Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2020:3014-1
Rating:	important
References:	bsc#1055186 bsc#1058115 bsc#1065600 bsc#1065729 bsc#1094244 bsc#1112178 bsc#1113956 bsc#1136666 bsc#1140683 bsc#1152148 bsc#1154366 bsc#1163524 bsc#1165629 bsc#1166965 bsc#1167527 bsc#1169972 bsc#1170232 bsc#1171558 bsc#1171688 bsc#1171742 bsc#1172073 bsc#1172538 bsc#1172873 bsc#1173060 bsc#1173115 bsc#1174748 bsc#1174899 bsc#1175228 bsc#1175520 bsc#1175667 bsc#1175691 bsc#1175749 bsc#1175882 bsc#1176011 bsc#1176022 bsc#1176038 bsc#1176069 bsc#1176235 bsc#1176242 bsc#1176278 bsc#1176316 bsc#1176317 bsc#1176318 bsc#1176319 bsc#1176320 bsc#1176321 bsc#1176381 bsc#1176395 bsc#1176400 bsc#1176410 bsc#1176423 bsc#1176482 bsc#1176507 bsc#1176536 bsc#1176544 bsc#1176545 bsc#1176546 bsc#1176548 bsc#1176659 bsc#1176698 bsc#1176699 bsc#1176700 bsc#1176721 bsc#1176722 bsc#1176725 bsc#1176732 bsc#1176788 bsc#1176789 bsc#1176869 bsc#1176877 bsc#1176935 bsc#1176946 bsc#1176950 bsc#1176962 bsc#1176966 bsc#1176990 bsc#1177027 bsc#1177030 bsc#1177041 bsc#1177042 bsc#1177043 bsc#1177044 bsc#1177121 bsc#1177206 bsc#1177258 bsc#1177291 bsc#1177293 bsc#1177294 bsc#1177295 bsc#1177296 bsc#1177340 bsc#1177511
Cross-References:	CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-14381 CVE-2020-14386 CVE-2020-14390 CVE-2020-1749 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-26088
CVSS scores:	CVE-2020-0404 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-0404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-0427 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-0427 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-0431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-0431 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-0432 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-0432 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14381 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14381 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14386 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-14386 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14386 ( NVD ): 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-14390 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-14390 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H CVE-2020-1749 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-1749 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-25212 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-25212 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-25284 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-25284 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2020-25641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25641 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25643 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-25643 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-25645 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-25645 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-26088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-26088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Products:	SUSE Linux Enterprise Real Time 15 SP1 SUSE Real Time Module 15-SP1

An update that solves 14 vulnerabilities and has 78 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-25643: Added range checks in ppp_cp_parse_cr() (bsc#1177206).
CVE-2020-25641: Allowed for_each_bvec to support zero len bvec (bsc#1177121).
CVE-2020-25645: Added transport ports in route lookup for geneve (bsc#1177511).
CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725).
CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721).
CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
CVE-2020-14386: Fixed a memory corruption which could have been exploited to gain root privileges from unprivileged processes (bsc#1176069).
CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1165629).
CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990).

The following non-security bugs were fixed:

ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes).
ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes).
arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#SLE-4084).
arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
ASoC: tegra: Fix reference count leaks (git-fixes).
batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
bcache: allocate meta data pages as compound pages (bsc#1172873).
bcache: Convert pr_<level> uses to a more typical style (git fixes (block drivers)).
bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
bcm63xx_enet: correct clock usage (git-fixes).
bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes (bitfield)).
blktrace: fix debugfs use after free (git fixes (block drivers)).
block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)).
block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148).
block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148).
block: revert back to synchronous request_queue removal (git fixes (block drivers)).
block: Use non _rcu version of list functions for tag_set_list (git-fixes).
bnxt_en: Fix completion ring sizing with TPA enabled (networking-stable-20_07_29).
bonding: check error value of register_netdevice() immediately (git-fixes).
bonding: check return value of register_netdevice() in bond_newlink() (git-fixes).
bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM (git-fixes).
btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789).
btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
ceph: do not allow setlease on cephfs (bsc#1177041).
ceph: fix potential mdsc use-after-free crash (bsc#1177042).
ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
ceph: handle zero-length feature mask in session messages (bsc#1177044).
cfg80211: regulatory: reject invalid hints (bsc#1176699).
char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667).
cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
clk: Add (devm_)clk_get_optional() functions (git-fixes).
constrants: fix malformed XML Closing tag of an element is "</foo>", not "<foo/>". Fixes: 8b37de2eb835 ("rpm/constraints.in: Increase memory for kernel-docs")
cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#1176966).
Created new preempt kernel flavor (jsc#SLE-11309) Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel.
device property: Fix the secondary firmware node handling in set_primary_fwnode() (git-fixes).
dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate() (git-fixes).
dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling (git-fixes).
dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes).
dm crypt: avoid truncating the logical block size (git fixes (block drivers)).
dm: fix redundant IO accounting for bios that need splitting (git fixes (block drivers)).
dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block drivers)).
dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)).
dm: report suspended device during destroy (git fixes (block drivers)).
dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes (block drivers)).
dm: use noio when sending kobject event (git fixes (block drivers)).
dm writecache: add cond_resched to loop in persistent_memory_claim() (git fixes (block drivers)).
dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)).
dm zoned: assign max_io_len correctly (git fixes (block drivers)).
Drivers: hv: balloon: Remove dependencies on guest page size (git-fixes).
Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877).
Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (git-fixes).
drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails (git-fixes).
drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
drm/amdkfd: Fix reference count leaks (git-fixes).
drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context changes
drm/msm/adreno: fix updating ring fence (git-fixes).
drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open (git-fixes).
drm/nouveau: Fix reference count leak in nouveau_connector_detect (git-fixes).
drm/nouveau: fix reference count leak in nv50_disp_atomic_commit (git-fixes).
drm/radeon: fix multiple reference count leak (git-fixes).
drm/radeon: Prefer lower feedback dividers (git-fixes).
drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600).
EDAC: Fix reference count leaks (bsc#1112178).
fbcon: prevent user font height or width change from causing (bsc#1112178)
Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
fsl/fman: check dereferencing null pointer (git-fixes).
fsl/fman: fix dereference null return value (git-fixes).
fsl/fman: fix eth hash table allocation (git-fixes).
fsl/fman: fix unreachable code (git-fixes).
fsl/fman: use 32-bit unsigned integer (git-fixes).
ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() (git-fixes).
gtp: fix Illegal context switch in RCU read-side critical section (git-fixes).
gtp: fix use-after-free in gtp_newlink() (git-fixes).
HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() (git-fixes).
hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes).
hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
hv_balloon: Balloon up according to request page number (git-fixes).
hv_balloon: Use a static page for the balloon_up send buffer (git-fixes).
hv_netvsc: Allow scatter-gather feature to be tunable (git-fixes).
hv_netvsc: Fix a warning of suspicious RCU usage (git-fixes).
hv_netvsc: flag software created hash value (git-fixes).
hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
hv_utils: return error if host timesysnc update is stale (bsc#1176877).
i2c: core: Do not fail PRP0001 enumeration when no ID table exist (git-fixes).
i2c: rcar: in slave mode, clear NACK earlier (git-fixes).
ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
include: add additional sizes (bsc#1094244 ltc#168122).
iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177293).
iommu/amd: Fix potential @entry null deref (bsc#1177294).
iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176316).
iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177295).
iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177296).
iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#1176319).
iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
kabi: hide new parameter of ip6_dst_lookup_flow() (bsc#1165629).
kabi: mask changes to struct ipv6_stub (bsc#1165629).
kernel-docs: Change Requires on python-Sphinx to earlier than version 3 References: bsc#1166965 From 3 on the internal API that the build system uses was rewritten in an incompatible way. See https://github.com/sphinx-doc/sphinx/issues/7421 and https://bugzilla.suse.com/show_bug.cgi?id=1166965#c16 for some details.
KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and non-VHE (jsc#SLE-4084).
KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put for VHE (jsc#SLE-4084).
KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#SLE-4084).
KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE (jsc#SLE-4084).
KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#SLE-4084).
KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#SLE-4084).
KVM: arm64: Factor out fault info population and gic workarounds (jsc#SLE-4084).
KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#SLE-4084).
KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions (jsc#SLE-4084).
KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#SLE-4084).
KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#SLE-4084).
KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#SLE-4084).
KVM: arm64: Move userspace system registers into separate function (jsc#SLE-4084).
KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers (jsc#SLE-4084).
KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#SLE-4084).
KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#SLE-4084).
KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
KVM: arm64: Rewrite system register accessors to read/write functions (jsc#SLE-4084).
KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc#SLE-4084).
KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#SLE-4084).
KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#SLE-4084).
KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#SLE-4084).
KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE (jsc#SLE-4084).
KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#SLE-4084).
KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#SLE-4084).
KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#SLE-4084).
KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#SLE-4084).
KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#SLE-4084).
KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#SLE-4084).
KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#SLE-4084).
KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM (bsc#1176321).
KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#1112178).
KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
libceph: allow setting abort_on_full for rbd (bsc#1169972).
libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
libnvdimm: cover up struct nvdimm changes (bsc#1171742).
libnvdimm/security, acpi/nfit: unify zero-key for all security commands (bsc#1171742).
libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block drivers)).
md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)).
media: davinci: vpif_capture: fix potential double free (git-fixes).
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes).
mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
mlx4: disable device on shutdown (git-fixes).
mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).
mlxsw: core: Increase scope of RCU read-side critical section (git-fixes).
mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#1154366).
mmc: cqhci: Add cqhci_deactivate() (git-fixes).
mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based controllers (git-fixes).
mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/pgalloc)).
mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/vmalloc)).
mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).
net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() (git-fixes).
net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
net: ethernet: aquantia: Fix wrong return value (git-fixes).
net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (git-fixes).
net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
net: initialize fastreuse on inet_inherit_port (networking-stable-20_08_15).
net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
net: lio_core: fix potential sign-extension overflow on large shift (git-fixes).
net/mlx5: Add meaningful return codes to status_to_err function (git-fixes).
net/mlx5e: Fix error path of device attach (git-fixes).
net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes).
net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded (git-fixes).
net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).
net: mvneta: fix mtu change on port without link (git-fixes).
net: mvpp2: fix memory leak in mvpp2_rx (git-fixes).
net-next: ax88796: Do not free IRQ in ax_remove() (already freed in ax_close()) (git-fixes).
net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
net: qca_spi: Avoid packet drop during initial sync (git-fixes).
net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init (git-fixes).
net: refactor bind_bucket fastreuse into helper (networking-stable-20_08_15).
net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).
net/smc: fix dmb buffer shortage (git-fixes).
net/smc: fix restoring of fallback changes (git-fixes).
net/smc: fix sock refcounting in case of termination (git-fixes).
net/smc: improve close of terminated socket (git-fixes).
net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
net/smc: remove freed buffer from list (git-fixes).
net/smc: reset sndbuf_desc if freed (git-fixes).
net/smc: set rx_off for SMCR explicitly (git-fixes).
net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
net/smc: tolerate future SMCD versions (git-fixes).
net: spider_net: Fix the size used in a 'dma_free_coherent()' call (git-fixes).
net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing() (git-fixes).
net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
net: stmmac: do not stop NAPI processing when dropping a packet (git-fixes).
net: stmmac: dwmac4: fix flow control issue (git-fixes).
net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset function (git-fixes).<