hisi_sas_control_phy() - scsi: hisi_sas: Initialise devices in .slave_alloc callback - scsi: hisi_sas: Speed up error handling when internal abort timeout occurs - scsi: hisi_sas: Reset controller for internal abort timeout - scsi: hisi_sas: Include HZ in timer macros - scsi: hisi_sas: Run I_T nexus resets in parallel for clear nexus reset - scsi: hisi_sas: Put a limit of link reset retries - scsi: hisi_sas: Print SATA device SAS address for soft reset failure - scsi: hisi_sas: Warn in v3 hw channel interrupt handler when status reg cleared - scsi: hisi_sas: Directly snapshot registers when executing a reset - scsi: hisi_sas: Call sas_unregister_ha() to roll back if .hw_init() fails - scsi: hisi_sas: Print SAS address for v3 hw erroneous completion print - scsi: hisi_sas: Add trace FIFO debugfs support - scsi: hisi_sas: Enable debugfs support by default - scsi: hisi_sas: Remove deferred probe check in hisi_sas_v2_probe() - scsi: hisi_sas: use threaded irq to process CQ interrupts - scsi: hisi_sas: Remove preemptible() - scsi: hisi_sas: Move debugfs code to v3 hw driver - scsi: hisi_sas: Reduce some indirection in v3 hw driver - scsi: hisi_sas: Fix up probe error handling for v3 hw - scsi: hisi_sas: Recover PHY state according to the status before reset - scsi: hisi_sas: Add device link between SCSI devices and hisi_hba - scsi: hisi_sas: Add check for methods _PS0 and _PR0 - scsi: hisi_sas: Add controller runtime PM support for v3 hw - scsi: hisi_sas: Switch to new framework to support suspend and resume - scsi: hisi_sas: Code style cleanup - scsi: hisi_sas: Add missing newlines - scsi: hisi_sas: Add BIST support for fixed code pattern - scsi: hisi_sas: Add BIST support for phy FFE - scsi: hisi_sas: Make phy index variable name consistent - scsi: hisi_sas: Do not modify upper fields of PROG_PHY_LINK_RATE reg - scsi: hisi_sas: Modify macro name for OOB phy linkrate - scsi: hisi_sas: Remove one kerneldoc comment - scsi: hisi_sas: Do not reset phy timer to wait for stray phy up - scsi: hisi_sas: Stop returning error code from slot_complete_vX_hw() - scsi: hisi_sas: Add SAS_RAS_INTR0 to debugfs register name list - scsi: hisi_sas: Modify the commit information for DSM method - scsi: hisi_sas: Display proc_name in sysfs - scsi: hisi_sas: Fix build error without SATA_HOST - scsi: hisi_sas: Use dev_err() in read_iost_itct_cache_v3_hw() - scsi: hisi_sas: Add prints for v3 hw interrupt converge and automatic affinity - scsi: hisi_sas: Modify the file permissions of trigger_dump to write only - scsi: hisi_sas: Replace magic number when handle channel interrupt - scsi: hisi_sas: Stop converting a bool into a bool - scsi: hisi_sas: Return directly if init hardware failed - scsi: hisi_sas: Record the phy down event in debugfs - scsi: hisi_sas: Delete the debugfs folder of hisi_sas when the probe fails - scsi: hisi_sas: Add ability to have multiple debugfs dumps - scsi: hisi_sas: Add module parameter for debugfs dump count - scsi: hisi_sas: Allocate memory for multiple dumps of debugfs - scsi: hisi_sas: Add debugfs file structure for ITCT cache - scsi: hisi_sas: Add debugfs file structure for IOST cache - scsi: hisi_sas: Add debugfs file structure for ITCT - scsi: hisi_sas: Add debugfs file structure for IOST - scsi: hisi_sas: Add debugfs file structure for port - scsi: hisi_sas: Add debugfs file structure for registers - scsi: hisi_sas: Add debugfs file structure for DQ - scsi: hisi_sas: Add debugfs file structure for CQ - scsi: hisi_sas: Add timestamp for a debugfs dump - scsi: hisi_sas: Don't create debugfs dump folder twice - scsi: hisi_sas: Make three functions static - scsi: hisi_sas: fix spelling mistake "digial" -> "digital" - scsi: hisi_sas: Add hisi_sas_debugfs_alloc() to centralise allocation - scsi: hisi_sas: Remove some unused function arguments - scsi: hisi_sas: Remove redundant work declaration - scsi: hisi_sas: Remove hisi_sas_hw.slot_complete - scsi: hisi_sas: add debugfs auto-trigger for internal abort time out - scsi: hisi_sas: use devm_platform_ioremap_resource() to simplify code - scsi: hisi_sas: remove set but not used variable 'irq_value' - scsi: hisi_sas: Remove some unnecessary code - scsi: hisi_sas: Modify return type of debugfs functions - scsi: hisi_sas: Drop free_irq() when devm_request_irq() failed - scsi: hisi_sas: Drop SMP resp frame DMA mapping - scsi: hisi_sas: Drop kmap_atomic() in SMP command completion - scsi: hisi_sas: Snapshot AXI and RAS register at debugfs - scsi: hisi_sas: Snapshot HW cache of IOST and ITCT at debugfs - scsi: hisi_sas: Fix pointer usage error in show debugfs IOST/ITCT - scsi: hisi_sas: Make max IPTT count equal for all hw revisions - scsi: hisi_sas: Some misc tidy-up - scsi: hisi_sas: Use pci_irq_get_affinity() for v3 hw as experimental - scsi: hisi_sas: Fix losing directly attached disk when hot-plug - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code - scsi: hisi_sas: No need to check return value of debugfs_create functions- Backport cpu turbo patches- genirq: Increase the number of IRQ descriptors - irqchip: gic-v3: Collection table support muti pages- net: hns3: Fix unreasonable modifications caused by rollback extension ringparam parameters - net: hns3: Fix ethtool_ Ops&gen_ Improper modification of kabi changes caused by adding members in the ops structure - net: hns3: Fix Kabi issue caused by ptp introducing gettimex64() - Fallback ethtool about nla_ Modification of kabi changes caused by the addition of new associations in the policy structure - net: hns3: Fallback Ethtool's modifications to extack - net: hns3: Fallback ethtool's modification of lane - net: hns3: HNAE3 framework add support for ROH client - net: hns3: add ROH MAC type definitions and support query MAC type - net: hns3: Add configuration of TM QCN error event - net: hns3: fix return value check bug of rx copybreak - net: hns3: add netdev reset check for hns3_set_tunable() - ethtool: mark netlink family as __ro_after_init - net: hns3: add max order judgement for tx spare buffer - net: hns3: fix ethtool tx copybreak buf size indicating not aligned issue - net: hns3: fix deadlock issue when externel_lb and reset are executed together - ethtool: Fix uninitialized number of lanes - ethtool: reset lanes when lanes is omitted - ethtool: limit bitset size - ethtool: fix application of verbose no_mask bitset - net: hns3: fix for not calculating TX BD send size correctly - NIC: hns3: fix kabi - ptp: deprecate gettime64() in favor of gettimex64() - net: hns3: add support for Hisilicon ptp sync device - net: hns3: sync linux kernel hns3 wol to openeuler - net: hns3: fix pointer cast to different type for wol - net: hns3: fix the HCLGE_OPC_WOL_CFG opcode id for wol - net: hns3: fix getting supported parameter from driver in hclge_set_wol - net: hns3: add supports pfc storm detection and suppression - net: hns3: debugfs add dump dscp map info - net: hns3: support debugfs for wake on lan - net: hns3: add debugfs support for interrupt coalesce - net: hns3: delete the hclge_cmd.c and hclgevf_cmd.c - net: hns3: refactor VF cmdq init and uninit APIs with new common APIs - net: hns3: refactor PF cmdq init and uninit APIs with new common APIs - net: hns3: create common cmdq init and uninit APIs - net: hns3: refactor VF cmdq resource APIs with new common APIs - net: hns3: refactor PF cmdq resource APIs with new common APIs - net: hns3: create common cmdq resource allocate/free/query APIs - net: hns3: refactor hclgevf_cmd_send with new hclge_comm_cmd_send API - net: hns3: refactor hclge_cmd_send with new hclge_comm_cmd_send API - net: hns3: fix setting wrong tx_timeout value issue - net: hns3: refactor hclge_mac_link_status_wait for interface reuse - net: hns3: add wait until mac link down - net: hns3: fix set cpu affinity when state down - net: hns3: restore user pause configure when disable autoneg - net: hns3: add tm flush when setting tm - net: hns3: fix the imp capability bit cannot exceed 32 bits issue - net: hns3: fix GRE checksum offload issue - net: hns3: fix strncpy() not using dest-buf length as length issue - net: hns3: add support config dscp map to tc - net: hns3: refactor hclge_update_desc_vfid for extension - net:ethtool Fix the Kabi problem is caused by the new FEC callback function in ethtool_ops - net:hns3 The kabi issue is resolved when the lane members are added to the ethtool_link_ksettings structure - net: hns3: add querying fec statistics - ethtool: add FEC statistics - ethtool: fec_prepare_data() - jump to error handling - ethtool: support FEC settings over netlink - ethtool: netlink bitset handling - net: hns3: avoid mult + div op in critical data path - net: hns3: add support to query and set lane number by ethtool - ethtool: Extend link modes settings uAPI with lanes - net: hns3: Resolved the kabi change issue caused by new members in the devlink structure - The kabi issue is resolved when the rx_buf_len extension ring is used to set parameters or obtain APIs - net: hns3: Fix for the compilation problem of hclge_comm_cmd - net: hns3: remove always exist devlink pointer check - net: hns3: add support for registering devlink for VF - net: hns3: add support for registering devlink for PF - net: hns3: fix output information incomplete for dumping tx queue info with debugfs - net: hns3: fix reset timeout when enable full VF - net: hns3: modify reset delay time to avoid configuration timeout - net: hns3: add support for getting GE port lanes - net: hns3: Use the correct style for SPDX License Identifier - net: hns3: support set/get VxLAN rule of rx flow director by ethtool - net: hns3: refactor for function hclge_fd_convert_tuple - net: hns3: PF supports to set and query lane_num by sysfs - net: ethtool: add VxLAN to the NFC API - net: hns3: add extend interface support for read and write phy register - net: hns3: add support set led - net: hns3: add support set mac state - net: hns3: add support detect port wire type - net: hns3: add support PF provides customized interfaces to detect port faults. - net: hns3: add support disable nic clock - net: hns3: add support config and query serdes lane status - net: hns3: add supports configure optical module enable - net: hns3: add support query the presence of optical module - net: hns3: disbable pfc en before the reset - net: hns3: support set pfc pause trans time - net: hns3: add support query port ext information - net: hns3: add support to get/set 1d torus param - net: hns3: add supports fast reporting of faulty nodes - net: hns3: add support configuring function-level interrupt affinity - net: hns3: add support clear mac statistics - net: hns3: add support customized exception handling interfaces. - net: hns3: fix miss L3E checking for rx packet - net: hns3: support wake on lan configuration and query - net: hns3: refactor the debugfs for dumping FD tcam - net: hns3: allocate fd counter for queue bonding - net: hns3: add queue bonding mode support for VF - net: hns3: add support for queue bonding mode of flow director - net: hns3: refine the handling for VF heartbeat - net: hns3: fix setting incorrect phy link ksettings for firmware in resetting process - net: hns3: add support for external loopback test - net: hns3: net: hns3: add querying and setting fec off mode from firmware - net: hns3: add querying and setting fec llrs mode from firmware - net: hns3: add querying fec ability from firmware - net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware - net: hns3: handle empty unknown interrupt for VF - net: hns3: add support for TX push mode - net: hns3: create new set of unified hclge_comm_cmd_send APIs - net: hns3: use struct hclge_desc to replace hclgevf_desc in VF cmdq module - net: hns3: create new cmdq hardware description structure hclge_comm_hw - net: hns3: fix incorrect components info of ethtool --reset command - net: hns3: add dql info when tx timeout - net: hns3: debugfs add drop packet statistics of multicast and broadcast for igu - net: hns3: remove the way to set tx spare buf via module parameter - net: hns3: add support to set/get rx buf len via ethtool for hns3 driver - ethtool: add support to set/get rx buf len via ethtool - net: hns3: add support to set/get tx copybreak buf size via ethtool for hns3 driver - ethtool: add support to set/get tx copybreak buf size via ethtool - ethtool: set device ring sizes with RINGS_SET request - ethtool: provide ring sizes with RINGS_GET request - ethtool: helper functions for netlink interface - ethtool: introduce ethtool netlink interface - ethtool: provide link mode names as a string set - ethtool: move string arrays into common file - ethtool: move to its own directory - net: hns3: allow configure ETS bandwidth of all TCs - net: hns3: fix some mac statistics is always 0 in device version V2 - net: hns3: sync rx ring head in echo common pull - net: hns3: fix ROCE base interrupt vector initialization bug - net: hns3: add support for pf querying new interrupt resources - net: hisilicon: fix hsn3_ethtool kernel-doc warnings - net: hns3: adjust string spaces of some parameters of tx bd info in debugfs - net: hns3: add more string spaces for dumping packets number of queue info in debugfs - net: hns3: fix data endian problem of some functions of debugfs - net: hns3: add error recovery module and type for himac - net: hns3: add new ras error type for roce - net: hns3: add update ethtool advertised link modes for FIBRE port when autoneg off - net: hns3: modify functions of converting speed ability to ethtool link mode - net: hns3: add support pause/pfc durations for mac statistics - net: hns3: device specifications add number of mac statistics - net: hns3: modify mac statistics update process for compatibility - net: hns3: schedule the polling again when allocation fails - net: hns3: fix for miscalculation of rx unused desc - net: hns3: PF enable promisc for VF when mac table is overflow - net: hns3: don't rollback when destroy mqprio fail - net: hns3: fix hclge_dbg_dump_tm_pg() stack usage - xdp: Fixed an issue where the trace_mem_disconnect function cannot find the definition. - net: hns3: fix the max tx size according to user manual - net: hns3: disable sriov before unload hclge layer - net: hns3: add limit ets dwrr bandwidth cannot be 0 - net: hns3: fix always enable rx vlan filter problem after selftest - net: hns3: fix show wrong state when add existing uc mac address - net: hns3: do not allow call hns3_nic_net_open repeatedly - net: hns3: optimize the rx page reuse handling process - net: hns3: fix misuse vf id and vport id in some logs - net: hns3: make hclgevf_cmd_caps_bit_map0 and hclge_cmd_caps_bit_map0 static - net: hns3: remove unnecessary spaces - net: hns3: add some required spaces - net: hns3: clean up a type mismatch warning - net: hns3: refine function hns3_set_default_feature() - net: hns3: uniform parameter name of hclge_ptp_clean_tx_hwts() - net: hnss3: use max() to simplify code - net: hns3: refine function hclge_dbg_dump_tm_pri() - net: hns3: reconstruct function hclge_ets_validate() - net: hns3: reconstruct function hns3_self_test - net: hns3: initialize each member of structure array on a separate line - net: hns3: add required space in comment - net: hns3: remove unnecessary "static" of local variables in function - net: hns3: don't config TM DWRR twice when set ETS - net: hns3: add new function hclge_get_speed_bit() - net: hns3: refactor function hclgevf_parse_capability() - net: hns3: refactor function hclge_parse_capability() - net: hns3: uniform type of function parameter cmd - net: hns3: merge some repetitive macros - net: hns3: package new functions to simplify hclgevf_mbx_handler code - net: hns3: remove redundant param to simplify code - net: hns3: use memcpy to simplify code - net: hns3: add hns3_state_init() to do state initialization - net: hns3: add macros for mac speeds of firmware command - net: hns3: fix GRO configuration error after reset - net: hns3: fix speed unknown issue in bond 4 - net: hns3: add support ethtool extended link state - net: hns3: add header file hns3_ethtoo.h - ethtool: add two link extended substates of bad signal integrity - docs: ethtool: Add two link extended substates of bad signal integrity - net: hns3: add support for triggering reset by ethtool - net: hns3: change the method of obtaining default ptp cycle - net: hns3: fix rx VLAN offload state inconsistent issue - net: hns3: add support for FD counter in debugfs - net: hns3: Fix a memory leak in an error handling path in 'hclge_handle_error_info_log()' - net: hns3: fix different snprintf() limit - net: hns3: use bounce buffer when rx page can not be reused - net: hns3: support dma_map_sg() for multi frags skb - net: hns3: add support to query tx spare buffer size for pf - net: hns3: use tx bounce buffer for small packets - net: hns3: add priv flags support to switch limit promisc mode - net: hns3: refactor for hns3_fill_desc() function - net: hns3: minor refactor related to desc_cb handling - net: hns3: fix a double shift bug - net: hns3: add support for PTP - net: hns3: refactor dev capability and dev spec of debugfs - net: hns3: use list_move_tail instead of list_del/list_add_tail in hclgevf_main.c - net: hns3: add error handling compatibility during initialization - net: hns3: update error recovery module and type - net: hns3: add support for imp-handle ras capability - net: hns3: add the RAS compatibility adaptation solution - net: hns3: add support for handling all errors through MSI-X - net: hns3: remove now redundant logic related to HNAE3_UNKNOWN_RESET - net: hns3: add log for workqueue scheduled late - net: hns3: add scheduling logic for error handling task - net: hns3: add a separate error handling task - net: hns3: use HCLGE_VPORT_STATE_PROMISC_CHANGE to replace HCLGE_STATE_PROMISC_CHANGED - net: hns3: fix user's coalesce configuration lost issue - net: hns3: add support for configuring interrupt quantity limiting - net: hns3: clear unnecessary reset request in hclge_reset_rebuild - net: hns3: cleanup inappropriate spaces in struct hlcgevf_tqp_stats - net: hns3: Trivial spell fix in hns3 driver - net: hns3: split out hclge_tm_vport_tc_info_update() - net: hns3: split function hclge_reset_rebuild() - net: hns3: remove redundant query in hclge_config_tm_hw_err_int() - net: hns3: remove redundant blank lines - net: hns3: remove unused code of vmdq - net: hns3: add support to query device specifications - net: hns3: add phy loopback support for imp-controlled PHYs - net: hns3: add ioctl support for imp-controlled PHYs - net: hns3: add get/set pause parameters support for imp-controlled PHYs - net: hns3: add support for imp-controlled PHYs - net:hns3 Fix KABI for The dev_version & caps element is added to the hnae3_ae_dev structure. - net:hns3 Fix KABI for deletion of hnae3_unic_private_info in hnae3_handle - net:hns3 Fix KABI for ethtools->supported_coalesce_params - net: hns3: split out hclgevf_cmd_send() - net: hns3: split out hclge_cmd_send() - net: hns3: refactor out hclgevf_get_rss_tuple() - net: hns3: refactor out hclge_get_rss_tuple() - net: hns3: refactor out hclge_set_vf_vlan_common() - net: hns3: use ipv6_addr_any() helper - net: hns3: refactor out hclgevf_cmd_convert_err_code() - net: hns3: refactor out hclge_cmd_convert_err_code() - net: hns3: remove unused macro definition - net: hns3: change hclge_query_bd_num() param type - net: hns3: change hclge_parse_speed() param type - net: hns3: clean up unnecessary parentheses in macro definitions - net: hns3: remove the shaper param magic number - net: hns3: add a structure for IR shaper's parameter in hclge_shaper_para_calc() - net: hns3: add support for TX hardware checksum offload - net: hns3: initialize the message content in hclge_get_link_mode() - net: hns3: add UDP segmentation offload support - net: hns3: use capabilities queried from firmware - net: hns3: add support to query device capability - net: hns3: add device version to replace pci revision - net: hns3: remove some unused macros - net: hns3: remove some unused codes in hns3_nic_set_features() - net: hns3: fix two coding style issues in hclgevf_main.c - net: hns3: remove two unused macros in hclgevf_cmd.c - net: hns3: remove an unused macro hclge_is_csq - net: hns3: fix a print format issue in hclge_mac_mdio_config() - net: hns3: remove some unused fields in struct hclge_dev - net: hns3: remove two duplicated register macros in hclgevf_main.h - net: hns3: remove unused struct hnae3_unic_private_info - net: hns3: remove some unused fields in struct hns3_nic_priv - net: hns3: modify an incorrect type in struct hclgevf_cfg_gro_status_cmd - net: hns3: modify an incorrect type in struct hclge_cfg_gro_status_cmd - net: hns3: refactor hclge_query_bd_num_cmd_send() - net: hns3: refactor hclge_config_tso() - net: hns3: remove a duplicated printing in hclge_configure() - net: hns3: modify two uncorrect macro names - net: hns3: remove a redundant register macro definition - net/hns: Remove custom driver version in favour of global one - net: hns3: clear port base VLAN when unload PF - net: hns3: reject unsupported coalescing params - net: hns3: modify an unsuitable log in hclge_map_ring_to_vector() - net: hns3: remove unused macros - net: hns3: adjust hns3_uninit_phy()'s location in the hns3_client_uninit() - net: hns3: fix compile warning without CONFIG_RFS_ACCEL - net: hns3: Use LLDP ethertype define ETH_P_LLDP - net: hns3: return 0 and print warning when hit duplicate MAC - net: hns3: make function hclge_set_all_vf_rst() static - net: phy: Move linkmode helpers to somewhere public - net: hns3: Add unlikely for buf_num check - net: hns3: Add default irq affinity - net: hns3: Only update mac configuation when necessary - net: hns3: Fix for loopback selftest failed problem- !2803 drivers/gmjstcm: fix a dev_err() call in spi tcm device probe - !2841 drm/qxl: fix UAF on handle creation - !2785 [openEuler-1.0-LTS] SCSI: SSSRAID: Support 3SNIC 3S5XX serial RAID/HBA controllers - drm/qxl: fix UAF on handle creation - !2809 bugfix for CVE-2022-45884 - media: dvb-core: Fix use-after-free due to race at dvb_register_device() - media: media/dvb: Use kmemdup rather than duplicating its implementation - media: dvbdev: Fix memleak in dvb_register_device - drivers/gmjstcm: fix a dev_err() call in spi tcm device probe - SCSI: SSSRAID: Support 3SNIC 3S5XX serial RAID/HBA controllers- config: arm64: Build HiSilicon SPI/SFC driver as module - spi: hisi-sfc-v3xx: drop unnecessary ACPI_PTR and related ifendif protection - spi: hisi-sfc-v3xx: fix potential irq race condition - spi: hisi-sfc-v3xx: add address mode check - spi: hisi-sfc-v3xx: extend version checking compatibility - spi: hisi-sfc-v3xx: add support for IRQ mode - spi: hisi-sfc-v3xx: factor out the bit definition of interrupt register - spi: hisi-sfc-v3xx: factor out bus config and transfer functions - spi: hisi-sfc-v3xx: factor out IO modes configuration - spi: Remove CONFIG_ prefix from Kconfig select - spi: hisi-sfc-v3xx: add error check after per operation - spi: HiSilicon v3xx: Use DMI quirk to set controller buswidth override bits - spi: HiSilicon v3xx: Properly set CMD_CONFIG for Dual/Quad modes - spi: Allow SPI controller override device buswidth - spi: Add HiSilicon v3xx SPI NOR flash controller driver - spi/acpi: avoid spurious matches during slave enumeration - spi/acpi: fix incorrect ACPI parent check - spi/acpi: enumerate all SPI slaves in the namespace - driver core: platform: return -ENXIO for missing GpioInt - driver: platform: Support parsing GpioInt 0 in platform_get_irq() - spi: spi-mem: Fix build error without CONFIG_SPI_MEM - spi: spi-mem: Add SPI_MEM_NO_DATA to the spi_mem_data_dir enum - sh: Replace CONFIG_MTD_M25P80 with CONFIG_MTD_SPI_NOR in sh7757lcr_defconfig - powerpc: Drop CONFIG_MTD_M25P80 in 85xx-hw.config - m68k: Drop CONFIG_MTD_M25P80 in stmark2_defconfig - mips: Drop CONFIG_MTD_M25P80 in various defconfig files - ARM: shmobile: defconfig: Refresh config CONFIG_MTD_M25P80 for v5.4-rc1 - mtd: spi-nor: core: Fix an issue of releasing resources during read/write - mtd: spi-nor: fix kernel-doc for spi_nor::spimem - mtd: spi-nor: Pointer parameter for CR in spi_nor_read_cr() - mtd: spi-nor: Pointer parameter for FSR in spi_nor_read_fsr() - mtd: spi-nor: Pointer parameter for SR in spi_nor_read_sr() - mtd: spi-nor: Stop compare with negative in Reg Ops methods - mtd: spi-nor: Prepend spi_nor_ to all Reg Ops methods - mtd: spi-nor: Fix direction of the write_sr() transfer - mtd: spi-nor: Move m25p80 code in spi-nor.c - mtd: spi-nor: always use bounce buffer for register read/writes - mtd: spi-nor: Add support for mx25u12835f - spi: add support for octal mode I/O data transfer- !2793 handle uninitialized numa nodes gracefully. - !2789 linux-4.19.y inclusion - arch/x86/mm/numa: Do not initialize nodes twice - mm: handle uninitialized numa nodes gracefully - mm, memory_hotplug: make arch_alloc_nodedata independent on CONFIG_MEMORY_HOTPLUG - !2713 Fix netfilter conntrack - !2651 sched/membarrier: fix missing local execution of ipi_sync_rq_state() - tcp: fix delayed ACKs for MSS boundary condition - tcp: fix quick-ack counting to count actual ACKs of new data - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() - team: fix null-ptr-deref when team device type is changed - af_unix: Fix data race around sk->sk_err. - af_unix: Fix data-races around sk->sk_shutdown. - af_unix: Fix data-race around unix_tot_inflight. - af_unix: Fix data-races around user->unix_inflight. - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr - net: read sk->sk_family once in sk_mc_loop() - skbuff: skb_segment, Call zero copy functions before using skbuff frags - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU - tcp: tcp_enter_quickack_mode() should be static - net: Avoid address overwrite in kernel_connect - md/raid1: fix error: ISO C90 forbids mixed declarations - md: raid1: fix potential OOB in raid1_remove_disk() - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer - autofs: fix memory leak of waitqueues in autofs_catatonic_mode - pstore/ram: Check start of empty przs during init - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() - fs: Fix error checking for d_hash_and_lookup() - !2767 crypto: hisilicon/qm - alloc reserve buffer to set and get xqc - crypto: hisilicon/qm - alloc reserve buffer to set and get xqc - !2760 fs: lockd: avoid possible wrong NULL parameter - !2164 Net: ethernet: Support 3snic 3s9xx network card - !2605 add CONFIG_NGBE for Wangxun 1G NIC for aarch64 - !1873 [openEuler-1.0-LTS] Add Phytium hda driver support - !2564 [openEuler-1.0-LTS] Add Phytium i2c driver support - !2636 kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - fs: lockd: avoid possible wrong NULL parameter - !2754 Sync LTS patches for openEuler-1.0-LTS - !2758 crypto: hisilicon - qm obtain the mailbox config at one time - crypto: hisilicon - qm obtain the mailbox config at one time - regmap: rbtree: Fix wrong register marked as in-cache when creating new node - regmap: rbtree: Use alloc_flags for memory allocations - !2730 PCI/IOV: Add pci_sriov_numvfs_lock to support enable pci sriov concurrently - !2722 net: sched: sch_qfq: Use non-work-conserving warning handler - !2650 sched/cpuacct: Fix charge cpuacct.usage_sys - PCI/IOV: Add pci_sriov_numvfs_lock to support enable pci sriov concurrently - net: sched: sch_qfq: Use non-work-conserving warning handler - arm64: config: add CONFIG_NGBE for Wangxun 1G NIC - netfilter: conntrack: fix infinite loop on rmmod - netfilter: conntrack: do not auto-delete clash entries on reply - netfilter: conntrack: allow insertion of clashing entries - netfilter: conntrack: split resolve_clash function - netfilter: conntrack: place confirm-bit setting in a helper - netfilter: conntrack: remove two args from resolve_clash - netfilter: conntrack: tell compiler to not inline nf_ct_resolve_clash - sched/membarrier: fix missing local execution of ipi_sync_rq_state() - sched/cpuacct: Fix charge cpuacct.usage_sys - kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail - hda: add phytium hda driver - hda: add phytium hda driver document - i2c: add Phytium i2c driver - i2c: add phytium i2c driver DT binding docs - Net: ethernet: Support 3snic 3s9xx network card- Add feature for nfs client support multipath- mpam: support ACPI for MPAM 2.0- perf metricgroup: Fix find_evsel_group() event selector - perf metricgroup: Fix for metrics containing duration_time - perf metricgroup: Fix system PMU metrics - perf metricgroup: Return error code from metricgroup__add_metric_sys_event_iter() - perf vendor events arm64: Fix incorrect Hisi hip08 L3 metrics - perf test: Fix metric parsing test - perf test: Fix msan uninitialized use. - perf test: Set NULL sentinel in pmu_events table in "Parse and process metrics" test - perf expr: Allow numbers to be followed by a dot - perf expr: Test parsing of floating point numbers - perf jevents: Add support for HiSilicon PA PMU aliasing - perf jevents: Add support for HiSilicon SLLC PMU aliasing - perf jevents: Add support for HiSilicon HHA PMU aliasing - perf jevents: Add support for HiSilicon DDRC PMU aliasing - perf jevents: Add support for HiSilicon L3C PMU aliasing - perf test: Add pmu-events test for aliases of hip09 ddrc pmu - perf vendor events arm64: Revise hip08 uncore events - perf test: Verify more event members in pmu-events test - perf jevents: Support ConfigCode - perf parse-events: Set numeric term config - perf test: Add pmu-events sys event support - perf jevents: Print SoC name per system event table - perf pmu: Make pmu_add_sys_aliases() public - perf test: Add more pmu-events uncore aliases - perf test: Re-add pmu-event uncore PMU alias test - perf pmu: Check .is_uncore field in pmu_add_cpu_aliases_map() - perf test: Test pmu-events core aliases separately - perf test: Factor out pmu-events alias comparison - perf test: Declare pmu-events test events separately - perf jevents: Relocate test events to cpu folder - perf test: Factor out pmu-events event comparison - perf jevents: Make build dependency on test JSONs - perf pmu: Save pmu name - perf pmu: Simplify arguments of __perf_pmu__new_alias - perf pmu: Add alias match method to fit pmu_name of HiSilicon DDRC - perf pmu: Fix alias matching - perf tools: Fix pattern matching for same substring in different PMU type - perf jevents: Add test for arch std events - perf metricgroup: Support adding metrics for system PMUs - perf metricgroup: Support printing metric groups for system PMUs - perf metricgroup: Split up metricgroup__print() - perf metricgroup: Fix metrics using aliases covering multiple PMUs - perf evlist: Change evlist__splice_list_tail() ordering - perf pmu: Add pmu_add_sys_aliases() - perf pmu: Add pmu_id() - perf jevents: Add support for system events tables - perf jevents: Add support for an extra directory level - perf jevents: Tidy error handling - perf jevents: Fix event syntax error caused by ExtSel - perf jevents: Fix getting maximum number of fds - perf jevents: Fix event code for events referencing std arch events - perf vendor events arm64: Add Hisi hip08 L3 metrics - perf vendor events arm64: Add Hisi hip08 L2 metrics - perf vendor events arm64: Add Hisi hip08 L1 metrics - perf pmu: Add pmu_events_map__find() function to find the common PMU map for the system - perf test: Handle metric reuse in pmu-events parsing test - perf metricgroup: Make find_metric() public with name change - perf metricgroup: Fix uncore metric expressions - perf test: Free formats for perf pmu parse test - perf metric: Do not free metric when failed to resolve - perf metric: Free metric when it failed to resolve - perf metric: Release expr_parse_ctx after testing - perf test: Fix memory leaks in parse-metric test - perf parse-event: Fix memory leak in evsel->unit - perf evlist: Fix cpu/thread map leak - perf metric: Fix some memory leaks - part 2 - perf metric: Fix some memory leaks - perf test: Free aliases for PMU event map aliases test - perf metricgroup: Fix typo in comment. - perf list: Do not print 'Metric Groups:' unnecessarily - perf metricgroup: Pass pmu_event structure as a parameter for arch_get_runtimeparam() - perf jevents: Add support for parsing perchip/percore events - perf jevents: Add new structure to pass json fields. - perf jevents: Make json_events() static and ditch jevents.h file - perf metric: Rename group_list to metric_list - perf metric: Rename struct egroup to metric - perf metric: Add metric group test - perf metric: Make compute_single function more precise - perf metric: Add recursion check when processing nested metrics - perf metric: Add DCache_L2 to metric parse test - perf metric: Add cache_miss_cycles to metric parse test - perf tests: Add parse metric test for frontend metric - perf tests: Add parse metric test for ipc metric - perf metric: Add events for the current list - perf metric: Compute referenced metrics - perf metric: Add referenced metrics to hash data - perf metric: Collect referenced metrics in struct metric_expr - perf metric: Collect referenced metrics in struct metric_ref_node - perf metric: Rename __metricgroup__add_metric to __add_metric - perf metric: Add add_metric function - perf metric: Add macros for iterating map events - perf metric: Add expr__del_id function - perf metric: Change expr__get_id to return struct expr_id_data - perf metric: Add expr__add_id function - perf metric: Fix memory leak in expr__add_id function - perf metric: Add 'struct expr_id_data' to keep expr value - perf metric: Rename expr__add_id() to expr__add_val() - perf pmu: Improve CPU core PMU HW event list ordering - perf pmu: List kernel supplied event aliases for arm64 - perf tools: Add test_generic_metric function - perf tools: Release metric_events rblist - perf tools: Factor out prepare_metric function - perf tools: Add metricgroup__parse_groups_test function - perf tools: Add fake_pmu to parse_group() function - perf parse: Factor out parse_groups() function - perf tests: Add another metric parsing test - perf pmu: Add a perf_pmu__fake object to use with __parse_events() - perf parse: Provide a way to pass a fake_pmu to parse_events() - perf tests: Factor check_parse_id function - perf tools: Add fake pmu support - perf tools: Fix term parsing for raw syntax - perf parse: Add 'struct parse_events_state' pointer to scanner - perf stat: Do not pass avg to generic_metric - perf tools: Allow r0x event syntax - perf parser: Add support to specify rXXX event with pmu - perf metricgroup: Remove unnecessary ',' from events - perf metricgroup: Add options to not group or merge - perf metricgroup: Remove duped metric group events - perf metricgroup: Order event groups by size - perf metricgroup: Delay events string creation - perf metricgroup: Use early return in add_metric - perf metricgroup: Always place duration_time last - perf metricgroup: Make 'evlist_used' variable a bitmap instead of array of bools - perf expr: Migrate expr ids table to a hashmap - perf test: Provide a subtest callback to ask for the reason for skipping a subtest - perf test: Improve pmu event metric testing - perf expr: Parse numbers as doubles - perf expr: Increase max other - perf expr: Allow ',' to be an other token - perf expr: Allow for unlimited escaped characters in a symbol - perf test: Test pmu-events aliases - perf pmu: Make pmu_uncore_alias_match() public - perf pmu: Add is_pmu_core() - perf test: Add pmu-events test - perf pmu: Refactor pmu_add_cpu_aliases() - perf jevents: Support test events folder - perf jevents: Add some test events - perf tests expr: Added test for runtime param in metric expression - perf metricgroups: Enhance JSON/metric infrastructure to handle "?" - perf metrictroup: Split the metricgroup__add_metric function - perf expr: Add expr_scanner_ctx object - perf expr: Add expr_ prefix for parse_ctx and parse_id - perf expr: Fix copy/paste mistake - perf expr: Fix memory leaks in metric bison - perf expr: Make expr__parse() return -1 on error - perf expr: Straighten expr__parse()/expr__find_other() interface - perf expr: Increase EXPR_MAX_OTHER to support metrics with more than 15 variables - perf expr: Move expr lexer to flex - perf expr: Add expr.c object - perf vendor events intel: Add NO_NMI_WATCHDOG metric constraint - perf metricgroup: Support metric constraint - perf util: Factor out sysctl__nmi_watchdog_enabled() - perf metricgroup: Factor out metricgroup__add_metric_weak_group() - perf jevents: Support metric constraint - perf tools: Update copy of libbpf's hashmap.c - perf tools: Sync hashmap.h with libbpf's - perf tools: Grab a copy of libbpf's hashmap - libbpf, hashmap: Fix undefined behavior in hash_bits - libbpf: Fix libbpf hashmap on (I)LP32 architectures - libbpf: Define __WORDSIZE if not available - libbpf, hashmap: Remove unused #include - libbpf: fix missing __WORDSIZE definition - perf parse-events: Fix an old style declaration - perf metricgroup: Fix printing event names of metric group with multiple events incase of overlapping events - tools bitmap: Implement bitmap_equal() operation at bitmap API - perf metricgroup: Fix printing event names of metric group with multiple events - perf list: Hide deprecated events by default - perf tools: Move ALLOC_LIST into a function - perf stat: Fix free memory access / memory leaks in metrics - perf vendor events arm64: Add some missing events for Hisi hip08 HHA PMU - perf vendor events arm64: Add some missing events for Hisi hip08 L3C PMU - perf vendor events arm64: Add some missing events for Hisi hip08 DDRC PMU - perf vendor events arm64: Fix Hisi hip08 DDRC PMU eventname - perf jevents: Add support for Hisi hip08 L3C PMU aliasing - perf jevents: Add support for Hisi hip08 HHA PMU aliasing - perf jevents: Add support for Hisi hip08 DDRC PMU aliasing - perf pmu: Support more complex PMU event aliasing - perf metricgroup: Support multiple events for metricgroup - perf metricgroup: Scale the metric result - perf pmu: Change convert_scale from static to global - perf metricgroup: Remove needless includes from metricgroup.h - perf metricgroup: Add missing list_del_init() when flushing egroups list - perf tools metric: Don't include duration_time in group - perf list: Avoid extra : for --raw metrics - perf jevents: Use nonlocal include statements in pmu-events.c - perf jevents: Remove unused variable - perf stat: Fix metrics with --no-merge - libbpf: add resizable non-thread safe internal hashmap - perf list: Output tool events - perf evsel: Support printing evsel name for 'duration_time' - perf stat: Implement duration_time as a proper event - perf stat: Revert checks for duration_time - perf stat: Implement duration_time as a proper event - perf stat: Revert checks for duration_time - perf tools: Fix legacy events symbol separator parsing - perf list: Display metric expressions for --details option - perf stat: Move 'metric_events' to 'struct perf_stat_config' - perf stat: Pass a 'struct perf_stat_config' argument to global print functions - perf stat: Pass 'struct perf_stat_config' argument to local print functions - perf stat: Add 'struct perf_stat_config' argument to perf_evlist__print_counters() - perf stat: Move STAT_RECORD out of perf_evlist__print_counters() - perf stat: Introduce perf_evlist__print_counters()- scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids- spec: fix the problem that patches are not packaged in src.rpm/bin/sh/bin/sh/bin/shcpufreq-utilscpufrequtilscpuspeedkernel-tools-libsdc-64g.compass-ci 1731484084  !"#$%csdefritpt4.19.90-2411.3.0.0303.oe2003sp41:009-0.6.p11:009-0.6.p14.19.90-2411.3.0.0303.oe2003sp44.19.90-2411.3.0.0303.oe2003sp41:009-0.6.p11:009-0.6.p11:1.5-16 0-metadata_list-compact_tlv-kernel-tools-4.19.90-2411.3.0.0303.oe2003sp4.x86_640-metadata_list-compact-kernel-tools-4.19.90-2411.3.0.0303.oe2003sp4.x86_64cpupowercentrino-decodecpupowergpio-event-mongpio-hammeriio_event_monitoriio_generic_bufferkvm_statlsgpiolsiiopowernow-k8-decodetmonturbostatx86_energy_perf_policycpupower.servicelibcpupower.so.0libcpupower.so.0.0.1kernel-toolsCOPYINGcpupower.mocpupower.mocpupower.mocpupower.mocpupower.mocpupower-frequency-info.1.gzcpupower-frequency-set.1.gzcpupower-idle-info.1.gzcpupower-idle-set.1.gzcpupower-info.1.gzcpupower-monitor.1.gzcpupower-set.1.gzcpupower.1.gzkvm_stat.1.gzturbostat.8.gzx86_energy_perf_policy.8.gz/etc/ima/digest_lists.tlv//etc/ima/digest_lists//etc/sysconfig//usr/bin//usr/lib/systemd/system//usr/lib64//usr/share/licenses//usr/share/licenses/kernel-tools//usr/share/locale/cs/LC_MESSAGES//usr/share/locale/de/LC_MESSAGES//usr/share/locale/fr/LC_MESSAGES//usr/share/locale/it/LC_MESSAGES//usr/share/locale/pt/LC_MESSAGES//usr/share/man/man1//usr/share/man/man8/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/generic-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection cpioxz2x86_64-openEuler-linux-gnu ASCII textELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=e96420ed30b4585dae02b524ba4b3fb7a8b29e16, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=ea23e6d6a8799a11c23fc1dbbf8d84603f9caa8f, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=9bec336ce9e64d2ec9cdbaf66010b2999d8d66fd, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=73c4b5146726a3036fe00257c9388b1b9b3b40b6, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=2cc0a86a689026f1eb35795043c3370003831a1e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=79636936e2cae6e38afee15633cd490aed27fcbb, for GNU/Linux 3.2.0, strippedPython script, ASCII text executableELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=4eca67b1efbfde7b7fbcd0fc430f4be970c744c5, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=452b6aa2099f223c81a2ddb6d731c48da4378564, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=0fd79a40622baaa493161266a4f207e3b4b25f5b, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=fadb957469c8e8cd8260bd2f6e32aed98c64179e, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=6a5209dc87a25f4c232ab49bbdb305612c6671b2, for GNU/Linux 3.2.0, strippedELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1cf7bb9e1e67e187c8dd4b154e378a1dfb3f02d8, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c592fa9661903040bdec5e7b7966895427823644, strippeddirectorytroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)&-.4;@MU\ R R RRRRRRRRR R RR RRRRRR R R RRRR R R RRRRR R R RRRRR R RR RRRR R R RRRRR R R RRRR R RRRRRR R RR RRRRRRRRR R R R RRRR R R R RRRPRR RR RR - :kutf-8621b372251fc5859b521f4a39e769beabeed55dbad45d5ceafdf182a4e02b32f?7zXZ !#,] b2u Q{LZ˕1 j&oТgVK 3UffWHoQ?yh'{Vj=1);o>ZB 凘:<93%Р̶OR'EUҘi\PIiV0!vcCf)k/L mՐ&X[xt[zq-dTM1'pqWU 1*#jGTqƧ'CsKwYJ.=JK_Iuh-%w';5zQ5[fyJ 3(,顿ˎ;R (wnV.Ka+4E*Ї]X{Wbxƒ7Ah5B- ;VS7m8ia"{. * 6@>gdcWOX)v(vR$~Ãs\àpOu?)H'M7׆}xݭₗ`}L_;eyNV7̠QЩ$a89X\b^y&nbShd/Z"./όBNY1WeQtCkPz0jU wlջo3ǐ|R/?8PI(+E6w'A:pev-!G֡ p*;m{bC! u>06xMZj1}{&H꒥o˼+p ?Ĥ3{9kùМ.X*O|.Ű69+$O吩 쵯xYE`6CꂺEi!krLHO oh !АCr,Gը-On`*aܞa4yH:yJXd2;T}T,A)pRt(\~_PI`x0݇>IVOdyS.\ܚy+|,f|:t$Dg D.8Yj gY|[l6lӨ8B~h( zZ'yZ4KPc4H\4iD`>)TN*5`DyU2(h{oK2[摭"',69 Gɲ#_]Kk5m~ k\ D*DlJV-ȳ0ua-ON1 uugOFf1=-OworM I^"M[D!6)w #Բ vqcS>D7xtTiȪ34f<@V5^w=8,<$hQ} z M|ð'ʛOLuwLTr fN*sao_D*ޮM蠫QyJG%x )%H =RK d#8E"M[pC$Co;AlR@\|#؈;Ip;Ny)YR Cv5Syί* rȇhrO;߹l׿3:J % X0.> !X胭$ص}!lGMXM!ux@_Z*JHe)Cv߸!)ȐFT`rR7 H<c#2[Vcj\/:~:]|"!dY ap?13%'j$k”G هU5 QXKSQsXXP2}(EߧM-غӬF^O| +sR&08`Hgcj* ʂy@0v.]PYmsF`Qa UC=2Vn9bUظf XIV|˼syOIV(Y/9*b:*#NnLMJT9䌻oS̷"Ѷb#+n\+$Jؼby[`uŸ9~KyJA[q/ۼT[Q#hZB0'ׅ&ZL[x4 ぞuܺ$6#rMOE G45B.n1D%wa ҈Q: x@;S8BmɠyP"?^V Pp>CbͽCuK kxR*nkzIOni2aJkߞnY(9ÈnI=RxY>廜P!O.alJryje6 /y(-8Gb*I|_b!e =2p qhw5C mS-p+6H~L02phh5w?v7 sņܪiW{OX@o&0j%@T zL,pn>J3B}eH```/FBԜUqJp쾂e)-"n99{}ܐށ+r9P5^=]K|7V %gUSrk5S#0tCGtω.s \^w}-T2(AIS*햻}0uf5VRr!EE#Jajq{_X~_vlv6v8WxQS7Q軜ZR}UjlIh,܅ԓ"~'DT,=v*MM0SG>]2T J`Skі",5!4 O5B[y`i$'nx%*ja76?މvk1lno5_.6Fq /.`kBڪ8&q;Pf Pt{٪tD9Ej|.̉@Sf]̐ .Hq~ 'PyUexwEOuPw6DzTs@~YFKp+@{i!rQj9BAj\2">~=Dʂĝ\CtSjjt:nqeG= ޝ''FVy𺵂~AM`ׄ6qZ?`\FM~ S:ȯV8䑭xA䖿g ~@3z۷Ws`iwHL1YkRV t2rV 4D"E=|cF+hnX@/Ђ#;jd0BylRqmSwH1WNc3ltⰕq%8?9q$&NoNȗ.3d,sO9AMr..o&=T)3ȟ{SG2hW}_PS!!tI`OdMEc8H< Wjro:Ai"R0W8˧pnBi?ПٖoڏhgMSvNJwUwg'- ?cj<ѐаKmU6>w 0SIF 0ndfX{`0e[D=c?cU%*y2gD: !o:DIg7{tG3mxPj.*9Ε/v8%PF9UjQЗ_#;ڌOBz8;i38x G`}V_RV>C` Fb t껅Y  ."w :"RR'f2c"?><,ݺ6ZuףrA&{[7܍H7z+-DRko „e?x3ȩ€e)oE:.rjMTllinC7pv'R ueP~Osmvpne 6+QCV,wrcȹ%ezLZcZdpuoo4Aٳ4#?؉\0? xg*EYuRIQiAV7.Pp@ Ġ{yg:׷r^hE6* խj-JtJ?ˎoݣoYtkĢGOvS@E>QV`:{n"_·tϑ7[,;?=H!ws%V/u(CFG2|o, ؁CEn~4F%J%rhc ?P2+n&C 4@HD6Z拀aj#H]&䢈[?~~s#LdٌgV[+hmjuyʌя/Q4udљVC>6rdQ_Z+W v]P:ލEr+V0H:KK{y)~NW\бOcAQ۟YO4V8~vPd9N #tG]94\OV|?#u3~49ӿfڕl:^;4"6۰)T>NP <"c~0+(^*yl20g[iu-a}s0~^|b K*A౾[:>c'q\v,O_9p^zMӘ3zf.5>s۽`Ff֞p%i_EuFhD{7}Vܖ~hdh7Reuۡ93Mc:b~|m%j,*cYRz2+Hs7TPx~ڨ: ,_yO'i{5<;Na3CB!iB܆e u 67ZįOCU퉈\'FyәRn}uDvݟ'1]U ۟RK: EXG{GKdf~:\sJ#];5 ІWNP2SXcН"?JX<^4H6#o!&MzM:Xr Aw5blUynI qhx&.oRs ƪlT'UU}3}&[J!ܝƖ@+M@4訐2,C&(%0R?wNQu4! ׵sKcu_ w/^Td3 P}U*5T5$y2M&|^9HNmXhadn~iD")dI)e`C JMF]k1r):"/IBrI3 cPP?x2o6QQ;s۲Fd?q 8 3L_SFGD[ ;V3ki.5LqzE1bN>%}$7y2jJ-_.0(aĝJ3T5,ZҊMtIcgfG`etQ$f\+⾊n3X=9*[\[^E{S*( i";Wb W D+2:핖ZYjRSA?s8^8pmfk߱XMZ"+)䬻zΧʻ_5Ut Mg9he4GUd H: L%e ^eV4O4b:^uRF#%[C23~H4YfM"Dzֽo~ā]] oW8ܥZr3.TfǢ]~3HrK!J^2X[=ȑj3:2EcUwA>Kz8!LDX@L(2DY@*E"5mZ]eQ?}EġⲗuMFrJW ;tcfXWP0erB6^m.nLaT^zw59'_ϼ;Wp?ճIQǝA\4F:L?ɹs#7% AnVTl~d^E?rzb|-!m 68iX[t&60 M"s g4>l)}=@(&ܑLxm#=Ȅ eFu >xحu.3 k<_CX XmeN:"Lrb ?%O"̳~%xr/roڍSҨ|[N0B YѩetY^5% t]ߋy#;\2\X6OsI`Ae0FKXaO 2,iy}>%#ף>/}5xkd­u,[=ޡm+m(L3(@0 4"*1{X[SKtaNrpNUX r ?灵KOX-z$s23u=yjN߉1E;G/3X>,]^zfSLp}`x=D>ǣPJ8nA=s#$>?=̈TGNuS][Xc1[ uS dd1O$~I㏳~7= ڲb!ﱖ=y%щA #eQUA20[$#R V)/q.baw[2d.#Jhso\_zO."]_րg󊇼2ӽߌ=D1䦒h2ù>?y ?Q:gn+eC_ /l;K,XlUJc_R} ) E6)S^,D~V#KRFbiO?Ӷ=FnfMys&ؼ": lP(bݪQt娸Ea(ީ[Shw7}c9.=WBt89Z@eͧH ѓՄr(gH|L0ZSלjnAҤ`@cD?-FM5 -r :~B ϷGu,{ڒNn2SZg;$-4z vʔcۯVN)!Z45J90-~|s'Z+;]LX~:EbYد/fq6ܣmE$~  "U6/;X;o]Vr|X?E_ eo,;٫ԽqRdcۉvZ4٭ 1͆Q\Q#}9aY!PCzYWnM9#MJm'R y=3ZN k++^7p#ǝ% p@t VC*JMMm fg8ET m:8E"kVT v voK>U3EumNK7;b?˨!̯oHS :J bbt>ׇDxJ1P= EigfS*ᨋs)$XYGlW)Bw!$z3p&Xẍ́\#h0-zA 0 u)EAWPG6Y%" ! N|*&%j3mPr_h$l^A Kiy'Q 7G<-+jJ[@(G+`whXnX[<,da'un_"]h JuJ} .U'@{vޡ$JcFu)Q#UZ!CNX3BxGx=V*{vY_"W݂㖭4שIOǯ"*Wz^4rgdxc3?ӆP[ ! _@Ʈ~~3vB)p- ^j[aou%O\H|@Lddwn8"Qjta?0Y*kf[ρ'@溣7q.b %8QQtȩǜzEh,21(u:9N3? (S7Q7;`xQegI I{.?.8繫{VAX4UV)EGJ~ 0%VYSIgC#$12u}DfAh$Cgjqty0)aN^ذl+f}mBS鵯c["+t)V j%̺B|诓",vGB֕ڙ0/YaLQ|{-1`=S[FA̙5%hi.)`B6惘_% s% a, mԶB O>%^(@he׷I . >9R=PzV(x>,cta5 "hS(fr#~xwݮ ޷"`033?7גvCl`^ dž[ 0/xTޒ\Uak0ʌZ?5;yO=;BEpMxog6uצ+_ 7roh@kpLD>M7 :[QI?g Jx"\d;!cf{TFCљ6m2U,7Ҭ6RwTQMI tӹ5|>"3F`[yš/mH8gp&F %I6(4I{@HV#&r ӂR#Ő{0sN MOx$B895hIqB TisVUد7]SƓ|aߧQnb -ϰ:Oh/O0+Z:()]H^ug;<0Rf )=^k+h/HvY@tqݥSR r'}JnoTb9"hFMAw(7,F&Oj}ʯGԻ֭zܑZWt;;றPB@?t!]Pqex З&9wQ!:r㾃y~¡b:l3Fv?r.FE2i.!>ȋt Mmf8 gS(GtJ}_B4[X[[F("ry5a,FݤЏYŵHfAiCwVS(IBj>zd !,0arvp8W.s\C̨),b0ok;-ɪ!DeKA 9FuMCzZ62UO~d}/K4 EJ_ XKbD <2G/Vyӎrz,Sw۽;FQaA|,+MdU04F+ZiMC5t$3?20_[mBHzdXJ+Kf?ct÷uJ`'K|JncӼyʿ8<2BF[ ,D%ʋ-S~ྪKhl$̓EKe.qS?؜]Jݼ=HD$*|kH**'Ju T XSQD2pז-J?۶PE4$%ZҺ4thy'`SH5)C"KJN) Ɗ,^ 1l,L`AJR05A9MxJuMO'_U<4/h7g-_{V8cSe$&z\gTa哈scx9roJ!v\D7N1; bm[6uf3 դ~9bHJ/yRv3(EEB2 u!~L!Pn ݵQS%*mRC2AP>]O l޴_i__,b"\p~0 =;iղA_+K0 (^/ochΜP5Z.8LǓb& f,"mr.[;L3+2|8t%=-#,{6 n8pXyx_cK V>bE>0 "%Li&n i"~{AE?3}v;EƃwK0} ]߃%n1tu9 g3꾫Y\͞У=J h"۳; hd\ߧ:LBSeⅺ%,o^řD3Q2ړTcf4jh+%D~2Q WlWVC IlCu.M5^4`LAow";+i)U3  i10QN@WDW>5ӧ$߭a6ۘY87]BbeT)[@ GrZ.6j(:FQb̫8DIA7=_XI5˹ݹUS &t  TDuذ~,ӈ$-lRe4huJU։σ% mU45#?nvBCdCJ<{mUQIR=3-Hɓdb/)A $TΜ+8G݀Yך7?,dQ6pxjU㈪Y2lY7*Pl41 iG}ѓ x +dޫ.Pw,E،!wU *Цg?#ߥ6<<)+.֔b{ddA4bMYgQ_N54u `F?x_~QTN{ jm~>5N}V!~umWcf*RdE$G|ٟV: ;]-Gf[ ^+pƏLYmd_:Y>jry^?+ne܃.w${nEKzئВI+Ʀ7{Mdx=rnX۟C-]OB7,raN!B%Uf7 Ar +х>&&L|t0"ô߸ G6je6DֿVo]M/դJK3L@;sMԛ#6vXgr6)`/!=۵bGt_o$u\W,1\ԹBYb,[c` ~8m*8SUJ:h߅J<:.̯ \?/^oToD=']R3~-ҦM ÞB2>Y:f¯4C.5aE?]+ݧ-eXRL1 %QM}N3͖lҁl޲F]ȁčGPOG@0FK8 FM8p& qrz><5m>4䂒U(q,22tJ~BpŦۗ C7I&I[a ޏ\Y$U7iq~pp0,p:J?tXG/;#B6$~ԏz$+C*i;0.Hd8'LZu8|Cf-#T 3kWӰ&w\]qkhDf4l5_|t>@"0?a*z#$\,)W쟛׋H9I9}n@\ 6Vr^ P>x1[q/MDQ.wL 1 BfɕX Ds0n1pYB൷Kdɧ=#磁|Æ[Or\f,6Q*F ֊ИL C_y p 씲loƈoGnͷ7'<01k~EN3ۚwYeC jBXвANΒ;#Su*'^qi3VU_(do4 {fӧ(c!nog83C] <`4,E3(vlPBDzpo.꧔f.bngT} [KOg߯eG=f֫Y]x8 0IEr YL/_a3mZ3Eh1H%jp\߰-AAm\=]1\ȑ2#^2դO\0:2~k oJ]_7}TfMa}p;TE0U/43U^MVpc#{+zc!HNň қzՃ*CSJjp2\*u6<}uJE ՃN;`\mwH:|bbS3([ kL^l}n E qQw7KWH^m*j=_0@r1 >uEuXbMN814x!5nKv[ FBGwh;Q9$/$C٧HN=-V}Jn*qcZw4ek FgT[xD1.hؽ u,*U*C]1 tNjd(Qm2Z}nhs 3h0&sckOʶ{DO'ƺi%#[ln izJ{_*Mneh*ݥ"_,;")#N ^P`9f$+ ~KpP`Z#"^roM %pfE2\he##b-P≯',x2z8NLqzji:f-eEPhVۑt,@slzQYxI!-)kPˇҴdl7k?7|NN AW`f|D vFpۼ,K &IBwtQy sw+@S˝'e' "O}|"ֵXXfe֯ J-Lբ3ٚykD9*;y$= GYgsgUP.=|"J󅽟KtI~6RzoW'a4!3crٳ քM)y,HZC!CGY:OI2X*X{ *`매|&g|=K;=hfH vCjJGX$8yr4o|nGm<='D_:`J7дLA" aY>9Z<+n!mWPR質+E z1,c;hsJ2RI%V3sɐv\Y6lK?AR UtJq $}5aÈsʠT3rja˥ }Վy$dEͻ1W $&T2%^] (PF/U.PfsHF>3opJ~}mp٧* >wOa%7[7>tHYe tö kͨt 3kK-SJqg[~#+\ZR* )sb| yZxВ&q:mGT3rQ5O&k?`\4d-1q^*1mӊU)[g/[g,5|d?l"Ւn٧z7 #ੵ Z {¦FHGK1j_x"Ԣw2?¾_(u66㜝V+of>gZ!(ނ\<7:F^/mp(9|OL@COjvh \OmVʼ92H&gGfK?ZyWvRy} \%Pl)!x%)5aă9U'>hF{U> /Ǟų.Acڴ$a$޺uVc8 7S_n> 6'Oݛ+(/Rݗy?oa}S7e,SQ7t\|0콆tPA<YmV1/Q&~H Z bΚ!o8IZ{q@g & I>21> #/n^l1bڵ=]yl۔D8h54$ToK .nwxd8+10DNUn:e;P7ejmؕ)xaEBdLĪ!73CVr8J<1Z>*-OFoR CD:kR{M$=<q<@Y\Ƣbݸ{h%[Wn;%O}{/傦R6ΠjBfYJɹꑗ̓>U_+j 8F -heaL;>LkW>`T>d_*ۙ}p]n5R)Pu癛n: I:%j !js|)"X$ƩS\CHt7Rn(ǚ|eέ)ec bgNIREl$V5RȗR[r6:y<ωRo$V&GhCv^Ws=*–WbѪ kc3YrъMuH^DϚ=+8;1"t~( ̈́e M=td{蔯^-=uO"*~da#D>ܬ9LmjƧ{b)zh98Qe쁂jQp0^J_mzSz!GP+Ԭ7NU]ؙas-a^C/ZwޤBZ[͓3T5* ̔ X|z3V/ばaguXeztC?K۴lem'&%bDi r)w‡'w LA; tv)Y["*y@|i慢1^%aW^.R?TldK8î˜ۤY$E ) tmr Ӂc')l}rΫ5K?[ĉuIJzbY׈]u@.15fyGЙ]:_K.+MZcE+!@ 3LgCu;!շo$36LTϙRS̙*V$<ό6W*\;)ѱ' o.=+& a5ET 'ֲ; ʻli| PjFiM*yU-I#VwrK-*3tCn@"j0SO*,hULXeCr#!Waf}YS׷"a lժq\"fj#/*=C F⃢Z%߇hyŌTŦY /=Pٌ:itUW1_j{lÒkp;{ 5\@9a\7=\秮IOOAD ;X[b7=- B0LaۧG]{Iv^֨{ڠ#bW\v8Js"JV\m_;s޹iBmk߼4[@ޔй/eb-xu媓k _$JUU!/ZKvnw+MS{L㕬j9!ux3qvG&)7EtQ$#`7Cʳd{*CKA~"~OZ4S )љO(F uUvT%lūRc4f7I. R}Ua E\rҐ=|`k_CJU>} ޒm)Dy *)V2MZ]}5]u^8(i\I p=K䢔CA}sz΃AHğ mKW[mM7L$W FNvFĽ#.E)uك̀`U?vsGv]%|5I3G츍ۘ$~[aܶ9smv1~ cd&KDxpYgGpPƶ1B6l͛Wq 3˔~\KB(#hlfo>-O; 4P0%oxIHNLzFөlㆊ* tYh%B>̂oyI\Lr{ޯQt'8t @ V"=SI2Gx-'L*!'SĠeR`A"z]D|0QnƐчʴQc)8M.(۾p9iF]AO "@]ύA#u -G^nFiToy< w(Z.7EcZ@ŽY ojqUɝtW"2ok4p 6D~eOIm8ᤕ$0a<?oCxkpҖ~rko>Et>) }0]HgBK"@miޢT/AC ^ݍ7C/ ˨s@j s){lTU--Ƿ쑯{~lE4 ~J* -8 gLYRAG{L( "*ȞR a:E<6<xw^CC]k 3l"Y uQ 0%SY$ Pu3DC> P5Ľ9,B8iVl؀Z5?}p+?w_%M_nGl< pj1>|!hd:d%#5*y֍)=j3K +4BDI8YINKjԣMW&tfmDӓ{ hxqi8`?,KMBѮt*R;$@EwGq$CѺlDnF^9'T;.\ MW+KVLa?)O I=ǏMBdFas8*;T}4C+ԮlGI;.cXB-ASWeURuYB9:]~KwSl)P^3*#8GيY.Sxpa`1Jդlz|t01\,F[@YּEƲqrFYVCb6o,jo%iH&:e66Oܝ@+J1+ F_553w*)V#cj-[` Eo Ǩ%M[\94r"+O‰1NtOxFtjG3pOu7xdLJPa`b]9QY iC3n;`6+rjU%Pէ]KMIH7L[:qlqA҂C*FvCw mCvkq#lxV*P+gO!'2+Pل(k9oL+Ēn_,^#'t5T5|xspM3JW@0e}z 0|rbO~Gk7s^Sg9M _Zuv Q6P M>[Jo({5g!+9Z;rvp4=8 "2OBW6g-j1F꿈 `X?` ш ^j !+ޙϢ)9teөhV&"kQ3?.h}dw?ܗp&rvM.O93a1m _3 VʕV̝F͖^ޭRŨ`VL^%fkLO0 ]0sa@ac?l.u\ӹN=x[.}GԷD}!qtew1Nye|c \+fǢbXFi]#%S!lZ;ֳXաNA.dݫjU@$}b?h? J#N#rnCiL~:pvvc?df\c:ZhCA2eVtZ\&+ʶp# Wԫtjh^I87#A0ߥ|i馍LHgRfvМ=J L%trc 9lLufSv`І&`@P$6`^"xbSy;HY: Գ* 9z9qylπ0j[|δ H D W&R+&\-eΘUDyi+I%]Lv Qog-oVMݝ6@PWl/YH|ŲkU%/=BRl'! LQeT?e\ҏi.WBT,,t3#{f3:+3~[B(313.m X6)DGQ1%KQKDKc[.b2H>fɜo{NleMDtV -ضPmabytZ+t 3X~B8(=m k_J>&gai #ݣ: E=S@%3P<i[4 ɾfן}N^#Tp P \2(~"n$03~.i2H\OaǢPT[US"k[DNmHm^׾fUNi\з<۾e6le̞*Z#WI ^|5om/f kF0eUo@_Ӷl`ڻ )956 yZ-(GӋ#h8 mY('gk7deڀ P >3%2B~޽ec.l(' גYCGitLs0[|Q̞R>ZS?ƶ|݊!z4jd?2"Xp..м˾nQ͑1S4Wg$ef V⃮:XJG^ͫw, !)%jDha+sY9/=#yc\b.4YdtgwWw أ"7xW4km 6E 'u ,:{m CW32ii> cLoFٜ F ^E> <+. xa^}%ͳεC / ak C3fXpȧ۽?`w?c h{MtПhww+VŽ/+F:>8Ghb=ט7~Cc*e4%Otw1Cg8J:!/u?>^iNtGU2-nʉoYhoXD!1H732qa{:Hz'iפ\:eKRLDc }-.rG: 0X I-9|]p+) JYx_TjQ׵&tQVaPq3ʴ4Yk敭;&9"$Ϣ#AR or5T8Tұ [Ho,dCO,R؟ Yst 0f+-Brdh]J?䃹 ~6U6pNOCa1\j@ )[p|B OwC1L X69M.t̼H"A-9n|*79ҿz \|H;yk KǤ8٬րGPsYqvjo@`#ѸKg9$}(SxdžtDO_( ?0uάVxʀFKwǭG7W߂v+6sк{xD'a ;see%9AaN"evmY땠_з%SI'c[ ?[nK؃ԇc(/$7:46x*~h&9W ;Wޓt Ŝ.U  AϥE=M!&CͲK[9'`*\_ƵQPq~IVօKLwǩҒfYHm΄蕶X4WNԡvnq脋uꆄ0×cލLc|r5bʇg7[Grwj˄v$\>[]}B_ >/;H:r=^7[,?sfWɈ=wUxCGю҂m=A0n4w5E.QqL+s~P[ g3UX)P";k8"N,ۗyD4Gd PFzeAHu`[q< ;VųGQXQhNhuA!#3XSs EYYWOsIR>y]fuO"Yak]/c[5YeơJa,0?iA\ ud#?QsZw-DKzW3-K8T1#3-{#&ڳ}q4iJKn߆Ἀ*; 1~03Ģ9^" K3]ǫ]SW4lD P(Mu# /ע$Uɼʨ+(i,4C+(Ƌ)Z cGMb"ԫF>>knUA/`Ny\Ԃ%qG=7`e(HU_Yq`0Fikx;Ow=[?t{ y2 =K" S~^6E9?Z՝vN<2=}#Iׅ4\E\䫶D*cZ8X11y W-@-̎Fr D5.c 5/i1[yGCW@uîu<'1[Ož[lp$n([Tkɩ啑4_؇ Vҍg #4n^"𭃄80D,=Q`Pp@|K\dmu_nGFm 򯱅H2 nDQ^ s_Bw_J>Dv7$Z3g6c^|N_܌F{:_{_ ]쓷/{@/9M@IXlMǽٓ˂P7zozTrv>hfNLI՞cxX5ɨNkX$#w\"ZzT@KPeRXDcc&Jt'rF*7 {u8*QNf=2˵ s9vmipͲ~ԉR&Cэ ""Ʒ;rdMO=g 9dwd_ݱyե#t w9zS sqHK(qd2N@̋j Tyj(ݢbYIɥ'^ Z CwQLPYp Xf0\~+I P芴ϾMyϜ'sduyaxS_!!]ׅgTź2R3pě2&r2-@ˆ́ԣKRKw"2 h[R so&szg t #P؎>c#nB",a aGcz~3ǟID[k% j c"1 ͏~o!f ´wMB"?Q@kH5F5mV8Ҹd2(1 (>k8a"5>z͑-awHmS4hX0M;t{蓡;HC0~ WhE[~ҷI/>?ϧ=s. jfm5{ ÊA&|/C~L'N8n$ Si!69pE"y`/r#e0 9PP料_Dv`YmAv 6nzF+LA/ˏze+h:yw"n#,(Ƙ/~UWP٣bl8(m&f\. 2em lrP\JK'Ze6 7#I>q6Fw 0ek\F 퓛D%KHntk[|;0|uRʮ]| Z"A H "fӵAϸ]dp=Ov F8dj7; %:so|CԊF=&v A;q财D/谫y:Q5X᪂\s6j{H1o= E;r\vC3䎘ٌ3,JUcD 80Y[Dzl-0dpKmqUY_r7@Ԗ1>D[),9j,>Z 6`/7dR)MJ2Dϻ*/B?UҼȖj ͟p&iHfq6(0 f5hic<\aAW =bmP GÄϸ{%)u$3tTE]O BVtqcf.7=*@ o5_4.1:Elj2k|#GHٽTJkfm?mZ-QIaFN j0:{}9a)` Al&'Jj}墐  Hޫ:p8q4`*dt\/ 8y%#<);4xh='P&iwpdψn5D\ba_% h];cLٗf~we%NKɒk@ x՚Rqp2 'C[RykDA 3DMG0v*lz+Xnxrt @mA.4@] uo43,NVrC-TkKZ% \&W]UӛFwId p[2Ãb E!4ؕwBxfWF3o9yZnp6fxh(X}J\9|{Y:}ճ JBi)qd/M~5CrXaP`: xUXiRjEgfOorᧈl35 : ~a9E5UwG;a$M"'ÜAU EXۍ"jdyM/MwـePo4Ma!l]ϲSB;B=TuؠWM_<]2@!QEjö–L`g߰WT{ % TnUl}#[$-h1ezZ7ع P"f0]x6O7nHɜ(ӆUP9]Ȉh3o)75?bxkqŗ#aAI,sƠY"T/"o[ub{l_ 9g:J̰&1b=ċ4B0:heD"9.cA\Y7W^?pHyoZ ">|Gˌsc% en~/800M[vrYJRmĚeq;gt[&}1f[l..@ k}JaL ˝im%Ī$n0uv9j%KT`n^d >]EObUݼVD;xgm?׹);UűjE&ПVD>ޔ ؘlI8)9N69@gz?f7?lwpg^v~-TqO`):X~;: )ɅcDs aD7r #sN_'ׁJ4I4=qE v6ۉ17 FOՋb^Q}?E]vĞ~§Zb.QqRbPok`_Wp{>W뙚աb=~+*τ p 1I)uaF\w⏟VV2\kߴP5QkzKwLOh+D40 ٪̟f!^.^yWa8a0UQڇpxF4U_0y#5 .yKAlJZ0s9KHqGhN1 58Be~^5#KY_',H(?Ě.-\f ""[Rix 51Xv6 "bnj#io)v7%^n`An3k=:*C$ +ngH{9!SXxlrCrߛ(@-"sSc\BIGzh4%-çU=j 5U'%ب}K]2soQ$gz:>td櫫+y,΂"=yE \N}?[WN"0Ŭm 2農ΩW!D٢aJyo5 2wm qT/'˳GpS&'\?vU!PjV߸k3!Ѩ.Fܿ C5̒ ~Gx-*VknlA*}ɧ [REվA>jJaF^Yxa)B['uol)+h(DH!C ?Ol@Okg39a WޫÝç('慀F{XP"74n!!mG)/%ߕ c¬)"t +,e@y fCo0r%W^"K 4XP^O|v^x |R %KŤZx6ÅFQCInae7r *ݯq׆pLn &KJGG]5jxʥ˦K_1w$S%d'-O,S#X9/9UM]"̭K<˥s:z)Ik}a .vX d%r zӛƛKHӡ+=]o# K \ Hċ}*c$I. u-\~d9͹8.!;!UCl|a6E f^:fi`|Bs0 49S'qKrW,< ") G$fIҮ :6LZj;j\*`p9AF}2B*zKV8ApceA?zB.67GF7DU+c\.DUzWԬI# QnғayZ:5ҍ2jf8#FLK9FԎ6x6 H5%BQRP1 ?-Kuh"fBl7֔oczV*T? Gp<< xʻ`R, $.:՟N Qmx0 @t cuyM/ a0/J ^F 3#na yq)3ư]ޝ&1q.lU~o-? xu~N>r$")6CHn.. vt;QaŅa˷}gےt$ n9tѦYخQ 3K 0Ai39I( M#NRh8a 򋝧\Jzr"STJ#5ƅ P/}HJ"L %P6E thd{(^j ~&Ң 7."/̓?4D`'ʇAV4} @ PvWTY{-.*z~nó^}d}ٮީ?FIcA N/?X]ؿd%Kf<#rco=oLkqu(PF-џ¢ɸ8S{^R]c,vAop -z#P=B^vCp+4t\ƀ_8I>j" ըk<^ޟcۀdu$ Wv5Pj7kWJsqñա`|hZ˴3&QAYj(?*¸@q,Wpɟ§ȍ|*V +Gs5jc92Qх+}tIgҘ$,KOF}RL*|sS4yԝRԪ@qZV |S9ErPz(t6%[[Bke.@kb#`Ɣ9|.6^WkȄx@pnpCLoIؾ {Q%g9nhk3,u*Q]+˰`9Txۦ=)|1~2$QfiV5e˷d$8Cs|6/jZ$ec7#= z O:e*"\3RCǞm:~:AYW pK|Z\d+$Wxp,*0ha3(=^so {`;OYĪ7[}MP" jx-«v sX*2t"ϡ(SFgf[_hvXY cBQRpo -@_.Ll X'᜘HxBYSr"~)Y8{/2kST.p5RSf-كlMb˛:/9Fxb #Fɪᰆi΅n DWNrqL{8?s[.CC9E,|>s85?Z6  #v 㷬X;r헆QPj7Ï7 3V~p5zIr@c" J*nBlQ ԅZ le>YiMGThl 4Q=)jdZSo |I@5tHӱ1j+r3Mr^|Bso^X~+_.c$Rܫ3;ncNXENĦ^yt)unpݖQ(<4<"c`3s7|6ډZ )ʕS:Yv"adfw(]:t2zp+"ZVP ?)ȁ+"4yAdA .^^ӝG [ss|$POJZ{?ݹU0b.EdB8Jt?3Oz8ZIpR5C!3Ï=صYEg:(t]u gFQ+*ZN^<GӲsX V9ty Յnh:O4u!aw>si\.-[JA s 3foBFd2u"olB]op.{΀ܓe#{ĉ݀Rl,$U>,4dR ץr![= M 0`2)Nh8uZrV2AY92fW#hڨWYr ?(^tNĊ"%ϣr!kus$].a"@0 )2Ţ%Iy}̥:YX_DGܱst]N"]³c{zQi/UʨʹY~1?u]πR|6[hƹ+ȓLK~7+n0()>;mNGf_2]ըyCШS#&Z (Kv \ [yD$bcDPڄxlK,?=啵zIugj"~j>z30uCv`@wٯ2'fDҬ,+u#ýٔ=^A! r}Ki|-4ofSv*O%x:.5a)'i1u,K3QvmoGw/jf!Jie/xS4 +.ClPQLB ˏ]E}2xHpBsLi#fX# W}/r?|GߩIƅr\%oW vkt|Ć嶤68SHS&mLRY=1.E:O+YW{Cu&gP "O9|֭ehz٬gS$Ҟ`\tY`/ySWɛ5<%;5*^(_yӌ֫H^@BtAlV sa-Wen\@iILyj: gwJrpX-:767~ШP&R=vflc8d-y$Y̕:祽?x%`PK}Ņs_}H[sAN<ީ"IqLPL]}0 ȇOfVZՒgRC;l^ٝ楺& ]?NEi"cnSD2yP@^fkEI|o, ;ֲq\VqvDfFZm+id,@^ e[σ-6Qs BAjW:*m ZqkXQCq?no>u&][p'nzn*ַeNlg{ $+ZR .pQT{? 褤].xyWV 0$PrJb٨`2f$Ht, WOSp1pd+'~'Ba$4S1T+x׳b"]OJ2W 1xɖܬ.˟r}0bOP'ڱAARcQjy;B)19˷93!N{7$Oz# 2["Y}v Y;uA+F-o*]GFY5vk̕,{)MhO7<O GOE~&ղ^WэA¥^X](4N\: YP7цdLQ$8!tF=7o5kM__H.a*fA3Yΐ+VDvZgEJKH*g:Y3^CDi ؘv6$>w}l2QkŒp}~ȋg:M̤9t\ ]q 4q&MkO- "gSy,[53s޽,m!pPnWqOt͏{qc#]h?lى`/Ձh}0ܾX(o  ZU}/G*N=i>N=0.t ֘?"{d9KSĵpHu(}=:S$X1o3XL1y+5уNS 7jY1jykB26X-C>o4Zk\Sd}ӭw(C8jqQlӑ< р-rLZ%wT]ad1jŇN:?xH:PmImPN8? ҐHtK"p7z|JaaO`G+b"$nHznzec`rG; 9LI& M`+L ūgtII[Z< "n/d7U`fȎX]yp"sqA7}$lҠe.w2|Ћ@! Lf(@IA)g Ifлd6Z>-HE'Onf㦳&ƾn4)Apdg]OCqHP.(SKsW꽭t_X$QH`p1kcP1f Hh`" w 97GX 1iugy^'G UA##Znƈ/*Qi]&>q7{ɛhDB;0{+je @Kp8x;Ie w'ϵ/_[>3h'5 ,uxRaD;ϯ3Ydg&8)#9rvt1yeʎKe5YpW3 2I=KruWơoZYWp}OQjVc{MBqqsQ! idwruatL^}%2U?~ ?z%P@%sndGM|&#9#ۇw%< PeKSHC%v53*H(-TơvRWO8ؘI"2VuGPIRY:Aǵy2H~7hVOCQ6e?#N[$<,]qf䴥 0S(otlgTP ]MVhmȐM=PgJt5&9x\\cv2O}I<)8ԒftPvkG6C8qU N1L&̾@u;Q;Kvj"79+ᰩEwYf!s jf0ELerk9J!Ia)8b-UUxW^n'%>R7N+Ou$² |Xu!C9NZvT`"2'SR<7V]$<[Q^) Wµ4 srn;7q'؍n܂~{IEY/ =m[T{S| Qs3Y szNw1e/~CdΣSA1d<(a1y붫]wI+腍՛{~0ȐN 努z-1eTF0\.yP_T{Xv_tt`:) cS&V/A_I 9ɇ~[OoMu?tփbZ~4;.P]qb_U.`t0ۗp^Tu,D[*oP,Cv@=z:2pR3mt *r%:87l["boU*ߏqL)E%R_iO{@|>~.]4_#$f7ԑ Kl-I~rc+t('wy5;yP +ןr+˦m.j99@RS7j`WY_eY=PRwA8!M?ԥZug,D8朿0rhލb)VD߿X tF!b1s;@niKu}#Do9נ-Ϟ2C O-DK'W9e1KpR%d2kV0t:J(fv3pOꐻ4Q),W)W#*tX-4P[cLօ{,~BO^ҁ4*CYa)Xfi_Y|زL~հ+HɎMIK<5P^0e(qEb{;qMdFS!6:~m!uZHfS l@GT~Xml/kL8#u+,h/q*_+6{ؤGOilM+EOzCe)sChQIrq/$Zԙð?rKȣjAL`fr 0kd.=m-arE>%ʢ>T?eٍ4$@٪i>AU7bAY+b/mu!<˵Db-6-w#-i-ʼni`l!r=\=/Torn~|cn#Jg/`r2G;mF<=IbN$Kޏ<3&z AGr jDN]uksT!9ENA%,Y8T%/ue+TbuQ7<:ޠM {`f$GpG]O~&Tݢy˒>%AbEpJ-P C.޾ @,걿f:{-6vV-2\wJč#XE:B3"-2j8n`'uv迿%2H:An6ɡ%0YRȔINhvl$vxf~]u_F38GtYFaUb`lFB/1qL46z*A/7 "HqڬGR D'xp*ɳ1g&ݝaU`ҨRe.lh\FlPa\+/E)AsݢCSg3\+,]G'AW\Ww:@!OŅz&:weց>OR_ܧ^|ܣzӜ8yq&|i%/D;)1燭C-' _wƂ PazwסhUezR#OH=.Y;@F4X2C>f w])=8@b4$eE21IXh@ݹtȁJ9"ԑk#wFn \ԡ,:8Bӣ\p_.7Z>i0ff"[ISEtW{˖Y ۤSKq(O]Wtb>CԗBDy)=\۱;޽%Ɓ:dζeiXSXHN]sUVFdĤ@їU4 ^`)PdQo&2!A{[.![l~{.>,ƍ4'X}W~cjHʇ$_c V98~QaXiӛ]_V;4EtfHۖot [xلmT,9^/13 5KpʅQ M "A.O*Ҟn9 /ވЯ~?+n sGYtoES:=뷿<'|@Sk&ꈑ;ы%mQh-FuG4 `I׬َ&)}:ltCD,쯼 ^8bL\J^TčML9KK8W6ukYC`ƈo(n ^SBp*)aHu<R@@hVe/ts灳#MDfTph6~3 HT^PgRdUQ;ȑfqiX cb$I騇 "z"WMgƔO >2%E!5ѧª&5XSued2'?65P}ِBF#e:|Zb%` AZ$b#!!~P}QFEb2H.8 daIi3܁vTSIOI5r {^N0T|ȎewvWWm[2L+S^VAoQ i lYK.g2Tyxp2uGcV:mmޛ{纙fTSamkǴj=+@5YALsnk -:?8NgB㋖jcתՉ=8FT]LCq7 W!3mu@i\M<4h,i}frɟ 6?_f4t;\ j S8~(!A ׂ/[R|E(0/+411X9!`pD+D)3Bj|H|>(::^}K,fy`ڭ g!V ^C8D|" v Z4`>ߟa33<>wgکz)':$i۲lRk3"^=.yU˦ϫU`47^z/:3n-u<ּ` _M+69դS"!?5#5(}ZIRA{^aLJnkhYS 6U¼Ղ*Tt`p'Î%"EBq8+E#|CtŹAT9HЋ^xR{*V gev&cBJJ)ʶSōqdUg#I #p}XHM,wnPfta/;j TtK-θs+vY VnFOgbaۧ]Ey}!z 6 yե"za?3\7 ,T'F $a=>>|jK[ʼEG$<_Io}{v!e(o@uEzvNStWctJ/RXUi 4*ps f4M}udofvA歡`T˟Wuw/B '#kjWs_txc3'^*\~ 0 ږNXKm\9s>]a]L^H\m " ujQ1X4;ȴ$Kbـ=Z`{y %F3'a:=iŭpӴyTsZb~@GCc^ E}or˼kLFrLJd &WL?P~d< ň+5 9,YM=uwڜ$? uA4 uDYUgXTJg*u5cX?}/hBZO+v:67_j'I q:#b\A}OE򉠎Wr_l㹩~LJP|&m!ߨsUL=1Z>fF5)#3@`PDPԐj A׃k[ m.WD/ 2u+"Az*G%b^9Z*!]2giOɱI 2'# "'0`.)@u\erk20ڊbMJK%%$^hRG ϷHy,v[sݬsڤD޷HqlTT-.$uTq4Ďg@@B]Mm˭0X5j{15p_ [cC,eߡ9z :Fw]{ ,bP۟ERb I&^"&o(/Zs͌+?>*H >VD)'<|f!zC= Ŀos2/|Q K+*9з7O3ӱRo( n?"b@D,#i $vTOmG3zi CޣVCH!U%r*0bBc!ueHq x&Z~16 _g?F9o0ݪ2 $cy#쟭< I4qsF[y`߉:ՕR)ĩ'VJV<5Q&JVWSN@53\$3~,:j].>΀ {'?sV.HG$/ V[QA {ɾ-e+ 47W=|{Y>ncBX.]C_L/3B;o,ZGgnG6l-jFJoXe :W?G%b׃xbW~1}&x#^щ߉E!USP i`1=u[ԑ *]:SS ?:͖'l~^Ҍ]>v+Us#Q' j/$*ϣT:2=W 'u;?WdΎ9\%YtJ q>o/Ѻ_#AmpĊûlpOrAg+<ƱB a; ".j'(g{~g\`n}H;rv\@l"5%PawjFm{y]֗e[tUߝ|\te~S=[ )Zk)Dm lp%` h"͊גH)+K( JtL82Չ.L@*F"3kGaئJ~sRy&<.F64WT!9 cd豉 \PqV>, ҊʃH),k̤3CM=mfFc4.A< 󬬵S-&S"ONJA @VV-Y6H(1u"xED:w$/3?10: /LʟDkO#R͡5ÝΠi70_ )5a3u@Rq]vnn80SZXK:dW&5yv*`Ir*z$%Qm.JakCX6W!%TQ HdEr=f[O<)8Nhaθ8m|3((3\@l`GbId\,PR9!KkwCAT (,̻V+7Q+8l8KwF:& Sa `G.JXE" d;?9)r4v""k!)3XfَP^}{&Vڕ롍[L38/Oq: \REGO`]35Cȋ^{r{pdmLmvtRDx<(!k3͑, ڇ':]]n\Z%U7ޔ`֯<>Dz更`/ :'#Q NS؃$Z]t;ps&H9_^CFu/%ge4$5\GTV!1Kk42K4nV]mO3U6 Xz'cx*[Eo$ْTa[UټBFɆ p{3kP4J&2ddBYyNI?mzUk1zH޶PȞ|%8:KG$RrVms 4CgZQtT{pYyfp0J ֓q9z,!뉍^Qr96km}6E(lW H1@jOق@/%-.ΛiSYvy\@tbLJQݹBxd d)azNux ˇ_{L?J%O AD{ym"JTT>ΰ03܇2G\p,1~kLΉ2 rfTY\~7OYG:YjEֶݗg{ӂMg Y4O#3ׅwMmP뒎vIaQz%]UPyfxbtHh"H9|.ۏnbsݰ&-S Ԕn=pw6rhÍLy!6TX5VKf[ YX[{?wHձ{iGh O9d@+xmԣ!n-0Ya 1"r&<Y7wٷ x4f\$0lw,PNSI+PUxoI>"!e"KE4E&BRh__$ :άFsEjN]$өf`ȱ(%}gʹ8'#7>wqq@DIk kFa&Anҩ`c >Is̨8&'Eovil"؝x#+Pq#"gcu,K2|H 5t?{Rt:jEtf{7RO[^]lk".4h,":<b玩g{E;C띮#2p?Z+D"9l"nlE56#!$\@0ԙ aV9r3 ܯ T:{’H\?Xya^ѿ(ţ|)TGdx|3 Y;էiV MFXB и|rfv >--dDqzZ/zK̷Y$fg?˲o9j#Q(ST(yث/Ձ9Etγ45Jʒ Yw ] 6ٖYlvX|鏧2O7|E /WPnsz'|A\ԋRVO`jcϸ0aVA4T+QA'$?œ|&K,cc;+?]E\'tTk9l6Y)b9͗舧]LSNdB#dYY@6 8sToMKYqI0$ٮc 烜7Č~gNf!k$n\rQ ӼaWO1ȶUW܇hLXO}c9gooa9\8-yN.Ў"v*Zbq́yݛu3ZqA5{i2TV` j!/{^`[) o~P@P֨LlP4 ˽7fqY[#}9?qqg6*E!'@ذ{jф}zs)V)*]Ȗ(AuP]}hඇYM@?kAFIS}\X?XOYm5nƨ#孮]Q=&?[U܉#ꝛCdq^;ӂ1ziJç&ȸLPttw 4r6)yFRJ)]ꛥg^|_sa3M P)Q+n1Yp? X3e_ӝ4MEm^ZFg\zKy3bE!ĝ];B/£ T:=R^Z xog_!0$lE ?1t-  VtnЬ+HVĦ!m6GeN2Sȿ\#|RvjEJ1}(Ugs//]&AID%Fd"P:T:.-y;-x~襁ȋMa! UɕH]P{fXT^fgh!bmD~ShG[kߜ%W1_\da*PptFoXh* y{POh+Tm/fLǶ2~K_s̲mg?s~f(ɵ"9/>QAKcmJ%ÿcj2 ;Ydh8"^VBm?<{`Be8X6Ok6a||n~I (xڿw,Zm>9 V͖`V눟W;7FC,Lف'S̐c@TJTN\G>mO [Xih&NzSlsW㉗5 }v2Dz:ZBjѸe#>U[|{䮨Ċ sI~7`R@nwwH  bo%dw&S fa0Džvϙxf0OB's.$w^]055'cĸsk4ݢ0'Dn2s W {3zR*q } 8? RJ57G,C;T/\c ,.sF!.<,f  U8mn8r (MAaF4`t_ 6 X H'sT$ #uJ //bm%pcm „DAhmmRL`95Lhc18J"c¶UIK2^ׯI9 ʣXҀ=F꿟J|/&z( ${fX1]v`C'Dz_/,1=_S Jf͐w 1N"}K1+qem9>B f|kڑZmvRXNHLS)[ܔ9&F,3~G[88_D@}3%J<6ᆛi}7`k>xT0 !ZcWE|VD3eI#BKPC \OF.)pqZryΛQ}qiHe: uPaULmɸ2[s_tH4x:\)M7V rvYCgc,O4 KeNCE+BZ>*Si\RIQ:Ⱥg2 a(@׿{cw&p|L$ř4}]>.ˍ@sxoi! / oQE#XԧQҽC)~Q2hܲ)8:WY[A 1:KB,:, ?,$w÷23!jȪ_]QN!ʚW6X;mqNJE!| KpljI#%Sŀ:<h|y :Kn1owS9C.;QS(R }&?w2 ~gWxHK`G: :׎7b13FIЋ2` yD;*FR3.ٲb~aXߺ̞*cn{vPȥcpsΎn#^p Td+~$ J"T+9X}*wmgћ=>Zxɰ9|P´ڙޑ?3^8 y l p{;̦8t&8EREؖ(p^ÜomOGv"O#jWg+:gϒ~X<<@=- @dMLɭcChЀϙ0\-/]|_wNj-nuԣ6<,DZLJ^H>}zza [WNE*Ǹ%ٶ=4ɖU]zs0|c@x d sK)%G˕oQ UA1+PG+W v$wm|1D&utic1"7 ԟ6L%S.̩%mL $CWxCxsgK*[B5♓nb@ϊI7'Eл[vwtL l2m<h;f 1XN ,MBk}haw'ɻ&W&>Hd_3Z-&V/"XbM\׻G؅Eoʤ4Qǵ./ !DZUϘe< ([ Hbg+ՏS >[{`#s<&,2D<,Q\h]uO#یTi* ղ*thMKBvPB5o1t4:RP޴@]ApM*uF_Inmd뵺(iԃ~,x?q!Of­cC^:jV|ޫHz@Jg"TUX;3IW8 U{r'F 4=ȫ@(\Օ?2*K,)YFu.D!'m7F7JFpX-NPZG0jXpį5ot(wZa~]J IiuH,g*,)/[٫'켑#jғBRH׿`j U=xdpW;b|\dۤ>4+O zVJAXf<:8I u=쳕ed扒?o+)cR1N; Dz{蔝iSN93Z楼s.%['찒fgq}׽d"jڃoLZfǒNTg"aѺWZy5Gdf]z@opjLІ ϔC]%yuM@x^=Głr5@|Mi,fqAJ#պ`Y)__a!cz yj Oix`)buezUp6 mN^S$]_YK kG﯄z@YQ.;Uox&^F<5d'?!sAʠ1u*lN∇qpe)]"9?o=|'34ZGpSW&*}e&/8yRr@6H>$W X|Qp*tqJ,GktgaE'r 7K:2+"i ш^;7Oݾs3{Y5F<%܃#->> ?n i֌|냑v-4*Bz?\XU;dhu43i}3dyF4> +2cfJxyxd^(>HEt?CrVdwƎ.:Î.Yӛx'v1!@h`ОhBM!j^j;i+CdP ~i|yG%yL>%XM&l7SJvy\rbgNvޠ!ɸ"7M%/gQC=Q^ RzyZx*0a`qO] mjSA*%ڀq)H͎R$4ty y L0}IU~p8;D*$U Dzʞ-F6BAi_ڂ=*}%e a(/oY"H#Tp ,bg= Ux$T;d 4MD@wɓDܵgB+xpksiv!j==X{klSSt;}'KeX,mnÈGaH!o w aA6c@3AE+H.\( z|8_R|ϴRʀK3PRX.fӡ4ƌ}N}5!V%ԑ$tSq!oYm6-kA:3(.Pީ ƟMzhVl 2hsidmhjhY+Ӣ u2T8NQ+Գ`8I9ar6q(@֣[w= 6 Oî: g"IeM}@&.":sުe72z"wa=hȌz,.Ћ0Iv26+8|$6ziuR+PBjJs~ˢ53c:Zͯ;Y"yQ YU@<6~."՗>F+c&.;׳I+", }rct \Oz1 aIҼ{]27y_x6Ytaw5]#/]^)hsJG8K`Ч;],_٥Wqmgɍo]^'TUjrؚ[`G0b%fO @K2\|ϱf/rR =wl-72cNy=P/Äa^w;=j?Fz=#lEpJc**nMə^7J5臚i8G)Clf2YQ}'Jo#Te7G= l !a ]_tM]B1fK3Rha Աh;kEĕ ma(T&$&}cQ'8)VUhFbz/Ve@xZ|'$6.[i'& 32_KG(t*W=kK:k4Q͠h`{<=M '|VkqՄQgN~o`eӑp=I Y5#ۛQ%b*,锸h7KQ7CiC֏oN &ROECc]zv6޵&G ^;WY!רH8(G׿=!֥* a*Qt ]l`3!˂J1 I Sa1ӏ2#eջY/E{Q>C@r22C\-yI>84sjrSX<%ݾlAUb #Dةy&י =tbS/JdV "cQD]afnx tD+tw#y9N}=w:-ԡ@aTaWYsGm945 )roZR !1JO<9مBNG@|?+G߿MY1 _`dT`B. +ppV36j!!$zOR @ĀK$.#Jg%[?К q8D@x"}o6mHGU!UHW?+:6Z!kpˆCp= 4b64iRS #$qW|֒Z+<GH_w~6o )5 =OM^yo:IA`Af6r9P.S"BO^iBN&S&}" |F$~2ehN/<R}#_pjttTH_ wj-]&>-\@V9BryfRpdzt2\gfaD 9#\ Kb)k=B;>HKdH,K$28?X<46?2՗:Օw;t5}OVVӲ ݰ6X7.!TѤF6kPP3"[%Yf:;گe mFgGKTA8Ϡ)ٝK. u^֑32g Muq*] z 1g-&BEB9Q\Nm eX, }6t@2=("qU0w]D@C֞tpE޸/ܧKn|0YCߢS:9)h֐e- CVlb.D5s䫫/){YlEɊ:mtICP?>A\'fvw p2\to,R [!ӖFlUe:^&9pwTFqM ۺizD+#/3`y=}14>DjgȮCXOH[^Y6L{qdG'*V%Rt޽,?ݔzM#͐dVfx:s )yp-x8`4DAb(MA̐*OY4dMx7*_BK&:]Q3T+UݴQ'AF[-5x;W#6;mK/`Q6Rsa$%K&%E09hhRQ!Z-雽)nHW…M.#QPgx+;S9&z!S1Pe0z#>@~= ؋ yPeЗ4fuWn8Qֶ"Y\U@J"8L~mYÅd!9#tk8M ރkq{A\&Ԉu7v 5ib2vX/!@zCf}q>t1زN>CU-v #݌lٓŕ'Lb.LIHNx (}1{(4z4LgUl8"&}HOS2:d+FEy/ǿ<ĤYF◪a_=^P0n/P#;LRh.6Y؊eqӡqOKDu22ƇPÚNṗe&a7q99HY<غN|Kvb;&b*.vbZ0JڪP]M(4Ɛ;baXXNgܸ* ab8Y`o"zx0Kr;ٮxN(&:,C 3} FGY MO?YrBN!ci* M:Eam@5v~8䁰i F{DՎitզzPgX`44W}~*hlڡiʶ>pZ7u+C)!b@M|P;hC´}R"b[|9:IJ!ۏO99+ ߏm5T`e ISjnߘ\Q*_J8>5~J,رn?k]:-dNS9JAMB,_疷BK6#(;34ᦌu' 4>H]Ct F$Tou_-% |Dg^Ev0kQ~A/q asi={%OHx,=z^׀1?_e_,رOͶ7&Taę=?狇3(BIi~Q,.KI4[iMMokC cQ(.c'M<.Gz*3k?px2T\Q6|R<`4pdba9`194cNƕ'y$XyMU#^W|p IvW7>t<5QY*dy ;cc fd+/8jOU8?Q uL;F7Mzpƴ|{ꔉ&]W%Tg/~Zu~*puskVh<3JՄR?k6fO=}wf)+^nGAypۓN~e.63lg\wmd~Ls@O~ub@gn~o& M˩h9\B*ٟcJk>!V̤5B.!4f;q_H@?c]sMkW+O%BQwy!l-`3hŹ#aVK~0`bUnHO'v\M;E'>bGJ K:4|WXq-Ҙ)jvBY+SU("$=/5|JȚ&b0+Z[5Eh\heС6xĨ@ v:$۲E%K('dN~ݢ/3?ĦJeGZ6q>d`ʣۣHbn=;MI)#Tp-_y -o[۱\+%Uw5scGF^6Ma:XF2µ8A`](Dwpu‰V$7b >3=2pA4F|v䍣abJ|Ynpc\~kSv@$ߟE%[Ӳ?MBQ[vꕏ j0FyW|9)Z4DҟqjL7WЛ'PrG`vn|C^9U9c[؃FpJ fBـ҉1&xf818y9W3{>}4zoF/7>f `N\+8/8C'|)]:DazŒљ5gE .F>_n+lG6SxnxWAn@@ADL"|Ɩ\tݾFisŽD izP0e0{v2ܻ)Obe f(\pWVd!*_Rfv~W>#>pA#B_Obli==0! 2ҧ.~C-w٘pc9QDʾ+ X2aDmC8 %+΢w,Wd?)Bw*xc} $Hť{A%79&$ ^IݲY+NAGuwHr Ff#h|XBeVY㣆4&Fk7 bg8GpZ*nK-GmM_M,N '"΋N24$Eg f|g))7 j( 㐑kF5Fʘ ³{=ަc;l[0O@~\h<IbIPzGz͊vm_̩߰ųU'qrwp .eKFxI'JҮ~"ʶH@=JF݆.Ga 3;ZpFR(p=;A$qO^n:+yZ\EʠJ:KޏRyZˤ8,hZ/kլ}s/q"եKOeuƺ@uFv*tlzXu:3pú2eU9xxƫ' #h]fjBmϐ.jOnR:jp!{O֒bRNҐ -d&u@4f\7˺n8P!883$+[GIhGRqPMsV V-tt!iwIͺ[Uo :{>c=|R׉9-p,E4qzb MP ָ5*lpz vhAއ6~t1iXQ?ɃQV9",Ia3ә#\7E>N#Go=CW'do"]LWġ@n xVje؁_3zi_#_RcYzftErV5F+@DYTy-Wo(鉲 å!,6p&WԚRBBx;jG3?ugN GlNO"iZ8,J1BR03k9a~C;7X7fd"7bw]ʖ2pDA.^K.kINZLO--} bv|7>yN .?\KP SaAuGx=25w)nŮZ%y;z"2t*8 9h^cDZx&=yď+@ƥ-X|cAb=Xc ȫ,P./xoОeﱱ3:Д^'b2D6`.Xy?  vhlll| F<1OmP?zqѨ.9GKZ+)0uwb ?.ư [P''A'o dFn{v]p9x}Sf!P1+ ;5iH;8afǖfjd.pt&CϽ $4q F]Rm%oOMO%QAI:?puA?2I'EHS7'xCWw+UyS%k;9 fڧ(ΓO)^~ 70@k_C"!1QBzȻ(gI&T|_Oirs]Q(+)듻rJ1}_F?< ʝ3$U3Q`lpk<,!㳋hb͹ⓈWH8Y&O# ZU^?.!43»A$G$ u=%jSnE/Wx(\QАO>mӿ-\IHzjԷ4D␯p`R`m\f;9ZP kãjkb5}0ԇu }k쩺E ENt9q0TK+CD*C&K9eIKy&k^ϩeݦ o,RD¨%/r&@^z[;Va4NїjD#1"Ӊzov1(W&9ɛv]{'O#}C)T,_J1۠wޯz |.lj[^RݭZ0 Y2J! r,͌y}g"!2fD9ĪlЫ1}Ku63_feߒ=9.sGWDPc8woҎ|vEU%zi5͟!‰Ǒ!>=9q/:ܮ"^ M ɾ[ZniΑ`9%4[P=Ȼ2C V3~sy,m ЇYFtu_I[4Ri)m,℮_,z9SJJMOb_E23^MHâ!CBnxζE * K>C{*ऩLL*^-%ٍ=K}p  xqOXgjۍ9&1W=6Yl=V+kƝ~ݝq({Q}e~9$I,٩F"HrH_LW^YǩڳĊMG eɓ BB_1Lq,w|vJv9HȾANRW.tgf+l͍vwߦzVH NQ}VmGZcQy.l|,~tD/(U` D6賜_})"{ɛ9USqv ǡ5{f%\?JVh(;B@|ngHx54X#N%8SǶå u=߯,2L+qSv/Z3$_g;>3qƂȒ DNk~⿰&~ #SP3FJs6:AΤ `>ʥiK+2zMtgP$@%=Žϕw雘bTQǐ'n? pK]k$Hmtт; ;b[ib|w35`&S>0 @i%1٘ $͎tL(C<3?f <&t2Hp\7U#Vfz1 q_7oY[ClpBՏ5@_7gMC}O"2[n{,/ӡu̲E&*,8Z#LpK&iw b䋷c1*C)~]סڶ4ZD^Y߼Cn"q}Ǩ h`'Wa-O/HQ4g\w73+{/f4ɷͨHvG4SQ.AK[Sb6I|S@]C̑@~V}5BREY閊8~IyX N̷'{-\.kNѻ< Ѡ+ #{%9`Yg R*+^&$cDV.YpUV~vJw.ZX$+XേQGja4iz{tyBoX.d T3!iy/\~ߖ2f3 ˃ Z@}~#2sAEf2fƞM^JHsԝOOΊuw6ڭ; 'ֱrNu+"h&s2,y>B+Bӯ'E?S8Y7Qv7$ 6'0/#AZJL;>\ZNb؅V2̩҈"[gʠf9l;JnzOkORXϳOŠ^Ьs>@i%B ~c5pD9X/֑<$(_v:O4׭_qW|)W{WW<>UJ>_S٪J`}5Xs[PU> aD( rEao9/ʷxSQ7͵Rf!E_E\ّco$WjzH^Z ')rȠ6,æB(ݤk@$N7"w)^>DcA[ {)-n:0je4 ޒ^*ZHMwLDx `gyH%ۖAi dxs"EfVN<1X(5J{5}|lU/Ef/0Z\^lRBkAԪw_V-ˬ$.!Tf?IP{uP󆑨y y|}8. pwW:B*ytߜJiM\7H`Jg=G&PeI4`G|~&Uu{Fz[dZ"O֔Ax•V] uQk{WiE7W hO+ N.фU 챆;jG ey6Wi-Vk;?.Võ3?/Uqe) IE']9CtL ΚA#insD5DZzwD)7A"O#]M5PhF,%Ae[9^rK9^ Mo͑jE!KX,Ż'c\-R6^sWXm~co/aq- HRjw}4$i֞_/Ci|00d󕫒PsbQҕo.7i_ÝAXy{x3q}`K0| (.UC(w`Ό4$6^CfЕd{o<0jfl|@gp.Jo݂F*MAHrM(3 膁=7@6،ϵBQ)]OBA$"d-t-q?s#JP# :u3O&/'ꛮ1˱y-ىf4KR*yG9rn*EUph7[>zъ-ִSHf$?_Ao+Lu/7TD-Ryҫ=$B4m !^"0 Pf5+2Nsqʖ,.-pO3rn^QbK׀X`K ;O!z Ђ#mAՑL;U@˺FyFn0a^~`څ_ n ^ 4ҬpZ0ڬ;&Y$2Պ!wEȡׂSǤZ.*6۪oZ7&/=cd$ +ytbSNz?HMwѭ) Vvj7D7Т$d83'"e/ msvOmGHgEJ^_Ot,~ CW͉ ځv\!Xx+{π$܁Zԯny6޼=%M!UY:v KuwJ HRT] K=gΊW‘:yB$ `$E*zĵ6hAtVٽO鏠]!k`WM[3SV(:+!(}7 Dmq慫 dIy-.@CDŽ ǽ+G/c}'bwdI{e;Ho*sY:iLy yÛp[ &uÙ)bw>ӳ;N!\ea=T X6NDSPJe W֎{.ȓI˭#<TMU[w@ F zlJTݮpAoT=E&kw/|)O`}Gy-bM4^*F+p2@|;]BׅE͖YRV\/Yjktغp|b[) QXN,{&krMO|.,_5PE,S \;ȓ7J`O7z ́%z󅻊9h~;LW;tji=sd6\+йl3(ȋiE#哟Jhԫx,5v8!Rqsݝniמҡq2fo .k^Ѱ0J6.3,ֻ) 4x(nwN|Fw,¢R>(<ChD;yJ*Z~ѽ%- vn^RepCJ,]L؄w)J^Բ'+`aA3eHz@ʡjB-"zQGHŕ#L\dZ> (pkQTR"tY<^TlhA ? rc LO4Z=R;RW4]@K{,(ChXuuGo)'2~ bx Fn,g9Nbowf="FA[`%/#t,YۛMi'Bn-u;.:+iP 9"4/ٛѱITpFSkCz**_"SQә"tDIDl>^ʼ,5߳E8k }P[oZ_JU) \Cw=?W8%(He"WN! '5k:͜ޜQ]t!<8U ߄D:j^"Bo^-boW%T١x(r 8O V*w\һS&58ϕj\G̺ t;[Ν{ >tsv.>I@;mns5"f$˟db 2Dq d뢫;\+-&lOM@b $ka{*3Mז/$F|ޙ ZIˋ6 $sʖO>L! `d)R3mU"F$#W+sl[+4)alkNmoY8\;Q!T/H`TsI^RrQK%v;'/|V. OFC|.VZ€Y53* QaT]M1ed~v`%himK= hK <⇠O oV4)8HZõvz7֩aO1K-%C(o)]Vh]jCyP H\a n?Su}59zS٨;%A$YͭNorL^M?Q:Fv%E)ϠE.vʈC*CD-5k~a@`&H,=_M' yd0]cjø'ZVĿSKl D:mKIJYOZ7Q^,'G}xi`ǸZZ'8mk[je̺5ֲh8]g<?cm@ Gyչb;!}.$Hvj "/-€!w MCf"rOI|lpYiߨ2Dz^& ƻ(򤲘c,*gʚ30Ac?;}:$|`VA xlN65 l//!twꬌ6D%Ye WC6'pFEA, 9ċw5"Eɍ8l,ZP^3Vt/\gB?GiO{)S69e&ɚh A]ʯDu/߻e,IOÉdfC[uL YHp^s /_8mIt<ƱĹl-JDʞaXPmѬ$s6-r5bKwfVA| >0b}C݊p?am >%"2o6$Ϻz rc3ab'.MM )3v~6wKbJ~q%cfLyxBxx\}ڞ CMBeK䛲x0.ɪ7(E)Nr1*1{zYV;a؃VͰֈvC##Sl JwNr@}U @(|CuQRX{[@<YEN~%]~'ZH 4Ofז֔A3A}e\/R2Fc:(ӷ0хEtԄJE଼L`sM$P4L1s!Di*74IVP+V!ߟy Ո&P6|'B8OI=y[)kP98v[¯L 6KopVqYYNQ08(si )5vɖVsZ{"lm{lN<PԳ45TQ=[ Y Q<*ɩ`|eӇyMK6!8Fkz`[i)I^ܶ#щdg20?<} Wr'  ܉ XS>;W%t#{zi9V(.{0ˆb.a]vFjh+F'Mo_z adjmftUk`MȐՕ!^{81rHox80SNѫfiUw{H˘S2Kj^r7 ?x 6JޟbIRZHĈ9 7ý51tVP`nymQߟAvI*1;}M$yj%vAuE/o m}݊ 2*)Pխ+Pq, ]͍XH5I$& ҈: v>I ,tXz48Pܛ{3_V~\Eн:,5'IR5mߍr3P9F>h}ۤ">R0DQ!n(upoW |S(F  7fjZI_aQI6z; ٖo.|Z.l6'c"xS1!%Ǫ̺:-嵫Zm*ˌ*qMg)` ͊"YbR7sF}O@!nY8_ l.< pz%eˁpZTϰ~Kv,歇6`#,2̆LlJ3۹ #KfɊȹ ,o]Id3b)eP)c &ߐ骈 };'uq{ ׮qtf|IJvxl.M{ hi1zE$Kxaf1}Bmb"_~J6=IS=2]+^220suH؁E6ssdy>^[ }e㑓+yJE. [<S;e}G49SkqKpi` J&պW;,Ӄ;=7;9#mE<&GY9&`jai<%K }8*gǑ$eBʿ&p:~sztC_Ƣ<`@-#zfߧ$MdщȈ&%c !u K[Cr 뛷 n=>5g.@Mi6qkg8V(Fk$ϊ3r, #:Gw" HI!9X6{ٌxsOK̡T2VuVw꣟?POf~fuT u ϜҺȷĖL|HS>1Rekl(FrGE̩+n%ͺOAn2Z D@p7e$q:6=I~k* {nd{!w¿taKPnzՊEP`rg{PvEpoYs5m}u;Q=i_-#lv "I!*IsZE`.N*dr(5:&h./% yԃFvC(KQz\_:&KDCgaWrMOc-~P` a_'߬@u=eKYr/} ^v%K[Wr\T̷ԂJ~~x&)4{j /vd: hpۘ8mwZDؘDl7~r dC_G љfE~RLf8&(Rhgoqr|ڪ"Ĉnwxe=[FfK_zKߐg jjx& `.H|7res8 33wUE_)c_OI ׃&9q׽:Q?F|{a銑$,j5CW͚%6m턴_Iϥ|WK r=5K6[-Md!IW/AP1RGm U0k{z9JPvVʊ~aI{[&^R데?u*9_ M&`%ڞM#i|=wR\i>sKd+skr ^M 2[um[ WsQ.`Nn^pNXEkdc\:"Fgn">ٖS4xwqBFft mU]R$‚BZEĕ>-zx`+hWԂg4.D<.D ص8^ N$DGbnX+]AK0zɽnm3s}hL"ma*{enҹx{""Bvpr 6A~} $iM2k 2?# GNzhb&^4D\(Rn'#m(&o$4,P4y%R*.r6uu4LP}C()cA ՎB+^KgJB95)ib7JӴR|]K ]NBⰽ/,6md6\mWw )0yEDFeA  O!DϠSœ n@,HH'oٴZXi=)ko)?%Cw% .w>V;9]LsQ_=TU(྆ QRH[.$ț@L*j޳ e2}>Q M1*di|@1N(2WrF1x_' T'(Q@rfe 8yml_hK6>y{܉,b+gg-A;{:跍]%^)Xv3@g'ݩ|fϷ^O~ǥi31 %s<_"w]w#Om&VG'ۀn0JiS<⺯/8l|*ɟWfT#U&eG+mJjgls'U Ek4t?F({O#V1(,Bm~u1Um#M ޯ~ع#<(#9͉m"_>QF;Mmz6f2 ǫ[0Cx f3䋎bKa"o5FzidvbMPZu.frrk<zbuE@/jK v{'2롞VZO|.InCCXC__5D 0MFI?YJ-ՑD,/Em:LVF]X5JzxGfieZ0ɇ,vӨ`H-굯NņY1F 易߃[%I$4dPуkQ޽bwϺܷ؍^ ?RI FAOzqkP:$|vtwC`Õ>8s̀ԩkA9q`Y3W)5PRXĤyh,?{W-p53є%04$V)i)hf ̝Mnx拵tmQYuTs8J>d Gu^c.eC EJSR+'>.O"Feq`s?FvqڇmoEV1`:cq ,q̜_'yRӅE5QyNhQ6PEc`ͶrvA$f7L>M1}-nqYJQ)MZ$W^ '[(GaDNߣz\Á8EŻOX[ S@ѢVD ȣrĺts g dBn <2VOm/\WzDi,t5 KzHD>q3#n?}ΉM6k'%i싆ǴV+W_G ߙ/5j=hp:/̿F'5g@y] P~Yڅ"6YJjft %[۟2k6P9~FkȺZKxVV;۲aj:ξ#S.=o<-$1z|<}Da]Atw~~#-G=5mx "?>(w7#==.(pNQ7-Z8=]MG" RnzkTrn&X2Pv>ݓ,o=2յ4V!/1_ XVU7_TdQz>qFv3 !Tk܁tp_ziGYi^! \A#2(I+7>1fD.ƒ = (EgcʧG5:5`kdG[۽ M!Pӡ2aSq&k$ϱfPã_/m2+ۣ+Mxd9~m 0)w 'm˕F0D:403i{oanMo ^M&m=@tpo[wŐd5q͋Tl>н#R~\{\do2-,i.-sM&JXjbQK ШWTR!ڍvMH#0%&ה0LWVI sxsL+ a)s"0c?-R޴l>4q3}h%*i |%};Y` cPR ek Q,*Ntp&.Vx5-J2pF4_[RWyROyzy` S\ĤL|]2 {pZyQ~Z[P!8?&sX?UVKj9n _ϣBhDE 2R)U`h:?EjgzQQcqOPRULdyyeN؁'*|IB#帴.Nڛt>hϞ?ٙ8Z~5*2G*~ΜmZH>6|]'՞`v  3_Вe{aNShMr `fW#P>+auWMQ1IB]SQ37 1:HңRg:#8CPE7(Ui2MBjb \o`@hՄ\VtHi|as8MGqy@}&M@z5$fvdf&pb!|ߡG!.Ir^!x&t@8͵|O=ViA>7w,VxTy  h1r5|J{ב@ۃ!!v=b=$9`<dJ.gktw6>*]"|{ ]D z7{)ח/ؐ@QMЀ/ڰ0ƿz3cZej DSE(.Oӛjݔ%n0ǺFj_Uu-VmHԑ1a,]7E΍b( \#E:k(p-= {n#H:7(ڙ-<_wL0}tqfQW `t}>ґ;ix`Q:RXWIr6>2!I>n%ʜ8R9nu6%+V$b˘$ kԵíд]Q@^%tafR$Pz!!5D43[@nt:-r a [ AP'͒w PH .4\OtZF$ld[* i$ɳ/)4Xl H7Kla nǙ;J> l<'QfiBؘ KbyPI%ܒ}̤(֐4dz@.#jBݳ! DГ[V%U |1;}Eo#%%}_Й#K#cqv툖Zu\~)>&ٯY@LA N4I5%)\OhtMV z*mT˹C;ٮC*"kDL\E!:ywIy6x ^tE @Vfu“卹RKr [ʒ֦UХU,$"&]ke&QRPw 0*.3[Ŋ/)G0,r Bo(=Rի%_t?f2yܽ6:8TYII6;bZ]Ƿ |Xg^ԗj<`5+qa5 i]v|бo-6kdC-J 3,/.R'@$XCm,FKzYT }AJA(onɅgkfw1}PI$>yDŽVP-!Pj+J4[d>q#q$Y.aO KDCOJÑ|)b)6Cy ਆ 9Fd4h)DIĚ1oc.I ëb5Fk֙R f:M hojCJ.AJ΢uoW x`9jzeq5v"ӪS!ZdcETrV\3AOb}3 ƍEvEhF'{P` ޖk92Jfu' Ihk}w}u@ vw?:"!;R=|c!%SꁚW G, (&u%xŦ4/_xqĉx,̝I9GrrF>C, 5uX1P fgCT_nS/ ʤ찈ӱzK9c&'@ڰ="hԁ-7U-/M\W+` yjK>r׹:lԭ %U.aӢl%i){: |17ǗH؋`vV ν:-䐶r"sю4gmb8oҗ+Oze219Mah?i ṛ8і'QT:\x#Kq6lqn[|o|h]'egx0g5+cx&gDNy x^]hˉn+(;ߑ_Le>$msO3\bsD0nL>5FSL76_9G@]^R4p/tHHW۸hp_[k?ƃ S _>'OLgI\2YNwmoqz%,)@LI "ƶܗ xXx`xx9Á>-|K@>=J nQH6᪒;]qec|Th};cbPDXTǨ5BˆaW|SFp3tHpݎpd, חU=P^EX ߷"3Qb%7z$X^>L!LwBT=g8gv`DxӔprX^)5yFw9̡6%@4-w˞q}_6v`&I _ 08;S:m9xttZU,^MN,l>,L)K+,xZ@_ /r8P6ѕ(3-K{m LQTB~ Qj>-.!;#P:,G >aK:܈G@$G`@UK ؃!ԙ%eD5JF.,|ڮQwV+&^cm}'*Jtv^@Ѱh7zܽL^p/A,o~nʾH얟?TtO瞍κ ${Z.2lxz#(a':I`{36Kiw>絶dG),d[qHOx74̕jiKbD<;z{"wQGSPWkmH"Д2 PUW 61<dEqm2mvWUx 5:Z)HY/}|U=x:!}b,ں!(@t ̍)swS8Swzq'J!uὺT㲿 (iۻ nA126 d+J֟r]LiaLKXZ:M>~O\CKJRTbD, Ɇz3,@gTTu I3ܿ Bf 2B7a0p\CH#E,߆k@\}ibPA8FC-bFҫ| q>7D9CLg̐^R+S O2O?.ުJRJY"ꊲT_:{W"ا[2˘(+>=lrzCaF`1^h.Hu"i I JPtIqyFJSSWDYfɾn0=\u67Df̙vMÛx(( y& ';+C^lWn;a?@ e9,]A ɳ+Z~ xܚqv񓧰[+H,Qw". 0yjXb 5#F"ޙ |YwV>.ޟ#%R+>aF"x xДz:t pt,E5l ii?eĦaw&N9bnA,h9AE>[%N'-r%2w{MՆ"{YVB=fO TLs2 %@L3Qˈ uKdX:V8ͬ<M4m%I\MZoIA-Q/KT{N 9CVVm%<\$g;l;-ǁ8AU(ƱS}䭗/]:Mr"?סE tZ^ 3! \lj#}n}÷G@J_KGlJ1Dh~ ѩs`Eq61Jz뗧" L_ןZD Ah+qN/Y]t~|Hп[a6b{m-, !P-*ڠn8Jˠϳfy".?I=}~pVagi@;lqVa׶O,]qB@[*u M<0{.}Mj?Eo (*ۖ۟_d q^_r'jg~u}Xv&\/EUS+vЭ[n [ )$͏G"5 ?dbT;*6[n 6,ސ r24 4e:,J{xqX_D"7eoo4"":P5lE=29J_ b'bR"eJ$HLxA@p56oT|CpD cjz(nlo?Vԑn`^RYHG2$9BJ\ =`:M Gy׼oN 4) (/$0 wQ J@ ad>(fTHhL8W/H7i["Dz:{ B9C!j窝x$4&$f;5*@*W0^Z:LG!7! ."VsEPt,Z :^ J+ :T <1(mOSy R%6 `U= qMTb$xH VVRZ,8_;#q!'DoiN[MI ^j%eﳾ0RIto<i<"?T&PՁBĈhZ hژCr4Q cʰ[hi 68SJ>hFP#gD ~TVFN>D:~N%1eAc^%̞;c4U8e lq+y~n;X ^FY 8xgg@iʉ!9B^Ŭ=$ӈt@%Ně1s*:ܿ/+M,㿟mqIac T>ţ *x ՟Z/nAF1[2d8g~zGt٬}<MwPvgr#lZ%Wث<5NOuBlKC z??B.h+tio`[9xJ&33jG9qJЧmfR礉LH^Y8fç%X?Xr`7HE:aMڊC+*!@tHDD Uё9T쥇o‰YHb?qޠG++1zz2ImWσ 3`f9-le8淧 fڠS̺$3܍Um&]|Bcq ?q1|OD\~-iB}h>O?3,,"S'xVWDhx閃{qأDžxFZK<+xX'5!C¯)-J)X:~ ۅMR'Ozp@AUKn' Ė؛`YE|[pk?pp\ib8TMe j.nn>'CXb6!/k/=];'13c5Gs7kĤm:]#hAsz{ F-BkO'!4/İEoM2ZxH";C)`(91c|`|4-z6ga_t0m /ϛۮmUZʹ]꿻)[yɉ4]~uΫEaD996Q1 $Xi_$V̨3T޳l= Jx:83l E.f'wp8+Ԫб5IJvㅟ1S =oSHuYḮNG!lP NAz V CXn<.- >ٮV`.%r 8z^KRuY8ofxm!'{(l XWB{$w6rc]juZ6CqRe,O!p4 bKJ5n1?ZrKZGK{1kĔNFڪh3{`jN\F|tJ;Dq(-`Ho$ vա9*]Q( Z 4>v2`{Lw^˭p8zՋ.سݻgA:^$ݥ"zL`}>OF%`֫Kb]q?c$l |~(ߎ\aEZSH<Ϡ*Q4(^1DpI0$C쎁Ak@on0v^_Wk}BvaEH3}de'1&fhMP d\B^rֽ1%GdO àMw o+F%o|]y- tDomd3V6dqj)$e9.v7v9%_;4 !ST4 zJ%0plxpM>zЇ2mg? Ar}|R5-)'2\~&BO^j5dB [4 Ws[A+{o˄㭤Jr$l{Gẁ$-$ dMer q~bggDBT.z  {*W=‡"[nRqV3-)C"/6K!R(pxV >x~ЯjCׁX@ v̭!ݤmt/[B's(28)Lnߙnӻ r`DZš(vqk+Kӏ#1Tu?j[6sk$lPlnE stEμQc)8o%({6ԖLF4;he¬A}])^cX"v A a nhqi)gcYHv-%?,Mݑxf @(#:Ȓ,0oFHJS%QUa[_ ?dz̵ًכ̟k0yiEs1v~ q3 '4ZG ?Αeʷ o!beOGp>Eϔ )Y 6˭(_LঽHU6RCx-j!/ FZP5 gpIzDbn⤸A)M99<$R5Meq9փC/x-EXRvK W.%u4 'K񌃝V4$FDJNз0&vB& ՐnyP1`iUgJsG Fko羹|vRT6~n40LN_KQc6aʕ^hڙIl` qksó7p:ʯk(b6į|di6ŀy }RJz3с'z/W.7-^3 =LX~9Uف2/|7M>A夦ɿn_;ay/<0=hJGd3F59&&׽*^]=642u 4;R!8\d[ +wk_ݒͺt={$F$rz4~=t<93#iyE,ĥ=# oGOnڝ̈x^Y b?)-MLuN{i[L[>KP.u^{xy=m6$𗻟ʴU:-J \T6Dc Κݹm8wGJgp2 \0ҫ#L̕(_P0\&Zzю(19P伋ClI$J, 헩ϝQH_CQj=N.ӤGs(GF}>ޗΫH *@q<6U-wl7=]YBMUmn_AV5n<5WDm39Q ftf:Xd[*3)GB9~V2"WjBg8^#xBVxB ߍ +da sS۪pX״]Uu@=a&L wbgb5Q!{]>baeڔYP|8L ,=.EX6CP7YҺj.k)'ɭ=3|Ma|K[؞ _JLeFLJT{W Atc#x*"8vs&RUdzPaS)wS)8xF "#8B%"RKDۭJqώȫhbr[{BHL剼Y`&!ICOhᶍȤ a*ѫZ]Z+<@s?a }C}gIn8LP/>6t1bk z`We7dW 7/K"Zn1|;5 غ2N -fs_+%[%0;_'?i[ ݝ=M Gw\ y72u& Gse#\sMA29{ fcA~do b_k/ }CO%cgơ+2̘f]X_;d&.ȴX!!eH7xJzQ-9>x-p)!m$n_p0+O 0Eqc? qpz%3"foC j\;L΍nY\ ^e?4l  f]_,w.$FzEQx\m Ì^'`w㓺"P zN!&S,a'ІɡO޶#ܷ wR=,;2V-Zr.u,5Y*%8Ge&C+GƘf݈ c LW=%?Sxr: R TVknZ!מ&)̜+,X? _ I/j!}$2ʚQ}hC>Mɚm)-Q aޒk,J" xH#_Ʃ/]/xmdƎcZ[~YQ+,  ŝ";iQ4[;ǃkA%'Gigݴ鑤ԀB~ƿ8I5pkgrzsbYQrl0 +@Aز W[`]fwMwBGytۃ]cw)Jj=*,T5!}?J?5>4{_ˎAՇbdžUЍ#oO&+UQ ~GfdkdB:r[oqF|uvW-[K41Q#܌[[]WѱW/"'ُ߈ׂؒJ*UPaBmSAYJNǮdC_i"ʖPՐ0XMy: {i^Rhor[%t7dz;=s谽h @pțn̳") aC&3JF9i9-?']߫/Cͥ0υi =p$C&$Zi iD N}AV63{|S("pSn5d8"]b [8Z|b.3S'֟A@A~O! {CF&2n0\_I ԏy<׽͢BDgL7(Fr/7lD]J"DaV1!BK3^9qMY@EX:3\mZ4X nn').X){G;T(BhG7fՀ\!R6}t(k g1(i{PhD " _0(Tc&oJ۹†C?KvOW;CbNyn? OKL(?j h /땘ͦfrSb GޑǧS~4Ҫݮ'*NmYPd4c)!tYW:ğïyz**wn.bF! G{n5 %T70Gn벳|7a4 \+5ſ1&x+$8h!EH䫬eEFRKb?XJ OB .қuxzL>-6mIϺHYH'-L gc hcd x!῟asއ5M'p^{$g X=iJM-ECvI$B8s+qdXPmfn^3uK^ip=L1BX|ÚјH9e|N=Ժ7,m_BR=f_iH Sz_PxH0o7jS:^Xy塶]tkW &#M%w {h½hBXrh}[*}5..2_-}OTc@8xJ,,SOɔkMVFǓ׶n_(@Eqj P+C6فR/j4HI":QF`eO5>xe*6ANy [t xS{Jr^7F,M9%o됇C7Tp6]_,!lu!}E?j a.&P`<]{p!UE!T`IQԲit >Q=cnה޾Pq0% 7eY%|bh'c[ /jJi>VQt C#~ RF4I{/5cf'8 dѹ6(N*P'!xe^: 8Z?cb< $ j$$×>mQXE̶+&ΘR"28ֽdE[[l;% o&ުgLBQDQqXc4<@:DcL-x+d0eZw|R8{No \(dS BbJIޙrԉ{N ܜ!)Sy#+Ԏ?N;{$ ׄ}umxq,ivcS90Z5?#u0Eu(_:&{#l!YUe0WCzUՇAkNhT"jО-0Ws.[1)D3a4IfIeAH9s]@/Χ>!q]i$ɳc !V 2.M!;e[GjcY_`6̐UNE! GĆR8cs'9wS!#\<[3:Q+4A'I!&TYE% ok6z_Qr(5 *a6zqs3G_tG^O+$&ahGҖB6A 4Oc4@PáN`YDPp{7A$+8n /TR q;4fi7#^X:.Nr!R~RxH ?@^J8a36)FʣƁbE3_#-㞈Q}†4kxO2WC$0TE߈PlaJ0۞MR5(cp=:[|@!ZTAkrk](~zsU4g@nk nbG34 +9shX5) r5_L7?P6mכe{?16!jr rIw)/J>D`Gl1X 4 ;wr=jo"ERxeDa@LLJ28.bd XkG~ʚ$suEԧ6Q:>TJ#_q7rZsV/(,^ԋsq: Ed,Ny&33I0Й(YƞToq_̠l L4̮+(N0`2Ip3Ȕ?樽z #B\=ds- ,%pEwԅV; $o8-=%>ΫiFN~r\i72Vev i' F-x!ߙM tiZZJ^sI H*y$8F 4el`K0Jd.քqgu5>CJ ڢ_ f 3 &|X6tTn'eLT!Xlk焹/^}D0y+gLWBE~B/?D'ncAVcjpv|F-&;طլep }HH͂5G+I&~WGkfL>qv(@N nnM>ɵ86+;*?K73L̈́ۡHLPո"5ʳRnթR#'z+MLaD'/ؾwvo5$VAۥϑ-saUlAmSOSLOlDfg 9O4#=oe~)RQM5>UQ+R/.ltP] #d_: eˁ ~e!$ouFb`My0ubq,])@.W7˶;4B0Rq+vR)*CW8I >S1*SeF8*FА1,ER+j7|HMGWwczvô+[FT/w!^I[Ii1)|+AjCPwdFf,eP SʡˣHۓQtb)yrr5vͣbG<7آRӆ@Rf*71}UJVfu+IS&6YH6˒ "dEŔ+3X;A$KC^u'X^ n!9z+/DTsܥa'2̓3PN)bZ盕i5>Af(>'ϛz2I/bNPncw- ?\ov=eW5p6@CDr98Cf@7K[pĉhND"0\ #TcnhInW_p_T(/M +W\޷'V1bK~MeGhs]81Dm`,ATgNpE(ՕaʱA7fb@E_E +ʠ z/JY08<}r~CMLjApwMNu7yrފ_M{j7cl{7>Z\Zn1X.n* 6@̈ys"fc:2E#yF*P0ѓ>r5FAMX|;q*'$gפvhl4\ /(R3)s;%qkjY,?6/Q!>ݍ0zѩPݏ`\ rmD(wZLZUXzLLMWW揱GfUr!rcH~S*>ą>8 6x M08{Y )u s'OY$[uIIK^!uxںF韮*45@IVV}8BYe&]01=$E-kxexއ&qnwSMxJ'k;(PCKhSF5!-{TYLOPwnRVK_ hU$l7L |W>ǭE.?jp= Y Lŵ)XQ ,' XH-:2*2Ox,P_Ooe\+J)zwS1e)LkkoXi(Zˣ?7& w2+Ki}Y#BgrC"77m-ȁv$󉌊 dOɛ#-gǬ62Ys[[-[r F*;bK0{_cg)rɱbX~ɣqiU< 0](-wv 8s".t/Q']2FRNoД6GE{]: ţ:u*D3#y*q07&]%|Yzܱ]L?>[YT۲|Y u &6-G{:#dhm-IQ,'Ejך@#ݞ(\nM…E8,Z)smy<0 ƺ(yVXg6EW9 oGEz0rOQTI4(&+z=:~}nJk ,"7zc!)6: 9c&.tB*v_{bBK?(µL|8Kr?*qE6>&%BPӒm6]gXf:9*"#1%ڐl~/n%OYXc(ɌfۑPji'p1/J_`^ݸXWv qk|@Y&e5D=Z 妰X)qu|kof6n Ʃ̙RZ6D!/:t$TŋBgM1%`(;ghBWI0LdWRF%jIU0wDv놹h7Tm<,0 $gt w!>܁>J9E*|L@~&ت,Ƃ)_/îrB}" 3K3yn8ڢ'm_ SyeԦΗ5!ȱ>s@`kuKRN;Իg4p!7CժX ~`CR=,) ?Tw;aPSs?g"rǨn?Adz蚁F26v\D6,`* |jwikٻqOBI"e珺-|I摸pb{4,Dn@h;1/6**R'6,jxŹ u}đfӣ6OOLܿq\f1 7rϷ.8Y1QV~FUex?B+{=y׎#ڞDвm[kqn_dDVeN3;h+e;ULҏVO8HgZxyiǒ9F1мˉ)SW]L1KJT?T*d` 8%@'U3oo둿)R_P"(TY%g'X%:\:g( -'Vh{X [ +Ed}OϞj|G^<@ -K'3*+ߍ&$Zzdq0+|C8nëDw?>jt E x:gh-|D퀐}ʰ[od\DeHv6Fu@QorU#}oov KOP[W0Ac_7JBLD; q(?֥#vFMAާdYA7y*6vFb:9ޭpT]_1g l %wze:iLYK4겯o-ɨ%'6km)/w"Arq䖾Wbc1@`śbCʰ־+d11:@Љ **˯vEY7qel~gPP9)iC NOh$od4> T% z)>*1ndjYT®k^3lC^PsTqDZ,85![WGYLs 9WȱG/g.6 ^і4d;腽DlDFE=$ ~rфCL_ @R+\dsȈz})y:6TT_Ì}Q&" KL xtdw"VNc3o93p4e:{_FaP%X׺l@*<_CeЅ%Yb5,P׾T1Q˕MibuRHU$:~vm ~v,eC6nęqgi.} u%M_fX fnLm+*hF=dPYzqPV8؃17Y<@ˊۿ@wu[_EfU S9&q3F1@>S^8~ srR&W~2ȟj;IX*dRDGˇ|B߰jp4$y IߠzT2v":4W3.65c(|ApOJx(X6%n&!be쳠MRkIaq:97,i{҈$72ExzΥ*rQ4*!bNnLB@k-ˎ㝡˸]=NmSYI5fR ﹞KشFb@hwq-D:;Lf1!R̚m`L9Zj4)Vta$^~Hx=0g?]WM zːd7Ba>#zɦiS 3`}XoΙif"3֜Y^֘l1$StGz:3^RrF(,L,7N[fL4my';KWJ}xd T'c\Y'& \Qgy4q T!to]VEJJX3.O%I# $`\ZsAVW=tbQZʌoar񾅄Ð++m&+!X*,vwK%tHqQQY18W MЁMoKUhR&! Θ=; +"F'5_d;^IgEˢ3B h]luOt'7nܾEypˣ Pk0_'rg0P;)(oJg9Zޖ>L*ʻ -N^Š }zLlJpƘ7,7%V9[h1*k0$B$_Xհ \[̬T>F"Gܞl[Bh|߆& ݃[go7L711bsp7߸zM~;BV_ ńH<΍J"v|Wғ+h6)dãDlΥ.0 VE6!-Gr(Yy'>lqeL"3cJK\4l٧<$L|M}s᭯qiW~œP'DGĐܦJC+ "?H O{"$ ai@H.}m8knL;ܐO2LkJ>MqnV:޻荁)o0}. a{4: c )P[) Q:WIf# |jƲfv䴅:l-XoBI'npU%룾SW$M]4IyҘ ?' }$/Z-Q?KˁuDΰ=N&xFk)'lAA\%op .x 5D2% flV{xv΂Nt!f̉xrZF  NM{ <%ȧi":.jFY \Yᶣٗd3?PFqg9i4) 2":=8x`Wx:vM6juKZj)&`ՂGivˬ;7rvg"i2eOjQjY$y}p3g OD(^70 ;ς`\1=} T~u-T F 5>1]r8+jЮIO%+G^&YO56]lͩؔ"F f18"8MPsSÇXm,#hڤ[," ,z/P&70x YO8SD  &*Ȟs[{R TםenXܿ) k걮=*&^ R%/)]G4L&c^ٍxqy]=$xM}nw 7>FGfd%rN˜"/ZeY02i\ ?_Sb!@ZE`߼K-!n;IܳȸӂuJqA)q&xza冯/s5EwV9rSf04D?GF$`ׅ q* Y1>b쀨 j!L+{TyDHz[$h7t#-xǻ mM|+N>h_Qyre0aИ.R+y4%Jxz39{,gj(@ J;|+D-+.O3X:.w)B hurcU#w:(/0.g!,?@+r IMqsdH`)5L)fVk-XCfH^c'i(' sL$T*}gU`4~c#갢n3yܮ{'FO&"Hz}yOE̡Ih 3{f7Xޣ{ .v!-9=*~5y"Vo^7sP'[#ebiA"QwDœ)e͜ 0vJR/iG}%N=Gy9W$x1'|W|is 6{I79/kd>(t 13<+aɺׅB24A]Gn[,~ld9_E 0p,1i-,]ݦi@:U噈̲?ix2=F悀xݨ[vqJqi`$Ob,/uRXN#}DžN++NB)*ʶzQ7oʊ bGg6α^5%CsRe3WnRn;'#WN9[U@Y ͳE1Y1QŽ4XC'%mlik2[HjJ%Rǭɹ3Xb"{#]s`BBk!0pXP.>] s,--a]IΤdt=Q Df~gy&<۳]o U#QSwmr쎉IhmSW^Y?!c e@+Q!Φdy^ *qG؆8|SjoJOP\K`P`lc4ܗB*;~<{b$X7B,Ȑ\U j^VLYUjbcnRl3 g .Ӓ>\?xo"3$֝ k7,4}*ď7Zw⤢ݫoFu%;5}5^KcN_, 4b4+-]r0;]?:f v4poWk[&[cKwl N3>΋)Α<Γ< @ e(_]LpvT75`ҍ"%#C@"o 9T zR5pjwΌ\|4&b-!|jF@|r,׮x/#Gh6F~JBC;J̻2;,ҩmP)TduH>vn!xESPG|yGYm^"cc+C6vQx,ΙWmn47vT/ k/`"}խ ʄ‹[7]֌ȝ&}Ox9n[lCvѷi<ЅBZ74ˇ>7tȱIU`Q IΑ'U-mbx ccYpٟ[?>S' ;V{¿>`{W+MN ƙwpA>RS@XN[A<|ޑV9d^+0]LBɦ rMp&KF6̑,USMA ^D(xs6r= W 9V9Z{@< Q>QB! i.rձ]5Uk@18m;'1=|y]<ܘ/dNQuLh4?YVċ|!<ؾn5"Z dm]]75}[ [uN$#{ݯ>/'wS1״vga~ 5,t7m>O3ixҁpuCT4hYga~_q m8݇贶!PzqmQggS* EݵR#BbS@qwPM6:S v^v|)_ 9-$­5njfa+F(Z.bk =J Mڽ睖UKN5ꥻK;-.ZA+f=oMWbi6+m%ߟrgnv`4}~\5k+3dw:t* ӴA'?p݄ސ;{% N@Ghfo- -~dy/ޗȐF'u$Aҍ[>l^  n& 8$0(|{{`|p1/ 껌 )KpF#h+$}u:iLN\PGeg~mF2xз\y"sAf̾[c҄T dU48JC2̡UfbgiVqé9K9HgpĝuO:|Rl5ɃaRa\7kn"A%>ʹڰWbuI;{$y 󨆔+Tqg9ݤu(E~@LAZv PR-ު/Hi% RtwDمS>mI0 Jd >h @&jɴw:+"`kvzUB:O#b[P1ϳ)f?-=Զ"i Z680Nl8_v|PΓ:١ =^օk%jգmVg%PzƏ xs3`8  6[< &W gYgŵ)G:VN#RI6ta xfPޑ%"q>Պ=Ef1ǒÚw.>ey:Ą#y!sO-*;[̭d;$jcd1~g K̑6Cڼg;HvEk2Lbfy̚pAr6#BYtGf(f8jhێs_h`o9Zy=f!0uY+_CFR8q)vMSJi`3 j:ht|>\^k-bye`ÉlDo M*doݰmoaN;qp^qQ^22 P|p "*@oܻMޢ ,J*'pw;.ؕSWEw>n4&" 8T#|&D؆<C$4u`PZVi#u13RV};{w;*dsLO9:ԙª|87,SYsY-l@nl}K ,\&ںTtxhd,UѶQ^v `+iUΪu>U9܍Wl`+X|\KX7_@k=2%p/`l?*`.%B fxd穄7cH#:#"'&(&0m@ϣ/#Y`|"+/<5CWLqɔ\KEf0c@Moao71S'm4IO}f򪻶gӌ)5_Db@]ߡ{3FeC LD Rw3RWgA`X ?ޱ)BZ\K=>ZP~>ǔd:VCމepcr1WZ˦r6&.KiD Zi'Hj?nb38lfkӵgsE]5 OQl&,cs*bʩ{:7Xp<3٧KkqZJpZ[Na]-0\$3(ц&zWQZ?lͧϮYc:e}9\ k[Ln}9Ov:x}VM6!(n7MRң@QC.)떁ؖ,ߙ:9n˾G1M!>YOȲoxUm;X,XV$x7NAXOʙtd}qMCuNoM./bhi859)?cZDGz,ˆy]iqz?t?oqSt(qS\3 *U9ӉPhX"), M}HBH zpo" JYס}|W}vKixkkꬻ?mQ[J,(- cyݺDtqgmq. o-آ}ʹ/ctͫ.*CdBbm͓^0 6FzFk/wöbȋ@!Ld8;2B뒭.΋d3Wj R4@&R|Ӿ.o]yN>-q[q$GEi$}ҍ}XZ+C%OZCW02?kqePOBj%PgTyK81_ {j+9°Xj_Am u])g;[׵&;|8`g.{۸w{m-ʍ-%v#skr_?_T94Ԧ@}t^ILrO60W|Ϫț3;@h%۬Dy^c8 KqtHv[-qd>,expw7e GDYܡTAcT hK!_}tbxg鰄$^9Rs,r9,LʊbTzpDδ98S#tEEc0foze1d skwnyOj')u?a]q>\XD^أjyGbv?6sxQkDڞ8# \K )^-U EW9Q)WcA$)'T!ѣb|]- QdgpgjL!hbsl_)Lڞw]@H>xA茷v<5\2^nJ2UN{y7NKw[zMq]¼ VF{l$o=zpܝ+)>@FHY1"g3%B$5.wdg6q!VlܱF4{Tοdml3r<`OH7nSxiR!U 8qQ- dG }Tk L9mz'Xg2kHzt]NKQƟ"AܺEDA]s!Xk uU"a\xRq+}:NP e]uy] &0&6=as2e[KSlSMۈ*Dh;A;=Cy3%~s#Q YBuТ!$A7H 4g/4&> s{`-L@MV4QѦ1icT2Ñ_>5l-AH^ĵ@xߏ-ڕ%˕Tuҥ |5T[^}QT{~GC!5=(w5,Yo"2e[@bAzbnmΡ`pBRJRuac"iM)_ S=rBELO9NA+j/}DVD:+Ϻaf  ̀5ёF`GK5ƽIVv@t:} Ty)uB#%*bͨs4QY+P duUq,.-ݹ $vE `ӕl+Թ ;sl{5)(2"^`qHl=O$}#$66-m%*S䗳=+'ʭn}dBlR?k iۺ6?D,Y֯.:U1-L,=*|0o~& fѣ_ yCpC]2$[]mp$? ʤ[e; HnM;u1CY9yL7z!mYaB Isl崳rG4nqoAH.ᮥ$8YHG'h0[Uh4>]F/yZz{7~3К*HOmI> MC`aˁI K\o(\Q@^^oaֹYti\9,g-I3)I^k _ D aB/sWm.쉥%I$4h2ڧjgᙻz,P[ncT7&sl[ I|ţfA'.șO=WBz[˜6;QglW_L7R(0>V2öAhf0"Vߺ=g叻'VZƉȞW/"EAt cd5 ]1rFJm[;3 qlmӾ'u<ʨɵ0^zq+鉑[Ihstz4E:e{FQA( vz AMd5ZTÝ#xW 4ڤ֩iAKa{J :JeF'3_ȭmAW~t3a0!?p aOd-\8nϓ(g:5p:tV6w |_A^/e\3}jrziGFЛZ?*_5~`bQҟ'΄-Cghs9Wg!$c@׹XK~F5=H=Cf:y:XSQOGGfgҘJHy m !웄218ZtH84r۶A݀ C( 3Fhm;c( s mY_0%=%(#2~خgR9&jCAZ]Ot$~ DfJHj)bL VH  أqWHYAyVguS 5fr3Utsa!TI1\ Ή N Qg&F/->۝/"kP0pU^7''s&g4bASwmwGzUsЊm_/6@>1r+z:ՓC_(!-cPa A1mγHϘ# ضQQ@DW*\Af#F[BԌ[Wrh {r_D%T;7Mvo $(6`>S&QS6PO'"Ҫw?Ȕ* G4cL8d>UN&ˤܫf Ft1竜 uGAfįyZg`3iG&ؚٜ@2Or2&I=F"Vg/14Z+yx [/K %QZTz9(-R5΀/~J['P{>C?c5]1|<_}UQ20IWĽdsaM;[SSSڕ*.yz_L.4!Lퟦ9n'K5j~/Jo֣*Vd7lgi.7F:9BwLm.T#Yt ӏ`[u5=Æ/z9g̘J`{5Au 5@QXu؃gLk޼v,%s-p-:wƝ嗹 G9;ۛ4׊mī\B.Qng+ 9E_-[`h3d9x}?ڇrxW$˝;Yu4Y*JMDf |=Y}lIQ EŬLh㗳dOR }W6Nd2 U)H*KӿP1Zm: "BN&n8ħiYӉ3 {e2 p'RʔeIWwȔ`sßW=P)*Mُ^"Dh:?9/K-d*=[ ?d 鎛&Rw_*FѡT1pZ7m'hv'ϡ-@ ^Kw%4*tZ󑃛 FtHʆ8dU4XrEpHT ^37${-Bz/s-inri4E yoޱR3uSy5GqG7,. {ySD4sX޶uB8;v]D.+ox6¢zܧ۞A%lj y#pw"PLjAvQ R[1S: ʺVY00a~}ɃE 5ڀ, >7tcA ]Xt,yu Y-&)2^r)jEKB) b >9\>4'NLh"N8zy)0"Mr9^!n%}.=+AzӄCyy9ʐ& 05V:(N\jnko^Jδ3yk;V h2֞*h8oWu257J'RC RC!x֜πUA0Xc+0__Vj@TUσU3*k-[v2c*&Ett=F+ zwNV;[(__96 710ӛ, mzXQAު7P?cִ'n0GIT=#l`R?DmKiT1}<1SVbUʄ@a.[y'MfQ2/68n0$ZnjcFVF5şqԍcRsT9[ĤI;-\Ͳ'nS(7&t։8i2GFt6bG|yeI-ComW^rY`LiP:#;O]2u|rkY.37*\^ǰ5G;Fo]ÝW[)CViP7gc%EW:v-x"ؚ{+^uV'LX?}^®L qwe/ nNj,ݯ[V (=4Y~mdG}yeSA64"ge~5 BȾ,oFjQfj07VrgWy_/SKjFK72  ,Fa>CPWu!(P[<UZAj"dNKuIq0z_ZUkۡ 7Q{k}!B ( G\!b:b^q.bOƣlI޻UPKؒX_xDف-V&$i,X#scLQx"0"7sg!fUBQ'iUV C')냾0C E]ˣe1"GtWTJ_bo0uƱ"n8$HCaԉj7!fWjSO֒ 7uyۿ-HMTP6%e,/L&#raʿx]0Mxi5$ 9ӹבK" E~<+: j4 70 ;Jtprj6Af ˅B:`r#mr`Z.|'ĒNP]רڡOFY[Zdbi5] E~ͿvluZ 5E|p?@Tӊ/`|dw<VeKYV L%=p"W՞ibŠ Td^Qҥp=C JM#|oM;PXb8O!Ȫ23ָ^Vkr|ZճGcVDQ"S9*WI9s $3ϊ'vmx Li/ T/ xr)%C.(IFwIsf1]ۑ47OXca%+"M!(nz9/y(DdzlC(W!NDžs,.qh F1y~%:]x^:|&#`b+0yX_O HpcPM|::] ?ďYkԶC=IEBY>ÿ<> |h[ jz :^OMlյ!^Udci| )ʐl ږWo o'u|zV>4FsW`ks\Vm:ehpȟajm@?ܴBeׅsv҉6:)ǁR5~0` L`PD_zLt;/1yxT*Қ&!5e~UPY/ԵuS[wβU" U6-W8dJi'APGAI #BIQ&rl::>@$#z>@AO~_nRyP L5,zu 27 7B&&aCxVXDR\`|mS;PzH` KB˪tI ZZKc9 Kqr8v2b:_oב5kgZp 7JM_ sG' Ts \׏t؞wo,'{d5YTO8o٭~a.1'3XENc={HD4aۿO xR^4Snz n˽BBOȵM f[_+~U7M#uSj hvk%fÄG!( C*MrSsX/nj_4mL*]/zle ٍЋ$^ϦMO@SD>@M B蟸TY&coBgѭ I`YDN>(JǍKCA̻=E8+|C`-(LxjTlwL?K8`ɏes#GʚT d\NhVmiB=u;%xeғՂF|Y>WВṙ;+! x;"o@R\]tUo1Mnt5AeR(qVDTX5zȑw)X9Oe#pXCHU/MK^XEdX'd^MxG;嶐I[{18 dZjрK HV1:s!FGS2iX:yA9ɾF`Ley0eERgdH^y 8dq?ֺ&4׫:`wBȾ qЉvۭN.@U+e 7'leڧҪSlROK.F GmW0?]ϥ ԺfqgYɰD۽[~i1wAI]F2H&:71^B\pД޵kJ[ C˴ph; D] S2W>kaߣהPGR_ ]w &#ɪBf:/9XQ&6h#+x ՋKڵ-^q4N.OjCbW%|7E&Hٜ!.\. &"F$>NFEYhT1Az!AJ3\RIɉ5S?~d+얘3]t@/v0khBV-+hjȣ&]*9ṫ(\hh?O0$"_б~g`~6+w_#\"A..D^5dʣ!8[,y;9MLRq̳ G:z ˶I4j3XUwhnXޮ L*08 Hٲ곛˒ r?B kߊd| fp>'<q R`LqT_Nv3Qj01Y-ZahqoUOv mMRŀY%a#W/8gz-&@ ҺAZVy+TPS}GG6_jLI!"Kz1b?̏~L~= )4&D6ॕ}IHSpȡ]WQB_Xl5zSUtVs]vn.8Rl)OtVwx"PaL+N ,l2!x"piJA q}_sfnVaPN|̌eUAPiɋL$pJRLGFړ7sbUض_ pk<`iNwq4onq#;Rպ'Kr&H& :1:Bo^Uj ‖|$pg!!~#{W~2  dF@Ԧ9.Tʌ`uT؜ʉeI/{-t/5c+ j󔌂P3#Վ~<_ Phxgi4\ϰ:wfht-pH T ӣS}X@ e jr я1CmFx>okE>NHwB]讗 "J" |fִ75(R\F8 QheGͮ:ŤR+d m"Rٟ ڦNcn~~vҾ58/GVkI`JD~l8  aJ/V+iL/DE?~)5'`rg`ňR'q^gʣ( Qd)2R)B'R0zJh@B^ȠĨg"h O~dm)xSGXo fBC L+( | .;vcxlڜp7ryΖ|v!LA2 rkkӵ_(a$3okjHE>?xr'ς1l_wߕTB30b97b@ԻHO[-b tњ:YDTv/*yMO%e(f <@ww[sP'MIԒn)-(`9EUajG";Đ}D}zX^ bbn<"P?ȩ&ɰh3sr^&&pbA< j"7x;!}sշ~uMb)LdQBkwnb6*٨9 Gphk̚I%^v_ X߹+ef} hm tSmx'G%sY2b^qL)*86_d3a¬ IR)RΝIe$0{vSM\5&tNpN>v&'`ev7l+`4:{) k ]w؃]5ܞDivNmS~p_PTKj #p7abKSXboC R;0-*YxR ÔP‘~qLޤ3sa0Co3T Z2&+ޖ'Yǜ 1J-PVgMB^Nzѯ÷oS)Զ+$_j< QZDS$H}KfH4hC@I@\]G5*ksw /\x }یDKyb6ay 3e paJIJxv䓈dI4,v6x: *IWAPn4{@ѻAB+7L|۾O -}I5+Z` j1|}!y-g \ET$&D4cVH 1 :@{v\ݭJj9ɂy8v7%T{P]%XŀrϡVQ躩iLb-b3i=@lyoj$mq熬ꔲ 6< ^qn"{IUPLrqΝB'`MqL1=4ɗE ]^IoQ3] ͘tDJRc_I$nqAA87~a 6~\_,A7ﲇ3|]Fu, F Lr~=vxQyF^FV|v x`.iCV$xjhQdRPe;2A?"E6 ]KI4ݨů~'B@ImN[UfW2 iJ0ܗP!H7}N|&n-_Zp*n)T1Qd} O ?C=]o% \q|- {Z K;,""0pí2Y#&mY0k Qv$Pэ+ɟI6 vaxYϻR7|©r<$UAMcXΈ̧fWvyuLN.],oZ&dy+T)P42:?U6ЩqJRXh1(& &$rƨ\<4J7q7z+ܠx#$1^ ]#/I-b݉M %ő A3/Ԗ3CL#OOCK 5vIb>,t#.'ѻ6Lfq_Z`Nro| >)9#+c6m=Qz%6O'0Ch`ZjG+ZŢS֊4~ќOV0̟t$.UM݃%^ |bZOߩ\JWЄzOo$\ר 9;OvOflM)L \ J 5J{"M=0x9 (/&n }Y5ǂ1 f |$Cq F\p,ʁ hm0`lǠKI-{ 0O랲W;& 54).oLSjNkGԺ?k歸^B@'"Y#ye{fj $e\x&Ay 9{Na_&jam3ݕ $y㭶  A_p}ԗ kĎ)Z,hlu:kV9 ,<>e%njG `6$l[r寑Y9E%zRGf4*=94a'p%iP%?a:7VtQ)/;ٞ 2h=:s#NYWNf{!q?9 ]n!/-eK^m'3{Y WA3+hPG;*t5I=79hn$f#]VV  Ĵ^j-loD1/^0@xN {okOUy`B%ud0VV~.z%yloNDX@IМ+6D͚WK} $L`U0҈`jw#G{}ҝk3UQA?7HkDo\Gu6w$*=NXҘ# ux O"H#r-{>''^cØp EI.iay6-Ÿߺ/|]t?Xuyzy7`^MYK ##4>VG~rD}ܛ|\ұcSCvک J랈bhaƾ͆lt*K3vATm! ~i#HhtAHJmg?䏦kTS릍EJO_ᚫ9‹FebիL0D+(RvhsNyR0$jyW®ɛH}rw#Jk512aF8bSnµs pv'CGㅤh )[r3xIo9\22psĊ0g䝟ս 96:͝Bn[B\qY=<5ޅ16W.;]_n)v$ ,'U:E W49IN [.lx q{MjT0-Kd1cVU5xCiEH lDs纓S7-_ 3c /VWEe7lݸ{"0vkWcſ4dEJNw;Рp:L'^ZԊ)Qsl*P5Ԫ:K~T1 τB·U~xsW\[ֺE޽H)8Gp;gY`}-@tF 9Lp@qڴ9'jQP/7c܉;tZv&ReT ! fALQe@b͢`oa LSK}hSG,M|`S.OglMpP?{+kՆ3gcTϭKq\D}%^ƕ/\T<^Qvh2t8~;t{K4❃Fu֟('$ |ηzsnʂK/r`b5o )R\^ 4'1=96U#u"@@D %79{#0bqM0մ]a Whv;>#V/qKrNNmal&r: &Fof8x5"0u6-gVVɆ޷H ʁ@E{̈A/_`]9fi T̹҄RK_\bcTV%JpmPzcLS4YKzs8垕Rgwk擦I_'l(uh[| ^IVϬ*6[aav3,f홝JSl`(=vws"<3d)AN{r@3mo;cB\6lO/lR0tSjuaۇyĜ29H|3v<++`t4C.Ay5TQ~6ah7PxОR,$Ē7$P+޺;tFmO8ECDt峭 fMZu pX7 d,wiM}'UI6a];X XoDGK=Nhbg&%nE2(&-%,};);㥝~eT.a7t%XƿgU=8 g!>Ykɛ  !^~RG\z_տI[a3Bb Rr=v8CibH:ܹ H]Z]=98r.z@Ё<ڇw91=;Q%5꺦egcFIv5߷H׊ko,Q٧q!~ ۭSqe]˝$e"{f#kJ <s5ĦxoY,7ξ)7,o\]3q&ID-WI?ROނm&fkx=f)\/Ю"2 ? Ur"ϸ&>} o&Zߏy_!VJm6xKb;6 U]#㍒#B\2ٖ1 A2fojY30gluY{Y=npOt )1e8 FV3{{4Tz^.g2PF1?fJ5]σdnpN Tig]֙kL~s(qbE]Z6!x7a,H,Gc0FD p&Ͼ2qJ6&!u@;E{=p ݊x51wb&0k2a1fhA˙L2">FP7{qiΠ?R2tovz[?P[0=oeU }>?VzΑrӹ[ C73Qx1;/>oTL`3w+-b{ ,k\PzkO+k_պ&y-'DGKBI3h?3uɣ@wTOGdT$9Dܻ=04@Էiq@<a*iTЉ u}aKL+27x)B-M Z ĺa\Z]TV)Ae$ #I M.HX/1o%?ƵxA!òxxKV4;-w(,ؘ-^TA¦ޙ(SX?G@&˗ݧ-|] :Ynu#aur5F9Rsj>H~GFݙ ίN2^BF|=ѕ^VpimEBN`tq2Px߰H^V C_' . )1Yyϭ:]|K3:@p[$ƅܦ#y׌#i+\/g@WX @MzqJ+qց!j$(4m_a-ɰEZ%i ¤@wV֓?Y^[^tvl|]nZmA%Y¼qA!rﭤ[[*ww7֧ꨞIE H*LpŸ'HyU?!){Zr*vuS ̐+MbnD8fHL9*g5?2-VW73z >b%E9QMjN;ĈLݙڟ˿㫫 MwTZ"ॵu' JAL@n)fC"eA jjO`ʩ񊫧/zŸF46z8EЙJ 9@\c^vpGt[+=_7|A<J3Y>&rx D{M`mӋ7}epɯ~0zڵ C^Kt*kǚH|Zi(ʧy"vOV̖ȵSVM7a]0xŦ#{.-C|Lr H;AFUdIrhxyPEw-@<3A#1eR= v%`G`@!CYxRwٙrUãPt!V>)ziF8 ;#nH`E>x$g7uEDިOսt6"Ny]wq@pA+BM䒙'g*ҶGǻY^VKqEbF[9C.t,33[m4uKf'UKgαE$Z4ʇ7rb:wǜCYzSzRlHSX2<Qٵ{Ȉ$‡|9AQ"j00(5̿ ®qG%ANF쾨>a-$cA~.PxئVHa> >3QIP1ڍ.W r:|5ة{/ޥZtgNew6s뽨+DI YfҒ36ˇLØ,|{V5!cdt,ߝC7|O]t 2F{~qY67Nu,M0GwzUi0rVWR^[DF{g Dw2K7mȊvy;Ĥ>-~M]m|o T 68Ό/x;ƋU|_1B+Zr٣Nbc|D^ *Tkf`42]u' $V2ap.xh.o ٔ UJmv9MzM2._(0Sӓ;d]hXsN[j} Gt|HKuvP,h%/COЛLyu<>Jhqf=y7r?ꕘ?JnAkUw:gMh2Bh]w F:H2h]CjTq)l ޛ4kg'!@Xq"W4V ui}*u?$tv$ -{o( }^PT?ZI2AoZEnL\kQg| vODJr ]3LOw6͑jfj$B7? UYM.bYDB 'z_X-_1bn=A=ZCV?Lٟ?̫9Wq]Y /!([ߑ}( L$y00~˰UN >4hpKR[@k^e*8 %'?vl_jR9])hjt (y;ɳץ6n_wiڠu;[/bleRHk@8B Ev \] ?~BS/R1r6M_Q Փ몠!ףh6ԡ=kΨ*m ܎8jo `aQx(]_8H˵,FE}7Pկߵ"Bjmjf0Q{xִ]}q!2gn%SaPvxDM<(rZe!# _ W=e#F$ςO{u?.e1M;^dt @FS(tv9-ĥ5bw=\&ȦAT(H*<Hss(B~>#\<# Af N]gt`_bQ>S Y(4 ~^;!H"V!'0C/d[5fW(ؐBijy(DM?PWGE~|uJ^L8;_ yE# UbGOՎ5+;ZZ>)ۧj'+/灺Ԯ_75-3/FE} }'x-`jN rK#R$& i1B|Nxi"Gqg}g̽[g$ܿZwFϊfΞdTeBeI7|(p'G@:.V 7~zPygKf`A׼?_%O*߭sg6ǜQV[#gX?HhnhBp4i,ɴ_央AWV0KFo/I4\\9p-|[aw8DĹ.yhUŮw8%󗦴xN2( .bx)k%솾'1 /0,j(ā\٧ q15˶ ߚ6UR>24HoLe@z7$w]2OҩGޫO3+R]D<7P rnžBg=k>F_ey{:Ԟ 1@%)q \\N@ pj湩]ߥwFQ &3HV7n"-̃A4/S!J7Dzx& X+8kYͷJ.ne}*ܷBLAd;nk sS|2b<AOmk㴕HJW~$C߭4Y8;bU uMO X8_1Lj{+ w^#I @1MHc hx3i}AF026PԿĂz``L|^Sq(َe3+o}v=Kv~edD|./^SWxu]@o%#aQ)H5F6JO8?8$* 씉Z`T,SP古AXA@DtcB&Oty6J.0uZ-`@GߡP}Q(F(GVV3 $,rY:f+K朼I oH_ 'b S9p#$ḚTX <[0>W&k \x( Gf5(o u-5!Ykّa!sAS:}*EA_s7.XGp-mhG*ݜ 7lR*(^I \%PfԼ밮 !5i()10WI hhe,v=nic~וnx {B˘7>zY D/ aڄ6+†IW'%Lᘶ J漲\z9 5yW#&UHi1614xFb-E޼>:iu*Y 0r˙˒Ȭ\`qn={c-BŻK8Gļ _C})P#"RHp;}?CoTMULs ? u>"Һ.Ph<]]HfK>k*7㠝H^gؐ$+) a,J;WsWt:Z~7̠\RJ\c׀*:|D:&!j;P2a1K >C|%ظ8Ko.|eιNEbİNӘ^ ƴKǣ/VyVBWğ96kbGI8/ZrZ`a`Kog1`%0qx=0SpP6]bM t=9%֒@F)>M9;ՐGk9p V:930nd YY#w't+j G_ ZLۡ˄1d2tXD=6 ]wKU@i\C[g ˠ,$y_NֽBKꞬI1Ķܯl13_Y^@gU%Y*tk-'!DAu6:zZl`Lg*+3Xz]Z.qm~,<CS%-y\A\R/Ow8][B?nJF|`KgLj MB`B[?2C+uY..gJ:c^!L ,,J_/?T{ڇF.eFRЩdxRcR}xԄt>UWnb`|H[xL,?Ķut< ?A@4i_j9~<}mh]]ʂH|L7ЙWEB>So f薎n4ѝ}&]]L:r m߀Y :2$4 3p}iNz+%דN;˷4.Qnz/ <+,(t->[vVT*#1j{UI{|%1W:֛{`CFίSZ 0tLAUDS*d|۵"ų*<hoQ[ƾNcQZ&_}G9!U-S( "ՂE>ЀÈ_s N 8`f,CywP:!J4>F!*&힗\.L0$Ib-!?XbHaĎ՗MnRF9`]PJ ௲vm^f7f W\IǂDGZVuvniQ44ַQ>{;wiڥq=ݭH|Wa ڜ(tP^H n%3!||dKRX|A'*[I\Ro 8]J7]Ae6N!k7ՠd X>r"5~Fv sKg?|SZ9p$&=Y6o5إ 7Ok=T%94Lca.q';Esd95K(Ÿ4#$CcAsuA_&Qƭ~@!/ ॡxF'=}K$qg{Q?~*lJ9&?o(eV)pؔӚI"<댛+bNũ'Fj8BS.Ǻӈ+vJx56vT[QՓh}´AF|aB! |e$ȶ%w !kj4ئ'D#GQ[ڵ _n;wfTg4eTNWl03 0]fdN/~ZAER`V@F.ԆӢYjwj˫ 1U0FhZ"2 yӧ1T8oOS:m }bRdԁTi`0}}:`У^2ǥj`i%33a?=X cvFpp8q" Hy2\MSm|{ ]+4G0ЃvI$2Pir QFzuQ|H4ۉ}H v K#9=Pq˪FlB5g5j\܉e.zD)3d6ޤҖT^'Fj2j p"F)8M![)QMj `/0 Ҝ na$9wyF| _Ԫk>{ vdaTDH2,q:iVvOy2dtꭲ]t)'}:ޡ3m:BGW5 F OXVǠa\r, ~"%EpH7戽Zk(dxYkΜdž<P*lcFgGY:lBB&\56(my^) 5ֶ,[a^dպxI0=L=Su|E]&Vxcі:!{ V^zl$#C:ZiMwꐈGLzut%JtS*5MܥzrNJw2Y tuLJS̕‘aDoVEfjh8wmwCb>fb+Hw\*bSR(/e@F<`YB0Upoj CZ'ЬV ^~ۡсfs3G%֑Ŭ|T{i+_{kcb{j*kL~]vUZ2-`LpR{6y E<}@m->Vǭb0**STbc &e; $52 rF"EiG,̻f UYkJ -m󁘷B fQC+ejA}>ڟ2wW oZeogR L/'erd(=l\$BaJMVB]`V$Vm.upsu ; \Rӽ VVeҘL2g>ElAߺj+dX4Tպ"0ti`5ڽ O$nq1OR݉אeqԿMFUG}X&z`wzg &QJ2Y0FRD2V*VR7;̬ܜ^m̑[0^.ZN1l@8I2y8k*!X r=P8~dQHY 7 P4Xح+7v<:I/Ty]92aw꥓ d3*5 ìzB*="K- 5)Ry?AƳv~^!FNH1CA ,Jb~_ӢVLkL*=// ]1?uwlaI66`gAF5 uC쳎I:Ru|J/*FIk; /relti B2>o]*m= k˩G Q5Mu*OXR<A>m9r/!iށ=~ ^2>t͎qoaAfKz£ `tՒ16~k9f &mؑMIF ufVum^_X~W?kO, 3_ >` (ks"w)SЯ1`UJU4#ҏGwͶFVn'WUEqovTb:+i.f`7;ASC9h(t=7 {wԆ]3@Cǧ}x{^s>*esq%Jt of{ ("%ݥĬAQ6}UDCyWh C=*kɷ2=GzL!Â,ivzz 8}dRWZ"dUTbb@ u9 uuGVdyLq_j?}:i٧|EONJ91 Jq ] ^0Yjj?Q^"UD"/ybؼށT7ƧȚqk8VfclӌVK2fUP%d~U|Hr%ᯨ+3Jd@u+Q#}?*PSܲ*X V.3%'lrL=( q.+m4Ǔ)됆9x#ʼXnXaq$+,wraQe.x|e)^0d,J$_?8%-[PMD.Ťp/1>ck`} 3~Fzo,"!8$"3 vE?>$֎Dm0}It-mԪ!O̬_qXLCqJ;Umr;Vd:&/#SYWwH0clt)OAHD֕BW?jyJ =)4]<$ɻz^B!r}txcZZ-V֬9&x:WLm\-@xsN(aq߉(C\Lӳ+r8D5(Bmqu{rccEa•7nZz Cu~n֪e`NPN ٌəvC y2ÍϜǻtţzjN ^<{ P'?i``4ݕZ$ WߍY+SXR-V8UU:'+-uHLşC=~Т=9{j2k++JC,ڴ6 {F_lKG Bc$![y?<ڽ,5"r]6 M촄RK7gѹvNc-0V~@d\!4mz}gL]b1ѯyNj劇@G@QOއ◟$7T N VΉ䇨4~YB?_pzr:eZRu4=|Fڼoxl$%[794/NCl3xO~Xb2qmq 9M .k=o?+WvΠ^1<6>l$0kCnsk6ArW QLQFoϠؽd+5oI: Uh/xu}?An2H='O띄TX'[jXNpTd֡WR.*Q*l~ Mݠ}$?2x]#r?oY|$vUsi`pqgM]pZx 3]R7YDݠ8?'Dk%J>~KG_|C3V'Tw cN7m͠l/.SӿΞzDǚeep'<Z ǜg^ 臾_{m ¤;IVNLX:/hm3U $s£~Xz؂_EųBwUQ睵}<|9+e7쐷LS2!-wNl9 ]u3|h[bPW!>۩ <;[F8.3yrLqtyo D)oKbd[{A[ OVAQB-PFU+Txv8\j+~wT= xKK@׺>,VdE X_Q \%*^onZ G9\ԏ63qWYt"Jc3Ihۜ'0+5<$URd^~p+7:S,PyɲQ$h/R~xfEMI\ޛ@ipEZz 6 rεf?A}RBY\~Tz.{gj[x9сR ֖ a[ `k)m雊 _ Y~=šqΕ{P/40!Five.:WJwv$ ;h5i0!FJF$$*YAU cS|cLa`@[>z\@}ףD!\ l Xޗ3wf]>فR8KPJ|@3|JSDvyUZ[Q⿁˰' {Ih@O2\iYr1NA ujxuO`>bWs7, ]"c975Wؔ~̛]Ӫlng)TFD1ry0G]!.IT{bH]&0j^Z.vv [_6gb~RQȴ#u`{'yY^ +u[x[m9vIU[yDp hATic;%%t4JݍIA|&w wȩɰxQ-@^l3j܍Ȋ;gk]k;C]Tbr%f߶crG.bP .CJ#-#W,%$ `Hrj94AP-W=/ix af(eosS 3˾8/rJʚG (Zmta|yI.H~辙M$ȏLtܑ(Q9_/IǻĦvZ-ߗlIG鬎.,3lݼO׀WU#eGv8y4rDtȥRy?=ݫJ6QDgrŢ:L mT6w=9g#;e;!SO=sA?| KTaAuAz<͡H6á M: ۆ[!i&h9MZrpc^ԖS™`)jo\W7Ov onΚ/pPqHӕ>`q۫_Y]= ]lEJ#r\9g[Ɯ <Y~#[fFHIqX܈U!?-g0)ttTg'djĆmZw(衢2}.q<ȁ`B <;;P}T9lZ&SxCMI+Jrr_ hVlvoFozώ 9Rv_'C9IzB!8{ıc[B}m*ūip_) ^Ưm U\T]j8>ax7ڮow05kmM)/HC]]r*3=w*XꉗVŧl8Og[a(7Lњ;rcBn=wD 1*w,2G觓H "}l*f)>^H%# @>A쀗+!m:"?{}hRսbRZ@s)]O" Fyǀ@:2-  w7Lc ^J-(h+sC9Yy4 }ȟWTzuigvCm'@)}#.Q%GwgIsҠ|W%@nm QN!= LDu& RLC ucG.C:$.7!sGSkN$$j _r{޼%oփW:Ȝ-SQ<^0GNUƼ!$םtOKO&"jƻ{U!G s/jo㴗KN 'cϥDz`Dϓrv>V.~$Áؙm e;]Y8>SiLù)mAJbqdt²9%\ ݼ Vڔ'QE̘=BJT7@$w0h4(+aa:DiPkLo/)A dƦ!VD'S3>1~BZձK3dkQ(ڥD7@$m=uw`ʟB@fWTZ_tF,2M` x<*1%TYJ[شv6\#3w=9@wilr7C*@9\ ƕ@~!JqB;H7{-.rC[c:$*FKzel| f<ϡOrU*a%%0\5.t/Mʼ:MO e&VK aY]/g[f]Ti덇'ɮ΢>6#8V\1ZVJ冥/璲3bo2a"r(X.W u]-eݡK gq;k礓n=γG\7G(q\RxGӜw˜ʁ*ka =4egZiZ ?F#?3UN$?MSiO}F.HX8?'ޱnl ɂN/NF9K(.@VוC\!N^pQ]pDE&!82UͿx yX7\%IAս|ɮ|)ӌu*P" r>0۹\R k 參R`s V&( 6V9.r.kmNoE@ݤ`a$i7Bs:d<&#A){{uc;y5]hgQ"e[x%6Ɍ NVc+_+#2Ic9qvFAU úQjN5-JZuW9S߲NfCmt!iA] xr]w CnJB ۳(e?cX1۬ys+!7>L ҂g>7}3Z3#C"׈,qFcgedj7ދt:k{bpBwT1:7K/!-7N MR ɺ+㿚X En<Ƞ_e>&%a V=,H+f9a-6č긬XE7b.H _BtT5=PѬr[7Ik=rzSl5FZϗp cL<2 UW3+iǿ[fm ``fW4IL mI(ts >z2y`j )ܕO/{Q GVt3 \3ڣ?h(=gAgSTrQ{JF/"].@l/E\X\S&ڱ[8]vV!=[FԒővR >kK2LKj\a.woTPj k"Hѫ«W ZWʖdaNE5+PXr)}¿!xb^i[0:Gvqgg8>%U8-dqp.V@AfHt#g3\gQ; QhMאo`D .WuB0Vz dˁiB2ItHc~Tl(.fY;E~/:44]Pٕ dLwl'أǧ_bjy$)g sSK8o4oıCAH]K2 Rw 0Ձi7 E'-GӢ42%3PG>s\ .ZE0XhWĜ5W\fJCGue\Zq#gxZScg=@ ,v TXC74X[I6K. Nz=<1v26DpB#L365MLnlf ^Kl1x*?_ܙ6rtYK@;;)vBKHeXӀٗII@$u#kyz4h%̙׺v*~D\|I|K)˩AEE$ eueS3#[rhIB!U6vءzO#*r;^fƷcj ֲ0DZo{Ոf1b9*V=M$&R8ǵX`] {?eQ4P?'lm@q+N6uA5=,VQ!EIIYzF)[;;}UR6'es"FDnņo[`x ovk4`m.[W`9N~-8~f\1S&P߻V|㮼MT1sVKZrQ!Fg;EB*"i?љgJ^izUcb=lZ]+4 >'BpBUutQqB rg'ت ^^Q{O=#L=OZxqxwwf ٬c9'6 []& #^o.vyi#7T7:ۄwbzgeX,L S˄@AVd-ӄe?agp*eCJpGrm/lsOZT9?\]wxGb#J_'O`ԼdFn#Q_l&'r\=5泑o7E$ZLb`9No,mnImA+;@[ (;Xv蚶Տp A-w<ܰ۵00zX /VSP]^w P۪/=v :MƫȸI]F!7tJ8#w>mZvrbX9fqX܋cB"cUWD"w8gc7y?a憛]<ڇ/MJ8^ QWH$C;夃'dž)+؃K'woAؕb $JJgXL?{D ݁!Ղ ^bzμn#Wr +cD\@{mo 4h;kT6NRs ~>{mL)/pAu T^=%.{0We>o2z@!>J@1Pt2O_$*5 ~qj Hi?8I;2VD3a7U1 BAwHuμhU~6(?"彑þjP%SeA8 \`CN806&3؅PvLwK01pTw-``8u 3bѭB2KRe8{d@l94 .YTYՇnY>_T#[>íVx)`K ^=MkA[7%K4ޡv|n>*0b 'qw%? l f8 J,=[䯕joP_Ge#lrU4u~$p]<&T0ds.3*c.nMo2|(Q:s!s ^m.%ǠCa*'l崛CWWg aVNݱOS"u7@[A6qj[u֝w 6Xd)P%}:y%pZB6h+y76Bƽd#+YD'Q+*w'˫ Q,qcb9e$B&/?5A\9Z}rk_WCO șoݙQՇ W֭'@6qBIUw.  /8Lӣbo-⃹%!_i>!R:2m.X<+5o]#9Ă.Hn=`=G(H]IwK&Tq9(E*-ʦRuf_4~6` gQeaAah_dzq8(fN G/[lFsÓ3,IINYy$tpeIDctXP5vS33{a?*RIZR;kb|K {2Fcxs(9BL:4:gWRH3ݝR`V' UH@DBDɟ:1Rwf}jyf",NZ^d-&4~Q.Kd,&gk~4BєlߒP֠k҄B>js^7Wbc^T($XZ{Ȭ%V:.vqdAeu,ck4t;otJ[/9hMw}[jZ) ka,5;f1;ACxLń<;Ny +=͸(_<$$](!i{r FNV%v9)x%FAYalrG|75`El&3sEvjIK"_CsSeF"vZY|];O|B[MeKJBDu܏8#tNx$o`]{ZVsK3i76}Qm_^:]:߄^ G>ܽ㍅Os/mx(~C Ur^Yr!7NkEvXPh gT.P +TX=*Sĥgݘxd=`h2 ;C}cԣ,AfvNU#X GYش#ܛ,ds\_6z {J=z]t wk {w]u& [s  2Ƙ`ffleSVOs\n*qjngp53߼O&ygߙw\ izJaC^I<NzGL O,NfГG} X ( /!v՗N@/1)V@tN^3;?F7hU*Qql}M~׎zտO m] ݈e;{5j`lT2)6l ogiq 6pI^ueU1f|"zPRI0DXS1"v~Th1-#y¯-:`2a`eˆ,.=(NvݭKdV9rЩK/Aslb^Z _^װdv ?ׁ }E1e($]W7Iqa;huMthYys a1S/N]f-ُ5A!CŔǬ'e 3= XK:]hʹ޵uLO-,=3Fq'XiIWꔔ*SBnMs=_ .FTZm vRz%0[ rmi B[e}F2*'t]zxJlÂ#{d,rK0G+v;<$jHY{ǪD=BIi C!4'  #" YZ