Package "linux-oem-5.6-headers-5.6.0-1056"

  linux-oem-5.6 (5.6.0-1050.54) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1050.54 -proposed tracker (LP: #1918665)

  * Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
    - [Config] enable CONFIG_MODVERSIONS=y
    - [Packaging] build canonical-certs.pem from branch/arch certs
    - [Config] add Canonical Livepatch Service key to SYSTEM_TRUSTED_KEYS
    - [Config] add ubuntu-drivers key to SYSTEM_TRUSTED_KEYS
    - [Config] Allow ASM_MODVERSIONS and MODULE_REL_CRCS

 -- Timo Aaltonen <email address hidden> Thu, 11 Mar 2021 20:32:01 +0200

  linux-oem-5.6 (5.6.0-1048.52) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker (LP: #1913153)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test
    result (LP: #1908499)
    - selftests: fix the return value for UDP GRO test

  * CVE-2020-27815
    - jfs: Fix array index bounds check in dbAdjTree

  * CVE-2020-25704
    - perf/core: Fix a memory leak in perf_event_parse_addr_filter()

  * CVE-2020-25643
    - hdlc_ppp: add range checks in ppp_cp_parse_cr()

  * CVE-2020-25641
    - block: allow for_each_bvec to support zero len bvec

  * CVE-2020-25284
    - rbd: require global CAP_SYS_ADMIN for mapping and unmapping

  * CVE-2020-25212
    - nfs: Fix getxattr kernel panic and memory overflow

  * CVE-2020-28588
    - lib/syscall: fix syscall registers retrieval on 32-bit platforms

  * CVE-2020-29371
    - romfs: fix uninitialized memory leak in romfs_dev_read()

  * CVE-2020-29369
    - mm/mmap.c: close race between munmap() and expand_upwards()/downwards()

  * CVE-2020-29368
    - mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()

  * CVE-2020-29660
    - tty: Fix ->session locking

  * CVE-2020-29661
    - tty: Fix ->pgrp locking in tiocspgrp()

  * CVE-2020-35508
    - fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent

  * CVE-2020-24490
    - Bluetooth: fix kernel oops in store_pending_adv_report

  * CVE-2020-14314
    - ext4: fix potential negative array index in do_split()

  * CVE-2020-10135
    - Bluetooth: Consolidate encryption handling in hci_encrypt_cfm
    - Bluetooth: Disconnect if E0 is used for Level 4

  * CVE-2020-27152
    - KVM: ioapic: break infinite recursion on lazy EOI

  * CVE-2020-28915
    - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h
    - Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts

  * CVE-2020-15437
    - serial: 8250: fix null-ptr-deref in serial8250_start_tx()

  * CVE-2020-15436
    - block: Fix use-after-free in blkdev_get()

  * switch to an autogenerated nvidia series based core via dkms-versions
    (LP: #1912803)
    - [Config] dkms-versions -- add transitional/skip information for nvidia
      packages
    - [Packaging] nvidia -- use dkms-versions to define versions built
    - [Packaging] update-version-dkms -- maintain flags fields

  * S3 stress test fails with amdgpu errors (LP: #1909453)
    - drm/amdgpu: asd function needs to be unloaded in suspend phase
    - drm/amdgpu: add TMR destory function for psp

 -- Timo Aaltonen <email address hidden> Thu, 18 Feb 2021 13:11:14 +0200

  linux-oem-5.6 (5.6.0-1047.51) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1047.51 -proposed tracker (LP: #1914751)

  * Exploitable vulnerabilities in AF_VSOCK implementation (LP: #1914668)
    - vsock: fix the race conditions in multi-transport support

 -- Thadeu Lima de Souza Cascardo <email address hidden> Fri, 05 Feb 2021 08:01:29 -0300

  linux-oem-5.6 (5.6.0-1042.46) focal; urgency=medium

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-1052 // CVE-2021-1053
    - [Packaging] NVIDIA -- Add the NVIDIA 460 driver

 -- Thadeu Lima de Souza Cascardo <email address hidden> Wed, 06 Jan 2021 21:22:27 -0300

  linux-oem-5.6 (5.6.0-1039.43) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1039.43 -proposed tracker (LP: #1909420)

  * Fix suspend error of SOF driver (LP: #1908713)
    - Revert "ALSA: hda: Refactor codec PM to use direct-complete optimization"

  * Packaging resync (LP: #1786013)
    - [Packaging] update variants

  * Killer 500s (QCA6390) WLAN/BT [17cb:1101] unavailable (LP: #1879633)
    - Bluetooth: btusb: Add flag to define wideband speech capability
    - Bluetooth: Support querying for WBS support through MGMT
    - Bluetooth: Enable erroneous data reporting if WBS is supported
    - Bluetooth: Increment management interface revision
    - Bluetooth: fix off by one in err_data_reporting cmd masks.
    - Bluetooth: mgmt: add mgmt_cmd_status in add_advertising
    - mac80211: add 802.11 encapsulation offloading support
    - mac80211: fix tx status for no ack cases
    - nl80211: add handling for BSS color
    - mac80211: add handling for BSS color
    - mac80211: allow setting queue_len for drivers not using wake_tx_queue
    - Bluetooth: hci_qca: Enable clocks required for BT SOC
    - Bluetooth: hci_qca: Optimized code while enabling clocks for BT SOC
    - mac80211: fix 11w when using encapsulation offloading
    - ath11k: Silence clang -Wsometimes-uninitialized in
      ath11k_update_per_peer_stats_from_txcompl
    - ath11k: drop tx_info from ath11k_sta
    - ath11k: add HE rate accounting to driver
    - ath11k: fix rcu lock protect in peer assoc confirmation
    - ath11k: fix warn-on in disassociation
    - ath11k: fix parsing PPDU_CTRL type in pktlog
    - ath11k: Fixing dangling pointer issue upon peer delete failure
    - ath11k: fix incorrect peer stats counters update
    - Bluetooth: hci_qca: Bug fixes while collecting controller memory dump
    - net: qrtr: Migrate nameservice to kernel from userspace
    - net: qrtr: Fix the local node ID as 1
    - net: qrtr: fix spelling mistake "serivce" -> "service"
    - net: qrtr: Fix error pointer vs NULL bugs
    - Bluetooth: Replace zero-length array with flexible-array member
    - Bluetooth: hci_qca: Not send vendor pre-shutdown command for QCA Rome
    - Bluetooth: btqca: Fix the NVM baudrate tag offcet for wcn3991
    - net: qrtr: Respond to HELLO message
    - net: qrtr: Fix FIXME related to qrtr_ns_init()
    - soc: qcom: Do not depend on ARCH_QCOM for QMI helpers
    - Bluetooth: hci_qca: Make bt_en and susclk not mandatory for QCA Rome
    - Bluetooth: hci_qca: Replace devm_gpiod_get() with devm_gpiod_get_optional()
    - ath11k: config reorder queue for all tids during peer setup
    - ath11k: add thermal cooling device support
    - ath11k: add thermal sensor device support
    - ath11k: Use scnprintf() for avoiding potential buffer overflow
    - ath11k: handle RX fragments
    - ath11k: enable PN offload
    - ath11k: set queue_len to 4096
    - ath11k: add WMI calls required for handling BSS color
    - ath11k: add handling for BSS color
    - ath11k: Supporting RX ring backpressure HTT event and stats handling
    - ath11k: fill channel info from rx channel
    - ath11k: dump SRNG stats during FW assert
    - ath11k: Adding proper validation before accessing tx_stats
    - ath11k: Configure hash based reo destination ring selection
    - ath11k: Perform per-msdu rx processing
    - cfg80211: fix kernel-doc notation
    - bus: mhi: core: Add support for registering MHI controllers
    - bus: mhi: core: Add support for registering MHI client drivers
    - bus: mhi: core: Add support for creating and destroying MHI devices
    - bus: mhi: core: Add support for ringing channel/event ring doorbells
    - bus: mhi: core: Add support for PM state transitions
    - bus: mhi: core: Add support for basic PM operations
    - bus: mhi: core: Add support for downloading firmware over BHIe
    - bus: mhi: core: Add support for downloading RDDM image during panic
    - bus: mhi: core: Add support for processing events from client device
    - bus: mhi: core: Add support for data transfer
    - bus: mhi: core: Add uevent support for module autoloading
    - MAINTAINERS: Add entry for MHI bus
    - bus/mhi: fix printk format for size_t
    - bus: mhi: core: Pass module owner during client driver registration
    - bus: mhi: core: Add support for reading MHI info from device
    - bus: mhi: core: Initialize bhie field in mhi_cntrl for RDDM capture
    - bus: mhi: core: Drop the references to mhi_dev in mhi_destroy_device()
    - Bluetooth: hci_qca: Add support for Qualcomm Bluetooth SoC QCA6390
    - ath11k: fix compiler warnings without CONFIG_THERMAL
    - ath11k: Add sta debugfs support to configure ADDBA and DELBA
    - ath11k: add pktlog checksum in trace events to support pktlog
    - ath11k: fix error message to correctly report the command that failed
    - ath11k: Increase the tx completion ring size
    - ath11k: Avoid mgmt tx count underflow
    - ath11k: fix duplication peer create on same radio
    - ath11k: Modify the interrupt timer threshold
    - ath11k: Fix TWT radio count
    - ath11k: set IRQ_DISABLE_UNLAZY flag for DP interrupts
    - ath11k: rx path optimizations
    - ath11k: Cleanup in pdev destroy and mac register during crash on recovery
    - ath11k: Fix fw assert by setting proper vht cap
    - ath11k: Fix rx_filter flags setting for per peer rx_stats
    - ath11k: cleanup reo command error code overwritten
    - ath11k: Add dynamic tcl ring selection logic with retry mechanism
    - ath11k: remove conversion to bool in ath11k_dp_rxdesc_mpdu_valid()
    - ath11k: remove conversion to bool in ath11k_debug_fw_stats_process()
    - net: qrtr: Add tracepoint support
    - mac80211: fix two missing documentation entries
    - ath11k: fix reo flush send
    - ath11k: use GFP_ATOMIC under spin lock
    - Bluetooth: hci_qca: add compatible for QCA9377
    - Bluetooth: hci_qca: allow max-speed to be set for QCA9377 devices
    - bus: mhi: core: Add support for MHI suspend and resume
    - bus: