Merge branch 'android11-5.4' into android11-5.4-lts

Sync up with android11-5.4 for the following commits:

f95ca5bb UPSTREAM: ipvlan:Fix out-of-bounds caused by unclear skb->cb
6e030b76 UPSTREAM: net/sched: cls_u32: Fix reference counter leak leading to overflow
9de197d0 UPSTREAM: memstick: r592: Fix UAF bug in r592_remove due to race condition
bf851123 BACKPORT: btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()
6165e57a ANDROID: HID: Only utilise UHID provided exports if UHID is enabled
60c1a0be UPSTREAM: bluetooth: Perform careful capability checks in hci_sock_ioctl()
e699d543 ANDROID: HID; Over-ride default maximum buffer size when using UHID
8047bf5f Revert "ANDROID: AVB error handler to invalidate vbmeta partition."
6841a56b UPSTREAM: mailbox: mailbox-test: fix a locking issue in mbox_test_message_write()
229c9edd UPSTREAM: mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write()
431c9e5d UPSTREAM: efi: rt-wrapper: Add missing include
0c867c15 BACKPORT: arm64: efi: Execute runtime services from a dedicated stack
bffea4e7 UPSTREAM: io_uring: have io_kill_timeout() honor the request references
87ed28db UPSTREAM: io_uring: don't drop completion lock before timer is fully initialized
ce6a504d UPSTREAM: io_uring: always grab lock in io_cancel_async_work()
d4fabc5c UPSTREAM: net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize
a9515e06 UPSTREAM: cdc_ncm: Fix the build warning
e8448852 UPSTREAM: cdc_ncm: Implement the 32-bit version of NCM Transfer Block
25dcbf92 Merge "Merge tag 'android11-5.4.242_r00' into android11-5.4" into android11-5.4

Change-Id: I7042914bcf95863ba444f5f395faac36dedd6af4
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>