[gatesgarth][PATCH 00/30] patch review request

[gatesgarth][PATCH 00/30] patch review request

[Anuj Mittal]

Please review these changes for gatesgarth. Builds cleanly on
autobuilder.

Thanks,

Anuj

The following changes since commit a2eebe92daf0e0fb11422ea17f7029aeab2bcb9e:

  apr-util: Only specify --with-dbm=gdbm if gdbm support is enabled (2020-12-28 09:53:26 +0800)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth

Alexander Kanavin (1):
  devtool: gitsm:// should be handled same as git:// in upgrades

Bruce Ashfield (8):
  linux-yocto/cfg: qemuppc: set CONFIG_SCSI to '=y'
  linux-yocto/5.4: update to v5.4.82
  linux-yocto/cfg: qemuarm64-gfx.cfg: add CONFIG_INPUT_UINPUT
  linux-yocto/5.4: update to v5.4.83
  linux-yocto/5.8/cfg: fix -tiny warnings
  linux-yocto/5.4/cfg: fix -tiny warnings
  linux-yocto/5.4/cfg: fix FIRMWARE_LOADER warnings
  linux-yocto/5.4: update to v5.4.85

Changqing Li (1):
  libexif: fix CVE-2020-0198; CVE-2020-0452

Khem Raj (1):
  initscripts: use quotes for shell variable comparision

Lee Chee Yang (2):
  glib-2.0: fix CVE-2020-35457
  wic/direct/kparser: ensure fsuuid for vfat and msdos align with format

Li Wang (2):
  qemu: CVE-2020-25723
  qemu: CVE-2020-28916

Nathan Rossi (1):
  coreutils: enable xattrs by default for nativesdk

Ovidiu Panait (2):
  timezone: upgrade to 2020e
  timezone: upgrade to 2020f

Paul Barker (1):
  bitbake.conf: Prevent pyc file generation in pseudo context

Peter Kjellerstedt (3):
  lib/oe/path: Add canonicalize()
  bitbake.conf: Canonicalize paths in PSEUDO_IGNORE_PATHS
  wic: Pass canonicalized paths in PSEUDO_IGNORE_PATHS

Richard Purdie (3):
  grub: Further reproducibility fix
  man-db: Fix reproducibility issue
  oeqa/commands: Ensure sync can be found regardless of PATH

Robert Joslyn (1):
  openssl: Update to 1.1.1i

Ross Burton (1):
  diffstat: point the license checksum at the license

Scott Murray (2):
  grub: fix "CVE:" line in one of the patches
  patch: fix CVE-2019-20633

Steve Sakoman (1):
  oeqa/selftest/cases/devtool.py: fix typo in ignore_patterns call

 meta-selftest/lib/pseudo_pyc_test1.py         |  1 +
 meta-selftest/lib/pseudo_pyc_test2.py         |  1 +
 .../pseudo-pyc-test/pseudo-pyc-test.bb        | 15 +++++
 meta/conf/bitbake.conf                        |  6 +-
 meta/lib/oe/path.py                           | 21 ++++++
 meta/lib/oeqa/selftest/cases/devtool.py       |  2 +-
 meta/lib/oeqa/selftest/cases/pseudo.py        | 27 ++++++++
 meta/lib/oeqa/utils/commands.py               |  3 +
 ...low-checking-primitives-where-we-do-.patch |  2 +-
 meta/recipes-bsp/grub/files/determinism.patch | 16 +++++
 .../{openssl_1.1.1g.bb => openssl_1.1.1i.bb}  |  2 +-
 meta/recipes-core/coreutils/coreutils_8.32.bb |  3 +
 .../glib-2.0/glib-2.0/CVE-2020-35457.patch    | 41 ++++++++++++
 meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb |  1 +
 .../initscripts/initscripts-1.0/checkroot.sh  |  2 +-
 .../diffstat/diffstat_1.63.bb                 |  4 +-
 .../patch/patch/CVE-2019-20633.patch          | 31 +++++++++
 meta/recipes-devtools/patch/patch_2.7.6.bb    |  1 +
 meta/recipes-devtools/qemu/qemu.inc           |  2 +
 .../qemu/qemu/CVE-2020-25723.patch            | 51 ++++++++++++++
 .../qemu/qemu/CVE-2020-28916.patch            | 49 ++++++++++++++
 meta/recipes-extended/man-db/man-db_2.9.3.bb  |  1 +
 meta/recipes-extended/timezone/timezone.inc   |  6 +-
 .../linux/linux-yocto-rt_5.4.bb               |  6 +-
 .../linux/linux-yocto-rt_5.8.bb               |  2 +-
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +--
 .../linux/linux-yocto-tiny_5.8.bb             |  2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++----
 meta/recipes-kernel/linux/linux-yocto_5.8.bb  |  2 +-
 .../libexif/files/CVE-2020-0198.patch         | 66 +++++++++++++++++++
 .../libexif/files/CVE-2020-0452.patch         | 39 +++++++++++
 .../recipes-support/libexif/libexif_0.6.22.bb |  2 +
 scripts/lib/devtool/upgrade.py                |  4 +-
 scripts/lib/wic/ksparser.py                   | 17 +++++
 scripts/lib/wic/partition.py                  | 12 +++-
 scripts/lib/wic/plugins/imager/direct.py      |  7 ++
 36 files changed, 440 insertions(+), 37 deletions(-)
 create mode 100644 meta-selftest/lib/pseudo_pyc_test1.py
 create mode 100644 meta-selftest/lib/pseudo_pyc_test2.py
 create mode 100644 meta-selftest/recipes-test/pseudo-pyc-test/pseudo-pyc-test.bb
 create mode 100644 meta/lib/oeqa/selftest/cases/pseudo.py
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1g.bb => openssl_1.1.1i.bb} (98%)
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
 create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-20633.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
 create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0198.patch
 create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0452.patch

-- 
2.29.2

[gatesgarth][PATCH 01/30] oeqa/selftest/cases/devtool.py: fix typo in ignore_patterns call

[Anuj Mittal]

From: Steve Sakoman <steve@sakoman.com>

Causes intermittent autobuilder errors:

2020-12-21 19:34:23,035 - oe-selftest - INFO - testtools.testresult.real._StringException: Traceback (most recent call last):
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/meta/lib/oeqa/selftest/cases/devtool.py", line 68, in setUpModule
    bb.utils.edit_bblayers_conf(bblayers_conf, None, None, bblayers_edit_cb)
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/bitbake/lib/bb/utils.py", line 1460, in edit_bblayers_conf
    (updated, newlines) = edit_metadata(newlines, ['BBLAYERS'], handle_bblayers)
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/bitbake/lib/bb/utils.py", line 1290, in edit_metadata
    if handle_var_end():
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/bitbake/lib/bb/utils.py", line 1215, in handle_var_end
    (newvalue, newop, indent, minbreak) = varfunc(in_var, full_value, op, newlines)
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/bitbake/lib/bb/utils.py", line 1425, in handle_bblayers
    res = edit_cb(layer, canonicalise_path(layer))
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/meta/lib/oeqa/selftest/cases/devtool.py", line 60, in bblayers_edit_cb
    shutil.copytree(pth, destdir, ignore=ignore_patterns('*.pyc', '__pycache__'))
NameError: name 'ignore_patterns' is not defined

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/selftest/cases/devtool.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py
index b8edc89768..4eba23890f 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -57,7 +57,7 @@ def setUpModule():
                         if relpth.endswith('/'):
                             destdir = os.path.join(corecopydir, relpth)
                             # avoid race condition by not copying .pyc files YPBZ#13421,13803
-                            shutil.copytree(pth, destdir, ignore=ignore_patterns('*.pyc', '__pycache__'))
+                            shutil.copytree(pth, destdir, ignore=shutil.ignore_patterns('*.pyc', '__pycache__'))
                         else:
                             destdir = os.path.join(corecopydir, os.path.dirname(relpth))
                             bb.utils.mkdirhier(destdir)
-- 
2.29.2

[gatesgarth][PATCH 02/30] openssl: Update to 1.1.1i

[Anuj Mittal]

From: Robert Joslyn <robert.joslyn@redrectangle.org>

This fixes a NULL pointer dereference in GENERAL_NAME_cmp function.

CVE: CVE-2020-1971

Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../openssl/{openssl_1.1.1g.bb => openssl_1.1.1i.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1g.bb => openssl_1.1.1i.bb} (98%)

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1g.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
similarity index 98%
rename from meta/recipes-connectivity/openssl/openssl_1.1.1g.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
index 815955837b..c2db596f03 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1g.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1i.bb
@@ -23,7 +23,7 @@ SRC_URI_append_class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
 
-SRC_URI[sha256sum] = "ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46"
+SRC_URI[sha256sum] = "e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242"
 
 inherit lib_package multilib_header multilib_script ptest
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
-- 
2.29.2

[gatesgarth][PATCH 03/30] glib-2.0: fix CVE-2020-35457

[Anuj Mittal]

From: Lee Chee Yang <chee.yang.lee@intel.com>

https://gitlab.gnome.org/GNOME/glib/-/issues/2197

upstream claim it is not security issue, but no harm to fix it since
this is still a valid issue.

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../glib-2.0/glib-2.0/CVE-2020-35457.patch    | 41 +++++++++++++++++++
 meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch

diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
new file mode 100644
index 0000000000..828f9fcb96
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
@@ -0,0 +1,41 @@
+From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
+From: Philip Withnall <withnall@endlessm.com>
+Date: Wed, 2 Sep 2020 12:38:09 +0100
+Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
+ overflow
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the calling code adds more option entries than `G_MAXSIZE` then
+there’ll be an integer overflow. This seems vanishingly unlikely (given
+that all callers use static option entry lists), but add a precondition
+anyway.
+
+Signed-off-by: Philip Withnall <withnall@endlessm.com>
+
+Fixes: #2197
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
+CVE: CVE-2020-35457
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ glib/goption.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/glib/goption.c b/glib/goption.c
+index 9f5b977c4..bb9093a33 100644
+--- a/glib/goption.c
++++ b/glib/goption.c
+@@ -2422,6 +2422,8 @@ g_option_group_add_entries (GOptionGroup       *group,
+ 
+   for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
+ 
++  g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
++
+   group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
+ 
+   /* group->entries could be NULL in the trivial case where we add no
+-- 
+2.25.1
+
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
index a30c5215be..b9462bc945 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
@@ -17,6 +17,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
            file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
            file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
            file://tzdata-update.patch \
+           file://CVE-2020-35457.patch \
            "
 
 SRC_URI_append_class-native = " file://relocate-modules.patch"
-- 
2.29.2

[gatesgarth][PATCH 04/30] timezone: upgrade to 2020e

[Anuj Mittal]

From: Ovidiu Panait <ovidiu.panait@windriver.com>

Briefly:
  Volgograd switches to Moscow time on 2020-12-27 at 02:00.

Changes to future timestamps

  Volgograd changes time zone from +04 to +03 on 2020-12-27 at 02:00.
  (Thanks to Alexander Krivenyshev and Stepan Golosunov.)

Changes to past timestamps

  Correct many pre-1986 transitions, fixing entries originally
  derived from Shanks.  The fixes include:
    - Australia: several 1917 through 1971 transitions
    - Bahamas: several 1941 through 1945 transitions
    - Bermuda: several 1917 through 1956 transitions
    - Belize: several 1942 through 1968 transitions
    - Ghana: several 1915 through 1956 transitions
    - Israel and Palestine: several 1940 through 1985 transitions
    - Kenya and adjacent: several 1908 through 1960 transitions
    - Nigeria and adjacent: correcting LMT in Lagos, and several 1905
      through 1919 transitions
    - Seychelles: the introduction of standard time in 1907, not 1906
    - Vanuatu: DST in 1973-1974, and a corrected 1984 transition
  (Thanks to P Chan.)

  Because of the Australia change, Australia/Currie (King Island) is
  no longer needed, as it is identical to Australia/Hobart for all
  timestamps since 1970 and was therefore created by mistake.
  Australia/Currie has been moved to the 'backward' file and its
  corrected data moved to the 'backzone' file.

Changes to past time zone abbreviations and DST flags

  To better match legislation in Turks and Caicos, the 2015 shift to
  year-round observance of -04 is now modeled as AST throughout before
  returning to Eastern Time with US DST in 2018, rather than as
  maintaining EDT until 2015-11-01.  (Thanks to P Chan.)

Changes to documentation

  The zic man page now documents zic's coalescing of transitions
  when a zone falls back just before DST springs forward.

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9d7643339b4db6609b2bad1f76599a54da9d17f2)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-extended/timezone/timezone.inc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index 5368464f30..d175f0d4a0 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -6,7 +6,7 @@ SECTION = "base"
 LICENSE = "PD & BSD & BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"
 
-PV = "2020d"
+PV = "2020e"
 
 SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \
            http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \
@@ -14,5 +14,5 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz
 
 UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones"
 
-SRC_URI[tzcode.sha256sum] = "6cf050ba28e8053029d3f32d71341d11a794c6b5dd51a77fc769d6dae364fad5"
-SRC_URI[tzdata.sha256sum] = "8d813957de363387696f05af8a8889afa282ab5016a764c701a20758d39cbaf3"
+SRC_URI[tzcode.sha256sum] = "3e10308976b09305d15cb4a32ff75483421f2063bfa24a9be366a027e7cd2902"
+SRC_URI[tzdata.sha256sum] = "0be1ba329eae29ae1b54057c3547b3e672f73b3ae7643aa87dac85122bec037e"
-- 
2.29.2

[gatesgarth][PATCH 05/30] devtool: gitsm:// should be handled same as git:// in upgrades

[Anuj Mittal]

From: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e7076f1742bb83e76aa4e90aad861546536166cf)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/lib/devtool/upgrade.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/lib/devtool/upgrade.py b/scripts/lib/devtool/upgrade.py
index 0c1de8cdc7..5a057e95f5 100644
--- a/scripts/lib/devtool/upgrade.py
+++ b/scripts/lib/devtool/upgrade.py
@@ -178,7 +178,7 @@ def _extract_new_source(newpv, srctree, no_patch, srcrev, srcbranch, branch, kee
     uri, rev = _get_uri(crd)
     if srcrev:
         rev = srcrev
-    if uri.startswith('git://'):
+    if uri.startswith('git://') or uri.startswith('gitsm://'):
         __run('git fetch')
         __run('git checkout %s' % rev)
         __run('git tag -f devtool-base-new')
@@ -270,7 +270,7 @@ def _extract_new_source(newpv, srctree, no_patch, srcrev, srcbranch, branch, kee
             else:
                 logger.warning('Command \'%s\' failed:\n%s' % (e.command, e.stdout))
         if not skiptag:
-            if uri.startswith('git://'):
+            if uri.startswith('git://') or uri.startswith('gitsm://'):
                 suffix = 'new'
             else:
                 suffix = newpv
-- 
2.29.2

[gatesgarth][PATCH 06/30] libexif: fix CVE-2020-0198; CVE-2020-0452

[Anuj Mittal]

From: Changqing Li <changqing.li@windriver.com>

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 46d837442ab216941df2d02f60c69155463e02d8)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../libexif/files/CVE-2020-0198.patch         | 66 +++++++++++++++++++
 .../libexif/files/CVE-2020-0452.patch         | 39 +++++++++++
 .../recipes-support/libexif/libexif_0.6.22.bb |  2 +
 3 files changed, 107 insertions(+)
 create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0198.patch
 create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0452.patch

diff --git a/meta/recipes-support/libexif/files/CVE-2020-0198.patch b/meta/recipes-support/libexif/files/CVE-2020-0198.patch
new file mode 100644
index 0000000000..2a48844cb2
--- /dev/null
+++ b/meta/recipes-support/libexif/files/CVE-2020-0198.patch
@@ -0,0 +1,66 @@
+From ca71eda33fe8421f98fbe20eb4392473357c1c43 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Wed, 30 Dec 2020 10:22:47 +0800
+Subject: [PATCH] fixed another unsigned integer overflow
+
+first fixed by google in android fork,
+https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16%5E%21/#F0
+
+(use a more generic overflow check method, also check second overflow instance.)
+
+https://security-tracker.debian.org/tracker/CVE-2020-0198
+
+Upstream-Status: Backport[https://github.com/libexif/libexif/commit/ce03ad7ef4e8aeefce79192bf5b6f69fae396f0c]
+CVE: CVE-2020-0198
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libexif/exif-data.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/libexif/exif-data.c b/libexif/exif-data.c
+index 8b280d3..34d58fc 100644
+--- a/libexif/exif-data.c
++++ b/libexif/exif-data.c
+@@ -47,6 +47,8 @@
+ #undef JPEG_MARKER_APP1
+ #define JPEG_MARKER_APP1 0xe1
+ 
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ static const unsigned char ExifHeader[] = {0x45, 0x78, 0x69, 0x66, 0x00, 0x00};
+ 
+ struct _ExifDataPrivate
+@@ -327,7 +329,7 @@ exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
+ 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
+ 		return;
+ 	}
+-	if (s > ds - o) {
++	if (CHECKOVERFLOW(o,ds,s)) {
+ 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
+ 		return;
+ 	}
+@@ -420,9 +422,9 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
+ 	}
+ 
+ 	/* Read the number of entries */
+-	if ((offset + 2 < offset) || (offset + 2 < 2) || (offset + 2 > ds)) {
++	if (CHECKOVERFLOW(offset, ds, 2)) {
+ 		exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
+-			  "Tag data past end of buffer (%u > %u)", offset+2, ds);
++			  "Tag data past end of buffer (%u+2 > %u)", offset, ds);
+ 		return;
+ 	}
+ 	n = exif_get_short (d + offset, data->priv->order);
+@@ -431,7 +433,7 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
+ 	offset += 2;
+ 
+ 	/* Check if we have enough data. */
+-	if (offset + 12 * n > ds) {
++	if (CHECKOVERFLOW(offset, ds, 12*n)) {
+ 		n = (ds - offset) / 12;
+ 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
+ 				  "Short data; only loading %hu entries...", n);
+-- 
+2.17.1
+
diff --git a/meta/recipes-support/libexif/files/CVE-2020-0452.patch b/meta/recipes-support/libexif/files/CVE-2020-0452.patch
new file mode 100644
index 0000000000..a117b8b369
--- /dev/null
+++ b/meta/recipes-support/libexif/files/CVE-2020-0452.patch
@@ -0,0 +1,39 @@
+From 302acd49eba0a125b0f20692df6abc6f7f7ca53e Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Wed, 30 Dec 2020 10:18:51 +0800
+Subject: [PATCH] fixed a incorrect overflow check that could be optimized
+ away.
+
+inspired by:
+https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b
+
+https://source.android.com/security/bulletin/2020-11-01
+
+CVE-2020-0452
+
+Upsteam-Status: Backport[https://github.com/libexif/libexif/commit/9266d14b5ca4e29b970fa03272318e5f99386e06]
+CVE: CVE-2020-0452
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libexif/exif-entry.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libexif/exif-entry.c b/libexif/exif-entry.c
+index 5de215f..3a6ce84 100644
+--- a/libexif/exif-entry.c
++++ b/libexif/exif-entry.c
+@@ -1371,8 +1371,8 @@ exif_entry_get_value (ExifEntry *e, char *val, unsigned int maxlen)
+ 	{
+ 		unsigned char *utf16;
+ 
+-		/* Sanity check the size to prevent overflow */
+-		if (e->size+sizeof(uint16_t)+1 < e->size) break;
++		/* Sanity check the size to prevent overflow. Note EXIF files are 64kb at most. */
++		if (e->size >= 65536 - sizeof(uint16_t)*2) break;
+ 
+ 		/* The tag may not be U+0000-terminated , so make a local
+ 		   U+0000-terminated copy before converting it */
+-- 
+2.17.1
+
diff --git a/meta/recipes-support/libexif/libexif_0.6.22.bb b/meta/recipes-support/libexif/libexif_0.6.22.bb
index 2478ba07d8..dc30926c59 100644
--- a/meta/recipes-support/libexif/libexif_0.6.22.bb
+++ b/meta/recipes-support/libexif/libexif_0.6.22.bb
@@ -8,6 +8,8 @@ def version_underscore(v):
     return "_".join(v.split("."))
 
 SRC_URI = "https://github.com/libexif/libexif/releases/download/libexif-${@version_underscore("${PV}")}-release/libexif-${PV}.tar.xz \
+           file://CVE-2020-0198.patch \
+           file://CVE-2020-0452.patch \
            "
 
 SRC_URI[sha256sum] = "5048f1c8fc509cc636c2f97f4b40c293338b6041a5652082d5ee2cf54b530c56"
-- 
2.29.2

[gatesgarth][PATCH 07/30] grub: fix "CVE:" line in one of the patches

[Anuj Mittal]

From: Scott Murray <scott.murray@konsulko.com>

The "CVE:" line in the patch for CVEs 2020-14309, CVE-2020-14310, and
CVE-2020-14311 had commas between the CVE numbers, which resulted in
CVE-2020-14310 not being picked up as patched by cve-check.bbclass's
parsing.  Remove the commas to match cve-check.bbclass's expectations.

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 396d5c0f9cffa4b54ae94738b1ef2b6fb545f082)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 ...1-malloc-Use-overflow-checking-primitives-where-we-do-.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch b/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
index 896a2145d4..7214ead9a7 100644
--- a/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
+++ b/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
@@ -30,7 +30,7 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
 Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 
 Upstream-Status: Backport
-CVE: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
+CVE: CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
 
 Reference to upstream patch:
 https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f05d693d1274965ffbe4ba99080dc2c570944c6
-- 
2.29.2

[gatesgarth][PATCH 08/30] patch: fix CVE-2019-20633

[Anuj Mittal]

From: Scott Murray <scott.murray@konsulko.com>

* CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2019-20633

* upstream tracking: https://savannah.gnu.org/bugs/index.php?56683

* Fixes potential for double free after incomplete fix for CVE-2018-6952
  - src/pch.c (another_hunk): Avoid invalid memory access in context format
    diffs.

Signed-off-by: Scott Murray <scott.murray@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit be71dd2cc16a4c0d244a76a748f08ca0d9bfeba0)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../patch/patch/CVE-2019-20633.patch          | 31 +++++++++++++++++++
 meta/recipes-devtools/patch/patch_2.7.6.bb    |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-20633.patch

diff --git a/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch b/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch
new file mode 100644
index 0000000000..03988a179c
--- /dev/null
+++ b/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch
@@ -0,0 +1,31 @@
+From 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 15 Jul 2019 19:10:02 +0200
+Subject: Avoid invalid memory access in context format diffs
+
+* src/pch.c (another_hunk): Avoid invalid memory access in context format
+diffs.
+
+CVE: CVE-2019-20633
+Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=15b158db3ae11cb835f2eb8d2eb48e09d1a4af48]
+Signed-off-by: Scott Murray <scott.murray@konsulko.com>
+
+---
+ src/pch.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/pch.c b/src/pch.c
+index a500ad9..cb54e03 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev)
+ 		  ptrn_prefix_context = context;
+ 		ptrn_suffix_context = context;
+ 		if (repl_beginning
++		    || p_end <= 0
+ 		    || (p_end
+ 			!= p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n')))
+ 		  {
+-- 
+cgit v1.2.1
+
diff --git a/meta/recipes-devtools/patch/patch_2.7.6.bb b/meta/recipes-devtools/patch/patch_2.7.6.bb
index b5897b357a..1997af0c25 100644
--- a/meta/recipes-devtools/patch/patch_2.7.6.bb
+++ b/meta/recipes-devtools/patch/patch_2.7.6.bb
@@ -10,6 +10,7 @@ SRC_URI += "file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
             file://0001-Invoke-ed-directly-instead-of-using-the-shell.patch \
             file://0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch \
             file://0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch \
+            file://CVE-2019-20633.patch \
 "
 
 SRC_URI[md5sum] = "4c68cee989d83c87b00a3860bcd05600"
-- 
2.29.2

[gatesgarth][PATCH 09/30] grub: Further reproducibility fix

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Fix the ordering in the generated unidata.c file to aid reproducibility.

[YOCTO #14167]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d9c9f7604fd32ef926726a46ae053bbab6ccb4f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-bsp/grub/files/determinism.patch | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/meta/recipes-bsp/grub/files/determinism.patch b/meta/recipes-bsp/grub/files/determinism.patch
index fac80e7b54..3c1f562c71 100644
--- a/meta/recipes-bsp/grub/files/determinism.patch
+++ b/meta/recipes-bsp/grub/files/determinism.patch
@@ -8,6 +8,9 @@ Also, the output of the SOURCES lines in grub-core/Makefile.core.am, generated
 from grub-core/Makefile.core.def with gentpl.py is not deterministic due to
 missing sorting of the list used to generate it. Add such a sort.
 
+Also ensure the generated unidata.c file is deterministic by sorting the
+keys of the dict.
+
 Upstream-Status: Pending
 Richard Purdie <richard.purdie@linuxfoundation.org>
 
@@ -38,3 +41,16 @@ Index: grub-2.04/gentpl.py
      return ''.join(r)
  
  def platform_conditional(platform, closure):
+Index: grub-2.04/util/import_unicode.py
+===================================================================
+--- grub-2.04.orig/util/import_unicode.py
++++ grub-2.04/util/import_unicode.py
+@@ -174,7 +174,7 @@ infile.close ()
+ 
+ outfile.write ("struct grub_unicode_arabic_shape grub_unicode_arabic_shapes[] = {\n ")
+ 
+-for x in arabicsubst:
++for x in sorted(arabicsubst):
+     try:
+         if arabicsubst[x]['join'] == "DUAL":
+             outfile.write ("{0x%x, 0x%x, 0x%x, 0x%x, 0x%x},\n " % (arabicsubst[x][0], arabicsubst[x][1], arabicsubst[x][2], arabicsubst[x][3], arabicsubst[x][4]))
-- 
2.29.2

[gatesgarth][PATCH 10/30] wic/direct/kparser: ensure fsuuid for vfat and msdos align with format

[Anuj Mittal]

From: Lee Chee Yang <chee.yang.lee@intel.com>

vfat/msdos filesystem should have fsuuid in format 0xYYYYYYYY where "0x"
in front follow with 8 hexadecimal number in uppercase. In wic, when using
custom fsuuid for vfat/msdos partition in wks, it is able to set the value
in any length, with or without leading "0x". This can cause fsuuid
missaligned when fstab updates, fstab expect exactly 10 character
fsuuid for vfat/msdos partition and all in uppercase.

if custom fsuuid for vfat/msdos is set, check the length and format,
error if it exceed the format size. Amend it so it is align with format
0xYYYYYYYY. This is done before image create and fstab update to ensure the
fsuuid are same in all followup process. if custom fsuuid length less than
expected, fill in "0".

[YOCTO #14161]

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d9686ae511ef10a504becfd81bfe296b788e1456)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/lib/wic/ksparser.py              | 17 +++++++++++++++++
 scripts/lib/wic/plugins/imager/direct.py |  7 +++++++
 2 files changed, 24 insertions(+)

diff --git a/scripts/lib/wic/ksparser.py b/scripts/lib/wic/ksparser.py
index 913e3283dc..3eb669da39 100644
--- a/scripts/lib/wic/ksparser.py
+++ b/scripts/lib/wic/ksparser.py
@@ -229,6 +229,23 @@ class KickStart():
                                 err = "%s:%d: SquashFS does not support LABEL" \
                                        % (confpath, lineno)
                                 raise KickStartError(err)
+                        if parsed.fstype == 'msdos' or parsed.fstype == 'vfat':
+                            if parsed.fsuuid:
+                                if parsed.fsuuid.upper().startswith('0X'):
+                                    if len(parsed.fsuuid) > 10:
+                                        err = "%s:%d: fsuuid %s given in wks kickstart file " \
+                                              "exceeds the length limit for %s filesystem. " \
+                                              "It should be in the form of a 32 bit hexadecimal" \
+                                              "number (for example, 0xABCD1234)." \
+                                              % (confpath, lineno, parsed.fsuuid, parsed.fstype)
+                                        raise KickStartError(err)
+                                elif len(parsed.fsuuid) > 8:
+                                    err = "%s:%d: fsuuid %s given in wks kickstart file " \
+                                          "exceeds the length limit for %s filesystem. " \
+                                          "It should be in the form of a 32 bit hexadecimal" \
+                                          "number (for example, 0xABCD1234)." \
+                                          % (confpath, lineno, parsed.fsuuid, parsed.fstype)
+                                    raise KickStartError(err)
                         if parsed.use_label and not parsed.label:
                             err = "%s:%d: Must set the label with --label" \
                                   % (confpath, lineno)
diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py
index 55db826e93..0ca67b77d5 100644
--- a/scripts/lib/wic/plugins/imager/direct.py
+++ b/scripts/lib/wic/plugins/imager/direct.py
@@ -343,6 +343,13 @@ class PartitionedImage():
                     part.fsuuid = '0x' + str(uuid.uuid4())[:8].upper()
                 else:
                     part.fsuuid = str(uuid.uuid4())
+            else:
+                #make sure the fsuuid for vfat/msdos align with format 0xYYYYYYYY
+                if part.fstype == 'vfat' or part.fstype == 'msdos':
+                    if part.fsuuid.upper().startswith("0X"):
+                        part.fsuuid = '0x' + part.fsuuid.upper()[2:].rjust(8,"0")
+                    else:
+                        part.fsuuid = '0x' + part.fsuuid.upper().rjust(8,"0")
 
     def prepare(self, imager):
         """Prepare an image. Call prepare method of all image partitions."""
-- 
2.29.2

[gatesgarth][PATCH 11/30] man-db: Fix reproducibility issue

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Executing a sequence like:

bitbake man-db
bitbake man-db -c clean
bitbake man-db -c package_write_deb -f

results in the ownership of files in the man-db package changing from "man/man"
to "6/12". This is due to base-passwd not being installed in the recipe
sysroot.

Add the missing dependency so even if a recipe "re-packages", the name
of the user/group is found and the packages are reproducible.

[YOCTO #14172]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 769f8be29a192fd4fa0c4752f851fa3728d71179)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-extended/man-db/man-db_2.9.3.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-extended/man-db/man-db_2.9.3.bb b/meta/recipes-extended/man-db/man-db_2.9.3.bb
index a28f77b750..e8da92bd19 100644
--- a/meta/recipes-extended/man-db/man-db_2.9.3.bb
+++ b/meta/recipes-extended/man-db/man-db_2.9.3.bb
@@ -11,6 +11,7 @@ SRC_URI[sha256sum] = "fa5aa11ab0692daf737e76947f45669225db310b2801a5911bceb7551c
 
 DEPENDS = "libpipeline gdbm groff-native base-passwd"
 RDEPENDS_${PN} += "base-passwd"
+PACKAGE_WRITE_DEPS += "base-passwd"
 
 # | /usr/src/debug/man-db/2.8.0-r0/man-db-2.8.0/src/whatis.c:939: undefined reference to `_nl_msg_cat_cntr'
 USE_NLS_libc-musl = "no"
-- 
2.29.2

[gatesgarth][PATCH 12/30] qemu: CVE-2020-25723

[Anuj Mittal]

From: Li Wang <li.wang@windriver.com>

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-25723
https://bugzilla.redhat.com/show_bug.cgi?id=1898579

backport patch from:
https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3a52f12bd08bd6f0e386c78f9f87acacdb7714cb)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-25723.patch            | 51 +++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 274c855d35..ecff54d61d 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -35,6 +35,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://CVE-2020-24352.patch \
            file://CVE-2020-29129-CVE-2020-29130.patch \
            file://CVE-2020-25624.patch \
+           file://CVE-2020-25723.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch
new file mode 100644
index 0000000000..90b3a2f41c
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch
@@ -0,0 +1,51 @@
+From 2fdb42d840400d58f2e706ecca82c142b97bcbd6 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Wed, 12 Aug 2020 09:17:27 -0700
+Subject: [PATCH] hw: ehci: check return value of 'usb_packet_map'
+
+If 'usb_packet_map' fails, we should stop to process the usb
+request.
+
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Message-Id: <20200812161727.29412-1-liq3ea@163.com>
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-25723
+[https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6]
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ hw/usb/hcd-ehci.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
+index 1495e8f..1fbb02a 100644
+--- a/hw/usb/hcd-ehci.c
++++ b/hw/usb/hcd-ehci.c
+@@ -1373,7 +1373,10 @@ static int ehci_execute(EHCIPacket *p, const char *action)
+         spd = (p->pid == USB_TOKEN_IN && NLPTR_TBIT(p->qtd.altnext) == 0);
+         usb_packet_setup(&p->packet, p->pid, ep, 0, p->qtdaddr, spd,
+                          (p->qtd.token & QTD_TOKEN_IOC) != 0);
+-        usb_packet_map(&p->packet, &p->sgl);
++        if (usb_packet_map(&p->packet, &p->sgl)) {
++            qemu_sglist_destroy(&p->sgl);
++            return -1;
++        }
+         p->async = EHCI_ASYNC_INITIALIZED;
+     }
+ 
+@@ -1452,7 +1455,10 @@ static int ehci_process_itd(EHCIState *ehci,
+             if (ep && ep->type == USB_ENDPOINT_XFER_ISOC) {
+                 usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false,
+                                  (itd->transact[i] & ITD_XACT_IOC) != 0);
+-                usb_packet_map(&ehci->ipacket, &ehci->isgl);
++                if (usb_packet_map(&ehci->ipacket, &ehci->isgl)) {
++                    qemu_sglist_destroy(&ehci->isgl);
++                    return -1;
++                }
+                 usb_handle_packet(dev, &ehci->ipacket);
+                 usb_packet_unmap(&ehci->ipacket, &ehci->isgl);
+             } else {
+-- 
+2.17.1
+
-- 
2.29.2

[gatesgarth][PATCH 13/30] qemu: CVE-2020-28916

[Anuj Mittal]

From: Li Wang <li.wang@windriver.com>

References:
https://nvd.nist.gov/vuln/detail/CVE-2020-28916

backport patch from:
https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cbc20b9d8d119bfd777f83432c760dcdb94f07f9)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/qemu/qemu.inc           |  1 +
 .../qemu/qemu/CVE-2020-28916.patch            | 49 +++++++++++++++++++
 2 files changed, 50 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index ecff54d61d..69b9a5f89e 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -36,6 +36,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
            file://CVE-2020-29129-CVE-2020-29130.patch \
            file://CVE-2020-25624.patch \
            file://CVE-2020-25723.patch \
+           file://CVE-2020-28916.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
new file mode 100644
index 0000000000..5212196837
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
@@ -0,0 +1,49 @@
+From c2cb511634012344e3d0fe49a037a33b12d8a98a Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Wed, 11 Nov 2020 18:36:36 +0530
+Subject: [PATCH] hw/net/e1000e: advance desc_offset in case of null
+descriptor
+
+While receiving packets via e1000e_write_packet_to_guest() routine,
+'desc_offset' is advanced only when RX descriptor is processed. And
+RX descriptor is not processed if it has NULL buffer address.
+This may lead to an infinite loop condition. Increament 'desc_offset'
+to process next descriptor in the ring to avoid infinite loop.
+
+Reported-by: Cheol-woo Myung <330cjfdn@gmail.com>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+
+Upstream-Status: Backport
+CVE: CVE-2020-28916
+[https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a]
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ hw/net/e1000e_core.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/hw/net/e1000e_core.c b/hw/net/e1000e_core.c
+index bcd186c..d3e3cdc 100644
+--- a/hw/net/e1000e_core.c
++++ b/hw/net/e1000e_core.c
+@@ -1596,13 +1596,13 @@ e1000e_write_packet_to_guest(E1000ECore *core, struct NetRxPkt *pkt,
+                           (const char *) &fcs_pad, e1000x_fcs_len(core->mac));
+                 }
+             }
+-            desc_offset += desc_size;
+-            if (desc_offset >= total_size) {
+-                is_last = true;
+-            }
+         } else { /* as per intel docs; skip descriptors with null buf addr */
+             trace_e1000e_rx_null_descriptor();
+         }
++        desc_offset += desc_size;
++        if (desc_offset >= total_size) {
++            is_last = true;
++        }
+ 
+         e1000e_write_rx_descr(core, desc, is_last ? core->rx_pkt : NULL,
+                            rss_info, do_ps ? ps_hdr_len : 0, &bastate.written);
+-- 
+2.17.1
+
-- 
2.29.2

[gatesgarth][PATCH 14/30] timezone: upgrade to 2020f

[Anuj Mittal]

From: Ovidiu Panait <ovidiu.panait@windriver.com>

Release 2020f - 2020-12-29 00:17:46 -0800

  Change to build procedure

    'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.  (Problem reported by Deborah Goldsmith.)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c7efa4d28d632d415ca574140586570ca376caf6)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-extended/timezone/timezone.inc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index d175f0d4a0..9a19093e24 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -6,7 +6,7 @@ SECTION = "base"
 LICENSE = "PD & BSD & BSD-3-Clause"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"
 
-PV = "2020e"
+PV = "2020f"
 
 SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \
            http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \
@@ -14,5 +14,5 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz
 
 UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones"
 
-SRC_URI[tzcode.sha256sum] = "3e10308976b09305d15cb4a32ff75483421f2063bfa24a9be366a027e7cd2902"
-SRC_URI[tzdata.sha256sum] = "0be1ba329eae29ae1b54057c3547b3e672f73b3ae7643aa87dac85122bec037e"
+SRC_URI[tzcode.sha256sum] = "cfeeea2a7745164f64bd9f6d76e47916f4ac820c4434493674adbbd4324329c5"
+SRC_URI[tzdata.sha256sum] = "121131918c3ae6dc5d40f0eb87563a2be920b71a76e2392c09519a5e4a666881"
-- 
2.29.2

[gatesgarth][PATCH 15/30] linux-yocto/cfg: qemuppc: set CONFIG_SCSI to '=y'

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following configuration commit(s):

    72a1fe336d7 qemuppc: configure the CONFIG_SCSI to '=y'

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d21c81b04142a48539b3262318860f2719c11ca)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.8.bb      | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index d415c3c63a..8bc93bf438 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "1ab0814d41526c27888888188d884884c8b4a52d"
-SRCREV_meta ?= "dfb689e49ce2b6a1790d0747d6041a961b812db5"
+SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
index 033dfc76a2..f5f7c87a31 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7883b60d324029d26020c0b3f826b35c52fd9674"
+SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.8;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 33ca5856a3..3b462d5872 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "9a4d015ce467549f5f587a5001cd333ea7182aa2"
 SRCREV_machine ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_meta ?= "dfb689e49ce2b6a1790d0747d6041a961b812db5"
+SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
index 50cee07620..4afddae092 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "9509db6e3ed6a23b1f7495b53248d1cbfe22710b"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7883b60d324029d26020c0b3f826b35c52fd9674"
+SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 1a14c8bdb5..456875a7b5 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
 SRCREV_machine_qemux86-64 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
 SRCREV_machine_qemumips64 ?= "f8d0d215cf1a02a1e2915b8d57fb8f9f29e5dc49"
 SRCREV_machine ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_meta ?= "dfb689e49ce2b6a1790d0747d6041a961b812db5"
+SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.8.bb b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
index af576891e2..3f94d22654 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemux86-64 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemumips64 ?= "01a02b058f9a8941032b298b8d25c673526152f4"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7883b60d324029d26020c0b3f826b35c52fd9674"
+SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2

[gatesgarth][PATCH 16/30] linux-yocto/5.4: update to v5.4.82

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    ec274ecd62f9 Linux 5.4.82
    4460a7c979ee RDMA/i40iw: Address an mmap handler exploit in i40iw
    07434172c58b tracing: Remove WARN_ON in start_thread()
    6ad995b851cb Input: i8042 - add ByteSpeed touchpad to noloop table
    dfe5d9a8307e Input: xpad - support Ardwiino Controllers
    c38a7023c00a ALSA: usb-audio: US16x08: fix value count for level meters
    8cd76dacd3dc net/mlx5: Fix wrong address reclaim when command interface is down
    2598dd80b801 net/mlx5: DR, Proper handling of unsupported Connect-X6DX SW steering
    8f92330b0873 net/sched: act_mpls: ensure LSE is pullable before reading it
    1086f789060a net: openvswitch: ensure LSE is pullable before reading it
    ba203b92a829 net: skbuff: ensure LSE is pullable before decrementing the MPLS ttl
    892e08e0b4f3 net: mvpp2: Fix error return code in mvpp2_open()
    7c3894f695e4 chelsio/chtls: fix a double free in chtls_setkey()
    178da08f9b5b vxlan: fix error return code in __vxlan_dev_create()
    5405a299b8c1 net: pasemi: fix error return code in pasemi_mac_open()
    dc469f423654 cxgb3: fix error return code in t3_sge_alloc_qset()
    8bfe5b73b185 net/x25: prevent a couple of overflows
    187a6daf5db4 net: ip6_gre: set dev->hard_header_len when using header_ops
    a6cd76132872 geneve: pull IP header before ECN decapsulation
    2b714b607f24 inet_ecn: Fix endianness of checksum update when setting ECT(1)
    9a3cce1ceee4 ibmvnic: Fix TX completion error handling
    40caea31dd56 ibmvnic: Ensure that SCRQ entry reads are correctly ordered
    d126c30eb30d chelsio/chtls: fix panic during unload reload chtls
    8a1bb298f75f dt-bindings: net: correct interrupt flags in examples
    af0b082e16fb ipv4: Fix tos mask in inet_rtm_getroute()
    4615228a50f9 netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal
    294de8933adb sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list
    c4405cdf96f4 ima: extend boot_aggregate with kernel measurements
    733729d3e0e4 staging/octeon: fix up merge error
    6dd37fdc9550 bonding: wait for sysfs kobject destruction before freeing struct slave
    beead010654d usbnet: ipheth: fix connectivity with iOS 14
    f057c4d226f1 tun: honor IOCB_NOWAIT flag
    538008749df2 tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control
    9a62c8229cff sock: set sk_err to ee_errno on dequeue from errq
    7f0ddd41e289 rose: Fix Null pointer dereference in rose_send_frame()
    f2f25bc79782 net/tls: Protect from calling tls_dev_del for TLS RX twice
    a6300aedf862 net/tls: missing received data after fast remote close
    a15beea80e72 net/af_iucv: set correct sk_protocol for child sockets
    9414855a1305 ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init
    99b5382bffd5 devlink: Hold rtnl lock while reading netdev attributes
    42af416d7146 Linux 5.4.81
    cd7343987376 ASoC: Intel: Skylake: Automatic DMIC format configuration according to information from NHLT
    6ebb6af62721 ASoC: Intel: Multiple I/O PCM format support for pipe
    b2b05b04d44d ASoC: Intel: Skylake: Await purge request ack on CNL
    a28144d62ddc ASoC: Intel: Allow for ROM init retry on CNL platforms
    4029a29f93ef ASoC: Intel: Skylake: Shield against no-NHLT configurations
    754df2d3349d ASoC: Intel: Skylake: Enable codec wakeup during chip init
    6de661f146a2 ASoC: Intel: Skylake: Select hda configuration permissively
    422c4938f704 ASoC: Intel: Skylake: Remove superfluous chip initialization
    23b093a2c4f9 USB: core: Fix regression in Hercules audio card
    cc54f8b8e1cd x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak
    d0c4c5a89f5b x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak
    e799c00a745e x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
    f753e1c02a2e x86/mce: Do not overwrite no_way_out if mce_end() fails
    62405223bafd irqchip/exiu: Fix the index of fwspec for IRQ type
    f69d749d5f7f usb: gadget: Fix memleak in gadgetfs_fill_super
    cad7b76a6129 USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card
    c775935dfd1e usb: gadget: f_midi: Fix memleak in f_midi_alloc
    e1a2a3043cc2 USB: core: Change %pK for __user pointers to %px
    84d04d722b6a spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe
    5849e7dc560b perf probe: Fix to die_entrypc() returns error correctly
    27193c41d0db perf stat: Use proper cpu for shadow stats
    dc4d672a3fb5 can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
    1f076cc1de82 can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from request_threaded_irq()'s flags
    dd8ab85fd88e RDMA/hns: Bugfix for memory window mtpt configuration
    e69f384e22f1 RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
    49b26b969474 platform/x86: toshiba_acpi: Fix the wrong variable assignment
    fbd3f1d6ef2f platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time
    405fd2180583 can: gs_usb: fix endianess problem with candleLight firmware
    11420c32c1b4 efi: EFI_EARLYCON should depend on EFI
    0d245cbd939a efivarfs: revert "fix memory leak in efivarfs_create()"
    abae897f283b arm64: tegra: Wrong AON HSP reg property size
    5c4c6b2be717 optee: add writeback to valid memory type
    6d371c3e70d7 ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
    382383538f68 ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
    a447dbb44d44 net: ena: set initial DMA width to avoid intel iommu issue
    7869696d6c1e nfc: s3fwrn5: use signed integer for parsing GPIO numbers
    1a831f889db3 i40e: Fix removing driver while bare-metal VFs pass traffic
    676857f78c1a IB/mthca: fix return value of error branch in mthca_init_cq()
    22f821fa5cbb powerpc/64s: Fix allnoconfig build since uaccess flush
    ae6e75b8c6d6 ibmvnic: notify peers when failover and migration happen
    7b4e9fcf5ec3 ibmvnic: fix call_netdevice_notifiers in do_reset
    993e42d0f7d6 s390/qeth: fix tear down of async TX buffers
    ef0f6e36a6d4 s390/qeth: fix af_iucv notification race
    bb6c548934c9 s390/qeth: make af_iucv TX notification call more robust
    f29dfa2bf6c7 cxgb4: fix the panic caused by non smac rewrite
    0410aeb9e04c bnxt_en: Release PCI regions when DMA mask setup fails during probe.
    db49200b1dad video: hyperv_fb: Fix the cache type when mapping the VRAM
    d1a7fb15673e bnxt_en: fix error return code in bnxt_init_board()
    22e10c6bbefc bnxt_en: fix error return code in bnxt_init_one()
    11b62fd00c62 scsi: ufs: Fix race between shutdown and runtime resume flow
    559ab6fb7b66 ARM: dts: dra76x: m_can: fix order of clocks
    1bef5f25a692 arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
    95b1f326315b batman-adv: set .owner to THIS_MODULE
    f5672b83fc2d iwlwifi: mvm: write queue_sync_state only for sync
    f32a1065c930 phy: tegra: xusb: Fix dangling pointer on probe failure
    acea5424d9d2 ARM: OMAP2+: Manage MPU state properly for omap_enter_idle_coupled()
    6f87d79ef40d bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
    e8060ddddc9f net: dsa: mv88e6xxx: Wait for EEPROM done after HW reset
    1f5531bb9720 xtensa: uaccess: Add missing __user to strncpy_from_user() prototype
    3753a62d5760 perf/x86: fix sysfs type mismatches
    fd81f0711d9c scsi: target: iscsi: Fix cmd abort fabric stop race
    8814c070e783 scsi: libiscsi: Fix NOP race condition
    070a9a046d6d dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
    8a2ae7fa5d5c vhost scsi: fix cmd completion race
    4940816604e3 nvme: free sq/cq dbbuf pointers when dbbuf set fails
    01968f9af006 proc: don't allow async path resolution of /proc/self components
    830f4aa73a69 HID: Add Logitech Dinovo Edge battery quirk
    4d070afa1080 HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for the Dinovo Edge
    204dbc26f14e x86/xen: don't unbind uninitialized lock_kicker_irq
    d6b5dc5429f1 dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
    54b01ded1e92 HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice devices
    cd7ea86a4a64 staging: ralink-gdma: fix kconfig dependency bug for DMA_RALINK
    b3701c29a468 HID: hid-sensor-hub: Fix issue with devices with no report ID
    8f68a28c9ecc Input: i8042 - allow insmod to succeed on devices without an i8042 controller
    dbe67dcf97cf HID: add support for Sega Saturn
    3845b2117f6d HID: cypress: Support Varmilo Keyboards' media hotkeys
    604912c2b20e HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off keypresses
    8a35be6c38aa HID: uclogic: Add ID for Trust Flex Design Tablet
    733e6db9736d arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect()
    b456de294ee4 arm64: pgtable: Fix pte_accessible()
    8b4d82d8dbff trace: fix potenial dangerous pointer
    4a301b05cf61 KVM: x86: Fix split-irqchip vs interrupt injection window request
    b7d2e45cf613 KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
    6276d38cce87 KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last for userspace
    45b5f4b1b40b KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing ESB page
    214e6af4217a cifs: fix a memleak with modefromsid
    56f639aa0b5d smb3: Handle error case during offload read path
    afa51221b911 smb3: Avoid Mid pending list corruption
    1b63215666c0 smb3: Call cifs reconnect from demultiplex thread
    f923044a6c72 wireless: Use linux/stddef.h instead of stddef.h
    a6676b0fa09f btrfs: fix lockdep splat when reading qgroup config on mount
    6ea14731ac4c btrfs: don't access possibly stale fs_info data for printing duplicate device
    12aedea58281 btrfs: tree-checker: add missing returns after data_ref alignment checks
    0115a2613397 btrfs: tree-checker: add missing return after error in root_item
    6ec51459df71 netfilter: clear skb->next in NF_HOOK_LIST()
    ee791835b3ec ipv4: use IS_ENABLED instead of ifdef
    9d16996369fd spi: bcm2835: Fix use-after-free on unbind
    b606031bbfed spi: bcm-qspi: Fix use-after-free on unbind

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad12cda067ffee809d133a1d21599c9f3ef06435)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 8bc93bf438..2bd41965a6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "1ab0814d41526c27888888188d884884c8b4a52d"
-SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
+SRCREV_machine ?= "65a53ac9134b9736ae67afc5fb02049f4908d8e3"
+SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.80"
+LINUX_VERSION ?= "5.4.82"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 3b462d5872..67157b1685 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.80"
+LINUX_VERSION ?= "5.4.82"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "9a4d015ce467549f5f587a5001cd333ea7182aa2"
-SRCREV_machine ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
+SRCREV_machine_qemuarm ?= "0c335c490cfe932664f2e40c791efa387f769df5"
+SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 456875a7b5..4d60d0a557 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "9c4e95c4439a84d2472404af630659ee3ac880e8"
-SRCREV_machine_qemuarm64 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_machine_qemumips ?= "07747fd48470e60ea2323df735795d9d44b74edc"
-SRCREV_machine_qemuppc ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_machine_qemuriscv64 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_machine_qemux86 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_machine_qemux86-64 ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_machine_qemumips64 ?= "f8d0d215cf1a02a1e2915b8d57fb8f9f29e5dc49"
-SRCREV_machine ?= "6f1adec8376dc0bbf423afa02d7d9fa12b73d5b5"
-SRCREV_meta ?= "72a1fe336d7a8cead351b894c266a205f23f213c"
+SRCREV_machine_qemuarm ?= "844ffab23aca849f9f4cf89866229e079fc7aa11"
+SRCREV_machine_qemuarm64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_machine_qemumips ?= "7937b24594ecce307971a3b2871fc1286055d0c4"
+SRCREV_machine_qemuppc ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_machine_qemuriscv64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_machine_qemux86 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_machine_qemux86-64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_machine_qemumips64 ?= "0ba329b53891de44e4ef8d2ca8a948e1c6a5866c"
+SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
+SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.80"
+LINUX_VERSION ?= "5.4.82"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.29.2

[gatesgarth][PATCH 17/30] linux-yocto/cfg: qemuarm64-gfx.cfg: add CONFIG_INPUT_UINPUT

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s):

    qemuarm64-gfx.cfg: add CONFIG_INPUT_UINPUT

    This will address libinput ptest failures:
    https://www.kernel.org/doc/html/latest/input/uinput.html
    https://wayland.freedesktop.org/libinput/doc/latest/test-suite.html

    qemux86_64 already has it enabled.

    Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5af1bda8006faf2afe4c5c17e7f8d276d6ec0790)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.8.bb      | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 2bd41965a6..5162c065ed 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "65a53ac9134b9736ae67afc5fb02049f4908d8e3"
-SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
+SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
index f5f7c87a31..fae984cd4e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
+SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.8;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 67157b1685..01de087128 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "0c335c490cfe932664f2e40c791efa387f769df5"
 SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
+SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
index 4afddae092..b98d99a81f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "9509db6e3ed6a23b1f7495b53248d1cbfe22710b"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
+SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 4d60d0a557..ebd25dab3e 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
 SRCREV_machine_qemux86-64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
 SRCREV_machine_qemumips64 ?= "0ba329b53891de44e4ef8d2ca8a948e1c6a5866c"
 SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_meta ?= "e872ef155c596e4cc2f68405d85ab6f2b0303c28"
+SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.8.bb b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
index 3f94d22654..a2dacb2676 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemux86-64 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemumips64 ?= "01a02b058f9a8941032b298b8d25c673526152f4"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "7329d33cf8f25f433ce8ca95787e1743344f7c5d"
+SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2

[gatesgarth][PATCH 18/30] linux-yocto/5.4: update to v5.4.83

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    2bff021f53b2 Linux 5.4.83
    66a08d1d3bd8 Revert "geneve: pull IP header before ECN decapsulation"
    ed58971beb47 x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes
    423e1b08ce5c netfilter: nftables_offload: set address type in control dissector
    13995410b616 netfilter: nf_tables: avoid false-postive lockdep splat
    f25fa580f99e Input: i8042 - fix error return code in i8042_setup_aux()
    b9df537e5fcd dm writecache: remove BUG() and fail gracefully instead
    8e2c50315f00 i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc()
    1015eefe10e2 rtw88: debug: Fix uninitialized memory in debugfs code
    af699e99efdc ASoC: wm_adsp: fix error return code in wm_adsp_load()
    fdc1416c2199 tipc: fix a deadlock when flushing scheduled work
    6410c7f53698 netfilter: ipset: prevent uninit-value in hash_ip6_add
    cd928d387b0b gfs2: check for empty rgrp tree in gfs2_ri_update
    c358e7e99dda can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check
    867fbf2bb739 lib/syscall: fix syscall registers retrieval on 32-bit platforms
    f68f5bdfefd9 tracing: Fix userstacktrace option for instances
    dbbf6cdab503 iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs
    d863a4ad3cc5 spi: bcm2835: Release the DMA channel if probe fails after dma_init
    83d5121c3b0f i2c: imx: Check for I2SR_IAL after every byte
    83366a7b2d34 i2c: imx: Fix reset of I2SR_IAL flag
    b0d4fa10bfcc speakup: Reject setting the speakup line discipline outside of speakup
    a2a163f70bdf mm/swapfile: do not sleep with a spin lock held
    4870004d30e3 mm: list_lru: set shrinker map bit when child nr_items is not zero
    42ccf9d14ede coredump: fix core_pattern parse error
    579c977253b6 x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes
    002d2c4a3f66 dm: remove invalid sparse __acquires and __releases annotations
    3b02d67064ff dm: fix bug with RCU locking in dm_blk_report_zones
    7eb514087cdd powerpc/pseries: Pass MSI affinity to irq_create_mapping()
    1f72986fc9df genirq/irqdomain: Add an irq_create_mapping_affinity() function
    6466119452a8 powerpc/64s/powernv: Fix memory corruption when saving SLB entries on MCE
    8a758e97b707 dm writecache: fix the maximum number of arguments
    3f680c5996f9 scsi: mpt3sas: Fix ioctl timeout
    812dff6a5250 drm/i915/gt: Program mocs:63 for cache eviction on gen9
    b92738c4f9d3 thunderbolt: Fix use-after-free in remove_unplugged_switch()
    ed201cb54d6f i2c: imx: Don't generate STOP condition if arbitration has been lost
    73948ab9f2df cifs: fix potential use-after-free in cifs_echo_request()
    a0ca8cb2f707 cifs: allow syscalls to be restarted in __smb_send_rqst()
    205740ca4a4d ftrace: Fix updating FTRACE_FL_TRAMP
    d18379bbb856 ALSA: hda/generic: Add option to enforce preferred_dacs pairs
    f28666e00a44 ALSA: hda/realtek - Add new codec supported for ALC897
    c57556f1798b ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294
    f3fc36614438 ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model
    de41002d2e0e ALSA: hda/realtek: Fix bass speaker DAC assignment on Asus Zephyrus G14
    35ee9ac51328 tty: Fix ->session locking
    c536ecd48560 tty: Fix ->pgrp locking in tiocspgrp()
    013d2d046532 USB: serial: option: fix Quectel BG96 matching
    3cf949422734 USB: serial: option: add support for Thales Cinterion EXS82
    0f8af69bec41 USB: serial: option: add Fibocom NL668 variants
    250930f60c33 USB: serial: ch341: sort device-id entries
    25b90f887dd4 USB: serial: ch341: add new Product ID for CH341A
    f0990c21af7d USB: serial: kl5kusb105: fix memleak on open
    8954745718e7 usb: gadget: f_fs: Use local copy of descriptors for userspace copy
    4a77729b25d6 Partially revert bpf: Zero-fill re-used per-cpu map element
    512b18eec5c2 pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH)
    e90d11d0be10 pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87c3841a7b4b9a440bd9aea91dea2a7161ab22be)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 5162c065ed..3754abbc66 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "65a53ac9134b9736ae67afc5fb02049f4908d8e3"
-SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
+SRCREV_machine ?= "7bc8ae3fc04fdc06192d39d725cb18d4c0b78d9f"
+SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.82"
+LINUX_VERSION ?= "5.4.83"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 01de087128..b06db10f9f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.82"
+LINUX_VERSION ?= "5.4.83"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "0c335c490cfe932664f2e40c791efa387f769df5"
-SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
+SRCREV_machine_qemuarm ?= "2b6db4fbe53a1986c0249bc663d8ce7d99cbf19c"
+SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index ebd25dab3e..21935ac171 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "844ffab23aca849f9f4cf89866229e079fc7aa11"
-SRCREV_machine_qemuarm64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_machine_qemumips ?= "7937b24594ecce307971a3b2871fc1286055d0c4"
-SRCREV_machine_qemuppc ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_machine_qemuriscv64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_machine_qemux86 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_machine_qemux86-64 ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_machine_qemumips64 ?= "0ba329b53891de44e4ef8d2ca8a948e1c6a5866c"
-SRCREV_machine ?= "53e9ea9bf3868442be0b1aef4e7624ec8143f10b"
-SRCREV_meta ?= "104cf3e89371ac8971fef69f55a6c788c46ec65a"
+SRCREV_machine_qemuarm ?= "78231a4abb434782470d272690b7792b7dc1c1c6"
+SRCREV_machine_qemuarm64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_machine_qemumips ?= "adca343488d22623848ba206071cc0fa67b79b6a"
+SRCREV_machine_qemuppc ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_machine_qemuriscv64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_machine_qemux86 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_machine_qemux86-64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_machine_qemumips64 ?= "75c7340de480587c3a6650b46be7b1a2f71501a9"
+SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
+SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.82"
+LINUX_VERSION ?= "5.4.83"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.29.2

[gatesgarth][PATCH 19/30] linux-yocto/5.8/cfg: fix -tiny warnings

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) for configuration tweaks:

    b976de4f41d drm: change CONFIG_DRM_KMS_HELPER to =m
    669f5aa3795 tiny: enable CONFIG_FW_LOADER on a per-BSP basis
    d94b2d9f137 i915: adust helper to 'm'

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d2c77a34d338d0347fb4206eb2185adc01e58416)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.8.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
index fae984cd4e..d20b8b10ab 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.8.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
+SRCREV_meta ?= "b976de4f41df1a50dc84839b64fb0ce2c6f9fb21"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.8;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
index b98d99a81f..a5135155d5 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.8.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "9509db6e3ed6a23b1f7495b53248d1cbfe22710b"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
+SRCREV_meta ?= "b976de4f41df1a50dc84839b64fb0ce2c6f9fb21"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.8.bb b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
index a2dacb2676..f6ebefbf1b 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.8.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.8.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemux86-64 ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
 SRCREV_machine_qemumips64 ?= "01a02b058f9a8941032b298b8d25c673526152f4"
 SRCREV_machine ?= "3c5d210805d61bea8f8a8081e0e3a89ea8a61f3f"
-SRCREV_meta ?= "25b672aa4759b6ceb48777eb586033a186091692"
+SRCREV_meta ?= "b976de4f41df1a50dc84839b64fb0ce2c6f9fb21"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2

[gatesgarth][PATCH 20/30] linux-yocto/5.4/cfg: fix -tiny warnings

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s) to fixup warnings when -tiny is
build with the latest kern-tools:

    b721178c41a drm: change CONFIG_DRM_KMS_HELPER to =m
    d9ac6174eaf tiny: enable CONFIG_FW_LOADER on a per-BSP basis
    a135c720bc7 i915: adust helper to 'm'

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9227facf178e7bc56cce2522cd63ffd18dd900aa)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 3754abbc66..f35de787e1 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "7bc8ae3fc04fdc06192d39d725cb18d4c0b78d9f"
-SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
+SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index b06db10f9f..2c7ce3621f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "2b6db4fbe53a1986c0249bc663d8ce7d99cbf19c"
 SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
+SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 21935ac171..475efbfc93 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
 SRCREV_machine_qemux86-64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
 SRCREV_machine_qemumips64 ?= "75c7340de480587c3a6650b46be7b1a2f71501a9"
 SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "cd9826707f887241a661ea886cfa19f8d282438c"
+SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2

[gatesgarth][PATCH 21/30] linux-yocto/5.4/cfg: fix FIRMWARE_LOADER warnings

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Integrating the following commit(s):

    a1b2d188bdf config: set firmware loader to 'y'

The updated kern-tools are showing us warnings that were previously
hidden. To silence the fw_loader warning, we need to set the value
to 'y' (since it is 'y' selected by other options and we can't
override that).

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 491665d42f3a7b139ab0f220e8e18dcd29f1e2e6)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb   | 2 +-
 meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | 2 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index f35de787e1..1fda45f7aa 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -12,7 +12,7 @@ python () {
 }
 
 SRCREV_machine ?= "7bc8ae3fc04fdc06192d39d725cb18d4c0b78d9f"
-SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
+SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 2c7ce3621f..0d29f8f63c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -17,7 +17,7 @@ KCONF_BSP_AUDIT_LEVEL = "2"
 
 SRCREV_machine_qemuarm ?= "2b6db4fbe53a1986c0249bc663d8ce7d99cbf19c"
 SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
+SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 475efbfc93..3a987e90f5 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -21,7 +21,7 @@ SRCREV_machine_qemux86 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
 SRCREV_machine_qemux86-64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
 SRCREV_machine_qemumips64 ?= "75c7340de480587c3a6650b46be7b1a2f71501a9"
 SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "b721178c41a2bffd19cc9be9e33af23b7a4affd9"
+SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
-- 
2.29.2

[gatesgarth][PATCH 22/30] linux-yocto/5.4: update to v5.4.85

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:

    19d1c763e849 Linux 5.4.85
    484ac6279ad2 x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled
    eb3f42cf5e67 x86/resctrl: Remove unused struct mbm_state::chunks_bw
    c4f909407015 membarrier: Explicitly sync remote cores when SYNC_CORE is requested
    a840e37ef800 Revert "selftests/ftrace: check for do_sys_openat2 in user-memory test"
    aa17a20d640d KVM: mmu: Fix SPTE encoding of MMIO generation upper half
    bb07f4c93e62 serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access
    14482dc42c28 ALSA: pcm: oss: Fix potential out-of-bounds shift
    c94a31c19225 USB: sisusbvga: Make console support depend on BROKEN
    4ad8fc6cce01 USB: UAS: introduce a quirk to set no_write_same
    397d0ae4cb90 xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP
    32c820e016b4 xhci: Give USB2 ports time to enter U3 in bus suspend
    5828ae0c1920 ALSA: usb-audio: Fix control 'access overflow' errors from chmap
    e72a55ea7168 ALSA: usb-audio: Fix potential out-of-bounds shift
    56339afa39e5 USB: add RESET_RESUME quirk for Snapscan 1212
    52c2ada6fe5e USB: dummy-hcd: Fix uninitialized array use in init()
    497993377bca ktest.pl: If size of log is too big to email, email error message
    a8d28a541500 net: stmmac: delete the eee_ctrl_timer after napi disabled
    ee08543f4598 net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux
    5ae78c6926cc net: ll_temac: Fix potential NULL dereference in temac_probe()
    717a140a3635 net/mlx4_en: Handle TX error CQE
    d0363dcabbd1 lan743x: fix for potential NULL pointer dereference with bare card
    d4107a0f8802 net/mlx4_en: Avoid scheduling restart task if it is already running
    add880d788f0 tcp: fix cwnd-limited bug for TSO deferral where we send nothing
    5189c070a0d7 tcp: select sane initial rcvq_space.space for big MSS
    318d90218b21 net: stmmac: free tx skb buffer in stmmac_resume()
    d8d39e13668a bridge: Fix a deadlock when enabling multicast snooping
    cb327f83cf5e enetc: Fix reporting of h/w packet counters
    408c8213ee97 udp: fix the proto value passed to ip_protocol_deliver_rcu for the segments
    f7a756fc7cb9 net: hns3: remove a misused pragma packed
    2ef23e860e76 vrf: packets with lladdr src needs dst at input with orig_iif when needs strict
    cae90bd22cff net: bridge: vlan: fix error return code in __vlan_add()
    2e6a15b0b3d4 mac80211: mesh: fix mesh_pathtbl_init() error path
    1fe6b822b335 ipv4: fix error return code in rtm_to_fib_config()
    8b4f08f28015 ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info()
    8a866bdbbac2 Linux 5.4.84
    c2c5dc84ac51 compiler.h: fix barrier_data() on clang
    69dc72f058c9 mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING
    3349f1e4cf6d x86/apic/vector: Fix ordering in vector assignment
    e3c1d51868f3 x86/membarrier: Get rid of a dubious optimization
    6346ed69bc7c x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP
    258d646f006b scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()"
    7d5fc53439a1 proc: use untagged_addr() for pagemap_read addresses
    6472d3ae6ef5 kbuild: avoid static_assert for genksyms
    0cd7084a2a03 drm/i915/display/dp: Compute the correct slice count for VDSC on DP
    60c1c68fae5e mmc: block: Fixup condition for CMD13 polling for RPMB requests
    974aa59837ed pinctrl: amd: remove debounce filter setting in IRQ type setting
    457f5289b7e7 Input: i8042 - add Acer laptops to the i8042 reset list
    cf596f3906e9 Input: cm109 - do not stomp on control URB
    d2d113aca34f ktest.pl: Fix incorrect reboot for grub2bls
    181088e37b1d can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0
    38b1dbc1229c platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet
    2fa99f6f8f60 platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC
    21aa2d1f2bfb platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE
    010e6e816f54 platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen
    4778a11e0500 platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e
    eb5e28ffe39a arm64: tegra: Disable the ACONNECT for Jetson TX2
    c7e271337402 soc: fsl: dpio: Get the cpumask through cpumask_of(cpu)
    37aa8318ed43 spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts
    864fbeab8c99 irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend
    47fac0ccf775 ibmvnic: skip tx timeout reset while in resetting
    c0450df6d0f7 interconnect: qcom: qcs404: Remove GPU and display RPM IDs
    adad2bc9f303 scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
    b184e9800867 ARC: stack unwinding: don't assume non-current task is sleeping
    8ed74a012206 arm64: dts: broadcom: clear the warnings caused by empty dma-ranges
    acac3f7d7d22 powerpc: Drop -me200 addition to build flags
    8012a30b9e16 iwlwifi: mvm: fix kernel panic in case of assert during CSA
    c90527770b88 iwlwifi: pcie: set LTR to avoid completion timeout
    d411a07d6c04 arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards.
    0e6cae4e8181 iwlwifi: pcie: limit memory read spin time
    591afbc97c18 x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S
    018b05e0f05b Kbuild: do not emit debug info for assembly with LLVM_IAS=1

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit 3dd19af60e5e4059ce7c7a67ff16fba1cb00de80)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 1fda45f7aa..d505949eb8 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "7bc8ae3fc04fdc06192d39d725cb18d4c0b78d9f"
-SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
+SRCREV_machine ?= "baf3ccf7c7cfaf9515d8c8b3b639d7bbb0564594"
+SRCREV_meta ?= "1c358e19696827b594de26a221f110fc2647dfa8"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.83"
+LINUX_VERSION ?= "5.4.85"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 0d29f8f63c..fea9ae26c1 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.83"
+LINUX_VERSION ?= "5.4.85"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "2b6db4fbe53a1986c0249bc663d8ce7d99cbf19c"
-SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
+SRCREV_machine_qemuarm ?= "f7f4bcebdd599197cde6f1d1985cb1ef1f3e8a54"
+SRCREV_machine ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_meta ?= "1c358e19696827b594de26a221f110fc2647dfa8"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 3a987e90f5..a3feeae966 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "78231a4abb434782470d272690b7792b7dc1c1c6"
-SRCREV_machine_qemuarm64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_machine_qemumips ?= "adca343488d22623848ba206071cc0fa67b79b6a"
-SRCREV_machine_qemuppc ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_machine_qemuriscv64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_machine_qemux86 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_machine_qemux86-64 ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_machine_qemumips64 ?= "75c7340de480587c3a6650b46be7b1a2f71501a9"
-SRCREV_machine ?= "21f1b92bddf5f6678f2c28da8d1a8a8160e39cf1"
-SRCREV_meta ?= "a1b2d188bdfc855ff9dff770480a24cecf66285d"
+SRCREV_machine_qemuarm ?= "888fe3a6f7776f5732c3c4cf4c862447e646c25e"
+SRCREV_machine_qemuarm64 ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_machine_qemumips ?= "459ad51fb16465be3d291217a10bcb9d055f5775"
+SRCREV_machine_qemuppc ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_machine_qemuriscv64 ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_machine_qemux86 ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_machine_qemux86-64 ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_machine_qemumips64 ?= "7eff01977ef77715ebc3e5a126534c39fe4ac918"
+SRCREV_machine ?= "4f2b484a791fac88262922aa26ddd5ac3df9720f"
+SRCREV_meta ?= "1c358e19696827b594de26a221f110fc2647dfa8"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.83"
+LINUX_VERSION ?= "5.4.85"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.29.2

[gatesgarth][PATCH 23/30] diffstat: point the license checksum at the license

[Anuj Mittal]

From: Ross Burton <ross@burtonini.com>

Previously install-sh was used, which is installed by autoconf so isn't
a relevant license.

Also remove S assignment, as that's the default.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 23cb39a5fa2a55681e7bc2605f435135cec9173b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-devtools/diffstat/diffstat_1.63.bb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/diffstat/diffstat_1.63.bb b/meta/recipes-devtools/diffstat/diffstat_1.63.bb
index 61b2ea5dc2..863f924b22 100644
--- a/meta/recipes-devtools/diffstat/diffstat_1.63.bb
+++ b/meta/recipes-devtools/diffstat/diffstat_1.63.bb
@@ -5,7 +5,7 @@ reviewing large, complex patch files."
 HOMEPAGE = "http://invisible-island.net/diffstat/"
 SECTION = "devel"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://install-sh;endline=42;md5=b3549726c1022bee09c174c72a0ca4a5"
+LIC_FILES_CHKSUM = "file://COPYING;md5=a3d0bb117493e804b0c1a868ddf23321"
 
 SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \
            file://run-ptest \
@@ -16,8 +16,6 @@ SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \
 SRC_URI[md5sum] = "b9272ec8af6257103261ec3622692991"
 SRC_URI[sha256sum] = "7eddd53401b99b90bac3f7ebf23dd583d7d99c6106e67a4f1161b7a20110dc6f"
 
-S = "${WORKDIR}/diffstat-${PV}"
-
 inherit autotools gettext ptest
 
 EXTRA_AUTORECONF += "--exclude=aclocal"
-- 
2.29.2

[gatesgarth][PATCH 24/30] coreutils: enable xattrs by default for nativesdk

[Anuj Mittal]

From: Nathan Rossi <nathan@nathanrossi.com>

When using coreutils nativesdk (e.g. with buildtools-tarball) for
running oe-core builds, a number of recipes/classes/etc. expect xattr
support. This requirement is also expressed by the existing
PACKAGECONFIG_class-native default including xattrs.

Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 80d7debffdeed165006b26dcb89cffafaaecca06)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/coreutils/coreutils_8.32.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-core/coreutils/coreutils_8.32.bb b/meta/recipes-core/coreutils/coreutils_8.32.bb
index 4eb357e310..320f93bdc2 100644
--- a/meta/recipes-core/coreutils/coreutils_8.32.bb
+++ b/meta/recipes-core/coreutils/coreutils_8.32.bb
@@ -39,6 +39,9 @@ PACKAGECONFIG_class-target ??= "\
 # The lib/oe/path.py requires xattr
 PACKAGECONFIG_class-native ??= "xattr"
 
+# oe-core builds need xattr support
+PACKAGECONFIG_class-nativesdk ??= "xattr"
+
 # with, without, depends, rdepends
 #
 PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl,"
-- 
2.29.2

[gatesgarth][PATCH 25/30] initscripts: use quotes for shell variable comparision

[Anuj Mittal]

From: Khem Raj <raj.khem@gmail.com>

Helps to execute it with busybox shell

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 45ba0ca0352bca46f974d28781ac935d8e9ec3ea)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
index 02f0351fcb..a63e71b780 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
@@ -74,7 +74,7 @@ test "$VERBOSE" != no && echo "Activating swap"
 #
 # Check the root filesystem.
 #
-if test -f /fastboot || test $rootcheck = no
+if test -f /fastboot || test "$rootcheck" = "no"
 then
   test $rootcheck = yes && echo "Fast boot, no filesystem check"
 else
-- 
2.29.2

[gatesgarth][PATCH 26/30] oeqa/commands: Ensure sync can be found regardless of PATH

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Avoid command not found errors shown in selftest logs due to changes to PATH
settings which also risks intermittent problems due to IO load.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 40bcae01b0be2f293dea9ab42c6b7f8f47827cf5)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/utils/commands.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/lib/oeqa/utils/commands.py b/meta/lib/oeqa/utils/commands.py
index 8059cbce3e..8b3e12038d 100644
--- a/meta/lib/oeqa/utils/commands.py
+++ b/meta/lib/oeqa/utils/commands.py
@@ -188,7 +188,10 @@ def runCmd(command, ignore_status=False, timeout=None, assert_error=True, sync=T
     # call sync around the tests to ensure the IO queue doesn't get too large, taking any IO
     # hit here rather than in bitbake shutdown.
     if sync:
+        p = os.environ['PATH']
+        os.environ['PATH'] = "/usr/bin:/bin:/usr/sbin:/sbin:" + p
         os.system("sync")
+        os.environ['PATH'] = p
 
     result.command = command
     result.status = cmd.status
-- 
2.29.2

[gatesgarth][PATCH 27/30] lib/oe/path: Add canonicalize()

[Anuj Mittal]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

oe.path.canonicalize() is used to canonicalize paths (i.e., remove
symbolic links and "..", and make them absolute). It takes a string
with paths separated by commas, and returns the canonicalized path in
the same format.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 282b19c0e27488ec119f00fb2542ffdc1af54e2a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oe/path.py | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/meta/lib/oe/path.py b/meta/lib/oe/path.py
index 082972457b..c8d8ad05b9 100644
--- a/meta/lib/oe/path.py
+++ b/meta/lib/oe/path.py
@@ -320,3 +320,24 @@ def which_wild(pathname, path=None, mode=os.F_OK, *, reverse=False, candidates=F
 
     return files
 
+def canonicalize(paths, sep=','):
+    """Given a string with paths (separated by commas by default), expand
+    each path using os.path.realpath() and return the resulting paths as a
+    string (separated using the same separator a the original string).
+    """
+    # Ignore paths containing "$" as they are assumed to be unexpanded bitbake
+    # variables. Normally they would be ignored, e.g., when passing the paths
+    # through the shell they would expand to empty strings. However, when they
+    # are passed through os.path.realpath(), it will cause them to be prefixed
+    # with the absolute path to the current directory and thus not be empty
+    # anymore.
+    #
+    # Also maintain trailing slashes, as the paths may actually be used as
+    # prefixes in sting compares later on, where the slashes then are important.
+    canonical_paths = []
+    for path in (paths or '').split(sep):
+        if '$' not in path:
+            trailing_slash = path.endswith('/') and '/' or ''
+            canonical_paths.append(os.path.realpath(path) + trailing_slash)
+
+    return sep.join(canonical_paths)
-- 
2.29.2

[gatesgarth][PATCH 28/30] bitbake.conf: Canonicalize paths in PSEUDO_IGNORE_PATHS

[Anuj Mittal]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

Use oe.path.canonicalize() to canonicalize the paths in
PSEUDO_IGNORE_PATHS before passing them to pseudo. This is needed since
pseudo will compare them to paths that are canonicalized.

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1f2a497daa09cf3459e27ad6e0e8513938b52c79)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/conf/bitbake.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 0d38eac094..812cd05102 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -691,9 +691,9 @@ export PSEUDO_DISABLED = "1"
 #export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}"
 #export PSEUDO_BINDIR = "${STAGING_DIR_NATIVE}${bindir_native}"
 #export PSEUDO_LIBDIR = "${STAGING_DIR_NATIVE}$PSEUDOBINDIR/../lib/pseudo/lib
-FAKEROOTBASEENV = "PSEUDO_BINDIR=${PSEUDO_SYSROOT}${bindir_native} PSEUDO_LIBDIR=${PSEUDO_SYSROOT}${prefix_native}/lib/pseudo/lib PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_IGNORE_PATHS=${PSEUDO_IGNORE_PATHS} PSEUDO_DISABLED=1"
+FAKEROOTBASEENV = "PSEUDO_BINDIR=${PSEUDO_SYSROOT}${bindir_native} PSEUDO_LIBDIR=${PSEUDO_SYSROOT}${prefix_native}/lib/pseudo/lib PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=1"
 FAKEROOTCMD = "${PSEUDO_SYSROOT}${bindir_native}/pseudo"
-FAKEROOTENV = "PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} PSEUDO_PASSWD=${PSEUDO_PASSWD} PSEUDO_NOSYMLINKEXP=1 PSEUDO_IGNORE_PATHS=${PSEUDO_IGNORE_PATHS} PSEUDO_DISABLED=0"
+FAKEROOTENV = "PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} PSEUDO_PASSWD=${PSEUDO_PASSWD} PSEUDO_NOSYMLINKEXP=1 PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=0"
 FAKEROOTNOENV = "PSEUDO_UNLOAD=1"
 FAKEROOTDIRS = "${PSEUDO_LOCALSTATEDIR}"
 PREFERRED_PROVIDER_virtual/fakeroot-native ?= "pseudo-native"
-- 
2.29.2

[gatesgarth][PATCH 29/30] wic: Pass canonicalized paths in PSEUDO_IGNORE_PATHS

[Anuj Mittal]

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 55618cbd58d6784a82e773f323723be6f722232f)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 scripts/lib/wic/partition.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index ebe250b00d..286c7867cb 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -207,11 +207,21 @@ class Partition():
 
         p_prefix = os.environ.get("PSEUDO_PREFIX", "%s/usr" % native_sysroot)
         if (pseudo_dir):
+            # Canonicalize the ignore paths. This corresponds to
+            # calling oe.path.canonicalize(), which is used in bitbake.conf.
+            ignore_paths = [rootfs] + (get_bitbake_var("PSEUDO_IGNORE_PATHS") or "").split(",")
+            canonical_paths = []
+            for path in ignore_paths:
+                if "$" not in path:
+                    trailing_slash = path.endswith("/") and "/" or ""
+                    canonical_paths.append(os.path.realpath(path) + trailing_slash)
+            ignore_paths = ",".join(canonical_paths)
+
             pseudo = "export PSEUDO_PREFIX=%s;" % p_prefix
             pseudo += "export PSEUDO_LOCALSTATEDIR=%s;" % pseudo_dir
             pseudo += "export PSEUDO_PASSWD=%s;" % rootfs_dir
             pseudo += "export PSEUDO_NOSYMLINKEXP=1;"
-            pseudo += "export PSEUDO_IGNORE_PATHS=%s;" % (rootfs + "," + (get_bitbake_var("PSEUDO_IGNORE_PATHS") or ""))
+            pseudo += "export PSEUDO_IGNORE_PATHS=%s;" % ignore_paths
             pseudo += "%s " % get_bitbake_var("FAKEROOTCMD")
         else:
             pseudo = None
-- 
2.29.2

[gatesgarth][PATCH 30/30] bitbake.conf: Prevent pyc file generation in pseudo context

[Anuj Mittal]

From: Paul Barker <pbarker@konsulko.com>

This also effectively reverts commit b6d30c21b0:
    bitbake.conf: Extend PSEUDO_IGNORE_PATHS to ${COREBASE}/meta

The contents of ${COREBASE}/meta were ignored as pyc files could be
generated for the contents of the lib subdirectory if python modules
were imported within a pseudo context. However this doesn't protect us
from pyc files being generated in the lib directories for other layers.
It's far better to tell python not to produce pyc files when running
under pseudo (by setting the PYTHONDONTWRITEBYTECODE variable) as this
will cover any location where pyc files could possibly be created. This
variable is set in FAKEROOTBASEENV so that it applies to the
bitbake-worker instance for fakeroot tasks, preventing pyc files from
being generated for imports in python tasks themselves.

Also add a test case to ensure that pyc files are not created in tasks
which are executed under pseudo.

Signed-off-by: Paul Barker <pbarker@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 73d538f20743017a44cea4c20dbe09a0327cfc71)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta-selftest/lib/pseudo_pyc_test1.py         |  1 +
 meta-selftest/lib/pseudo_pyc_test2.py         |  1 +
 .../pseudo-pyc-test/pseudo-pyc-test.bb        | 15 +++++++++++
 meta/conf/bitbake.conf                        |  4 +--
 meta/lib/oeqa/selftest/cases/pseudo.py        | 27 +++++++++++++++++++
 5 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 meta-selftest/lib/pseudo_pyc_test1.py
 create mode 100644 meta-selftest/lib/pseudo_pyc_test2.py
 create mode 100644 meta-selftest/recipes-test/pseudo-pyc-test/pseudo-pyc-test.bb
 create mode 100644 meta/lib/oeqa/selftest/cases/pseudo.py

diff --git a/meta-selftest/lib/pseudo_pyc_test1.py b/meta-selftest/lib/pseudo_pyc_test1.py
new file mode 100644
index 0000000000..b59abdd536
--- /dev/null
+++ b/meta-selftest/lib/pseudo_pyc_test1.py
@@ -0,0 +1 @@
+STRING = "pseudo_pyc_test1"
diff --git a/meta-selftest/lib/pseudo_pyc_test2.py b/meta-selftest/lib/pseudo_pyc_test2.py
new file mode 100644
index 0000000000..fb67a978e0
--- /dev/null
+++ b/meta-selftest/lib/pseudo_pyc_test2.py
@@ -0,0 +1 @@
+STRING = "pseudo_pyc_test2"
diff --git a/meta-selftest/recipes-test/pseudo-pyc-test/pseudo-pyc-test.bb b/meta-selftest/recipes-test/pseudo-pyc-test/pseudo-pyc-test.bb
new file mode 100644
index 0000000000..12dc91a8f3
--- /dev/null
+++ b/meta-selftest/recipes-test/pseudo-pyc-test/pseudo-pyc-test.bb
@@ -0,0 +1,15 @@
+SUMMARY = "pseudo env test"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+python do_compile() {
+    import pseudo_pyc_test1
+    print(pseudo_pyc_test1.STRING)
+}
+
+python do_install() {
+    import pseudo_pyc_test2
+    print(pseudo_pyc_test2.STRING)
+}
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 812cd05102..da6db9f595 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -685,13 +685,13 @@ SRC_URI = ""
 PSEUDO_LOCALSTATEDIR ?= "${WORKDIR}/pseudo/"
 PSEUDO_PASSWD ?= "${STAGING_DIR_TARGET}:${PSEUDO_SYSROOT}"
 PSEUDO_SYSROOT = "${COMPONENTS_DIR}/${BUILD_ARCH}/pseudo-native"
-PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR},${WORKDIR}/pkgdata-sysroot,${TMPDIR}/sstate-control,${DEPLOY_DIR},${WORKDIR}/deploy-,${TMPDIR}/buildstats,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/sstate-build-image_complete,${TMPDIR}/sysroots-components,${BUILDHISTORY_DIR},${TMPDIR}/pkgdata,${TOPDIR}/cache,${COREBASE}/scripts,${COREBASE}/meta,${CCACHE_DIR}"
+PSEUDO_IGNORE_PATHS = "/usr/,/etc/,/lib,/dev/,${T},${WORKDIR}/recipe-sysroot,${SSTATE_DIR},${STAMPS_DIR},${WORKDIR}/pkgdata-sysroot,${TMPDIR}/sstate-control,${DEPLOY_DIR},${WORKDIR}/deploy-,${TMPDIR}/buildstats,${WORKDIR}/sstate-build-package_,${WORKDIR}/sstate-install-package_,${WORKDIR}/sstate-build-image_complete,${TMPDIR}/sysroots-components,${BUILDHISTORY_DIR},${TMPDIR}/pkgdata,${TOPDIR}/cache,${COREBASE}/scripts,${CCACHE_DIR}"
 
 export PSEUDO_DISABLED = "1"
 #export PSEUDO_PREFIX = "${STAGING_DIR_NATIVE}${prefix_native}"
 #export PSEUDO_BINDIR = "${STAGING_DIR_NATIVE}${bindir_native}"
 #export PSEUDO_LIBDIR = "${STAGING_DIR_NATIVE}$PSEUDOBINDIR/../lib/pseudo/lib
-FAKEROOTBASEENV = "PSEUDO_BINDIR=${PSEUDO_SYSROOT}${bindir_native} PSEUDO_LIBDIR=${PSEUDO_SYSROOT}${prefix_native}/lib/pseudo/lib PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=1"
+FAKEROOTBASEENV = "PSEUDO_BINDIR=${PSEUDO_SYSROOT}${bindir_native} PSEUDO_LIBDIR=${PSEUDO_SYSROOT}${prefix_native}/lib/pseudo/lib PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=1 PYTHONDONTWRITEBYTECODE=1"
 FAKEROOTCMD = "${PSEUDO_SYSROOT}${bindir_native}/pseudo"
 FAKEROOTENV = "PSEUDO_PREFIX=${PSEUDO_SYSROOT}${prefix_native} PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} PSEUDO_PASSWD=${PSEUDO_PASSWD} PSEUDO_NOSYMLINKEXP=1 PSEUDO_IGNORE_PATHS=${@oe.path.canonicalize(d.getVar('PSEUDO_IGNORE_PATHS'))} PSEUDO_DISABLED=0"
 FAKEROOTNOENV = "PSEUDO_UNLOAD=1"
diff --git a/meta/lib/oeqa/selftest/cases/pseudo.py b/meta/lib/oeqa/selftest/cases/pseudo.py
new file mode 100644
index 0000000000..33593d5ce9
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/pseudo.py
@@ -0,0 +1,27 @@
+#
+# SPDX-License-Identifier: MIT
+#
+
+import glob
+import os
+import shutil
+from oeqa.utils.commands import bitbake, get_test_layer
+from oeqa.selftest.case import OESelftestTestCase
+
+class Pseudo(OESelftestTestCase):
+
+    def test_pseudo_pyc_creation(self):
+        self.write_config("")
+
+        metaselftestpath = get_test_layer()
+        pycache_path = os.path.join(metaselftestpath, 'lib/__pycache__')
+        if os.path.exists(pycache_path):
+            shutil.rmtree(pycache_path)
+
+        bitbake('pseudo-pyc-test -c install')
+
+        test1_pyc_present = len(glob.glob(os.path.join(pycache_path, 'pseudo_pyc_test1.*.pyc')))
+        self.assertTrue(test1_pyc_present, 'test1 pyc file missing, should be created outside of pseudo context.')
+
+        test2_pyc_present = len(glob.glob(os.path.join(pycache_path, 'pseudo_pyc_test2.*.pyc')))
+        self.assertFalse(test2_pyc_present, 'test2 pyc file present, should not be created in pseudo context.')
-- 
2.29.2

Re: [OE-core] [gatesgarth][PATCH 00/30] patch review request

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 5622 bytes --]

There is one pseudo related change missing in this pull:
https://git.openembedded.org/openembedded-core/commit/?id=39423a33595e7ade82fc88f55823660f8532cb84

I'll send cherry-pick to gatesgarth shortly.

On Fri, Jan 8, 2021 at 5:18 AM Anuj Mittal <anuj.mittal@intel.com> wrote:

> Please review these changes for gatesgarth. Builds cleanly on
> autobuilder.
>
> Thanks,
>
> Anuj
>
> The following changes since commit
> a2eebe92daf0e0fb11422ea17f7029aeab2bcb9e:
>
>   apr-util: Only specify --with-dbm=gdbm if gdbm support is enabled
> (2020-12-28 09:53:26 +0800)
>
> are available in the Git repository at:
>
>   git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth
>
> Alexander Kanavin (1):
>   devtool: gitsm:// should be handled same as git:// in upgrades
>
> Bruce Ashfield (8):
>   linux-yocto/cfg: qemuppc: set CONFIG_SCSI to '=y'
>   linux-yocto/5.4: update to v5.4.82
>   linux-yocto/cfg: qemuarm64-gfx.cfg: add CONFIG_INPUT_UINPUT
>   linux-yocto/5.4: update to v5.4.83
>   linux-yocto/5.8/cfg: fix -tiny warnings
>   linux-yocto/5.4/cfg: fix -tiny warnings
>   linux-yocto/5.4/cfg: fix FIRMWARE_LOADER warnings
>   linux-yocto/5.4: update to v5.4.85
>
> Changqing Li (1):
>   libexif: fix CVE-2020-0198; CVE-2020-0452
>
> Khem Raj (1):
>   initscripts: use quotes for shell variable comparision
>
> Lee Chee Yang (2):
>   glib-2.0: fix CVE-2020-35457
>   wic/direct/kparser: ensure fsuuid for vfat and msdos align with format
>
> Li Wang (2):
>   qemu: CVE-2020-25723
>   qemu: CVE-2020-28916
>
> Nathan Rossi (1):
>   coreutils: enable xattrs by default for nativesdk
>
> Ovidiu Panait (2):
>   timezone: upgrade to 2020e
>   timezone: upgrade to 2020f
>
> Paul Barker (1):
>   bitbake.conf: Prevent pyc file generation in pseudo context
>
> Peter Kjellerstedt (3):
>   lib/oe/path: Add canonicalize()
>   bitbake.conf: Canonicalize paths in PSEUDO_IGNORE_PATHS
>   wic: Pass canonicalized paths in PSEUDO_IGNORE_PATHS
>
> Richard Purdie (3):
>   grub: Further reproducibility fix
>   man-db: Fix reproducibility issue
>   oeqa/commands: Ensure sync can be found regardless of PATH
>
> Robert Joslyn (1):
>   openssl: Update to 1.1.1i
>
> Ross Burton (1):
>   diffstat: point the license checksum at the license
>
> Scott Murray (2):
>   grub: fix "CVE:" line in one of the patches
>   patch: fix CVE-2019-20633
>
> Steve Sakoman (1):
>   oeqa/selftest/cases/devtool.py: fix typo in ignore_patterns call
>
>  meta-selftest/lib/pseudo_pyc_test1.py         |  1 +
>  meta-selftest/lib/pseudo_pyc_test2.py         |  1 +
>  .../pseudo-pyc-test/pseudo-pyc-test.bb        | 15 +++++
>  meta/conf/bitbake.conf                        |  6 +-
>  meta/lib/oe/path.py                           | 21 ++++++
>  meta/lib/oeqa/selftest/cases/devtool.py       |  2 +-
>  meta/lib/oeqa/selftest/cases/pseudo.py        | 27 ++++++++
>  meta/lib/oeqa/utils/commands.py               |  3 +
>  ...low-checking-primitives-where-we-do-.patch |  2 +-
>  meta/recipes-bsp/grub/files/determinism.patch | 16 +++++
>  .../{openssl_1.1.1g.bb => openssl_1.1.1i.bb}  |  2 +-
>  meta/recipes-core/coreutils/coreutils_8.32.bb |  3 +
>  .../glib-2.0/glib-2.0/CVE-2020-35457.patch    | 41 ++++++++++++
>  meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb |  1 +
>  .../initscripts/initscripts-1.0/checkroot.sh  |  2 +-
>  .../diffstat/diffstat_1.63.bb                 |  4 +-
>  .../patch/patch/CVE-2019-20633.patch          | 31 +++++++++
>  meta/recipes-devtools/patch/patch_2.7.6.bb    |  1 +
>  meta/recipes-devtools/qemu/qemu.inc           |  2 +
>  .../qemu/qemu/CVE-2020-25723.patch            | 51 ++++++++++++++
>  .../qemu/qemu/CVE-2020-28916.patch            | 49 ++++++++++++++
>  meta/recipes-extended/man-db/man-db_2.9.3.bb  |  1 +
>  meta/recipes-extended/timezone/timezone.inc   |  6 +-
>  .../linux/linux-yocto-rt_5.4.bb               |  6 +-
>  .../linux/linux-yocto-rt_5.8.bb               |  2 +-
>  .../linux/linux-yocto-tiny_5.4.bb             |  8 +--
>  .../linux/linux-yocto-tiny_5.8.bb             |  2 +-
>  meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++----
>  meta/recipes-kernel/linux/linux-yocto_5.8.bb  |  2 +-
>  .../libexif/files/CVE-2020-0198.patch         | 66 +++++++++++++++++++
>  .../libexif/files/CVE-2020-0452.patch         | 39 +++++++++++
>  .../recipes-support/libexif/libexif_0.6.22.bb |  2 +
>  scripts/lib/devtool/upgrade.py                |  4 +-
>  scripts/lib/wic/ksparser.py                   | 17 +++++
>  scripts/lib/wic/partition.py                  | 12 +++-
>  scripts/lib/wic/plugins/imager/direct.py      |  7 ++
>  36 files changed, 440 insertions(+), 37 deletions(-)
>  create mode 100644 meta-selftest/lib/pseudo_pyc_test1.py
>  create mode 100644 meta-selftest/lib/pseudo_pyc_test2.py
>  create mode 100644 meta-selftest/recipes-test/pseudo-pyc-test/
> pseudo-pyc-test.bb
>  create mode 100644 meta/lib/oeqa/selftest/cases/pseudo.py
>  rename meta/recipes-connectivity/openssl/{openssl_1.1.1g.bb =>
> openssl_1.1.1i.bb} (98%)
>  create mode 100644
> meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
>  create mode 100644 meta/recipes-devtools/patch/patch/CVE-2019-20633.patch
>  create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch
>  create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-28916.patch
>  create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0198.patch
>  create mode 100644 meta/recipes-support/libexif/files/CVE-2020-0452.patch
>
> --
> 2.29.2
>
>
> 
>
>

[-- Attachment #2: Type: text/html, Size: 8032 bytes --]

[gatesgarth][PATCH 00/30] patch review request

[Anuj Mittal]

Please review these next set of changes for gatesgarth. Builds fine on
autobuilder except for a known intermittent task hash mismatch failure.

Thanks,

Anuj

The following changes since commit ebaaee50cb3ac75112827f935c48affaf622ce7f:

  build-appliance-image: Update to gatesgarth head revision (2021-02-16 11:44:29 +0000)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/gatesgarth

Chee Yang Lee (1):
  initrdscripts: init-install-efi.sh install extra files for ESP

Dorinda (1):
  oe-pkgdata-util: Check if environment script is initialized

Joshua Watt (7):
  libomxil: Fix up commercial license flag
  weston: remoting backend requires GStreamer base plugins
  oeqa: reproducible: Fix SSTATE_MIRRORS variable
  oeqa: reproducible: Add more logging
  systemd: Re-enable chvt as non-root user without polkit
  bison: Fix up file name mapping
  acpica: Fix reproducibility issues

Khem Raj (1):
  tcf-agent: Fix build on riscv32

Lee Chee Yang (3):
  wic: debug mode to keep tmp directory
  qemu: fix CVE-2020-29443 CVE-2020-35517
  openssh: fix CVE-2020-14145

Marek Vasut (1):
  weston-init: Fix weston-keyboard path in weston.ini

Richard Leitner (1):
  deb: export INTERCEPT_DIR for remove actions

Richard Purdie (13):
  pseudo: Update for rename and faccessat fixes
  pseudo: Update to include fixes for glibc 2.33
  opkg: Fix build reproducibility issue
  opkg: Fix patch glitches
  cwautomacros: Ensure version is set deterministically
  vim: Improve determinism
  vim: Fix a race over creation of the desktop files
  package_manager/deb: Fix image generation with package removal
  quilt: Be determnistic about column presence
  buildtools-extended-tarball: Add glibc-gconvs needed for build
  watchdog: Fix determinism issue from sendmail host path
  watchdog: Avoid reproducibility failures after fixing build
  xmlto: Fix reproducibility

Vivien Didelot (1):
  local.conf.sample.extended: fix double 'of' typo

akuster (1):
  connman: update to 1.39

 meta/conf/local.conf.sample.extended          |   2 +-
 meta/lib/oe/package_manager/deb/__init__.py   |   6 +
 meta/lib/oeqa/selftest/cases/reproducible.py  |   5 +-
 meta/lib/oeqa/selftest/cases/wic.py           |   2 +
 .../{connman_1.38.bb => connman_1.39.bb}      |   3 +-
 .../openssh/openssh/CVE-2020-14145.patch      |  90 +++++++
 .../openssh/openssh_8.3p1.bb                  |   1 +
 .../initrdscripts/files/init-install-efi.sh   |   5 +
 .../meta/buildtools-extended-tarball.bb       |  10 +
 ...chvt-as-non-root-user-without-polkit.patch | 227 ++++++++++++++++++
 meta/recipes-core/systemd/systemd_246.9.bb    |   1 +
 ...001-Use-mapped-file-name-for-symbols.patch |  62 +++++
 meta/recipes-devtools/bison/bison_3.7.2.bb    |   1 +
 .../opkg/opkg/sourcedateepoch.patch           |  24 ++
 meta/recipes-devtools/opkg/opkg_0.4.3.bb      |   1 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   2 +-
 meta/recipes-devtools/qemu/qemu.inc           |   2 +
 .../qemu/qemu/CVE-2020-29443.patch            |  46 ++++
 .../qemu/qemu/CVE-2020-35517.patch            | 126 ++++++++++
 meta/recipes-devtools/quilt/quilt.inc         |   2 +-
 .../tcf-agent/tcf-agent_git.bb                |   1 +
 meta/recipes-devtools/xmlto/xmlto_0.0.28.bb   |   2 +-
 .../acpica/acpica_20200717.bb                 |   2 +
 .../cwautomacros/cwautomacros_20110201.bb     |   2 +-
 .../watchdog/watchdog_5.16.bb                 |   6 +
 .../wayland/weston-init/weston.ini            |   2 +-
 meta/recipes-graphics/wayland/weston_9.0.0.bb |   2 +-
 .../libomxil/libomxil_0.9.3.bb                |   6 +-
 meta/recipes-support/vim/files/racefix.patch  |  33 +++
 meta/recipes-support/vim/vim.inc              |   3 +
 scripts/lib/wic/plugins/imager/direct.py      |   6 +-
 scripts/oe-pkgdata-util                       |   3 +
 32 files changed, 673 insertions(+), 13 deletions(-)
 rename meta/recipes-connectivity/connman/{connman_1.38.bb => connman_1.39.bb} (78%)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2020-14145.patch
 create mode 100644 meta/recipes-core/systemd/systemd/0001-logind-Restore-chvt-as-non-root-user-without-polkit.patch
 create mode 100644 meta/recipes-devtools/bison/bison/0001-Use-mapped-file-name-for-symbols.patch
 create mode 100644 meta/recipes-devtools/opkg/opkg/sourcedateepoch.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-29443.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-35517.patch
 create mode 100644 meta/recipes-support/vim/files/racefix.patch

-- 
2.29.2