Package "linux-nvidia-tegra"

  linux-nvidia-tegra (6.8.0-1020.20) noble; urgency=medium

  [ Ubuntu-realtime: 6.8.1-1045.46 ]

  [ Ubuntu: 6.8.0-106.106 ]
  * Miscellaneous upstream changes
    - apparmor: validate DFA start states are in bounds in unpack_pdb
    - apparmor: fix memory leak in verify_header
    - apparmor: replace recursive profile removal with iterative approach
    - apparmor: fix: limit the number of levels of policy namespaces
    - apparmor: fix side-effect bug in match_char() macro usage
    - apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
    - apparmor: Fix double free of ns_name in aa_replace_profiles()
    - apparmor: fix unprivileged local user can do privileged policy
      management
    - apparmor: fix differential encoding verification
    - apparmor: fix race on rawdata dereference
    - apparmor: fix race between freeing data and fs accessing it

 -- Jacob Martin <email address hidden> Fri, 06 Mar 2026 21:20:37 -0600

  linux-nvidia-tegra (6.8.0-1016.16) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1016.16 -proposed tracker (LP: #2140352)

  * apply NVIDIA k6.8 patches Feb 3, 2026 (LP: #2140033)
    - NVIDIA: SAUCE: iommu/dma: Check for valid page before accessing P2PDMA
      state

  linux-nvidia-tegra (6.8.0-1013.13) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1013.13 -proposed tracker (LP: #2131246)

  * NVIDIA k6.8 patches Oct 9, 2025 (LP: #2127135)
    - NVIDIA: SAUCE: ASoC: tegra: Increasing max period/buffer size
    - Revert "NVIDIA: SAUCE: usb: host: xhci: Fix USB2 HW LPM port number"
    - xhci: stored cached port capability values in one place
    - xhci: remove xhci_check_usb2_port_capability helper
    - Revert "NVIDIA: SAUCE: usb: gadget: serial: Fix possible race with
      close"
    - Revert "usb: gadget: u_serial: Add null pointer check in gs_start_io"
    - usb: gadget: u_serial: Fix race condition in TTY wakeup
    - NVIDIA: SAUCE: i2c: tegra: Do not mark ACPI devices and PREEMPT_RT as
      irq safe
    - NVIDIA: SAUCE: kconfig: Add config for production build
    - NVIDIA: SAUCE: arm64: configs: Update recovery defconfig
    - NVIDIA: SAUCE: pwm: tegra: Fix types of input arguments
    - NVIDIA: SAUCE: tegra_hv: Add sysfs to trigger HVC
    - NVIDIA: SAUCE: arch: arm64: configs: Sanitize the defconfig
    - NVIDIA: SAUCE: arch: arm64: configs: Disable Unsupported Tegra configs
    - NVIDIA: SAUCE: arch: arm64: Enable kprobes config
    - NVIDIA: SAUCE: ARM64: configs: Disable frequency governor configs
    - NVIDIA: SAUCE: arm64: prod_defconfig: Enable PCIe hotplug
    - NVIDIA: SAUCE: arm64: configs: tegra: enable Yama
    - NVIDIA: SAUCE: arm64: prod_defconfig: add T264 support
    - NVIDIA: SAUCE: arm64: prod_defconfig: Remove unused CONFIGs
    - NVIDIA: SAUCE: tegra_prod_defconfig: Disable configs
    - iommu/arm-smmu-v3: Issue a batch of commands to the same cmdq
    - iommu/arm-smmu-v3: Pass in cmdq pointer to arm_smmu_cmdq_build_sync_cmd
    - iommu/arm-smmu-v3: Pass in cmdq pointer to arm_smmu_cmdq_init
    - iommu/arm-smmu-v3: Make symbols public for CONFIG_TEGRA241_CMDQV
    - iommu/arm-smmu-v3: Add ARM_SMMU_OPT_TEGRA241_CMDQV
    - iommu/arm-smmu-v3: Add acpi_smmu_iort_probe_model for impl
    - iommu/arm-smmu-v3: Add struct arm_smmu_impl_ops
    - iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace)
      CMDQV
    - iommu/arm-smmu-v3: Start a new batch if new command is not supported
    - iommu/tegra241-cmdqv: Limit CMDs for VCMDQs of a guest owned VINTF
    - iommu/tegra241-cmdqv: Fix -Wformat-truncation warnings in
      lvcmdq_error_header
    - iommu/tegra241-cmdqv: Fix ioremap() error handling in probe()
    - iommu/tegra241-cmdqv: Drop static at local variable
    - iommu/tegra241-cmdqv: Do not allocate vcmdq until
      dma_set_mask_and_coherent
    - iommu/tegra241-cmdqv: Staticize cmdqv_debugfs_dir
    - iommu/tegra241-cmdqv: Fix unused variable warning
    - iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift
    - iommu/tegra241-cmdqv: do not use smp_processor_id in preemptible context
    - iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding
    - iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()
    - NVIDIA: SAUCE: mmc: sd: Add quirk for SanDisk SR64G Extreme Pro power
      off notify timeout
    - NVIDIA: SAUCE: i2c: tegra: Fix the order of mutex unlock
    - i2c: tegra: Fix reset error handling with ACPI
    - i2c: tegra: Use internal reset when reset property is not available
    - NVIDIA: SAUCE: i2c: tegra: Add Tegra256 I2C controller support
    - NVIDIA: SAUCE: serial: amba-pl011: Do not use IBRD
    - Revert "NVIDIA: SAUCE: arm64: configs: Enable ext* xattr & ACL"
    - NVIDIA: SAUCE: iommu/arm-smmu-v3: use reserved memory for allocations
    - NVIDIA: SAUCE: tegra_hv: cert & misra fixes in tegra_hv.c drv
    - NVIDIA: SAUCE: virt: add sanity checks for ivc info's metadata
    - NVIDIA: SAUCE: tegra_hv: don't expose mempool and ivc address in logs
    - NVIDIA: SAUCE: tegra_hv: add support of async error diagnostics in
      tegra_hv driver
    - NVIDIA: SAUCE: tegra_hv: use prod kernel flag exposed by defconfig
    - NVIDIA: SAUCE: tegra_hv: add max number of vmid check
    - NVIDIA: SAUCE: t256s: gpio: add gpio support for tegra256
    - NVIDIA: SAUCE: gpio-tegra: add is_tegra_hypervisor check
    - Revert "NVIDIA: SAUCE: iommu/arm-smmu-v3: add suspend/resume support"
    - NVIDIA: SAUCE: iommu/arm-smmu-v3: add suspend/resume support
    - NVIDIA: SAUCE: iommu/arm-smmu-v3: Add pm suspend op
    - NVIDIA: SAUCE: ivc: generate warning instead of panicing the target
    - NVIDIA: SAUCE: ivc: fix comments raised by secure code inspection
    - NVIDIA: SAUCE: ivc: cert & misra fixes in ivc.c drv
    - NVIDIA: SAUCE: tegra_hv: use kzalloc instead of kmalloc
    - NVIDIA: SAUCE: tegra_hv: remove tegra_hv_ivc_convert_cookie API
    - NVIDIA: SAUCE: tegra_hv: clear out memory before release
    - NVIDIA: SAUCE: tegra_hv: stop logging total mempool & ivc memory size
    - NVIDIA: SAUCE: tegra_hv: cert & misra fixes
    - NVIDIA: SAUCE: iommu/arm-smmu-v3: Add device-tree support in
      tegra241-cmdqv driver
    - NVIDIA: SAUCE: iommu/tegra241-cmdqv: WAR for 64-bit writes on NV HV
    - NVIDIA: SAUCE: iommu/arm-smmu-v3: Retain prod and cons after resume
    - NVIDIA: SAUCE: arm64: configs: Enable SCSI_UFS_DWC_TC_PLATFORM support
    - NVIDIA: SAUCE: PCI: of: Use of_property_present()
    - NVIDIA: SAUCE: i2c: tegra: Use of_property_present()
    - NVIDIA: SAUCE: arm64: configs: Enable CMDQV
    - NVIDIA: SAUCE: tegra_hv: doxygen comment fixes in hv drivers
    - NVIDIA: SAUCE: hv-ivc: add doxygen comment
    - NVIDIA: SAUCE: tegra_hv: clear out memory while unreserving ivc queue
    - NVIDIA: SAUCE: tegra_hv: cert & misra fixes
    - NVIDIA: SAUCE: i2c: tegra: Use separate variables for fast and fastplus
    - NVIDIA: SAUCE: i2c: tegra: Use fast mode for master code byte of HS mode
    - NVIDIA: SAUCE: i2c: tegra: Fix SCL low time violation in FM
    - Revert "NVIDIA: SAUCE: PCI: tegra194: Refactor EP initialization
      completion"
    - NVIDIA: SAUCE: PCI: tegra194: Fix core_clk rate set
    - NVIDIA: SAUCE: pci: Move dw_pcie_

  linux-nvidia-tegra (6.8.0-1012.12) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1012.12 -proposed tracker (LP: #2127978)

  * Enable KVM on noble:linux-nvidia-tegra (LP: #2127981)
    - [Config] nvidia-tegra: Enable KVM

  * Packaging resync (LP: #1786013)
    - [Packaging] nvidia-tegra: Remove dwarfdump from Build-Depends

  * NVIDIA k6.8 patches Oct 9, 2025 (LP: #2127135)
    - NVIDIA: SAUCE: tegra-epl: Map mission status reg if only required
    - NVIDIA: SAUCE: tegra-epl: allow tegra-epl to be built as module
    - NVIDIA: SAUCE: tegra-epl: add plausibility checks and improve error
      handling
    - NVIDIA: SAUCE: soc/tegra: pmc: Remove reset status sysfs nodes
    - NVIDIA: SAUCE: soc/tegra: pmc: Add sysfs nodes to select boot chain

  [ Ubuntu-realtime: 6.8.1-1037.38 ]

  * noble/linux-realtime: 6.8.1-1037.38 -proposed tracker (LP: #2127430)
  * Packaging resync (LP: #1786013)
    - [Packaging] realtime: Remove dwarfdump from Build-Depends
  [ Ubuntu: 6.8.0-87.88 ]
  * noble/linux: 6.8.0-87.88 -proposed tracker (LP: #2127436)
  * CVE-2025-37838
    - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol
      Driver Due to Race Condition
  * VMSCAPE CVE-2025-40300 (LP: #2124105) // CVE-2025-40300
    - Documentation/hw-vuln: Add VMSCAPE documentation
    - x86/vmscape: Enumerate VMSCAPE bug
    - x86/vmscape: Add conditional IBPB mitigation
    - x86/vmscape: Enable the mitigation
    - x86/bugs: Move cpu_bugs_smt_update() down
    - x86/vmscape: Warn when STIBP is disabled with SMT
    - x86/vmscape: Add old Intel CPUs to affected list
  * VMSCAPE CVE-2025-40300 (LP: #2124105)
    - [Config] Enable MITIGATION_VMSCAPE config
  * CVE-2025-38352
    - posix-cpu-timers: fix race between handle_posix_cpu_timers() and
      posix_cpu_timer_del()
  * CVE-2025-38118
    - Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
    - Bluetooth: MGMT: Fix sparse errors

  [ Ubuntu-realtime: 6.8.1-1036.37 ]

  * noble/linux-realtime: 6.8.1-1036.37 -proposed tracker (LP: #2125385)
  [ Ubuntu: 6.8.0-86.87 ]
  * noble/linux: 6.8.0-86.87 -proposed tracker (LP: #2125391)
    - Fix FTBS caused by incorrect pick/backport of
      "perf dso: fix dso__is_kallsyms() check"
  * noble ubuntu_ftrace_smoke_test:mmiotrace timeout on aws:r5.metal
    (LP: #2121673)
    - mm: memcg: add NULL check to obj_cgroup_put()
    - memcg: drain obj stock on cpu hotplug teardown
  * [25.04 FEAT] [post announcement] [KRN2304] CPU-MF Counters for new IBM Z
    hardware - perf part (LP: #2103415)
    - perf list: Add IBM z17 event descriptions
  * memory leaks when configuring a small rate limit in audit (LP: #2122554)
    - audit: fix skb leak when audit rate limit is exceeded
  * [UBUNTU 24.04] PAI/NNPA support for new IBM z17 (LP: #2121956)
    - s390/pai: export number of sysfs attribute files
    - s390/pai_crypto: Add support for MSA 10 and 11 pai counters
    - s390/pai_ext: Update PAI extension 1 counters
  * [UBUNTU 24.04] s390/pci: Don't abort recovery for user-space drivers
    (LP: #2121150)
    - s390/pci: Allow automatic recovery with minimal driver support
  * [UBUNTU 24.04] s390/pci: Fix stale function handles in error handling
    (LP: #2121149)
    - s390/pci: Fix stale function handles in error handling
    - s390/pci: Do not try re-enabling load/store if device is disabled
  * [UBUNTU 24.04] vfio/pci: fix 8-byte PCI loads and stores (LP: #2121146)
    - vfio/pci: Extract duplicated code into macro
    - vfio/pci: Support 8-byte PCI loads and stores
    - vfio/pci: Fix typo in macro to declare accessors
  * x86 systems with PCIe BAR addresses located outside a certain range see
    P2PDMA allocation failures and CUDA initialization errors (LP: #2120209)
    - x86/kaslr: Reduce KASLR entropy on most x86 systems
    - x86/mm/init: Handle the special case of device private pages in
      add_pages(), to not increase max_pfn and trigger
      dma_addressing_limited() bounce buffers
  * sources list generation using dwarfdump takes up to 0.5hr in build process
    (LP: #2104911)
    - [Packaging] Don't generate list of source files
  * [SRU] Apparmor: Unshifted uids for hardlinks and unix sockets in user
    namespaces (LP: #2121257)
    - apparmor: shift ouid when mediating hard links in userns
    - apparmor: shift uid when mediating af_unix in userns
  * UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:452:16
    (LP: #2119713)
    - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
  * [IdeaPad Slim 5 13ARP10 , 83J2] Microphone on AMD Ryzen 7 7735HS does not
    work (LP: #2102749)
    - ASoC: amd: yc: update quirk data for new Lenovo model
  * Fix compilation failure because of incomplete backport (LP: #2120561)
    - SAUCE: netfilter: ctnetlink: Fix -Wuninitialized in
      ctnetlink_secctx_size()
  * Noble update: upstream stable patchset 2025-09-01 (LP: #2121716)
    - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test
    - cpufreq: scpi: compare kHz instead of Hz
    - smack: dont compile ipv6 code unless ipv6 is configured
    - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update()
    - EDAC/{skx_common,i10nm}: Fix some missing error reports on Emerald
      Rapids
    - x86/fpu: Fix guest FPU state buffer allocation size
    - x86/fpu: Avoid copying dynamic FP state from init_task in
      arch_dup_task_struct()
    - x86/platform: Only allow CONFIG_EISA for 32-bit
    - [Config] updateconfigs after disabling CONFIG_EISA for amd64
    - x86/sev: Add missing RIP_REL_REF() invocations during sme_enable()
    - lockdep/mm: Fix might_fault() lockdep check of current->mm->mmap_lock
    - PM: sleep: Adjust check before setting power.must_resume
    - RISC-V: KVM: Disable the kernel perf counter during configure
    - selinux: Chain up tool resolving errors in install_policy.sh
    - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer
    - EDAC/ie31200: Fix the DIMM size mask for several SoCs
    - EDAC/ie312

  linux-nvidia-tegra (6.8.0-1010.10) noble; urgency=medium

  * noble/linux-nvidia-tegra: 6.8.0-1010.10 -proposed tracker (LP: #2121952)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  * n/nvidia-tegra: Migrate embargoed patches from n/nvidia-tegra-pvw
    (LP: #2120190)
    - NVIDIA: SAUCE: arm64: configs: Enable ARM_FFA config
    - NVIDIA: SAUCE: arm64: configs: Align prod_defconfig with k6.1
    - NVIDIA: SAUCE: arm64: configs: Enable platform keyring configs
    - NVIDIA: SAUCE: arm64: configs: Enable oops/panic logs to block device
    - NVIDIA: SAUCE: arm64: configs: Enable ZRAM config as module
    - NVIDIA: SAUCE: arm64: configs: enable PSTORE ramoops logging
    - NVIDIA: SAUCE: arm64: configs: Enable CX7 dependent modules
    - NVIDIA: SAUCE: arm64: configs: Enable MLX INFINIBAND modules
    - NVIDIA: SAUCE: arm64: configs: enable CONFIG_IP_NF_TARGET_REDIRECT
    - NVIDIA: SAUCE: arm64: configs: additional kubernetes related configs
    - NVIDIA: SAUCE: arm64: configs: Enable CONFIG_EXFAT_FS
    - NVIDIA: SAUCE: arm64: configs: Enable sync sched macro
    - NVIDIA: SAUCE: arm64: configs: disable LOGO
    - NVIDIA: SAUCE: arm64: configs: enable joystick driver
    - NVIDIA: SAUCE: arm64: configs: Enable CONFIG_CRYPTO_USER_API_* as module
    - NVIDIA: SAUCE: arm64: configs: enable cfs bandwidth for k8s
    - NVIDIA: SAUCE: arm64: configs: enable few matches for netfliter
    - NVIDIA: SAUCE: arm64: configs: enable QFMT_V2 for quota
    - NVIDIA: SAUCE: arm64: configs: Enable userspace I/O driver
    - NVIDIA: SAUCE: arm64: configs: enable USB tethering
    - NVIDIA: SAUCE: arm64: configs: Enable usb UAS support
    - NVIDIA: SAUCE: arm64: configs: Enable ext* xattr & ACL
    - NVIDIA: SAUCE: arm64: configs: Enable fuzzing configs
    - NVIDIA: SAUCE: arm64: configs: enable CONFIG_ARCH_TEGRA_264_SOC
    - NVIDIA: SAUCE: net: phy: aquantia: Remove polling PHY system side
      interface
    - NVIDIA: SAUCE: net: phy: aquantia: Fix PHY interfaces
    - NVIDIA: SAUCE: bpmp: ABI headers update
    - NVIDIA: SAUCE: dmaengine: tegra: Use struct for register offsets
    - NVIDIA: SAUCE: dmaengine: tegra: Support more than 40 bits address width
    - NVIDIA: SAUCE: dmaengine: tegra: Add Tegra264 support
    - NVIDIA: SAUCE: dmaengine: tegra: Remove reset control
    - NVIDIA: SAUCE: tegra: ADMA: Add tegra264 support
    - NVIDIA: SAUCE: i2c: tegra: Add HS mode support
    - NVIDIA: SAUCE: i2c: tegra: Add SW Mutex support in Tegra264
    - NVIDIA: SAUCE: i2c: tegra: Add Tegra264 support
    - NVIDIA: SAUCE: tty/serial: tegra-utc: Add Tegra UTC driver
    - NVIDIA: SAUCE: tty/serial: tegra-utc: Add support for earlycon
    - NVIDIA: SAUCE: tty/serial: tegra-utc: Add support for polling
    - NVIDIA: SAUCE: cpufreq: tegra194: Add support for Tegra264
    - NVIDIA: SAUCE: mailbox: tegra-hsp: Define dimensioning masks in soc data
    - NVIDIA: SAUCE: mailbox: tegra-hsp: Add virtualization support for
      Tegra264
    - NVIDIA: SAUCE: mmc: tegra: use gpio for voltage switching on fpga
    - NVIDIA: SAUCE: sdhci-tegra: t264: Add T264 support for SDMMC1 IP
    - NVIDIA: SAUCE: drivers: nv_ist: Add IST debugfs options
    - NVIDIA: SAUCE: hte: Add tegra264 GTE support
    - NVIDIA: SAUCE: soc/tegra: pmc: Configure internal regulators for
      sdmmc1-hv pad
    - Revert "NVIDIA: SAUCE: soc/tegra: fuse: Add tegra_fuse_control_read"
    - NVIDIA: SAUCE: soc: tegra: cbb: Add support for CBB Chiplet fabrics in
      Tegra264
    - NVIDIA: SAUCE: soc: tegra: cbb: make error interrupt enable and status
      per SoC
    - NVIDIA: SAUCE: soc: tegra: cbb: clear error force register with error
      status
    - NVIDIA: SAUCE: soc: tegra: cbb: update register offsets for NET06
    - NVIDIA: SAUCE: soc: tegra: cbb: update offsets for Vision fabric for
      NET06
    - NVIDIA: SAUCE: soc: tegra: cbb: update register offsets for NET07
    - NVIDIA: SAUCE: soc: tegra: cbb: update register offsets for NET09
    - NVIDIA: SAUCE: soc/tegra: pmc: Add Tegra264 PMC driver
    - NVIDIA: SAUCE: soc: tegra: cbb: update register offsets for NET10
    - NVIDIA: SAUCE: soc: tegra: cbb: handle fabric_id table per soc
    - NVIDIA: SAUCE: soc: tegra: cbb: skip checking slave_map if missing
    - NVIDIA: SAUCE: soc/tegra: pmc: Add Tegra264 ethernet wake event
    - NVIDIA: SAUCE: soc/tegra: pmc: Add Tegra264 PMU wake event
    - NVIDIA: SAUCE: nvmem: Add Tegra efuse driver
    - NVIDIA: SAUCE: ALSA: hda/tegra: Add Tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: CIF: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: AMX: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: ADX: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: ADMAIF: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: I2S: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: AHUB: Add tegra264 support
    - NVIDIA: SAUCE: ASoC: tegra: ASRC: Update ARAM address
    - NVIDIA: SAUCE: ASoC: Update PLL rate for T264
    - NVIDIA: SAUCE: perf: arm_cspmu: add pmpidr support
    - NVIDIA: SAUCE: perf: arm_cspmu: nvidia: add revision id matching
    - NVIDIA: SAUCE: perf: arm_cspmu: nvidia: change event filter as optional
    - NVIDIA: SAUCE: perf: arm_cspmu: add stop counters to impl ops
    - NVIDIA: SAUCE: perf arm-spe: Add Poseidon-AE to neoverse list
    - NVIDIA: SAUCE: phy: tegra: xusb: Add Tegra264 support
    - NVIDIA: SAUCE: usb: gadget: udc: Add Tegra264 support
    - NVIDIA: SAUCE: usb: host: xhci-tegra: Add Tegra264 XHCI support
    - NVIDIA: SAUCE: usb: xhci: skip mbox configuration
    - NVIDIA: SAUCE: phy: xusb: skip USB2 PAD tracking and fuse
    - NVIDIA: SAUCE: xudc: skip SSPX programming in xudc
    - NVIDIA: SAUCE: usb: gadget: xudc: Enable u1/u2 for Tegra264
    - NVIDIA: SAUCE: usb: gadget: xudc: Set the u1 timeout default value to
      0xff
    - NVIDIA: SAUCE: usb: host: xhci: Fix USB2 HW LPM port number
    - NVIDIA: SAUCE: usb: gadget: xudc: ACK ST_RC after clearing CTRL_RUN