* [zeus 01/31] e2fsprogs: fix CVE-2019-5094
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 02/31] libtiff: fix CVE-2019-17546 Armin Kuster
` (29 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../e2fsprogs/e2fsprogs/CVE-2019-5094.patch | 217 +++++++++++++++++++++
.../recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb | 1 +
2 files changed, 218 insertions(+)
create mode 100644 meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5094.patch
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5094.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5094.patch
new file mode 100644
index 0000000..56925cb
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5094.patch
@@ -0,0 +1,217 @@
+From 8dbe7b475ec5e91ed767239f0e85880f416fc384 Mon Sep 17 00:00:00 2001
+From: Theodore Ts'o <tytso@mit.edu>
+Date: Sun, 1 Sep 2019 00:59:16 -0400
+Subject: libsupport: add checks to prevent buffer overrun bugs in quota code
+
+A maliciously corrupted file systems can trigger buffer overruns in
+the quota code used by e2fsck. To fix this, add sanity checks to the
+quota header fields as well as to block number references in the quota
+tree.
+
+Addresses: CVE-2019-5094
+Addresses: TALOS-2019-0887
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+
+
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=8dbe7b475ec5e91ed767239f0e85880f416fc384]
+CVE: CVE-2019-5094
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ lib/support/mkquota.c | 1 +
+ lib/support/quotaio_tree.c | 71 ++++++++++++++++++++++++++++++----------------
+ lib/support/quotaio_v2.c | 28 ++++++++++++++++++
+ 3 files changed, 76 insertions(+), 24 deletions(-)
+
+diff --git a/lib/support/mkquota.c b/lib/support/mkquota.c
+index 0b9e7665..ddb53124 100644
+--- a/lib/support/mkquota.c
++++ b/lib/support/mkquota.c
+@@ -671,6 +671,7 @@ errcode_t quota_compare_and_update(quota_ctx_t qctx, enum quota_type qtype,
+ err = qh.qh_ops->scan_dquots(&qh, scan_dquots_callback, &scan_data);
+ if (err) {
+ log_debug("Error scanning dquots");
++ *usage_inconsistent = 1;
+ goto out_close_qh;
+ }
+
+diff --git a/lib/support/quotaio_tree.c b/lib/support/quotaio_tree.c
+index a7c2028c..6cc4fb5b 100644
+--- a/lib/support/quotaio_tree.c
++++ b/lib/support/quotaio_tree.c
+@@ -540,6 +540,17 @@ struct dquot *qtree_read_dquot(struct quota_handle *h, qid_t id)
+ return dquot;
+ }
+
++static int check_reference(struct quota_handle *h, unsigned int blk)
++{
++ if (blk >= h->qh_info.u.v2_mdqi.dqi_qtree.dqi_blocks) {
++ log_err("Illegal reference (%u >= %u) in %s quota file",
++ blk, h->qh_info.u.v2_mdqi.dqi_qtree.dqi_blocks,
++ quota_type2name(h->qh_type));
++ return -1;
++ }
++ return 0;
++}
++
+ /*
+ * Scan all dquots in file and call callback on each
+ */
+@@ -558,7 +569,7 @@ static int report_block(struct dquot *dquot, unsigned int blk, char *bitmap,
+ int entries, i;
+
+ if (!buf)
+- return 0;
++ return -1;
+
+ set_bit(bitmap, blk);
+ read_blk(dquot->dq_h, blk, buf);
+@@ -580,23 +591,12 @@ static int report_block(struct dquot *dquot, unsigned int blk, char *bitmap,
+ return entries;
+ }
+
+-static void check_reference(struct quota_handle *h, unsigned int blk)
+-{
+- if (blk >= h->qh_info.u.v2_mdqi.dqi_qtree.dqi_blocks)
+- log_err("Illegal reference (%u >= %u) in %s quota file. "
+- "Quota file is probably corrupted.\n"
+- "Please run e2fsck (8) to fix it.",
+- blk,
+- h->qh_info.u.v2_mdqi.dqi_qtree.dqi_blocks,
+- quota_type2name(h->qh_type));
+-}
+-
+ static int report_tree(struct dquot *dquot, unsigned int blk, int depth,
+ char *bitmap,
+ int (*process_dquot) (struct dquot *, void *),
+ void *data)
+ {
+- int entries = 0, i;
++ int entries = 0, ret, i;
+ dqbuf_t buf = getdqbuf();
+ __le32 *ref = (__le32 *) buf;
+
+@@ -607,22 +607,40 @@ static int report_tree(struct dquot *dquot, unsigned int blk, int depth,
+ if (depth == QT_TREEDEPTH - 1) {
+ for (i = 0; i < QT_BLKSIZE >> 2; i++) {
+ blk = ext2fs_le32_to_cpu(ref[i]);
+- check_reference(dquot->dq_h, blk);
+- if (blk && !get_bit(bitmap, blk))
+- entries += report_block(dquot, blk, bitmap,
+- process_dquot, data);
++ if (check_reference(dquot->dq_h, blk)) {
++ entries = -1;
++ goto errout;
++ }
++ if (blk && !get_bit(bitmap, blk)) {
++ ret = report_block(dquot, blk, bitmap,
++ process_dquot, data);
++ if (ret < 0) {
++ entries = ret;
++ goto errout;
++ }
++ entries += ret;
++ }
+ }
+ } else {
+ for (i = 0; i < QT_BLKSIZE >> 2; i++) {
+ blk = ext2fs_le32_to_cpu(ref[i]);
+ if (blk) {
+- check_reference(dquot->dq_h, blk);
+- entries += report_tree(dquot, blk, depth + 1,
+- bitmap, process_dquot,
+- data);
++ if (check_reference(dquot->dq_h, blk)) {
++ entries = -1;
++ goto errout;
++ }
++ ret = report_tree(dquot, blk, depth + 1,
++ bitmap, process_dquot,
++ data);
++ if (ret < 0) {
++ entries = ret;
++ goto errout;
++ }
++ entries += ret;
+ }
+ }
+ }
++errout:
+ freedqbuf(buf);
+ return entries;
+ }
+@@ -642,6 +660,7 @@ int qtree_scan_dquots(struct quota_handle *h,
+ int (*process_dquot) (struct dquot *, void *),
+ void *data)
+ {
++ int ret;
+ char *bitmap;
+ struct v2_mem_dqinfo *v2info = &h->qh_info.u.v2_mdqi;
+ struct qtree_mem_dqinfo *info = &v2info->dqi_qtree;
+@@ -655,10 +674,14 @@ int qtree_scan_dquots(struct quota_handle *h,
+ ext2fs_free_mem(&dquot);
+ return -1;
+ }
+- v2info->dqi_used_entries = report_tree(dquot, QT_TREEOFF, 0, bitmap,
+- process_dquot, data);
++ ret = report_tree(dquot, QT_TREEOFF, 0, bitmap, process_dquot, data);
++ if (ret < 0)
++ goto errout;
++ v2info->dqi_used_entries = ret;
+ v2info->dqi_data_blocks = find_set_bits(bitmap, info->dqi_blocks);
++ ret = 0;
++errout:
+ ext2fs_free_mem(&bitmap);
+ ext2fs_free_mem(&dquot);
+- return 0;
++ return ret;
+ }
+diff --git a/lib/support/quotaio_v2.c b/lib/support/quotaio_v2.c
+index 38be2a34..73906676 100644
+--- a/lib/support/quotaio_v2.c
++++ b/lib/support/quotaio_v2.c
+@@ -175,6 +175,8 @@ static int v2_check_file(struct quota_handle *h, int type, int fmt)
+ static int v2_init_io(struct quota_handle *h)
+ {
+ struct v2_disk_dqinfo ddqinfo;
++ struct v2_mem_dqinfo *info;
++ __u64 filesize;
+
+ h->qh_info.u.v2_mdqi.dqi_qtree.dqi_entry_size =
+ sizeof(struct v2r1_disk_dqblk);
+@@ -185,6 +187,32 @@ static int v2_init_io(struct quota_handle *h)
+ sizeof(ddqinfo)) != sizeof(ddqinfo))
+ return -1;
+ v2_disk2memdqinfo(&h->qh_info, &ddqinfo);
++
++ /* Check to make sure quota file info is sane */
++ info = &h->qh_info.u.v2_mdqi;
++ if (ext2fs_file_get_lsize(h->qh_qf.e2_file, &filesize))
++ return -1;
++ if ((filesize > (1U << 31)) ||
++ (info->dqi_qtree.dqi_blocks >
++ (filesize + QT_BLKSIZE - 1) >> QT_BLKSIZE_BITS)) {
++ log_err("Quota inode %u corrupted: file size %llu; "
++ "dqi_blocks %u", h->qh_qf.ino,
++ filesize, info->dqi_qtree.dqi_blocks);
++ return -1;
++ }
++ if (info->dqi_qtree.dqi_free_blk >= info->dqi_qtree.dqi_blocks) {
++ log_err("Quota inode %u corrupted: free_blk %u; dqi_blocks %u",
++ h->qh_qf.ino, info->dqi_qtree.dqi_free_blk,
++ info->dqi_qtree.dqi_blocks);
++ return -1;
++ }
++ if (info->dqi_qtree.dqi_free_entry >= info->dqi_qtree.dqi_blocks) {
++ log_err("Quota inode %u corrupted: free_entry %u; "
++ "dqi_blocks %u", h->qh_qf.ino,
++ info->dqi_qtree.dqi_free_entry,
++ info->dqi_qtree.dqi_blocks);
++ return -1;
++ }
+ return 0;
+ }
+
+--
+cgit 1.2-0.3.lf.el7
+
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
index fdc9454..14c05a4 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
@@ -5,6 +5,7 @@ SRC_URI += "file://remove.ldconfig.call.patch \
file://ptest.patch \
file://mkdir_p.patch \
file://0001-misc-create_inode.c-set-dir-s-mode-correctly.patch \
+ file://CVE-2019-5094.patch \
"
SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 02/31] libtiff: fix CVE-2019-17546
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
2019-11-13 15:31 ` [zeus 01/31] e2fsprogs: fix CVE-2019-5094 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 03/31] libxslt: fix CVE-2019-18197 Armin Kuster
` (28 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Joe Slater <joe.slater@windriver.com>
Apply unmodified patch from upstream.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../libtiff/tiff/CVE-2019-17546.patch | 103 +++++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.0.10.bb | 1 +
2 files changed, 104 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
new file mode 100644
index 0000000..04c5410
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
@@ -0,0 +1,103 @@
+libtiff: fix CVE-2019-17546
+
+Added after 4.0.10 release.
+
+CVE: CVE-2019-17546
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff]
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+commit 4bb584a35f87af42d6cf09d15e9ce8909a839145
+Author: Even Rouault <even.rouault@spatialys.com>
+Date: Thu Aug 15 15:05:28 2019 +0200
+
+ RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz
+
+diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
+index c88b5fa..4da785d 100644
+--- a/libtiff/tif_getimage.c
++++ b/libtiff/tif_getimage.c
+@@ -949,16 +949,23 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ fromskew = (w < imagewidth ? imagewidth - w : 0);
+ for (row = 0; row < h; row += nrow)
+ {
++ uint32 temp;
+ rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
+ nrow = (row + rowstoread > h ? h - row : rowstoread);
+ nrowsub = nrow;
+ if ((nrowsub%subsamplingver)!=0)
+ nrowsub+=subsamplingver-nrowsub%subsamplingver;
++ temp = (row + img->row_offset)%rowsperstrip + nrowsub;
++ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
++ {
++ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripContig");
++ return 0;
++ }
+ if (_TIFFReadEncodedStripAndAllocBuffer(tif,
+ TIFFComputeStrip(tif,row+img->row_offset, 0),
+ (void**)(&buf),
+ maxstripsize,
+- ((row + img->row_offset)%rowsperstrip + nrowsub) * scanline)==(tmsize_t)(-1)
++ temp * scanline)==(tmsize_t)(-1)
+ && (buf == NULL || img->stoponerr))
+ {
+ ret = 0;
+@@ -1051,15 +1058,22 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ fromskew = (w < imagewidth ? imagewidth - w : 0);
+ for (row = 0; row < h; row += nrow)
+ {
++ uint32 temp;
+ rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
+ nrow = (row + rowstoread > h ? h - row : rowstoread);
+ offset_row = row + img->row_offset;
++ temp = (row + img->row_offset)%rowsperstrip + nrow;
++ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
++ {
++ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripSeparate");
++ return 0;
++ }
+ if( buf == NULL )
+ {
+ if (_TIFFReadEncodedStripAndAllocBuffer(
+ tif, TIFFComputeStrip(tif, offset_row, 0),
+ (void**) &buf, bufsize,
+- ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
++ temp * scanline)==(tmsize_t)(-1)
+ && (buf == NULL || img->stoponerr))
+ {
+ ret = 0;
+@@ -1079,7 +1093,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ }
+ }
+ else if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 0),
+- p0, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
++ p0, temp * scanline)==(tmsize_t)(-1)
+ && img->stoponerr)
+ {
+ ret = 0;
+@@ -1087,7 +1101,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ }
+ if (colorchannels > 1
+ && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 1),
+- p1, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
++ p1, temp * scanline) == (tmsize_t)(-1)
+ && img->stoponerr)
+ {
+ ret = 0;
+@@ -1095,7 +1109,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ }
+ if (colorchannels > 1
+ && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 2),
+- p2, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
++ p2, temp * scanline) == (tmsize_t)(-1)
+ && img->stoponerr)
+ {
+ ret = 0;
+@@ -1104,7 +1118,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
+ if (alpha)
+ {
+ if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, colorchannels),
+- pa, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
++ pa, temp * scanline)==(tmsize_t)(-1)
+ && img->stoponerr)
+ {
+ ret = 0;
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
index 0432763..5c008c5 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
@@ -8,6 +8,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2019-6128.patch \
file://CVE-2019-7663.patch \
file://CVE-2019-14973.patch \
+ file://CVE-2019-17546.patch \
"
SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd"
SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 03/31] libxslt: fix CVE-2019-18197
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
2019-11-13 15:31 ` [zeus 01/31] e2fsprogs: fix CVE-2019-5094 Armin Kuster
2019-11-13 15:31 ` [zeus 02/31] libtiff: fix CVE-2019-17546 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 04/31] python3: Upgrade 3.7.4 -> 3.7.5 Armin Kuster
` (27 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Joe Slater <joe.slater@windriver.com>
Use patch from upstream after 1.1.33 release.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
.../libxslt/files/CVE-2019-18197.patch | 33 ++++++++++++++++++++++
meta/recipes-support/libxslt/libxslt_1.1.33.bb | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta/recipes-support/libxslt/files/CVE-2019-18197.patch
diff --git a/meta/recipes-support/libxslt/files/CVE-2019-18197.patch b/meta/recipes-support/libxslt/files/CVE-2019-18197.patch
new file mode 100644
index 0000000..5f2b620
--- /dev/null
+++ b/meta/recipes-support/libxslt/files/CVE-2019-18197.patch
@@ -0,0 +1,33 @@
+libxslt: fix CVE-2019-18197
+
+Added after 1.1.33 release.
+
+CVE: CVE-2019-18197
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt.git]
+Signed-off-by: Joe Slater <joe.slater@windriver.com>
+
+commit 2232473733b7313d67de8836ea3b29eec6e8e285
+Author: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat Aug 17 16:51:53 2019 +0200
+
+ Fix dangling pointer in xsltCopyText
+
+ xsltCopyText didn't reset ctxt->lasttext in some cases which could
+ lead to various memory errors in relation with CDATA sections in input
+ documents.
+
+ Found by OSS-Fuzz.
+
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index 95ebd07..d7ab0b6 100644
+--- a/libxslt/transform.c
++++ b/libxslt/transform.c
+@@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target,
+ if ((copy->content = xmlStrdup(cur->content)) == NULL)
+ return NULL;
+ }
++
++ ctxt->lasttext = NULL;
+ } else {
+ /*
+ * normal processing. keep counters to extend the text node
diff --git a/meta/recipes-support/libxslt/libxslt_1.1.33.bb b/meta/recipes-support/libxslt/libxslt_1.1.33.bb
index abc00a0..9f268e7 100644
--- a/meta/recipes-support/libxslt/libxslt_1.1.33.bb
+++ b/meta/recipes-support/libxslt/libxslt_1.1.33.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://xmlsoft.org/sources/libxslt-${PV}.tar.gz \
file://0001-Fix-security-framework-bypass.patch \
file://CVE-2019-13117.patch \
file://CVE-2019-13118.patch \
+ file://CVE-2019-18197.patch \
"
SRC_URI[md5sum] = "b3bd254a03e46d58f8ad1e4559cd2c2f"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 04/31] python3: Upgrade 3.7.4 -> 3.7.5
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (2 preceding siblings ...)
2019-11-13 15:31 ` [zeus 03/31] libxslt: fix CVE-2019-18197 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 05/31] libpng: whitelist CVE-2019-17371 Armin Kuster
` (26 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Adrian Bunk <bunk@stusta.de>
Backported patch removed.
3.7.5 also includes the fix for CVE-2019-16935.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...code-lib-as-location-for-site-packages-an.patch | 2 +-
...55-Dont-parse-domains-containing-GH-13079.patch | 132 ---------------------
...-cc_basename-to-replace-CC-for-checking-c.patch | 2 +-
.../python/{python3_3.7.4.bb => python3_3.7.5.bb} | 5 +-
4 files changed, 4 insertions(+), 137 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
rename meta/recipes-devtools/python/{python3_3.7.4.bb => python3_3.7.5.bb} (98%)
diff --git a/meta/recipes-devtools/python/python3/0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch b/meta/recipes-devtools/python/python3/0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch
index 661f52d..ea75262 100644
--- a/meta/recipes-devtools/python/python3/0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch
+++ b/meta/recipes-devtools/python/python3/0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch
@@ -70,7 +70,7 @@ index 6e81b2f..671a20e 100644
Programs/python.o: $(srcdir)/Programs/python.c
@@ -856,7 +857,7 @@ regen-opcode:
- Python/compile.o Python/symtable.o Python/ast_unparse.o Python/ast.o: $(srcdir)/Include/graminit.h $(srcdir)/Include/Python-ast.h
+ Python/compile.o Python/symtable.o Python/ast_unparse.o Python/ast.o Python/future.o Parser/parsetok.o: $(srcdir)/Include/graminit.h $(srcdir)/Include/Python-ast.h
Python/getplatform.o: $(srcdir)/Python/getplatform.c
- $(CC) -c $(PY_CORE_CFLAGS) -DPLATFORM='"$(MACHDEP)"' -o $@ $(srcdir)/Python/getplatform.c
diff --git a/meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch b/meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
deleted file mode 100644
index 319e7ed..0000000
--- a/meta/recipes-devtools/python/python3/0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
+++ /dev/null
@@ -1,132 +0,0 @@
-From 90d56127ae15b1e452755e62c77dc475dedf7161 Mon Sep 17 00:00:00 2001
-From: jpic <jpic@users.noreply.github.com>
-Date: Wed, 17 Jul 2019 23:54:25 +0200
-Subject: [PATCH] bpo-34155: Dont parse domains containing @ (GH-13079)
-
-Before:
-
- >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses
- (Address(display_name='', username='a', domain='malicious.org'),)
-
- >>> parseaddr('a@malicious.org@important.com')
- ('', 'a@malicious.org')
-
- After:
-
- >>> email.message_from_string('From: a@malicious.org@important.com', policy=email.policy.default)['from'].addresses
- (Address(display_name='', username='', domain=''),)
-
- >>> parseaddr('a@malicious.org@important.com')
- ('', 'a@')
-
-https://bugs.python.org/issue34155
-
-Upstream-Status: Backport [https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9]
-
-CVE: CVE-2019-16056
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- Lib/email/_header_value_parser.py | 2 ++
- Lib/email/_parseaddr.py | 11 ++++++++++-
- Lib/test/test_email/test__header_value_parser.py | 10 ++++++++++
- Lib/test/test_email/test_email.py | 14 ++++++++++++++
- .../2019-05-04-13-33-37.bpo-34155.MJll68.rst | 1 +
- 5 files changed, 37 insertions(+), 1 deletion(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-
-diff --git a/Lib/email/_header_value_parser.py b/Lib/email/_header_value_parser.py
-index fc00b4a098..bbc026ec71 100644
---- a/Lib/email/_header_value_parser.py
-+++ b/Lib/email/_header_value_parser.py
-@@ -1582,6 +1582,8 @@ def get_domain(value):
- token, value = get_dot_atom(value)
- except errors.HeaderParseError:
- token, value = get_atom(value)
-+ if value and value[0] == '@':
-+ raise errors.HeaderParseError('Invalid Domain')
- if leader is not None:
- token[:0] = [leader]
- domain.append(token)
-diff --git a/Lib/email/_parseaddr.py b/Lib/email/_parseaddr.py
-index cdfa3729ad..41ff6f8c00 100644
---- a/Lib/email/_parseaddr.py
-+++ b/Lib/email/_parseaddr.py
-@@ -379,7 +379,12 @@ class AddrlistClass:
- aslist.append('@')
- self.pos += 1
- self.gotonext()
-- return EMPTYSTRING.join(aslist) + self.getdomain()
-+ domain = self.getdomain()
-+ if not domain:
-+ # Invalid domain, return an empty address instead of returning a
-+ # local part to denote failed parsing.
-+ return EMPTYSTRING
-+ return EMPTYSTRING.join(aslist) + domain
-
- def getdomain(self):
- """Get the complete domain name from an address."""
-@@ -394,6 +399,10 @@ class AddrlistClass:
- elif self.field[self.pos] == '.':
- self.pos += 1
- sdlist.append('.')
-+ elif self.field[self.pos] == '@':
-+ # bpo-34155: Don't parse domains with two `@` like
-+ # `a@malicious.org@important.com`.
-+ return EMPTYSTRING
- elif self.field[self.pos] in self.atomends:
- break
- else:
-diff --git a/Lib/test/test_email/test__header_value_parser.py b/Lib/test/test_email/test__header_value_parser.py
-index 693487bc96..7dc4de1b7b 100644
---- a/Lib/test/test_email/test__header_value_parser.py
-+++ b/Lib/test/test_email/test__header_value_parser.py
-@@ -1438,6 +1438,16 @@ class TestParser(TestParserMixin, TestEmailBase):
- self.assertEqual(addr_spec.domain, 'example.com')
- self.assertEqual(addr_spec.addr_spec, 'star.a.star@example.com')
-
-+ def test_get_addr_spec_multiple_domains(self):
-+ with self.assertRaises(errors.HeaderParseError):
-+ parser.get_addr_spec('star@a.star@example.com')
-+
-+ with self.assertRaises(errors.HeaderParseError):
-+ parser.get_addr_spec('star@a@example.com')
-+
-+ with self.assertRaises(errors.HeaderParseError):
-+ parser.get_addr_spec('star@172.17.0.1@example.com')
-+
- # get_obs_route
-
- def test_get_obs_route_simple(self):
-diff --git a/Lib/test/test_email/test_email.py b/Lib/test/test_email/test_email.py
-index c29cc56203..aa775881c5 100644
---- a/Lib/test/test_email/test_email.py
-+++ b/Lib/test/test_email/test_email.py
-@@ -3041,6 +3041,20 @@ class TestMiscellaneous(TestEmailBase):
- self.assertEqual(utils.parseaddr('<>'), ('', ''))
- self.assertEqual(utils.formataddr(utils.parseaddr('<>')), '')
-
-+ def test_parseaddr_multiple_domains(self):
-+ self.assertEqual(
-+ utils.parseaddr('a@b@c'),
-+ ('', '')
-+ )
-+ self.assertEqual(
-+ utils.parseaddr('a@b.c@c'),
-+ ('', '')
-+ )
-+ self.assertEqual(
-+ utils.parseaddr('a@172.17.0.1@c'),
-+ ('', '')
-+ )
-+
- def test_noquote_dump(self):
- self.assertEqual(
- utils.formataddr(('A Silly Person', 'person@dom.ain')),
-diff --git a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-new file mode 100644
-index 0000000000..50292e29ed
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-@@ -0,0 +1 @@
-+Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic.
diff --git a/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch b/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
index 5735954..a0ea897 100644
--- a/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
+++ b/meta/recipes-devtools/python/python3/0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch
@@ -63,7 +63,7 @@ index a7de901..4a3681f 100644
+ case $cc_basename in
*clang*)
AC_SUBST(LLVM_AR)
- AC_PATH_TARGET_TOOL(LLVM_AR, llvm-ar, '', ${llvm_path})
+ AC_PATH_TOOL(LLVM_AR, llvm-ar, '', ${llvm_path})
@@ -1426,7 +1427,7 @@ then
fi
fi
diff --git a/meta/recipes-devtools/python/python3_3.7.4.bb b/meta/recipes-devtools/python/python3_3.7.5.bb
similarity index 98%
rename from meta/recipes-devtools/python/python3_3.7.4.bb
rename to meta/recipes-devtools/python/python3_3.7.5.bb
index 42818bf..137b540 100644
--- a/meta/recipes-devtools/python/python3_3.7.4.bb
+++ b/meta/recipes-devtools/python/python3_3.7.5.bb
@@ -28,7 +28,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://reformat_sysconfig.py \
file://0001-Use-FLAG_REF-always-for-interned-strings.patch \
file://0001-test_locale.py-correct-the-test-output-format.patch \
- file://0001-bpo-34155-Dont-parse-domains-containing-GH-13079.patch \
"
SRC_URI_append_class-native = " \
@@ -39,8 +38,8 @@ SRC_URI_append_class-nativesdk = " \
file://0001-main.c-if-OEPYTHON3HOME-is-set-use-instead-of-PYTHON.patch \
"
-SRC_URI[md5sum] = "d33e4aae66097051c2eca45ee3604803"
-SRC_URI[sha256sum] = "fb799134b868199930b75f26678f18932214042639cd52b16da7fd134cd9b13f"
+SRC_URI[md5sum] = "08ed8030b1183107c48f2092e79a87e2"
+SRC_URI[sha256sum] = "e85a76ea9f3d6c485ec1780fca4e500725a4a7bbc63c78ebc44170de9b619d94"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 05/31] libpng: whitelist CVE-2019-17371
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (3 preceding siblings ...)
2019-11-13 15:31 ` [zeus 04/31] python3: Upgrade 3.7.4 -> 3.7.5 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 06/31] procps: whitelist CVE-2018-1121 Armin Kuster
` (25 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
This is actually a memory leak in gif2png 2.x, so whitelist it in the libpng
recipe.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-multimedia/libpng/libpng_1.6.37.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
index 66af2f3..2ed87a8 100644
--- a/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
+++ b/meta/recipes-multimedia/libpng/libpng_1.6.37.bb
@@ -29,3 +29,6 @@ PACKAGES =+ "${PN}-tools"
FILES_${PN}-tools = "${bindir}/png-fix-itxt ${bindir}/pngfix ${bindir}/pngcp"
BBCLASSEXTEND = "native nativesdk"
+
+# CVE-2019-17371 is actually a memory leak in gif2png 2.x
+CVE_CHECK_WHITELIST += "CVE-2019-17371"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 06/31] procps: whitelist CVE-2018-1121
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (4 preceding siblings ...)
2019-11-13 15:31 ` [zeus 05/31] libpng: whitelist CVE-2019-17371 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 07/31] libsndfile1: whitelist CVE-2018-13419 Armin Kuster
` (24 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
This CVE is about race conditions in 'ps' which make it unsuitable for security
audits. As these race conditions are unavoidable ps shouldn't be used for
security auditing, so this isn't a valid CVE.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/procps/procps_3.3.15.bb | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-extended/procps/procps_3.3.15.bb b/meta/recipes-extended/procps/procps_3.3.15.bb
index 9756db0..f240e54 100644
--- a/meta/recipes-extended/procps/procps_3.3.15.bb
+++ b/meta/recipes-extended/procps/procps_3.3.15.bb
@@ -4,9 +4,9 @@ the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill
HOMEPAGE = "https://gitlab.com/procps-ng/procps"
SECTION = "base"
LICENSE = "GPLv2+ & LGPLv2+"
-LIC_FILES_CHKSUM="file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
- file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \
- "
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
+ file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \
+ "
DEPENDS = "ncurses"
@@ -64,3 +64,6 @@ python __anonymous() {
d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog))
}
+# 'ps' isn't suitable for use as a security tool so whitelist this CVE.
+# https://bugzilla.redhat.com/show_bug.cgi?id=1575473#c3
+CVE_CHECK_WHITELIST += "CVE-2018-1121"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 07/31] libsndfile1: whitelist CVE-2018-13419
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (5 preceding siblings ...)
2019-11-13 15:31 ` [zeus 06/31] procps: whitelist CVE-2018-1121 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 08/31] libpam: set CVE_PRODUCT Armin Kuster
` (23 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
This is a memory leak that nobody else can replicate and has been rejected by
upstream.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index ffb4585..7855008 100644
--- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -33,3 +33,7 @@ PACKAGECONFIG[alsa] = "--enable-alsa,--disable-alsa,alsa-lib"
PACKAGECONFIG[regtest] = "--enable-sqlite,--disable-sqlite,sqlite3"
inherit autotools lib_package pkgconfig
+
+# This can't be replicated and is just a memory leak.
+# https://github.com/erikd/libsndfile/issues/398
+CVE_CHECK_WHITELIST += "CVE-2018-13419"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 08/31] libpam: set CVE_PRODUCT
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (6 preceding siblings ...)
2019-11-13 15:31 ` [zeus 07/31] libsndfile1: whitelist CVE-2018-13419 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 09/31] libgcrypt: fix CVE-2019-13627 Armin Kuster
` (22 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/recipes-extended/pam/libpam_1.3.1.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-extended/pam/libpam_1.3.1.bb b/meta/recipes-extended/pam/libpam_1.3.1.bb
index 6b73f0a..a2aa1ec 100644
--- a/meta/recipes-extended/pam/libpam_1.3.1.bb
+++ b/meta/recipes-extended/pam/libpam_1.3.1.bb
@@ -163,3 +163,5 @@ CONFFILES_${PN}-runtime += "${sysconfdir}/pam.d/common-account"
CONFFILES_${PN}-runtime += "${sysconfdir}/security/limits.conf"
UPSTREAM_CHECK_URI = "https://github.com/linux-pam/linux-pam/releases"
+
+CVE_PRODUCT = "linux-pam"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 09/31] libgcrypt: fix CVE-2019-13627
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (7 preceding siblings ...)
2019-11-13 15:31 ` [zeus 08/31] libpam: set CVE_PRODUCT Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 10/31] libsdl2: fix race when building in parallel Armin Kuster
` (21 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Trevor Gamblin <trevor.gamblin@windriver.com>
Backport two fixes for CVE-2019-13627 from upstream
to zeus.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch | 128 +++++++++++++++++++++
...-ecc-Add-mitigation-against-timing-attack.patch | 70 +++++++++++
meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 2 +
3 files changed, 200 insertions(+)
create mode 100644 meta/recipes-support/libgcrypt/files/0001-dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch
create mode 100644 meta/recipes-support/libgcrypt/files/0001-ecc-Add-mitigation-against-timing-attack.patch
diff --git a/meta/recipes-support/libgcrypt/files/0001-dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch b/meta/recipes-support/libgcrypt/files/0001-dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch
new file mode 100644
index 0000000..211e041
--- /dev/null
+++ b/meta/recipes-support/libgcrypt/files/0001-dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch
@@ -0,0 +1,128 @@
+From db4e9976cc31b314aafad6626b2894e86ee44d60 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Thu, 8 Aug 2019 17:42:02 +0900
+Subject: [PATCH] dsa,ecdsa: Fix use of nonce, use larger one.
+
+Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=db4e9976cc3]
+CVE: CVE-2019-13627
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+
+* cipher/dsa-common.c (_gcry_dsa_modify_k): New.
+* cipher/pubkey-internal.h (_gcry_dsa_modify_k): New.
+* cipher/dsa.c (sign): Use _gcry_dsa_modify_k.
+* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_sign): Likewise.
+* cipher/ecc-gost.c (_gcry_ecc_gost_sign): Likewise.
+
+--
+
+Cherry-picked master commit of:
+ 7c2943309d14407b51c8166c4dcecb56a3628567
+
+CVE-id: CVE-2019-13627
+GnuPG-bug-id: 4626
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ cipher/dsa-common.c | 24 ++++++++++++++++++++++++
+ cipher/dsa.c | 2 ++
+ cipher/ecc-ecdsa.c | 10 +---------
+ cipher/ecc-gost.c | 2 ++
+ cipher/pubkey-internal.h | 1 +
+ 5 files changed, 30 insertions(+), 9 deletions(-)
+
+diff --git a/cipher/dsa-common.c b/cipher/dsa-common.c
+index 8c0a6843..fe49248d 100644
+--- a/cipher/dsa-common.c
++++ b/cipher/dsa-common.c
+@@ -29,6 +29,30 @@
+ #include "pubkey-internal.h"
+
+
++/*
++ * Modify K, so that computation time difference can be small,
++ * by making K large enough.
++ *
++ * Originally, (EC)DSA computation requires k where 0 < k < q. Here,
++ * we add q (the order), to keep k in a range: q < k < 2*q (or,
++ * addming more q, to keep k in a range: 2*q < k < 3*q), so that
++ * timing difference of the EC multiply (or exponentiation) operation
++ * can be small. The result of (EC)DSA computation is same.
++ */
++void
++_gcry_dsa_modify_k (gcry_mpi_t k, gcry_mpi_t q, int qbits)
++{
++ gcry_mpi_t k1 = mpi_new (qbits+2);
++
++ mpi_resize (k, (qbits+2+BITS_PER_MPI_LIMB-1) / BITS_PER_MPI_LIMB);
++ k->nlimbs = k->alloced;
++ mpi_add (k, k, q);
++ mpi_add (k1, k, q);
++ mpi_set_cond (k, k1, !mpi_test_bit (k, qbits));
++
++ mpi_free (k1);
++}
++
+ /*
+ * Generate a random secret exponent K less than Q.
+ * Note that ECDSA uses this code also to generate D.
+diff --git a/cipher/dsa.c b/cipher/dsa.c
+index 22d8d782..24a53528 100644
+--- a/cipher/dsa.c
++++ b/cipher/dsa.c
+@@ -635,6 +635,8 @@ sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input, DSA_secret_key *skey,
+ k = _gcry_dsa_gen_k (skey->q, GCRY_STRONG_RANDOM);
+ }
+
++ _gcry_dsa_modify_k (k, skey->q, qbits);
++
+ /* r = (a^k mod p) mod q */
+ mpi_powm( r, skey->g, k, skey->p );
+ mpi_fdiv_r( r, r, skey->q );
+diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
+index 84a1cf84..97966c3a 100644
+--- a/cipher/ecc-ecdsa.c
++++ b/cipher/ecc-ecdsa.c
+@@ -114,15 +114,7 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
+ else
+ k = _gcry_dsa_gen_k (skey->E.n, GCRY_STRONG_RANDOM);
+
+- /* Originally, ECDSA computation requires k where 0 < k < n.
+- * Here, we add n (the order of curve), to keep k in a
+- * range: n < k < 2*n, or, addming more n, keep k in a range:
+- * 2*n < k < 3*n, so that timing difference of the EC
+- * multiply operation can be small. The result is same.
+- */
+- mpi_add (k, k, skey->E.n);
+- if (!mpi_test_bit (k, qbits))
+- mpi_add (k, k, skey->E.n);
++ _gcry_dsa_modify_k (k, skey->E.n, qbits);
+
+ _gcry_mpi_ec_mul_point (&I, k, &skey->E.G, ctx);
+ if (_gcry_mpi_ec_get_affine (x, NULL, &I, ctx))
+diff --git a/cipher/ecc-gost.c b/cipher/ecc-gost.c
+index a34fa084..0362a6c7 100644
+--- a/cipher/ecc-gost.c
++++ b/cipher/ecc-gost.c
+@@ -94,6 +94,8 @@ _gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
+ mpi_free (k);
+ k = _gcry_dsa_gen_k (skey->E.n, GCRY_STRONG_RANDOM);
+
++ _gcry_dsa_modify_k (k, skey->E.n, qbits);
++
+ _gcry_mpi_ec_mul_point (&I, k, &skey->E.G, ctx);
+ if (_gcry_mpi_ec_get_affine (x, NULL, &I, ctx))
+ {
+diff --git a/cipher/pubkey-internal.h b/cipher/pubkey-internal.h
+index b8167c77..d31e26f3 100644
+--- a/cipher/pubkey-internal.h
++++ b/cipher/pubkey-internal.h
+@@ -84,6 +84,7 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, gcry_mpi_t encoded,
+
+
+ /*-- dsa-common.c --*/
++void _gcry_dsa_modify_k (gcry_mpi_t k, gcry_mpi_t q, int qbits);
+ gcry_mpi_t _gcry_dsa_gen_k (gcry_mpi_t q, int security_level);
+ gpg_err_code_t _gcry_dsa_gen_rfc6979_k (gcry_mpi_t *r_k,
+ gcry_mpi_t dsa_q, gcry_mpi_t dsa_x,
+--
+2.23.0
+
diff --git a/meta/recipes-support/libgcrypt/files/0001-ecc-Add-mitigation-against-timing-attack.patch b/meta/recipes-support/libgcrypt/files/0001-ecc-Add-mitigation-against-timing-attack.patch
new file mode 100644
index 0000000..db5a55e
--- /dev/null
+++ b/meta/recipes-support/libgcrypt/files/0001-ecc-Add-mitigation-against-timing-attack.patch
@@ -0,0 +1,70 @@
+From d5407b78cca9f9d318a4f4d2f6ba2b8388584cd9 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Wed, 17 Jul 2019 12:44:50 +0900
+Subject: [PATCH] ecc: Add mitigation against timing attack.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=d5407b78c]
+CVE: CVE-2019-13627
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+
+* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_sign): Add the order N to K.
+* mpi/ec.c (_gcry_mpi_ec_mul_point): Compute with NBITS of P or larger.
+
+--
+
+Cherry-picked master commit of:
+ b9577f7c89b4327edc09f2231bc8b31521102c79
+
+CVE-id: CVE-2019-13627
+GnuPG-bug-id: 4626
+Co-authored-by: Ján Jančár <johny@neuromancer.sk>
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ cipher/ecc-ecdsa.c | 10 ++++++++++
+ mpi/ec.c | 6 +++++-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
+index 140e8c09..84a1cf84 100644
+--- a/cipher/ecc-ecdsa.c
++++ b/cipher/ecc-ecdsa.c
+@@ -114,6 +114,16 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
+ else
+ k = _gcry_dsa_gen_k (skey->E.n, GCRY_STRONG_RANDOM);
+
++ /* Originally, ECDSA computation requires k where 0 < k < n.
++ * Here, we add n (the order of curve), to keep k in a
++ * range: n < k < 2*n, or, addming more n, keep k in a range:
++ * 2*n < k < 3*n, so that timing difference of the EC
++ * multiply operation can be small. The result is same.
++ */
++ mpi_add (k, k, skey->E.n);
++ if (!mpi_test_bit (k, qbits))
++ mpi_add (k, k, skey->E.n);
++
+ _gcry_mpi_ec_mul_point (&I, k, &skey->E.G, ctx);
+ if (_gcry_mpi_ec_get_affine (x, NULL, &I, ctx))
+ {
+diff --git a/mpi/ec.c b/mpi/ec.c
+index 89077cd9..adb02600 100644
+--- a/mpi/ec.c
++++ b/mpi/ec.c
+@@ -1309,7 +1309,11 @@ _gcry_mpi_ec_mul_point (mpi_point_t result,
+ unsigned int nbits;
+ int j;
+
+- nbits = mpi_get_nbits (scalar);
++ if (mpi_cmp (scalar, ctx->p) >= 0)
++ nbits = mpi_get_nbits (scalar);
++ else
++ nbits = mpi_get_nbits (ctx->p);
++
+ if (ctx->model == MPI_EC_WEIERSTRASS)
+ {
+ mpi_set_ui (result->x, 1);
+--
+2.23.0
+
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb
index 11d078d..1bd3551 100644
--- a/meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb
+++ b/meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb
@@ -24,6 +24,8 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \
file://0001-Prefetch-GCM-look-up-tables.patch \
file://0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch \
file://0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch \
+ file://0001-ecc-Add-mitigation-against-timing-attack.patch \
+ file://0001-dsa-ecdsa-Fix-use-of-nonce-use-larger-one.patch \
"
SRC_URI[md5sum] = "fbfdaebbbc6d7e5fbbf6ffdb3e139573"
SRC_URI[sha256sum] = "f638143a0672628fde0cad745e9b14deb85dffb175709cacc1f4fe24b93f2227"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 10/31] libsdl2: fix race when building in parallel
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (8 preceding siblings ...)
2019-11-13 15:31 ` [zeus 09/31] libgcrypt: fix CVE-2019-13627 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 11/31] pseudo: Drop static linking to sqlite3 Armin Kuster
` (20 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
...heck-for-build-dir-when-building-version-.patch | 45 ++++++++++++++++++++++
meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 1 +
2 files changed, 46 insertions(+)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/0001-configure-check-for-build-dir-when-building-version-.patch
diff --git a/meta/recipes-graphics/libsdl2/libsdl2/0001-configure-check-for-build-dir-when-building-version-.patch b/meta/recipes-graphics/libsdl2/libsdl2/0001-configure-check-for-build-dir-when-building-version-.patch
new file mode 100644
index 0000000..bba3a6d
--- /dev/null
+++ b/meta/recipes-graphics/libsdl2/libsdl2/0001-configure-check-for-build-dir-when-building-version-.patch
@@ -0,0 +1,45 @@
+From 6a4cc6d0a53402f646045c2994844237d978f9b5 Mon Sep 17 00:00:00 2001
+From: Anuj Mittal <anuj.mittal@intel.com>
+Date: Fri, 8 Nov 2019 15:07:22 +0800
+Subject: [PATCH] configure: check for build dir when building version res
+
+Fixes a race where we try to build version res file in build directory
+before it has even been created. Prevents errors like:
+
+/bin/bash ../SDL2-2.0.10/build-scripts/updaterev.sh
+/bin/bash ../SDL2-2.0.10/build-scripts/mkinstalldirs build
+mkdir -p -- build
+x86_64-pokysdk-mingw32-windres --include-dir=/home/pokybuild/yocto-worker/meta-mingw/build/build/tmp/work/x86_64-nativesdk-mingw32-pokysdk-mingw32/nativesdk-libsdl2/2.0.10-r0/recipe-sysroot/opt/poky/3.0/sysroots/x86_64-pokysdk-mingw32/usr/include ../SDL2-2.0.10/src/main/windows/version.rc build/version.o
+x86_64-pokysdk-mingw32-windres: build/version.o: No such file or directory
+Makefile:692: recipe for target 'build/version.o' failed
+make: *** [build/version.o] Error 1
+make: *** Waiting for unfinished jobs....
+touch build/.created
+WARNING: exit code 1 from a shell command.
+
+Extension of upstream fix:
+https://hg.libsdl.org/SDL/rev/99d8b18acf8a
+
+Upstream-Status: Pending
+
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 1aea11fbd..186229ab0 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -4177,7 +4177,7 @@ VERSION_OBJECTS=`echo $VERSION_SOURCES`
+ VERSION_DEPENDS=`echo $VERSION_SOURCES`
+ VERSION_OBJECTS=`echo "$VERSION_OBJECTS" | sed 's,[[^ ]]*/\([[^ ]]*\)\.rc,$(objects)/\1.o,g'`
+ VERSION_DEPENDS=`echo "$VERSION_DEPENDS" | sed "s,\\([[^ ]]*\\)/\\([[^ ]]*\\)\\.rc,\\\\
+-\\$(objects)/\\2.o: \\1/\\2.rc\\\\
++\\$(objects)/\\2.o: \\1/\\2.rc \\$(objects)/.created\\\\
+ \\$(WINDRES) \\$< \\$@,g"`
+
+ SDLMAIN_OBJECTS=`echo $SDLMAIN_SOURCES`
+--
+2.21.0
+
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
index cdc8650..ab514f0 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.10.bb
@@ -15,6 +15,7 @@ PROVIDES = "virtual/libsdl2"
SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \
file://more-gen-depends.patch \
file://0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch \
+ file://0001-configure-check-for-build-dir-when-building-version-.patch \
"
S = "${WORKDIR}/SDL2-${PV}"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 11/31] pseudo: Drop static linking to sqlite3
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (9 preceding siblings ...)
2019-11-13 15:31 ` [zeus 10/31] libsdl2: fix race when building in parallel Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 12/31] file: fix CVE-2019-18218 Armin Kuster
` (19 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Back in 2010[1] we made pseudo statically link against sqlite3. Since then
the world has changed, pseudo now has separate processes for the database
in the server and the client and they have separate linking commands.
Also, whilst there were concerns about needing specific versions of sqlite3,
in the OE environment, this is always the case.
[1] http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=ad0ac0ecd38fc77daf42485489fccc10a5e1e3e7
The static sqlite3-native is causing us problems, in particular:
tmp/work/x86_64-linux/pseudo-native/1.9.0+gitAUTOINC+060058bb29-r0/recipe-sysroot-native/usr/lib/libsqlite3.a(sqlite3.o):(.data.rel+0xb0): undefined reference to `fcntl64'
which occurs if sqlite3-native was built on a machine with glibc 2.28 or later
and pseudo-native is being built on glibc before that. With dyanmical linking,
libc is backwards compatible and works but with static linking it does not.
There appears to be no easy way to avoid this other than adding a copy of
sqlite3 into the pseudo recipe. Given the static linking doesn't seem to
be required any longer due to the separate processes, drop that to fix
those issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/conf/distro/include/no-static-libs.inc | 4 ----
meta/recipes-devtools/pseudo/pseudo.inc | 17 ++---------------
2 files changed, 2 insertions(+), 19 deletions(-)
diff --git a/meta/conf/distro/include/no-static-libs.inc b/meta/conf/distro/include/no-static-libs.inc
index 4141ecb..a3a865c 100644
--- a/meta/conf/distro/include/no-static-libs.inc
+++ b/meta/conf/distro/include/no-static-libs.inc
@@ -15,10 +15,6 @@ DISABLE_STATIC_pn-nativesdk-libcap = ""
DISABLE_STATIC_pn-libpcap = ""
# needed by gdb
DISABLE_STATIC_pn-readline = ""
-# needed by pseudo
-DISABLE_STATIC_pn-sqlite3 = ""
-DISABLE_STATIC_pn-sqlite3-native = ""
-DISABLE_STATIC_pn-nativesdk-sqlite3 = ""
# openjade/sgml-common have build issues without static libs
DISABLE_STATIC_pn-sgml-common-native = ""
DISABLE_STATIC_pn-openjade-native = ""
diff --git a/meta/recipes-devtools/pseudo/pseudo.inc b/meta/recipes-devtools/pseudo/pseudo.inc
index 8b34909..7ff8e44 100644
--- a/meta/recipes-devtools/pseudo/pseudo.inc
+++ b/meta/recipes-devtools/pseudo/pseudo.inc
@@ -30,23 +30,10 @@ PSEUDO_EXTRA_OPTS ?= "--enable-force-async --without-passwd-fallback --enable-ep
# Compile for the local machine arch...
do_compile () {
- SQLITE_LDADD='$(SQLITE)/$(SQLITE_LIB)/libsqlite3.a'
- for sqlite_link_opt in $(pkg-config sqlite3 --libs --static)
- do
- case "$sqlite_link_opt" in
- -lsqlite3)
- ;;
- -l*)
- SQLITE_LDADD="${SQLITE_LDADD} ${sqlite_link_opt}"
- ;;
- *)
- ;;
- esac
- done
if [ "${SITEINFO_BITS}" = "64" ]; then
- ${S}/configure ${PSEUDO_EXTRA_OPTS} --prefix=${prefix} --libdir=${prefix}/lib/pseudo/lib${SITEINFO_BITS} --with-sqlite-lib=${baselib} --with-sqlite=${STAGING_DIR_TARGET}${exec_prefix} --cflags="${CFLAGS}" --bits=${SITEINFO_BITS} --with-static-sqlite="$SQLITE_LDADD" --without-rpath
+ ${S}/configure ${PSEUDO_EXTRA_OPTS} --prefix=${prefix} --libdir=${prefix}/lib/pseudo/lib${SITEINFO_BITS} --with-sqlite-lib=${baselib} --with-sqlite=${STAGING_DIR_TARGET}${exec_prefix} --cflags="${CFLAGS}" --bits=${SITEINFO_BITS} --without-rpath
else
- ${S}/configure ${PSEUDO_EXTRA_OPTS} --prefix=${prefix} --libdir=${prefix}/lib/pseudo/lib --with-sqlite-lib=${baselib} --with-sqlite=${STAGING_DIR_TARGET}${exec_prefix} --cflags="${CFLAGS}" --bits=${SITEINFO_BITS} --with-static-sqlite="$SQLITE_LDADD" --without-rpath
+ ${S}/configure ${PSEUDO_EXTRA_OPTS} --prefix=${prefix} --libdir=${prefix}/lib/pseudo/lib --with-sqlite-lib=${baselib} --with-sqlite=${STAGING_DIR_TARGET}${exec_prefix} --cflags="${CFLAGS}" --bits=${SITEINFO_BITS} --without-rpath
fi
oe_runmake ${MAKEOPTS}
}
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 12/31] file: fix CVE-2019-18218
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (10 preceding siblings ...)
2019-11-13 15:31 ` [zeus 11/31] pseudo: Drop static linking to sqlite3 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 13/31] file: run test suite when building natively Armin Kuster
` (18 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../file/file/CVE-2019-18218.patch | 55 ++++++++++++++++++++++
meta/recipes-devtools/file/file_5.37.bb | 3 +-
2 files changed, 57 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-devtools/file/file/CVE-2019-18218.patch
diff --git a/meta/recipes-devtools/file/file/CVE-2019-18218.patch b/meta/recipes-devtools/file/file/CVE-2019-18218.patch
new file mode 100644
index 0000000..3d02c5a
--- /dev/null
+++ b/meta/recipes-devtools/file/file/CVE-2019-18218.patch
@@ -0,0 +1,55 @@
+cdf_read_property_info in cdf.c in file through 5.37 does not restrict the
+number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte
+out-of-bounds write).
+
+CVE: CVE-2019-18218
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 9d6396742..bb81d6374 100644
+--- a/src/cdf.c
++++ b/src/cdf.c
+@@ -1016,8 +1016,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ goto out;
+ }
+ nelements = CDF_GETUINT32(q, 1);
+- if (nelements == 0) {
+- DPRINTF(("CDF_VECTOR with nelements == 0\n"));
++ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
++ DPRINTF(("CDF_VECTOR with nelements == %"
++ SIZE_T_FORMAT "u\n", nelements));
+ goto out;
+ }
+ slen = 2;
+@@ -1060,8 +1061,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ goto out;
+ inp += nelem;
+ }
+- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+- nelements));
+ for (j = 0; j < nelements && i < sh.sh_properties;
+ j++, i++)
+ {
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b7..05056668f 100644
+--- a/src/cdf.h
++++ b/src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+
+ #define CDF_LOOP_LIMIT 10000
++#define CDF_ELEMENT_LIMIT 100000
+
+ #define CDF_SECID_NULL 0
+ #define CDF_SECID_FREE -1
diff --git a/meta/recipes-devtools/file/file_5.37.bb b/meta/recipes-devtools/file/file_5.37.bb
index 6547d12..509b6ce 100644
--- a/meta/recipes-devtools/file/file_5.37.bb
+++ b/meta/recipes-devtools/file/file_5.37.bb
@@ -14,7 +14,8 @@ DEPENDS_class-native = "zlib-native"
# Blacklist a bogus tag in upstream check
UPSTREAM_CHECK_GITTAGREGEX = "FILE(?P<pver>(?!6_23).+)"
-SRC_URI = "git://github.com/file/file.git"
+SRC_URI = "git://github.com/file/file.git \
+ file://CVE-2019-18218.patch"
SRCREV = "a0d5b0e4e9f97d74a9911e95cedd579852e25398"
S = "${WORKDIR}/git"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 13/31] file: run test suite when building natively
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (11 preceding siblings ...)
2019-11-13 15:31 ` [zeus 12/31] file: fix CVE-2019-18218 Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 14/31] sudo: Fix fetching sources Armin Kuster
` (17 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
As we apply the same patches to native and target builds of file, we can verify
that the patches are not breaking by executing the test suite during the build
of file-native.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/file/file_5.37.bb | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-devtools/file/file_5.37.bb b/meta/recipes-devtools/file/file_5.37.bb
index 509b6ce..60fc661 100644
--- a/meta/recipes-devtools/file/file_5.37.bb
+++ b/meta/recipes-devtools/file/file_5.37.bb
@@ -32,6 +32,10 @@ EXTRA_OEMAKE_append_class-nativesdk = "-e FILE_COMPILE=${STAGING_BINDIR_NATIVE}/
FILES_${PN} += "${datadir}/misc/*.mgc"
+do_compile_append_class-native() {
+ oe_runmake check
+}
+
do_install_append_class-native() {
create_cmdline_wrapper ${D}/${bindir}/file \
--magic-file ${datadir}/misc/magic.mgc
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 14/31] sudo: Fix fetching sources
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (12 preceding siblings ...)
2019-11-13 15:31 ` [zeus 13/31] file: run test suite when building natively Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 15/31] mdadm: fix do_package failed when changed local.conf but not cleaned Armin Kuster
` (16 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ferry Toth <ftoth@exalondelft.nl>
It looks like https://www.sudo.ws/download.html changed certificate
and directory structure. This breaks fetching sources.
Signed-off-by: Ferry Toth <ftoth@exalondelft.nl>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-extended/sudo/sudo_1.8.27.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/sudo/sudo_1.8.27.bb b/meta/recipes-extended/sudo/sudo_1.8.27.bb
index 8b3be55..0a11a1b 100644
--- a/meta/recipes-extended/sudo/sudo_1.8.27.bb
+++ b/meta/recipes-extended/sudo/sudo_1.8.27.bb
@@ -1,6 +1,6 @@
require sudo.inc
-SRC_URI = "http://www.sudo.ws/sudo/dist/sudo-${PV}.tar.gz \
+SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
file://0001-Include-sys-types.h-for-id_t-definition.patch \
file://CVE-2019-14287-1.patch \
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 15/31] mdadm: fix do_package failed when changed local.conf but not cleaned
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (13 preceding siblings ...)
2019-11-13 15:31 ` [zeus 14/31] sudo: Fix fetching sources Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 16/31] ltp: Fix overcommit_memory failure Armin Kuster
` (15 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
reproduce steps:
1. add DISTRO_FEATURE_append = 'usrmerge' in local.conf
2. bitbake mdadm --success
3. remove DISTRO_FEATURE_append = 'usrmerge' from local.conf
4. bitbake mdadm -- failed when do_package
it is not proper to change source Makefile during do_install by sed,
fix by pass correct config to EXTRA_OEMAKE
[YOCTO #13493]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-extended/mdadm/mdadm_4.1.bb | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-extended/mdadm/mdadm_4.1.bb b/meta/recipes-extended/mdadm/mdadm_4.1.bb
index 639382e..64f519e 100644
--- a/meta/recipes-extended/mdadm/mdadm_4.1.bb
+++ b/meta/recipes-extended/mdadm/mdadm_4.1.bb
@@ -43,13 +43,12 @@ CFLAGS_append_powerpc64 = ' -D__SANE_USERSPACE_TYPES__'
CFLAGS_append_mipsarchn64 = ' -D__SANE_USERSPACE_TYPES__'
CFLAGS_append_mipsarchn32 = ' -D__SANE_USERSPACE_TYPES__'
-EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}"'
+EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}" SYSTEMD_DIR=${systemd_unitdir}/system \
+ BINDIR="${base_sbindir}" UDEVDIR="${nonarch_base_libdir}/udev"'
DEBUG_OPTIMIZATION_append = " -Wno-error"
do_compile() {
- # Point to right sbindir
- sed -i -e "s;BINDIR = /sbin;BINDIR = $base_sbindir;" -e "s;UDEVDIR = /lib;UDEVDIR = $nonarch_base_libdir;" -e "s;SYSTEMD_DIR=/lib/systemd/system;SYSTEMD_DIR=${systemd_unitdir}/system;" ${S}/Makefile
oe_runmake SYSROOT="${STAGING_DIR_TARGET}"
}
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 16/31] ltp: Fix overcommit_memory failure
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (14 preceding siblings ...)
2019-11-13 15:31 ` [zeus 15/31] mdadm: fix do_package failed when changed local.conf but not cleaned Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:31 ` [zeus 17/31] cve-check: ensure all known CVEs are in the report Armin Kuster
` (14 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: He Zhe <zhe.he@windriver.com>
Backport a patch from upstream to fix the following runtime failure.
mem.c:814: INFO: set overcommit_memory to 0
overcommit_memory.c:213: FAIL: alloc passed, expected to fail
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
...memory-update-for-mm-fix-false-positive-O.patch | 57 ++++++++++++++++++++++
meta/recipes-extended/ltp/ltp_20190517.bb | 1 +
2 files changed, 58 insertions(+)
create mode 100644 meta/recipes-extended/ltp/ltp/0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch
diff --git a/meta/recipes-extended/ltp/ltp/0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch b/meta/recipes-extended/ltp/ltp/0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch
new file mode 100644
index 0000000..bed8471
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch
@@ -0,0 +1,57 @@
+From d656a447893dccc310c975a239f482278550c3e0 Mon Sep 17 00:00:00 2001
+From: Jan Stancek <jstancek@redhat.com>
+Date: Tue, 21 May 2019 10:10:44 +0200
+Subject: [PATCH] overcommit_memory: update for "mm: fix false-positive
+ OVERCOMMIT_GUESS failures"
+
+commit 8c7829b04c52 ("mm: fix false-positive OVERCOMMIT_GUESS failures")
+changes logic of __vm_enough_memory(), simplifying it to:
+ When in GUESS mode, catch wild allocations by comparing their request
+ size to total amount of ram and swap in the system.
+
+Testcase currently allocates mem_total + swap_total, which doesn't trigger
+new condition. Make it more extreme, but assuming free_total / 2 will PASS,
+and 2*sum_total will FAIL.
+
+Signed-off-by: Jan Stancek <jstancek@redhat.com>
+Acked-by: Cyril Hrubis <chrubis@suse.cz>
+
+Upstream-Status: Backport [https://github.com/linux-test-project/ltp/commit/d656a447893dccc310c975a239f482278550c3e0]
+Signed-off-by: He Zhe <zhe.he@windriver.com>
+---
+ testcases/kernel/mem/tunable/overcommit_memory.c | 11 ++++-------
+ 1 file changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/testcases/kernel/mem/tunable/overcommit_memory.c b/testcases/kernel/mem/tunable/overcommit_memory.c
+index 555298f..345764d 100644
+--- a/testcases/kernel/mem/tunable/overcommit_memory.c
++++ b/testcases/kernel/mem/tunable/overcommit_memory.c
+@@ -36,11 +36,10 @@
+ *
+ * The program is designed to test the two tunables:
+ *
+- * When overcommit_memory = 0, allocatable memory can't overextends
+- * the amount of free memory. I choose the three cases:
++ * When overcommit_memory = 0, allocatable memory can't overextend
++ * the amount of total memory:
+ * a. less than free_total: free_total / 2, alloc should pass.
+- * b. greater than free_total: free_total * 2, alloc should fail.
+- * c. equal to sum_total: sum_tatal, alloc should fail
++ * b. greater than sum_total: sum_total * 2, alloc should fail.
+ *
+ * When overcommit_memory = 1, it can alloc enough much memory, I
+ * choose the three cases:
+@@ -164,9 +163,7 @@ static void overcommit_memory_test(void)
+
+ update_mem();
+ alloc_and_check(free_total / 2, EXPECT_PASS);
+- update_mem();
+- alloc_and_check(free_total * 2, EXPECT_FAIL);
+- alloc_and_check(sum_total, EXPECT_FAIL);
++ alloc_and_check(sum_total * 2, EXPECT_FAIL);
+
+ /* start to test overcommit_memory=1 */
+ set_sys_tune("overcommit_memory", 1, 1);
+--
+2.7.4
+
diff --git a/meta/recipes-extended/ltp/ltp_20190517.bb b/meta/recipes-extended/ltp/ltp_20190517.bb
index 4650715..5915b1c 100644
--- a/meta/recipes-extended/ltp/ltp_20190517.bb
+++ b/meta/recipes-extended/ltp/ltp_20190517.bb
@@ -49,6 +49,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
file://0001-testcases-use-python3-everywhere-to-run-python-scrip.patch \
file://0001-syscall-rt_sigtimedwait01-Fix-wrong-sigset-length-fo.patch \
file://0001-cve-2017-17052-Avoid-unsafe-exits-in-threads.patch \
+ file://0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch \
"
S = "${WORKDIR}/git"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 17/31] cve-check: ensure all known CVEs are in the report
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (15 preceding siblings ...)
2019-11-13 15:31 ` [zeus 16/31] ltp: Fix overcommit_memory failure Armin Kuster
@ 2019-11-13 15:31 ` Armin Kuster
2019-11-13 15:32 ` [zeus 18/31] qemu-helper-native: add missing option to getopt() call Armin Kuster
` (13 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:31 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
CVEs that are whitelisted or were not vulnerable when there are version
comparisons were not included in the report, so alter the logic to ensure that
all relevant CVEs are in the report for completeness.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/classes/cve-check.bbclass | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index c00d291..f87bcc9 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -208,12 +208,14 @@ def check_cves(d, patched_cves):
if cve in cve_whitelist:
bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve))
+ # TODO: this should be in the report as 'whitelisted'
+ patched_cves.add(cve)
elif cve in patched_cves:
bb.note("%s has been patched" % (cve))
else:
to_append = False
if (operator_start == '=' and pv == version_start):
- cves_unpatched.append(cve)
+ to_append = True
else:
if operator_start:
try:
@@ -243,8 +245,11 @@ def check_cves(d, patched_cves):
to_append = to_append_start or to_append_end
if to_append:
+ bb.note("%s-%s is vulnerable to %s" % (product, pv, cve))
cves_unpatched.append(cve)
- bb.debug(2, "%s-%s is not patched for %s" % (product, pv, cve))
+ else:
+ bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve))
+ patched_cves.add(cve)
conn.close()
return (list(patched_cves), cves_unpatched)
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 18/31] qemu-helper-native: add missing option to getopt() call
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (16 preceding siblings ...)
2019-11-13 15:31 ` [zeus 17/31] cve-check: ensure all known CVEs are in the report Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 19/31] qemu-helper-native: showing help shouldn't be an error Armin Kuster
` (12 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Noticed by -Wall.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/qemu/qemu-helper/tunctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/qemu/qemu-helper/tunctl.c b/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
index 16e24a2..fc00e99 100644
--- a/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
+++ b/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
@@ -41,7 +41,7 @@ int main(int argc, char **argv)
int tap_fd, opt, delete = 0, brief = 0;
char *tun = "", *file = "/dev/net/tun", *name = argv[0], *end;
- while((opt = getopt(argc, argv, "bd:f:t:u:g:")) > 0){
+ while((opt = getopt(argc, argv, "bd:f:t:u:g:h")) > 0){
switch(opt) {
case 'b':
brief = 1;
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 19/31] qemu-helper-native: showing help shouldn't be an error
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (17 preceding siblings ...)
2019-11-13 15:32 ` [zeus 18/31] qemu-helper-native: add missing option to getopt() call Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 20/31] qemu-helper-native: pass compiler flags Armin Kuster
` (11 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Displaying a help message if help was requested isn't an error.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/qemu/qemu-helper/tunctl.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/meta/recipes-devtools/qemu/qemu-helper/tunctl.c b/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
index fc00e99..d745dd0 100644
--- a/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
+++ b/meta/recipes-devtools/qemu/qemu-helper/tunctl.c
@@ -19,7 +19,7 @@
#define TUNSETGROUP _IOW('T', 206, int)
#endif
-static void Usage(char *name)
+static void Usage(char *name, int status)
{
fprintf(stderr, "Create: %s [-b] [-u owner] [-g group] [-t device-name] "
"[-f tun-clone-device]\n", name);
@@ -28,7 +28,7 @@ static void Usage(char *name)
fprintf(stderr, "The default tun clone device is /dev/net/tun - some systems"
" use\n/dev/misc/net/tun instead\n\n");
fprintf(stderr, "-b will result in brief output (just the device name)\n");
- exit(1);
+ exit(status);
}
int main(int argc, char **argv)
@@ -63,7 +63,7 @@ int main(int argc, char **argv)
if(*end != '\0'){
fprintf(stderr, "'%s' is neither a username nor a numeric uid.\n",
optarg);
- Usage(name);
+ Usage(name, 1);
}
break;
case 'g':
@@ -76,7 +76,7 @@ int main(int argc, char **argv)
if(*end != '\0'){
fprintf(stderr, "'%s' is neither a groupname nor a numeric group.\n",
optarg);
- Usage(name);
+ Usage(name, 1);
}
break;
@@ -84,8 +84,10 @@ int main(int argc, char **argv)
tun = optarg;
break;
case 'h':
+ Usage(name, 0);
+ break;
default:
- Usage(name);
+ Usage(name, 1);
}
}
@@ -93,7 +95,7 @@ int main(int argc, char **argv)
argc -= optind;
if(argc > 0)
- Usage(name);
+ Usage(name, 1);
if((tap_fd = open(file, O_RDWR)) < 0){
fprintf(stderr, "Failed to open '%s' : ", file);
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 20/31] qemu-helper-native: pass compiler flags
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (18 preceding siblings ...)
2019-11-13 15:32 ` [zeus 19/31] qemu-helper-native: showing help shouldn't be an error Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 21/31] linux-yocto/4.19: update to v4.19.78 Armin Kuster
` (10 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Pass all of the compiler and linker flags so the build is correctly configured.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb b/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
index d9d9da0..372eebd 100644
--- a/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
+++ b/meta/recipes-devtools/qemu/qemu-helper-native_1.0.bb
@@ -12,7 +12,7 @@ S = "${WORKDIR}"
inherit native
do_compile() {
- ${CC} tunctl.c -o tunctl
+ ${CC} ${CFLAGS} ${LDFLAGS} -Wall tunctl.c -o tunctl
}
do_install() {
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 21/31] linux-yocto/4.19: update to v4.19.78
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (19 preceding siblings ...)
2019-11-13 15:32 ` [zeus 20/31] qemu-helper-native: pass compiler flags Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 22/31] linux-yocto/5.2: update to v5.2.20 Armin Kuster
` (9 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating linux-yocto/4.19 to the latest korg -stable release that comprises
the following commits:
58fce2064530 Linux 4.19.78
5b0446c8e0a8 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
d85bc11a6894 kexec: bail out upon SIGKILL when allocating memory.
c8a65ec0602a NFC: fix attrs checks in netlink interface
1b42503211ca smack: use GFP_NOFS while holding inode_smack::smk_lock
ef9744a0218f Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
4703593498d3 soundwire: fix regmap dependencies and align with other serial links
322753c78d1d soundwire: Kconfig: fix help format
74e2a311a226 sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
ed9420ddce87 tipc: fix unlimited bundling of small messages
a1afd826e549 xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
36a4043c4bb8 net/rds: Fix error handling in rds_ib_add_one()
012363f5ded0 udp: only do GSO if # of segs > 1
5c08d7e4f1ea net: dsa: rtl8366: Check VLAN ID and not ports
3c1f0704401c vsock: Fix a lockdep warning in __vsock_release()
544aee546174 udp: fix gso_segs calculations
79fd59ae7c2f sch_dsmark: fix potential NULL deref in dsmark_init()
76b552775d60 rxrpc: Fix rxrpc_recvmsg tracepoint
7047aae65456 qmi_wwan: add support for Cinterion CLS8 devices
dd9c580a6d9b nfc: fix memory leak in llcp_sock_bind()
d5b1db1c7ce4 net: Unpublish sk from sk_reuseport_cb before call_rcu
9d0995cc268b net: qlogic: Fix memory leak in ql_alloc_large_buffers
124b64feafa9 net: ipv4: avoid mixed n_redirects and rate_tokens usage
6f8564edf8c1 ipv6: Handle missing host route in __ipv6_ifa_notify
658d7ee4da50 ipv6: drop incoming packets having a v4mapped source address
a495fd19cce2 hso: fix NULL-deref on tty open
7f30c44b7ca4 erspan: remove the incorrect mtu limit for erspan
2b8389112292 cxgb4:Fix out-of-bounds MSI-X info array access
ed568ca73601 bpf: fix use after free in prog symbol exposure
dbb7339cfddf block: mq-deadline: Fix queue restart handling
af10ffa69b06 arm: use STACK_TOP when computing mmap base address
f91a9c6591c0 arm: properly account for stack randomization and stack guard gap
53ba8d4358eb mips: properly account for stack randomization and stack guard gap
e1b391abbfce arm64: consider stack randomization for mmap base only when necessary
30ab799e758e kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
52132ff52cad ocfs2: wait for recovering done after direct unlock request
d4a546452dcc kbuild: clean compressed initramfs image
d983182d4002 crypto: hisilicon - Fix double free in sec_free_hw_sgl()
22c788ba7a52 hypfs: Fix error number left in struct pointer member
bbd76d9514c7 pktcdvd: remove warning on attempting to register non-passthrough dev
0840daeea6cb fat: work around race with userspace's read via blockdev while mounting
297904ea60a3 ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address
9a87ab2b4d60 security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
69a32a7306dd PCI: exynos: Propagate errors for optional PHYs
1264d2e7b75b PCI: imx6: Propagate errors for optional regulators
403d6c9284f1 PCI: histb: Propagate errors for optional regulators
ac9c0e2ecc49 PCI: rockchip: Propagate errors for optional regulators
709c4841e51f HID: apple: Fix stuck function keys when using FN
31e98cba55ed rtc: pcf85363/pcf85263: fix regmap error in set_time
607f95788fa9 rtc: snvs: fix possible race condition
078937549f47 ARM: 8875/1: Kconfig: default to AEABI w/ Clang
3039c788d648 soundwire: intel: fix channel number reported by hardware
6a684e002561 ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes
0f0ced702d53 livepatch: Nullify obj->mod in klp_module_coming()'s error path
78a1138672af HID: wacom: Fix several minor compiler warnings
3b7fbbddeb7a PCI: tegra: Fix OF node reference leak
c74a801ded7d mfd: intel-lpss: Remove D3cold delay
70bb4bf9fdfb i2c-cht-wc: Fix lockdep warning
371077ea2e75 MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean
3ed14a8d2fe7 MIPS: Ingenic: Disable broken BTB lookup optimization.
5b400fed74df ext4: fix potential use after free after remounting with noblock_validity
81fbd2327c32 dma-buf/sw_sync: Synchronize signal vs syncpt free
c76e18970d93 scsi: core: Reduce memory required for SCSI logging
c6304d4d7458 clk: sprd: add missing kfree
7cd89b8db60c mbox: qcom: add APCS child device for QCS404
324b0c9efc77 powerpc: dump kernel log before carrying out fadump or kdump
72884423e77f clk: at91: select parent if main oscillator or bypass is enabled
952d1c6d7cf0 arm64: fix unreachable code issue with cmpxchg
b25bd837a637 pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c
b717a47dd913 powerpc/pseries: correctly track irq state in default idle
ae089bf87c57 clk: qcom: gcc-sdm845: Use floor ops for sdcc clks
2c16f72135fb pstore: fs superblock limits
0c09b02842b8 powerpc/64s/exception: machine check use correct cfar for late handler
39b6d05169b2 drm/amdgpu/si: fix ASIC tests
4dcbca872a84 drm/amd/display: support spdif
38dfc974f322 clk: renesas: cpg-mssr: Set GENPD_FLAG_ALWAYS_ON for clock domain
0b5ac607db4b clk: renesas: mstp: Set GENPD_FLAG_ALWAYS_ON for clock domain
2cfb89832179 pinctrl: amd: disable spurious-firing GPIO IRQs
274d7acb0b81 drm/nouveau/volt: Fix for some cards having 0 maximum voltage
9b2d2f2ad003 vfio_pci: Restore original state on release
c1f7b3fb87cf powerpc/eeh: Clear stale EEH_DEV_NO_HANDLER flag
b2df456c83e3 pinctrl: tegra: Fix write barrier placement in pmx_writel
4c91e678d27c powerpc/pseries/mobility: use cond_resched when updating device tree
6d728a172732 powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function
6aa455b0d0a0 powerpc/rtas: use device model APIs and serialization during LPM
25c501f0f9d9 powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL
2cca24b2cb9a clk: zx296718: Don't reference clk_init_data after registration
efa0fe4cde05 clk: sprd: Don't reference clk_init_data after registration
89dc59fb267d clk: sirf: Don't reference clk_init_data after registration
bd3a445c2717 clk: actions: Don't reference clk_init_data after registration
437399ed906a powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window
782a77f2eb39 drm/amd/display: reprogram VM config when system resume
24ba84ec0016 drm/amd/display: fix issue where 252-255 values are clipped
efb0e1e3d0e1 clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks
a2279550f7be clk: qoriq: Fix -Wunused-const-variable
84038a98b904 ipmi_si: Only schedule continuously in the thread in maintenance mode
b351726bb5be PCI: rpaphp: Avoid a sometimes-uninitialized warning
0936c46139cb gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property()
6e03bca91f8e drm/radeon: Fix EEH during kexec
441c15582338 drm/rockchip: Check for fast link training before enabling psr
f3d62177dee3 drm/panel: check failure cases in the probe func
9cb3698dcc86 drm/stm: attach gem fence to atomic state
043f0229f442 video: ssd1307fb: Start page range at page_offset
bd5b6a7c89ef drm/panel: simple: fix AUO g185han01 horizontal blanking
db472be8b340 drm/bridge: tc358767: Increase AUX transfer length limit
053d0ec61e33 tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
d598712712e4 tpm: use tpm_try_get_ops() in tpm-sysfs.c.
6cad9d0cf87b Linux 4.19.77
2c60da90ec44 drm/amd/display: Restore backlight brightness after system resume
4d8bdf7f3a86 mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone
5bead06b3443 fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
bbe3e2056d27 md/raid0: avoid RAID0 data corruption due to layout confusion.
4290a9e59323 CIFS: Fix oplock handling for SMB 2.1+ protocols
a3a150895b6f CIFS: fix max ea value size
a0f7fd38acf5 i2c: riic: Clear NACK in tend isr
fec38267a2bf hwrng: core - don't wait on add_early_randomness()
060986096fea quota: fix wrong condition in is_quota_modification()
091c754d5ca9 ext4: fix punch hole for inline_data file systems
775e3e734bd3 ext4: fix warning inside ext4_convert_unwritten_extents_endio
caa6926d94f1 /dev/mem: Bail out upon SIGKILL.
bd3a11af1bde cfg80211: Purge frame registrations on iftype change
5dc86e9574a1 md: only call set_in_sync() when it is expected to succeed.
598a2cda62d3 md: don't report active array_state until after revalidate_disk() completes.
e8323e0ddce1 md/raid6: Set R5_ReadError when there is read failure on parity disk
bacff03bb286 Btrfs: fix race setting up and completing qgroup rescan workers
b5c42ef09df3 btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls
c521bfa8e2dc btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space
067f82a05c2f btrfs: Relinquish CPUs in btrfs_compare_trees
b08344be3546 Btrfs: fix use-after-free when using the tree modification log
4874c6fe1c9e btrfs: fix allocation of free space cache v1 bitmap pages
934243a72849 ovl: filter of trusted xattr results in audit
e7265adc0a3c ovl: Fix dereferencing possible ERR_PTR()
2e96c9332595 smb3: allow disabling requesting leases
82652c06f976 block: fix null pointer dereference in blk_mq_rq_timed_out()
db5b2fe4d33c i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask
b4a734a529b8 memcg, kmem: do not fail __GFP_NOFAIL charges
d40b3eafb52e memcg, oom: don't require __GFP_FS when invoking memcg OOM killer
e0c1e6e55bca gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps
3620b06b1db0 efifb: BGRT: Improve efifb_bgrt_sanity_check
c4f65c2fb0f5 regulator: Defer init completion for a while after late_initcall
3784576fc639 alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
174bbcc560cc arm64: dts: rockchip: limit clock rate of MMC controllers for RK3328
8cfe3b8aa3b6 arm64: tlb: Ensure we execute an ISB following walk cache invalidation
fc7d6bfdd774 Revert "arm64: Remove unnecessary ISBs from set_{pte,pmd,pud}"
881edc165b8e ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
2209279439a1 ARM: samsung: Fix system restart on S3C6410
ad884155fb9c ASoC: Intel: Fix use of potentially uninitialized variable
7bdab36455f9 ASoC: Intel: Skylake: Use correct function to access iomem space
3c54f463402f ASoC: Intel: NHLT: Fix debug print format
29ecf8cae5f4 binfmt_elf: Do not move brk for INTERP-less ET_EXEC
02ef5c299d15 media: don't drop front-end reference count for ->detach
589ca8ec4c62 media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
496cf984a60e KVM: x86: Manually calculate reserved bits when loading PDPTRS
933e3e2b5070 KVM: x86: set ctxt->have_exception in x86_decode_insn()
9723e4458604 KVM: x86: always stop emulation on page fault
8225db4a70b2 parisc: Disable HP HSC-PCI Cards to prevent kernel crash
ad41162974c6 fuse: fix missing unlock_page in fuse_writepage()
ecfe4b5f70c8 powerpc/imc: Dont create debugfs files for cpu-less nodes
e94443fc7b64 scsi: implement .cleanup_rq callback
4ec3ca2770e7 blk-mq: add callback of .cleanup_rq
4848fb93243e ALSA: hda/realtek - PCI quirk for Medion E4254
e9bcaf82dd37 ceph: use ceph_evict_inode to cleanup inode's resource
72f0fff3c450 Revert "ceph: use ceph_evict_inode to cleanup inode's resource"
98dc6d958bd9 randstruct: Check member structs in is_pure_ops_struct()
ad6819cd68be IB/hfi1: Define variables as unsigned long to fix KASAN warning
a924850c93d4 IB/mlx5: Free mpi in mp_slave mode
40b071992ca5 printk: Do not lose last line in kmsg buffer dump
28f142b940af scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag
03b75e65ceed scsi: scsi_dh_rdac: zero cdb in send_mode_select()
2e21e5b225ef ALSA: firewire-tascam: check intermediate state of clock status and retry
f5779e4449da ALSA: firewire-tascam: handle error code when getting current source of clock
fdd131eab68f iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36
6437ec272eda PM / devfreq: passive: fix compiler warning
814f7fe56ebb media: omap3isp: Set device on omap3isp subdevs
c5dbd74f8259 btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
2aeeb0a4b440 iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems
291da335040c ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
8630a4d13683 media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
d47636913bda drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)
5370cf8d90ad ALSA: hda - Drop unsol event handler for Intel HDMI codecs
ac1d43a20a08 e1000e: add workaround for possible stalled packet
35b6cba971f5 libertas: Add missing sentinel at end of if_usb.c fw_table
0a43d5d458d5 raid5: don't increment read_errors on EILSEQ return
da87dfca25aa mmc: dw_mmc: Re-store SDIO IRQs mask at system resume
a0dd3d95fb21 mmc: core: Add helper function to indicate if SDIO IRQs is enabled
8ba99d50cb61 mmc: sdhci: Fix incorrect switch to HS mode
869122775782 mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD
a5443cd24063 raid5: don't set STRIPE_HANDLE to stripe which is in batch list
064fba888e77 ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
476eda2539bb platform/x86: intel_pmc_core: Do not ioremap RAM
e836cd2917c6 x86/cpu: Add Tiger Lake to Intel family
b21919eeced6 s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
fad90d4bfa8d kprobes: Prohibit probing on BUG() and WARN() address
213077da3e7c dmaengine: ti: edma: Do not reset reserved paRAM slots
f1db75622996 md/raid1: fail run raid1 array when active disk less than one
76cf93f04c3d hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
f0956418d997 closures: fix a race on wakeup from closure_sync
9fcfdff61f74 ACPI / PCI: fix acpi_pci_irq_enable() memory leak
e4467fb6ef54 ACPI: custom_method: fix memory leaks
6fceb241dc76 ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks
e4b4280dcd97 libtraceevent: Change users plugin directory
c55659cd1459 iommu/iova: Avoid false sharing on fq_timer_on
223b0481ed4b libata/ahci: Drop PCS quirk for Denverton and beyond
de888e0244cb iommu/amd: Silence warnings under memory pressure
6241c0ac301e ALSA: firewire-motu: add support for MOTU 4pre
ad58ce6cacd1 nvme-multipath: fix ana log nsid lookup when nsid is not found
9edc229b9c90 nvmet: fix data units read and written counters in SMART log
7bbb7a9dd2c3 x86/mm/pti: Handle unaligned address gracefully in pti_clone_pagetable()
5201b4ffc324 ASoC: fsl_ssi: Fix clock control issue in master mode
4b7d9c2a716e x86/mm/pti: Do not invoke PTI functions when PTI is disabled
eb2485e32f90 arm64: kpti: ensure patched kernel text is fetched from PoU
b619496540ba x86/apic/vector: Warn when vector space exhaustion breaks affinity
01e8f487cecb sched/cpufreq: Align trace event behavior of fast switching
2919fa0398ad ACPI / CPPC: do not require the _PSD method
b79922133f9c ASoC: es8316: fix headphone mixer volume table
dd25f76c1f34 media: ov9650: add a sanity check
342a0bee4d94 perf trace beauty ioctl: Fix off-by-one error in cmd->string table
57409ea782e7 media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
78550c5cfe6d media: cpia2_usb: fix memory leaks
d796c6c1aab4 media: saa7146: add cleanup in hexium_attach()
ab20f38ce522 media: cec-notifier: clear cec_adap in cec_notifier_unregister
d51268d7574b PM / devfreq: exynos-bus: Correct clock enable sequence
7e19b7e0d640 PM / devfreq: passive: Use non-devm notifiers
f9de170eaf7e EDAC/amd64: Decode syndrome before translating address
6f80e91a66e0 EDAC/amd64: Recognize DRAM device type ECC capability
adb97f18b4e7 libperf: Fix alignment trap with xyarray contents in 'perf stat'
4df2427a5148 media: dvb-core: fix a memory leak bug
8d5fccff7b0c posix-cpu-timers: Sanitize bogus WARNONS
9df9652b7345 media: dvb-frontends: use ida for pll number
006a6065c867 media: mceusb: fix (eliminate) TX IR signal length limit
d093d3183ca2 nbd: add missing config put
e497ec26cc43 led: triggers: Fix a memory leak bug
83c2a42b1b84 ASoC: sun4i-i2s: Don't use the oversample to calculate BCLK
5466c30b11cb tools headers: Fixup bitsperlong per arch includes
b1f1b83e2583 ASoC: uniphier: Fix double reset assersion when transitioning to suspend state
e6bc6e2c0d1f media: hdpvr: add terminating 0 at end of string
4a2cb7600b72 media: radio/si470x: kill urb on error
dfaf60580191 ARM: dts: imx7-colibri: disable HS400
c20ee5d906ec ARM: dts: imx7d: cl-som-imx7: make ethernet work again
21927786df27 m68k: Prevent some compiler warnings in Coldfire builds
ba8f56ffaebf net: lpc-enet: fix printk format strings
aa2d05a9de05 media: imx: mipi csi-2: Don't fail if initial state times-out
1b7df445d881 media: omap3isp: Don't set streaming state on random subdevs
0c3802174754 media: i2c: ov5645: Fix power sequence
3dfbac0add22 media: vsp1: fix memory leak of dl on error return path
c47022e019fe perf record: Support aarch64 random socket_id assignment
482c1d0a7cc4 dmaengine: iop-adma: use correct printk format strings
19a1fa140594 media: rc: imon: Allow iMON RC protocol for ffdc 7e device
a527d3d4b513 media: em28xx: modules workqueue not inited for 2nd device
6a1c59a7603d media: fdp1: Reduce FCP not found message level to debug
e3f5f626e17a media: mtk-mdp: fix reference count on old device tree
066afce8d87d perf test vfs_getname: Disable ~/.perfconfig to get default output
96b61fe7a5f7 perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig
db751f6d5241 media: gspca: zero usb_buf on error
511110236089 idle: Prevent late-arriving interrupts from disrupting offline
9addfbd40959 sched/fair: Use rq_lock/unlock in online_fair_sched_group
6e9d45022d26 firmware: arm_scmi: Check if platform has released shmem before using
0dbdc1986bb4 efi: cper: print AER info of PCIe fatal error
4410b8517950 EDAC, pnd2: Fix ioremap() size in dnv_rd_reg()
cf8f20a1aacf loop: Add LOOP_SET_DIRECT_IO to compat ioctl
18e5e458c6d8 ACPI / processor: don't print errors for processorIDs == 0xff
465bc6e80fd2 media: media/platform: fsl-viu.c: fix build for MICROBLAZE
371538451c21 md: don't set In_sync if array is frozen
d38aff20c407 md: don't call spare_active in md_reap_sync_thread if all member devices can't work
1cd972e0a107 md/raid1: end bio when the device faulty
7d75275fbfb1 arm64/prefetch: fix a -Wtype-limits warning
829bebdc1ce6 ASoC: rsnd: don't call clk_get_rate() under atomic context
f5bef62df824 EDAC/altera: Use the proper type for the IRQ status bits
87bc43e2a775 ia64:unwind: fix double free for mod->arch.init_unw_table
ca57eca32b3e ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
d76b5ac5016c base: soc: Export soc_device_register/unregister APIs
4a75e77ef1b5 media: iguanair: add sanity checks
fe8fc7d7cb64 EDAC/mc: Fix grain_bits calculation
55a98e872186 ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
1af6822f29d6 ALSA: hda - Show the fatal CORB/RIRB error more clearly
b40c15c20e42 x86/apic: Soft disable APIC before initializing it
ce7fdd5cd83e x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
0f30856944d4 sched/deadline: Fix bandwidth accounting at all levels after offline migration
d29c7b8be599 x86/apic: Make apic_pending_intr_clear() more robust
f381d3d2c39c sched/core: Fix CPU controller for !RT_GROUP_SCHED
417cf53b4b85 sched/fair: Fix imbalance due to CPU affinity
7cebdfa62f22 time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint
64f3fb5d751c media: i2c: ov5640: Check for devm_gpiod_get_optional() error
6cc816dd644e media: hdpvr: Add device num check and handling
8bc254d3e6b8 media: exynos4-is: fix leaked of_node references
7ec720763a20 media: mtk-cir: lower de-glitch counter for rc-mm protocol
920acbff8932 media: dib0700: fix link error for dibx000_i2c_set_speed
8f9dc49928c2 leds: leds-lp5562 allow firmware files up to the maximum length
fdcf06a35bc6 dmaengine: bcm2835: Print error in case setting DMA mask fails
e841313b5731 firmware: qcom_scm: Use proper types for dma mappings
ec4815460d81 ASoC: sgtl5000: Fix charge pump source assignment
84bb4024b358 ASoC: sgtl5000: Fix of unmute outputs on probe
a7ace049bddc ASoC: tlv320aic31xx: suppress error message for EPROBE_DEFER
3657e58405fb regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg
3eec108aa879 ALSA: hda: Flush interrupts on disabling
5b6c791f494d nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
33fe1f517e29 nfc: enforce CAP_NET_RAW for raw sockets
dd651ab7a114 ieee802154: enforce CAP_NET_RAW for raw sockets
6f0f18e53269 ax25: enforce CAP_NET_RAW for raw sockets
6fbf86627608 appletalk: enforce CAP_NET_RAW for raw sockets
50dddec689cb mISDN: enforce CAP_NET_RAW for raw sockets
f06b0b3e5d76 net/mlx5: Add device ID of upcoming BlueField-2
3fdcf6a88ded tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
a749eea97ac9 net: sched: fix possible crash in tcf_action_destroy()
831d0fcba1cf usbnet: sanity checking of packet sizes and device mtu
b7eeccc1c786 usbnet: ignore endpoints with invalid wMaxPacketSize
ff4419d725c7 skge: fix checksum byte order
9a623e1b1d03 sch_netem: fix a divide by zero in tabledist()
1cd663adcece ppp: Fix memory leak in ppp_write
99952b08537c openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
587df35cbf65 nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
195a3ea494d2 net_sched: add max len check for TCA_KIND
c31096dc586e net/sched: act_sample: don't push mac header on ip6gre ingress
abb04d0a9dea net: qrtr: Stop rx_worker before freeing node
6ea3bc412506 net/phy: fix DP83865 10 Mbps HDX loopback disable function
831d082be72c macsec: drop skb sk before calling gro_cells_receive
fd0034688358 cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
0bf79588586c arcnet: provide a buffer big enough to actually receive packets
555161ee1b7a Linux 4.19.76
59a5cea41dd0 f2fs: use generic EFSBADCRC/EFSCORRUPTED
fc3d296491f4 net/rds: Check laddr_check before calling it
3de749d6d7ce net/rds: An rds_sock is added too early to the hash table
07f7ec87b5f6 net_sched: check cops->tcf_block in tc_bind_tclass()
90b0761c1b81 Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices
6934809432d2 netfilter: nft_socket: fix erroneous socket assignment
649836fe946c xfs: don't crash on null attr fork xfs_bmapi_read
91ae87240166 drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling
3717f4a49b34 ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35
46beb6eacef5 Bluetooth: btrtl: HCI reset on close for Realtek BT chip
8ffd7ba9ffb1 net: don't warn in inet diag when IPV6 is disabled
ff0fbfacc94f drm: Flush output polling on shutdown
303f6d6bbc0c f2fs: fix to do sanity check on segment bitmap of LFS curseg
dec09554eba9 net/ibmvnic: Fix missing { in __ibmvnic_reset
dc9118feb472 dm zoned: fix invalid memory access
73d90f57fcc2 Revert "f2fs: avoid out-of-range memory access"
40cdc71e1111 blk-mq: move cancel of requeue_work to the front of blk_exit_queue
313efb253d03 blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs
75448f40b9f6 initramfs: don't free a non-existent initrd
ad16dfef4a44 bcache: remove redundant LIST_HEAD(journal) from run_cache_set()
08fdaee2d97b PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it
ef2baa03b7f0 f2fs: check all the data segments against all node ones
ef06c33dc371 irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices
52b4947bac50 bpf: libbpf: retry loading program on EAGAIN
a935d78e54cc Revert "drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD"
288831cba980 scsi: qla2xxx: Return switch command on a timeout
2b983f212c68 scsi: qla2xxx: Remove all rports if fabric scan retry fails
6b449e4cf090 scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion
9423770eb336 locking/lockdep: Add debug_locks check in __lock_downgrade()
0c23335a2d81 power: supply: sysfs: ratelimit property read error message
1456c40aa906 pinctrl: sprd: Use define directive for sprd_pinconf_params values
037d73a6458e objtool: Clobber user CFLAGS variable
952844f31eb7 ALSA: hda - Apply AMD controller workaround for Raven platform
50c9ccffe041 ALSA: hda - Add laptop imic fixup for ASUS M9V laptop
866a1a7e9f23 ALSA: dice: fix wrong packet parameter for Alesis iO26
9829fd27501e ALSA: usb-audio: Add DSD support for EVGA NU Audio
303921276360 ALSA: usb-audio: Add Hiby device family to quirks for native DSD support
8a845c02e495 ASoC: fsl: Fix of-node refcount unbalance in fsl_ssi_probe_from_dt()
a5e2c65034f8 ASoC: Intel: cht_bsw_max98090_ti: Enable codec clock once and keep it enabled
ec2a3681b30c media: tvp5150: fix switch exit in set control handler
ba6860700d1f iwlwifi: mvm: always init rs_fw with 20MHz bandwidth rates
ced0676fc9c2 iwlwifi: mvm: send BCAST management frames to the right station
b3873e34cbf2 net/mlx5e: Rx, Check ip headers sanity
404f118f2790 net/mlx5e: Rx, Fixup skb checksum for packets with tail padding
c95ebb394d65 net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
79e972a89cad net/mlx5e: Allow reporting of checksum unnecessary
8da68f79b3b3 mlx5: fix get_ip_proto()
44da02576b5d net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets
6debda97411e net/mlx5e: Set ECN for received packets using CQE indication
e867ef113004 CIFS: fix deadlock in cached root handling
f3160a1d71f7 crypto: talitos - fix missing break in switch statement
c1a7fe486647 mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword()
5fdefdcb92bb HID: Add quirk for HP X500 PIXART OEM mouse
3d072c272b88 HID: hidraw: Fix invalid read in hidraw_ioctl
acc96be807bb HID: logitech: Fix general protection fault caused by Logitech driver
3e785174fb35 HID: sony: Fix memory corruption issue on cleanup.
eb77929769e3 HID: prodikeys: Fix general protection fault during probe
2661d462aaa9 IB/core: Add an unbound WQ type to the new CQ API
70ec2eecc550 drm/amd/display: readd -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines
80fc27953e74 powerpc/xive: Fix bogus error code returned by OPAL
4eb92a114834 RDMA/restrack: Protect from reentry to resource return path
373f9092df95 net/ibmvnic: free reset work of removed device from queue
2af977b0d1db Revert "Bluetooth: validate BLE connection interval updates"
d573e8a79f70 Linux 4.19.75
b841a9f58d9c media: technisat-usb2: break out of loop at end of buffer
f35f5a990a07 arm64: kpti: Whitelist Cortex-A CPUs that don't implement the CSV3 field
c0ccb4da26bc binfmt_elf: move brk out of mmap when doing direct loader exec
c3817ffb1036 floppy: fix usercopy direction
9c13e770cca9 ovl: fix regression caused by overlapping layers detection
5e74396d8beb PCI: kirin: Fix section mismatch warning
0d50f7b1e8c8 iommu/amd: Fix race in increase_address_space()
52f32e4aec50 iommu/amd: Flush old domains in kdump kernel
ca77acdf1ac9 keys: Fix missing null pointer check in request_key_auth_describe()
d73515a17c14 x86/hyper-v: Fix overflow bug in fill_gva_list()
371357770c8b x86/uaccess: Don't leak the AC flags into __get_user() argument evaluation
72c762b01eb0 dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
d04b522a65c0 dmaengine: ti: dma-crossbar: Fix a memory leak bug
6bc421d5a04a net: seeq: Fix the function used to release some memory in an error handling path
83360eb798ca net: aquantia: fix out of memory condition on rx side
30c345bd786a tools/power turbostat: fix buffer overrun
d485c65853de tools/power x86_energy_perf_policy: Fix argument parsing
254b9b2971a7 tools/power x86_energy_perf_policy: Fix "uninitialized variable" warnings at -O2
a85a0d9f3796 amd-xgbe: Fix error path in xgbe_mod_init()
7ec11cad3fde perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops
560857de3064 perf/x86/intel: Restrict period on Nehalem
65ad72ce10e7 i2c: designware: Synchronize IRQs when unregistering slave client
5a45b14b03f7 sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
6cce2adae3e1 ibmvnic: Do not process reset during or after device removal
080ca754f5db ARM: 8901/1: add a criteria for pfn_valid of arm
c6d779fd8197 usb: host: xhci-tegra: Set DMA mask correctly
b62946852afa cifs: Use kzfree() to zero out the password
325fa2a6729b cifs: set domainName when a domain-key is used in multiuser
9a74f799b99c kallsyms: Don't let kallsyms_lookup_size_offset() fail on retrieving the first symbol
0f7130177325 NFSv2: Fix write regression
60f0d449601d NFSv2: Fix eof handling
6075729f76da netfilter: nf_conntrack_ftp: Fix debug output
7ac5947f7578 netfilter: xt_physdev: Fix spurious error message in physdev_mt_check
e997c0730520 x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
688fdaa54a3e r8152: Set memory to all 0xFFs on failed reg reads
d9f79f0ace55 bpf: allow narrow loads of some sk_reuseport_md fields with offset > 0
7d4201ff9f73 batman-adv: Only read OGM2 tvlv_len after buffer len check
5b8b66274183 ARM: 8874/1: mm: only adjust sections of valid mm structures
b870f8afc5a5 qed: Add cleanup in qed_slowpath_start()
30881d79de31 xdp: unpin xdp umem pages in error path
55ed0ad50201 Kconfig: Fix the reference to the IDT77105 Phy driver in the description of ATM_NICSTAR_USE_IDT77105
767877deb25a NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
4ac4f4716fba NFSv4: Fix return value in nfs_finish_open()
d7565d51af18 NFSv4: Fix return values for nfs4_file_open()
4e5fbcb9a615 netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info
a02c676c0f03 netfilter: nft_flow_offload: missing netlink attribute policy
a4fa6c68ecc3 netfilter: ebtables: Fix argument order to ADD_COUNTER
634dd5a48627 fpga: altera-ps-spi: Fix getting of optional confd gpio
0d393f23f18e tools: bpftool: close prog FD before exit on showing a single program
c5bb033529f1 selftests/bpf: fix "bind{4, 6} deny specific IP & port" on s390
48d77ca1497f s390/bpf: use 32-bit index for tail calls
999f33c2438c bus: ti-sysc: Simplify cleanup upon failures in sysc_probe()
1a85d5819ade ARM: OMAP1: ams-delta-fiq: Fix missing irq_ack
a8919f8d352f ARM: dts: dra74x: Fix iodelay configuration for mmc3
2ff2bd2c5526 ARM: OMAP2+: Fix omap4 errata warning on other SoCs
73d003274a42 s390/bpf: fix lcgr instruction encoding
c1e0937ef4d5 bus: ti-sysc: Fix using configured sysc mask value
0aee9e118eee ARM: OMAP2+: Fix missing SYSC_HAS_RESET_STATUS for dra7 epwmss
f696ba6b122d ARM: dts: am57xx: Disable voltage switching for SD card
ac8f26f6a035 ieee802154: hwsim: unregister hw while hwsim_subscribe_all_others fails
c237a050df3b ieee802154: hwsim: Fix error handle path in hwsim_init_module
6a10e87ffca1 nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds
941431c491a6 mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
770cee245191 tty/serial: atmel: reschedule TX after RX was started
4c2f60ed8ed8 serial: sprd: correct the wrong sequence of arguments
2871621518ac firmware: google: check if size is valid when decoding VPD data
232a6462f43f KVM: coalesced_mmio: add bounds checking
7a1bad565ceb net_sched: let qdisc_put() accept NULL pointer
47288968eebd xen-netfront: do not assume sk_buff_head list is empty in error handling
fdd60d80c429 udp: correct reuseport selection with connected sockets
97b5f8c95b75 ip6_gre: fix a dst leak in ip6erspan_tunnel_xmit
4fb95f299504 phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current
abf389e0795a media: tm6000: double free if usb disconnect while streaming
77d4e2a05885 USB: usbcore: Fix slab-out-of-bounds bug during device reset
b01b1eb24c04 powerpc/mm/radix: Use the right page size for vmemmap mapping
289f3c82b116 Input: elan_i2c - remove Lenovo Legion Y7000 PnpID
305c3b497662 RDMA/restrack: Release task struct which was hold by CM_ID object
8993c673d6c4 HID: wacom: generic: read HID_DG_CONTACTMAX from any feature report
2a0aa8a06aea netfilter: nf_flow_table: set default timeout after successful insertion
dbc29aff8d04 Linux 4.19.74
9d587fe2cd70 x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence GCC9 build warning
96c08711fc66 nvmem: Use the same permissions for eeprom as for nvmem
3622d621e9be rsi: fix a double free bug in rsi_91x_deinit()
780f3aadee1e platform/x86: pmc_atom: Add CB4063 Beckhoff Automation board to critclk_systems DMI table
52bfcc9c8406 modules: fix compile error if don't have strict module rwx
ae415d7a2707 modules: fix BUG when load module with rodata=n
0ae0c43abcbf iio: adc: stm32-dfsdm: fix data type
acf77c411b4e Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
a03ed2891cdb drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto
d13a836d787d drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
4b30a0698208 firmware: ti_sci: Always request response from firmware
3dfc787f2f50 crypto: talitos - HMAC SNOOP NO AFEU mode requires SW icv checking.
e89d4cb6fba3 crypto: talitos - Do not modify req->cryptlen on decryption.
9aff4077304b crypto: talitos - fix ECB algs ivsize
c4d7148e2d67 crypto: talitos - check data blocksize in ablkcipher.
02ebbb4f8df8 crypto: talitos - fix CTR alg blocksize
39fa02a36bb3 crypto: talitos - check AES key size
e1666bcbae0c driver core: Fix use-after-free and double free on glue directory
72cd230b3231 ubifs: Correctly use tnc_next() in search_dh_cookie()
a65290083b66 gpio: fix line flag validation in lineevent_create
0f4095f33557 PCI: Always allow probing with driver_override
70facf939ba2 mtd: rawnand: mtk: Fix wrongly assigned OOB buffer pointer issue
6da56f8982bb clk: rockchip: Don't yell about bad mmc phases when getting
a63416f39aaf drm/meson: Add support for XBGR8888 & ABGR8888 formats
d9e8b4ba0397 powerpc: Add barrier_nospec to raw_copy_in_user()
eb020b77b646 x86/purgatory: Change compiler flags from -mcmodel=kernel to -mcmodel=large to fix kexec relocation errors
73c31bd92039 KVM: nVMX: handle page fault in vmread
6e60900cfa3e KVM: x86: work around leak of uninitialized stack contents
09a9f894c65b KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
9f8a2825918c KVM: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset()
991b3458da56 genirq: Prevent NULL pointer dereference in resend_irqs()
5b5f14601e0a ixgbe: Prevent u8 wrapping of ITR value to something less than 10us
7cbd49cf0d62 Btrfs: fix assertion failure during fsync and use of stale transaction
22ed1d472811 gpio: fix line flag validation in linehandle_create
705df757e937 gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist
0f4ceb259493 tun: fix use-after-free when register netdev failed
9a4598424e99 tipc: add NULL pointer check before calling kfree_rcu
67fe3b94a833 tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
7c34a29261ee sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
41b624ff83d2 sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
a9e91767b921 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
a7f46e18ecfe net: sched: fix reordering issues
3600a311f83d net: phylink: Fix flow control resolution
821302dd0c51 net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list
88a46756f016 net: Fix null de-reference of device refcount
b26f489245b3 ixgbe: Fix secpath usage for IPsec TX offload.
2354e925e361 isdn/capi: check message length in capi_write()
ea6ec671c87e ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
a20c8e4ae48d cdc_ether: fix rndis support for Mediatek based smartphones
f57fd58dda42 bridge/mdb: remove wrong use of NLM_F_MULTI
db2d0b7c1dde Linux 4.19.73
ba03ee62aed0 vhost: make sure log_num < in_num
569775bd5364 powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts
052bc385f970 powerpc/tm: Remove msr_tm_active()
f193e02265aa PCI: Reset both NVIDIA GPU and HDA in ThinkPad P50 workaround
ff69322509bb ext4: unsigned int compared against zero
292666d2d868 ext4: fix block validity checks for journal inodes using indirect blocks
97fbf573460e ext4: don't perform block validity checks on the journal inode
1e88a1f874ca drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors
b1dd1d06b31d virtio/s390: fix race on airq_areas[]
057cdb6f0f47 drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV
b113f98432ae bcache: fix race in btree_flush_write()
f73c35d92976 bcache: add comments for mutex_lock(&b->write_lock)
7989a5026fd1 bcache: only clear BTREE_NODE_dirty bit when it is set
652993a5aae5 NFSv4: Fix delegation state recovery
5026932adb1a iio: adc: gyroadc: fix uninitialized return code
2e7e7c8f9423 mm/migrate.c: initialize pud_entry in migrate_vma()
b8ad18a10f70 i2c: at91: fix clk_offset for sama5d2
4c9170b55f3a i2c: at91: disable TXRDY interrupt after sending data
c9c90711ee88 gpio: don't WARN() on NULL descs if gpiolib is disabled
a532a120a5cd iommu/iova: Remove stale cached32_node
c4fc7cb93e0a powerpc/mm: Limit rma_size to 1TB when running without HV mode
5b9a6ba975c0 ALSA: hda - Fix intermittent CORB/RIRB stall on Intel chips
87c3692172da drm/panel: Add support for Armadeus ST0700 Adapt
ecf99cdea02d dm thin metadata: check if in fail_io mode when setting needs_check
5e9a2ce6d3b4 pstore: Fix double-free in pstore_mkfile() failure path
192b9af8caf0 resource: fix locking in find_next_iomem_res()
485bcc29a200 resource: Fix find_next_iomem_res() iteration issue
9a80dfccade1 resource: Include resource end in walk_*() interfaces
1c13c9c40e31 btrfs: correctly validate compression type
0ca2688bd7cd RDMA/srp: Accept again source addresses that do not have a port number
9541604735b2 RDMA/srp: Document srp_parse_in() arguments
bab0ff2d87db ARM: dts: gemini: Set DIR-685 SPI CS as active low
3a1b79ade460 KVM: PPC: Book3S HV: Fix CR0 setting in TM emulation
3ac718069f7c KVM: PPC: Use ccr field in pt_regs struct embedded in vcpu struct
beeeead95b2f KVM: VMX: check CPUID before allowing read/write of IA32_XSS
891011ca564d KVM: VMX: Fix handling of #MC that occurs during VM-Entry
74ce13331db9 KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value
74fd8aae19d9 KVM: x86: optimize check for valid PAT value
812810399999 ceph: use ceph_evict_inode to cleanup inode's resource
42fa0e35d6e0 ALSA: hda - Don't resume forcibly i915 HDMI/DP codec
987564c28e8a cifs: Properly handle auto disabling of serverino option
d85e830d8534 scsi: zfcp: fix request object use-after-free in send path causing wrong traces
ba8701d2226c staging: wilc1000: fix error path cleanup in wilc_wlan_initialize()
60b856dc1744 scsi: target/iblock: Fix overrun in WRITE SAME emulation
ba52842de1ad scsi: target/core: Use the SECTOR_SHIFT constant
17111037fdf0 apparmor: reset pos on failure to unpack for various functions
90ca4912e55d IB/hfi1: Avoid hardlockup with flushlist_lock
fa717fc442ff clk: tegra210: Fix default rates for HDA clocks
350503c8982b clk: tegra: Fix maximum audio sync clock for Tegra124/210
acc07941e224 cifs: add spinlock for the openFileList to cifsInodeInfo
1d0648767ccf Btrfs: fix race between block group removal and block group allocation
f276beb324cc drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc
7abeffff7bc3 drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)
d5f6539381c7 kvm: Check irqchip mode before assign irqfd
90772cf58838 drm/amdkfd: Add missing Polaris10 ID
cacbc85376b6 ARC: mm: SIGSEGV userspace trying to access kernel virtual memory
7edfa9c99d21 ARC: mm: fix uninitialised signal code in do_page_fault
0828438e523e signal/arc: Use force_sig_fault where appropriate
fcb2f1e2ea68 dm crypt: move detailed message into debug level
96b44c20e6f0 cifs: smbd: take an array of reqeusts when sending upper layer data
3f27a14b03d8 PCI: dwc: Use devm_pci_alloc_host_bridge() to simplify code
842da8fac182 mmc: sdhci-pci: Add support for Intel CML
e238e6dc222b blk-mq: free hw queue's resource in hctx's release handler
69409854ba08 dm mpath: fix missing call of path selector type->end_io
0fe097012b6c PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary
5659dfca74d0 PCI: Add macro for Switchtec quirk declarations
e4ba157877db dt-bindings: mmc: Add disable-cqe-dcmd property.
eb83f9fa10f7 dt-bindings: mmc: Add supports-cqe property
0a0176f93ea9 ARM: dts: qcom: ipq4019: enlarge PCIe BAR range
445a78ea3f90 ARM: dts: qcom: ipq4019: Fix MSI IRQ type
df1216d8bc86 ARM: dts: qcom: ipq4019: fix PCI range
2fd4629de519 ext4: protect journal inode's blocks using block_validity
f10a92309b83 media: i2c: tda1997x: select V4L2_FWNODE
4061e662c8e9 cifs: Fix lease buffer length error
df5d4ea2d8be KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels
7a74d806bdaa x86/kvm: move kvm_load/put_guest_xcr0 into atomic context
163b24b1a68c kvm: mmu: Fix overflow on kvm mmu page limit calculation
feced628c068 IB/mlx5: Reset access mask when looping inside page fault handler
37222eaf7eb7 arm64: dts: stratix10: add the sysmgr-syscon property from the gmac's
3cfce8b77aad usb: typec: tcpm: Try PD-2.0 if sink does not respond to 3.0 source-caps
fba4f7c118e4 drm/i915: Sanity check mmap length against object size
6423a2ad5709 drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set
778d626c6af3 CIFS: Fix leaking locked VFS cache pages in writeback retry
fb2dabeabb17 CIFS: Fix error paths in writeback code
e407b58c3576 drm: add __user attribute to ptr_to_compat()
e1a12c3b6f87 PCI: qcom: Don't deassert reset GPIO during probe
be905d0f2330 PCI: qcom: Fix error handling in runtime PM support
476ecc14cfdb btrfs: init csum_list before possible free
936690bdd8e6 btrfs: scrub: fix circular locking dependency warning
ff55333f5c52 btrfs: scrub: move scrub_setup_ctx allocation out of device_list_mutex
8ba3169dceac btrfs: scrub: pass fs_info to scrub_setup_ctx
df7329207870 mmc: renesas_sdhi: Fix card initialization failure in high speed mode
915c9d0a1d68 powerpc/kvm: Save and restore host AMR/IAMR/UAMOR
b3f864b88256 spi: spi-gpio: fix SPI_CS_HIGH capability
1d60902a5448 x86/kvmclock: set offset for kvm unstable clock
716b0cfa88a5 iwlwifi: add new card for 9260 series
213566a9b0de iwlwifi: fix devices with PCI Device ID 0x34F0 and 11ac RF modules
2b76fcb6ba62 drm/nouveau: Don't WARN_ON VCPI allocation failures
173b6557fcbc mt76: fix corrupted software generated tx CCMP PN
0d7f329e2431 iio: adc: exynos-adc: Use proper number of channels for Exynos4x12
4e516b721a50 dt-bindings: iio: adc: exynos-adc: Add S5PV210 variant
7f588a7262b3 iio: adc: exynos-adc: Add S5PV210 variant
cd490d44150d KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run
687e470e9123 bcache: treat stale && dirty keys as bad keys
d1cec665de2c bcache: replace hard coded number with BUCKET_GC_GEN_MAX
ee30121fbd78 tpm: Fix some name collisions with drivers/char/tpm.h
c207ac66848e mfd: Kconfig: Fix I2C_DESIGNWARE_PLATFORM dependencies
6fd5e50add36 drm/i915/ilk: Fix warning when reading emon_status with no output
2b4f567912ad drm/vblank: Allow dynamic per-crtc max_vblank_count
71f719105462 crypto: ccree - add missing inline qualifier
72eec6b303f4 crypto: ccree - fix resume race condition on init
f0e286550af8 IB/uverbs: Fix OOPs upon device disassociation
8c6fb55abf2c ARC: mm: do_page_fault fixes #1: relinquish mmap_sem if signal arrives while handle_mm_fault
96af7d92d8d2 ARC: show_regs: lockdep: re-enable preemption
424b75b79994 media: vim2m: only cancel work if it is for right context
be77686f0369 btrfs: Use real device structure to verify dev extent
a2790b9939ae btrfs: volumes: Make sure no dev extent is beyond device boundary
cfbf227e0591 powerpc/pkeys: Fix handling of pkey state across fork()
2ad95be18995 scsi: megaraid_sas: Use 63-bit DMA addressing
3263f78640cc scsi: megaraid_sas: Add check for reset adapter bit
dc4e3ec9d226 scsi: megaraid_sas: Fix combined reply queue mode detection
eb124aaa2e85 btrfs: Fix error handling in btrfs_cleanup_ordered_extents
1669d1d2e696 btrfs: Remove extent_io_ops::fill_delalloc
338a528b7922 Btrfs: fix deadlock with memory reclaim during scrub
fac803479f60 Btrfs: clean up scrub is_dev_replace parameter
d3984e80d7f2 KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch
d88b01d04c6a drm/i915: Cleanup gt powerstate from gem
b185bde520d5 drm/i915: Restore sane defaults for KMS on GEM error load
f999485109d1 media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
a7b6f95f3ca6 media: vim2m: use workqueue
e432a58d7a0d s390/zcrypt: reinit ap queue state machine during device probe
a4f404af3ca8 ARM: davinci: dm644x: define gpio interrupts as separate resources
8d6b2b24ca85 ARM: davinci: dm355: define gpio interrupts as separate resources
d31f2b61e7f9 ARM: davinci: dm646x: define gpio interrupts as separate resources
4883e9e66f76 ARM: davinci: dm365: define gpio interrupts as separate resources
0a6c3bdae2c9 ARM: davinci: da8xx: define gpio interrupts as separate resources
016218ef6bb0 drm/amd/dm: Understand why attaching path/tile properties are needed
853dc0759586 drm/amd/pp: Fix truncated clock value when set watermark
5faabd22ed64 powerplay: Respect units on max dcfclk watermark
11bedb2e77a0 Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up
74ff258346e4 Drivers: hv: kvp: Fix the indentation of some "break" statements
e352d8eb9394 drm/atomic_helper: Disallow new modesets on unregistered connectors
cff9e1e33151 drm/i915/gen9+: Fix initial readout for Y tiled framebuffers
8ccbb1d24c26 drm/i915: Rename PLANE_CTL_DECOMPRESSION_ENABLE
4b2dfc0e2d44 drm/i915: Fix intel_dp_mst_best_encoder()
796469e361ed x86/kvm/lapic: preserve gfn_to_hva_cache len on cache reinit
cdad0f65050e KVM: hyperv: define VP assist page helpers
b0d9043bdbe6 KVM: x86: hyperv: keep track of mismatched VP indexes
f031fd03e22e KVM: x86: hyperv: consistently use 'hv_vcpu' for 'struct kvm_vcpu_hv' variables
0b535f7b95af KVM: x86: hyperv: enforce vp_index < KVM_MAX_VCPUS
8e91cc7f7f91 drm/amdgpu: Update gc_9_0 golden settings.
bcc3bd761ab5 drm/amdgpu/gfx9: Update gfx9 golden settings.
2c2cf2245ff6 remoteproc: qcom: q6v5-mss: add SCM probe dependency
4d9707586ec7 x86, hibernate: Fix nosave_regions setup for hibernation
805e0e46eb54 Drivers: hv: kvp: Fix two "this statement may fall through" warnings
3f3beae22842 keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
bac1c4edb5c4 scsi: qla2xxx: Move log messages before issuing command to firmware
6e087eae89df media: cec: remove cec-edid.c
851308450a8f media: cec/v4l2: move V4L2 specific CEC functions to V4L2
c09d675f294b drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"
3015291b2fb5 kernel/module: Fix mem leak in module_add_modinfo_attrs
9c49f7811f82 modules: always page-align module section allocations
84ba9ae18fbb remoteproc: qcom: q6v5: shore up resource probe handling
56944c0b9774 clk: s2mps11: Add used attribute to s2mps11_dt_match
480101a4aea2 nvme-fc: use separate work queue to avoid warning
5f147150b753 riscv: remove unused variable in ftrace
8d23872c7539 scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
6c550a5db18f arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64
573370113b24 media: stm32-dcmi: fix irq = 0 case
7f8b23600779 powerpc/64: mark start_here_multiplatform as __ref
85a24825b2e6 x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace()
b93aed78eb78 selftests: fib_rule_tests: use pre-defined DEV_ADDR
68829256e1f9 timekeeping: Use proper ktime_add when adding nsecs in coarse offset
1aa38eceb6c0 {nl,mac}80211: fix interface combinations on crypto controlled devices
178d1337a527 blk-iolatency: fix STS_AGAIN handling
5f33e81250a6 Blk-iolatency: warn on negative inflight IO counter
91a71a61da8c hv_sock: Fix hang when a connection is closed
86d5ae21d6b8 batman-adv: Only read OGM tvlv_len after buffer len check
4b5fee457723 batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
47a0f70d7d9a powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction
6e7040d65a71 vhost/test: fix build for vhost test - again
4f45483faadf vhost/test: fix build for vhost test
dcd22e14780a drm/vmwgfx: Fix double free in vmw_recv_msg()
38d38d1e0cc5 sched/fair: Don't assign runtime for throttled cfs_rq
044ab4715585 ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre
849f85bfdf12 ALSA: hda/realtek - Enable internal speaker & headset mic of ASUS UX431FL
a956998ac1c2 ALSA: hda/realtek - Add quirk for HP Pavilion 15
d11ca2d79334 ALSA: hda/realtek - Fix overridden device-specific initialization
2c4d2ce8b799 ALSA: hda - Fix potential endless loop at applying quirks
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb | 6 +++---
meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb | 8 ++++----
meta/recipes-kernel/linux/linux-yocto_4.19.bb | 20 ++++++++++----------
3 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb b/meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb
index 1edcd7e..32edb60 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_4.19.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "02f0c38dd20819c0e9d279e3b1e95280101ea8ab"
-SRCREV_meta ?= "a7cb57afb9fb9787079c28a1028d797632105e56"
+SRCREV_machine ?= "0e4a79e608e92830693e511a3dd282ce7c3b3f41"
+SRCREV_meta ?= "ad6f8b357720ca8167a090713b7746230cf4b314"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-4.19;destsuffix=${KMETA}"
-LINUX_VERSION ?= "4.19.72"
+LINUX_VERSION ?= "4.19.78"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb
index 446bce3..0682aef 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_4.19.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "4.19.72"
+LINUX_VERSION ?= "4.19.78"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "283b870cef5f79a6f07465828a51f27a6aed4c50"
-SRCREV_machine ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_meta ?= "a7cb57afb9fb9787079c28a1028d797632105e56"
+SRCREV_machine_qemuarm ?= "be50001808f00efee538c2a3e7c0a5a2a2df65da"
+SRCREV_machine ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_meta ?= "ad6f8b357720ca8167a090713b7746230cf4b314"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_4.19.bb b/meta/recipes-kernel/linux/linux-yocto_4.19.bb
index 96debc4..d8cb20f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_4.19.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_4.19.bb
@@ -11,22 +11,22 @@ KBRANCH_qemux86 ?= "v4.19/standard/base"
KBRANCH_qemux86-64 ?= "v4.19/standard/base"
KBRANCH_qemumips64 ?= "v4.19/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "b0be447bc9053d07f3438999778bd077679ae756"
-SRCREV_machine_qemuarm64 ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_machine_qemumips ?= "3c8b21d0a335b5f418682969448574dfd0011f02"
-SRCREV_machine_qemuppc ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_machine_qemux86 ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_machine_qemux86-64 ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_machine_qemumips64 ?= "2854797711fee4061fb760c2b6e0e3d3135195ab"
-SRCREV_machine ?= "2d7c98a6748a64ca36fd1d2e60c517b16326df61"
-SRCREV_meta ?= "a7cb57afb9fb9787079c28a1028d797632105e56"
+SRCREV_machine_qemuarm ?= "7fde51abcaf389193ce5d87ebfb8e8fb66a9271a"
+SRCREV_machine_qemuarm64 ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_machine_qemumips ?= "8ac68d42beb24b275ac0d2a54a0a2291970e5dde"
+SRCREV_machine_qemuppc ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_machine_qemux86 ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_machine_qemux86-64 ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_machine_qemumips64 ?= "ea2cb8731306f734bf0227575e04cafac7dfade0"
+SRCREV_machine ?= "a915fbeae8ed987402f69666d90bef15a01c5823"
+SRCREV_meta ?= "ad6f8b357720ca8167a090713b7746230cf4b314"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-4.19;destsuffix=${KMETA} \
"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "4.19.72"
+LINUX_VERSION ?= "4.19.78"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 22/31] linux-yocto/5.2: update to v5.2.20
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (20 preceding siblings ...)
2019-11-13 15:32 ` [zeus 21/31] linux-yocto/4.19: update to v4.19.78 Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 23/31] cve-check: failure to parse versions should be more visible Armin Kuster
` (8 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating linux-yocto/5.2 to the latest korg -stable release that comprises
the following commits:
56fd0c9f5473 Linux 5.2.20
6f375cee0394 vfs: set fs_context::user_ns for reconfigure
fbad63fcf7f8 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
23721140761c KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel
f6e1c74f5664 kexec: bail out upon SIGKILL when allocating memory.
a761ba725477 NFC: fix attrs checks in netlink interface
08519f370a57 dm raid: fix updating of max_discard_sectors limit
069a73c93447 smack: use GFP_NOFS while holding inode_smack::smk_lock
73cf33180fd5 Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set
e4875cfb207f soundwire: fix regmap dependencies and align with other serial links
455807823191 arm: use STACK_TOP when computing mmap base address
a7d44c89fb47 arm: properly account for stack randomization and stack guard gap
d474fced6704 mips: properly account for stack randomization and stack guard gap
5edc5cfcd1ce arm64: consider stack randomization for mmap base only when necessary
0499bb1b61cd kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
b71617b36dc6 ocfs2: wait for recovering done after direct unlock request
5f63ef732675 kbuild: clean compressed initramfs image
26235380e633 crypto: hisilicon - Fix double free in sec_free_hw_sgl()
ef1bb2f3c68c hypfs: Fix error number left in struct pointer member
86fa1c1b3ab1 pktcdvd: remove warning on attempting to register non-passthrough dev
30ef03cb2c46 fat: work around race with userspace's read via blockdev while mounting
049e9c72a671 ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address
68a14319be38 ARM: 8905/1: Emit __gnu_mcount_nc when using Clang 10.0.0 or newer
b10ee4270915 PCI: Use static const struct, not const static struct
88b4b5b7e2a8 security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb()
0728352751bb PCI: exynos: Propagate errors for optional PHYs
6eb7a0a0eb86 PCI: imx6: Propagate errors for optional regulators
130642ed27a6 PCI: histb: Propagate errors for optional regulators
dc35055b644f PCI: rockchip: Propagate errors for optional regulators
06f8fc7effb5 HID: apple: Fix stuck function keys when using FN
1c8c46bdfcde PCI: Add pci_info_ratelimited() to ratelimit PCI separately
400a250cc06f selinux: fix residual uses of current_security() for the SELinux blob
30f8969d6265 rtc: pcf85363/pcf85263: fix regmap error in set_time
1a5f22226ad0 rtc: snvs: fix possible race condition
6edfcbdc24be ARM: 8875/1: Kconfig: default to AEABI w/ Clang
5a58f0bf27ff soundwire: intel: fix channel number reported by hardware
175f4efcb12a ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes
cf4e9c2472ac mips/atomic: Fix smp_mb__{before,after}_atomic()
a7ef43bf9064 livepatch: Nullify obj->mod in klp_module_coming()'s error path
677540cb39e0 PCI: layerscape: Add the bar_fixed_64bit property to the endpoint driver
97c3d2a3dd8f PCI: pci-hyperv: Fix build errors on non-SYSFS config
57e4c0e0efce mips/atomic: Fix loongson_llsc_mb() wreckage
11daaf5c38f2 HID: wacom: Fix several minor compiler warnings
503aae8dcc18 PCI: tegra: Fix OF node reference leak
b0a68c638875 mfd: intel-lpss: Remove D3cold delay
b6cb1efe18cc i2c-cht-wc: Fix lockdep warning
d1d45f98a6e6 MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean
7bd355196324 MIPS: Don't use bc_false uninitialized in __mm_isBranchInstr
cac61f5b7d95 MIPS: Ingenic: Disable broken BTB lookup optimization.
b67fd3bfeec5 ext4: fix potential use after free after remounting with noblock_validity
ad849db7534b f2fs: fix to drop meta/node pages during umount
ce7adbbc06e3 dma-buf/sw_sync: Synchronize signal vs syncpt free
99a2037bec11 scsi: core: Reduce memory required for SCSI logging
cbd9a87fbdf9 clk: sprd: add missing kfree
4d5a7f001acc mbox: qcom: add APCS child device for QCS404
910d8b71530c powerpc: dump kernel log before carrying out fadump or kdump
04dddb1ca7ad clk: Make clk_bulk_get_all() return a valid "id"
b6185efcf241 clk: imx: clk-pll14xx: unbypass PLL by default
d54c3307cac1 clk: imx: pll14xx: avoid glitch when set rate
9b538d38aa92 clk: at91: select parent if main oscillator or bypass is enabled
39a3ff30b6ad arm64: fix unreachable code issue with cmpxchg
15786d677bbc mailbox: mediatek: cmdq: clear the event in cmdq initial flow
1496f3d15934 pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c
112f51caf1b6 powerpc/pseries: correctly track irq state in default idle
f87906966831 clk: qcom: gcc-sdm845: Use floor ops for sdcc clks
e5169c0043af powerpc/eeh: Clean up EEH PEs after recovery finishes
c25829e2e7de pstore: fs superblock limits
b32e4cc264c8 powerpc/64s/exception: machine check use correct cfar for late handler
f939cc03668f drm/amdgpu/si: fix ASIC tests
bfbc57ef3481 selftests/powerpc: Retry on host facility unavailable
73bffb99ddca drm/amd/display: support spdif
18184bd06a69 clk: renesas: cpg-mssr: Set GENPD_FLAG_ALWAYS_ON for clock domain
b4b220dfcd36 clk: renesas: mstp: Set GENPD_FLAG_ALWAYS_ON for clock domain
b5c5e7dfde66 pinctrl: amd: disable spurious-firing GPIO IRQs
b1a330db3cc3 drm/nouveau/volt: Fix for some cards having 0 maximum voltage
ecce6020a052 drm/nouveau/kms/tu102-: disable input lut when input is already FP16
6ad134a33083 vfio_pci: Restore original state on release
169edc8a1b8b powerpc/eeh: Clear stale EEH_DEV_NO_HANDLER flag
0b54040780ce pinctrl: tegra: Fix write barrier placement in pmx_writel
a16c6638d760 powerpc/perf: fix imc allocation failure handling
4ce5f278af62 powerpc/pseries/mobility: use cond_resched when updating device tree
714886254f3c powerpc/64s/radix: Fix memory hotplug section page table creation
de37ad13aca1 powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function
f2118bfd0259 powerpc/rtas: use device model APIs and serialization during LPM
26c32f58d8eb powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL
fa702b72cbf9 clk: zx296718: Don't reference clk_init_data after registration
5772dedde987 clk: sprd: Don't reference clk_init_data after registration
3c384b661818 clk: meson: axg-audio: Don't reference clk_init_data after registration
8e9a12894cc3 clk: sirf: Don't reference clk_init_data after registration
5a90971761cd clk: actions: Don't reference clk_init_data after registration
672ce7241a40 powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window
97641efe039e drm/amd/display: reprogram VM config when system resume
075ad48409c1 drm/amd/display: Fix frames_to_insert math
73de2baa5b3c drm/amd/display: fix issue where 252-255 values are clipped
98ecf758e63f clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks
60e5b94e4fe6 clk: qoriq: Fix -Wunused-const-variable
99340b4cad30 ipmi_si: Only schedule continuously in the thread in maintenance mode
dc8331fb5397 pinctrl: stmfx: update pinconf settings
49b23a7d976d PCI: rpaphp: Avoid a sometimes-uninitialized warning
d1deded18c3e clk: imx8mq: Mark AHB clock as critical
22acd1a64d95 gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property()
0cb2ddf9a3a0 drm/radeon: Fix EEH during kexec
a86a8e6ef256 drm/amdgpu: Fix hard hang for S/G display BOs.
d8847b4b3a24 drm/rockchip: Check for fast link training before enabling psr
d85e0b4ef1f2 drm/panel: check failure cases in the probe func
f85634c3ffd2 drm/stm: attach gem fence to atomic state
0b271676816a drm/tinydrm/Kconfig: drivers: Select BACKLIGHT_CLASS_DEVICE
21eee05ca2c8 video: ssd1307fb: Start page range at page_offset
b51bb2f57998 drm/amd/display: add monitor patch to add T7 delay
d7c8317943b5 drm/panel: simple: fix AUO g185han01 horizontal blanking
bdcef6cd4c94 drm/vkms: Avoid assigning 0 for possible_crtc
29079f2260ff drm/bridge: tc358767: Increase AUX transfer length limit
b66b85d54494 drm/vkms: Fix crc worker races
c036f925087e net: sched: taprio: Avoid division by zero on invalid link speed
411184eda7d0 net: sched: cbs: Avoid division by zero when calculating the port rate
90053e8de295 ptp_qoriq: Initialize the registers' spinlock before calling ptp_qoriq_settime
4437b0b5d236 xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
04e6fa02cc6e net/rds: Fix error handling in rds_ib_add_one()
d6870bbdacd6 udp: only do GSO if # of segs > 1
da0f508134bb tcp: adjust rto_base in retransmits_timed_out()
c5994847e736 net: dsa: rtl8366: Check VLAN ID and not ports
11432777d98b vsock: Fix a lockdep warning in __vsock_release()
fba0b06b5941 udp: fix gso_segs calculations
9af774bcc460 tipc: fix unlimited bundling of small messages
c01fc241d449 sch_dsmark: fix potential NULL deref in dsmark_init()
392053bb2328 sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
e752bb81ed39 rxrpc: Fix rxrpc_recvmsg tracepoint
7fc879a38f81 qmi_wwan: add support for Cinterion CLS8 devices
600c91857832 nfc: fix memory leak in llcp_sock_bind()
50b26ba8938f net: Unpublish sk from sk_reuseport_cb before call_rcu
4e71bbe0fdc8 net: sched: taprio: Fix potential integer overflow in taprio_set_picos_per_byte
a087259d42ba net: qlogic: Fix memory leak in ql_alloc_large_buffers
ff917e2d2c8d net: ipv4: avoid mixed n_redirects and rate_tokens usage
3e586883beb4 ipv6: Handle missing host route in __ipv6_ifa_notify
a0efe1cbadc4 ipv6: drop incoming packets having a v4mapped source address
93b1f9364559 hso: fix NULL-deref on tty open
7edcdec673dc erspan: remove the incorrect mtu limit for erspan
a203f2d6b4ea cxgb4:Fix out-of-bounds MSI-X info array access
076d9f965e56 Linux 5.2.19
8c4f7f403e79 platform/chrome: cros_ec_rpmsg: Fix race with host command when probe failed
d4ecc0a011cc mt76: mt7615: fix mt7615 firmware path definitions
7dcd2e608bd3 mt76: mt7615: always release sem in mt7615_load_patch
c959aebdc313 md/raid0: avoid RAID0 data corruption due to layout confusion.
cb2daf3e8cef drm/amd/display: Restore backlight brightness after system resume
5bd1ab51d4c7 CIFS: Fix oplock handling for SMB 2.1+ protocols
b90f653c964e CIFS: fix max ea value size
bc3a3e7c695c i2c: riic: Clear NACK in tend isr
ba86f3d55fc1 hwrng: core - don't wait on add_early_randomness()
fa0c86d48184 quota: fix wrong condition in is_quota_modification()
6c8042e92499 ext4: fix punch hole for inline_data file systems
7c7aff67e841 ext4: fix warning inside ext4_convert_unwritten_extents_endio
026f900e102a mtd: rawnand: stm32_fmc2: avoid warnings when building with W=1 option
afe3a71e655d ipmi: move message error checking to avoid deadlock
b0df636473e5 xfs: Fix stale data exposure when readahead races with hole punch
b56335c486f7 mm: Handle MADV_WILLNEED through vfs_fadvise()
a775ad97ce77 fs: Export generic_fadvise()
f811fce3971f /dev/mem: Bail out upon SIGKILL.
84a85e7ec32e cfg80211: Purge frame registrations on iftype change
d1e007a497f6 md: only call set_in_sync() when it is expected to succeed.
c4ab81dab3b0 md: don't report active array_state until after revalidate_disk() completes.
801070ab8ad5 md/raid6: Set R5_ReadError when there is read failure on parity disk
82dd0828253a ACPI / LPSS: Save/restore LPSS private registers also on Lynxpoint
ca1a7debf461 SUNRPC: Fix buffer handling of GSS MIC without slack
89c2c6f70602 SUNRPC: Dequeue the request from the receive queue while we're re-encoding
e5b682d7792f Btrfs: fix race setting up and completing qgroup rescan workers
8e2074d3c283 btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls
f2a4259af36d btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space
51bae3f5578c btrfs: adjust dirty_metadata_bytes after writeback failure of extent buffer
3c6b7c79fe96 btrfs: Relinquish CPUs in btrfs_compare_trees
620cde3fe214 Btrfs: fix use-after-free when using the tree modification log
db66429314dd btrfs: fix allocation of free space cache v1 bitmap pages
0a19609d9a2f ovl: filter of trusted xattr results in audit
ee080509c14e ovl: Fix dereferencing possible ERR_PTR()
e2a5e040a63b smb3: fix leak in "open on server" perf counter
79aeacfeebb5 smb3: allow disabling requesting leases
a98f553d2b78 block: fix null pointer dereference in blk_mq_rq_timed_out()
facb691f45d6 block: mq-deadline: Fix queue restart handling
ab3d89dbec88 i40e: check __I40E_VF_DISABLE bit in i40e_sync_filters_subtask
00cac3533335 ath10k: fix channel info parsing for non tlv target
7228bca11c14 rtw88: pci: Use DMA sync instead of remapping in RX ISR
80e456c82a5c rtw88: pci: Rearrange the memory usage for skb in RX ISR
a8e0442493bf KEYS: trusted: correctly initialize digests and fix locking issue
e1ff89ad3dde mt76: round up length on mt76_wr_copy
d08bb3463d8f lib/lzo/lzo1x_compress.c: fix alignment bug in lzo-rle
482859563c02 memcg, kmem: do not fail __GFP_NOFAIL charges
ef54420b0726 memcg, oom: don't require __GFP_FS when invoking memcg OOM killer
1cbbcacdcdf4 mm/compaction.c: clear total_{migrate,free}_scanned before scanning a new zone
5377b8767d64 z3fold: fix memory leak in kmem cache
ed99d2d1af39 z3fold: fix retry mechanism in page reclaim
9a6b2645aa75 gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps
9b4f0cba4476 efifb: BGRT: Improve efifb_bgrt_sanity_check
d6acb54716ff regulator: Defer init completion for a while after late_initcall
f11e0e8942f4 iommu/vt-d: Fix wrong analysis whether devices share the same bus
f683465f0564 alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP
5d67ad366f2b iommu/arm-smmu-v3: Disable detection of ATS and PRI
7fd38df794c2 arm64: dts: rockchip: limit clock rate of MMC controllers for RK3328
ef2fa63bbe95 arm64: tlb: Ensure we execute an ISB following walk cache invalidation
516d62914766 ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up
b9cbc0df92c3 ARM: samsung: Fix system restart on S3C6410
f1592b754350 ASoC: Intel: Fix use of potentially uninitialized variable
6c03deb9baf9 ASoC: Intel: Skylake: Use correct function to access iomem space
4ccbdceb2e2b ASoC: Intel: NHLT: Fix debug print format
89beb34d7533 binfmt_elf: Do not move brk for INTERP-less ET_EXEC
a24d7c499db0 spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
f0724e4dc181 spi: ep93xx: Repair SPI CS lookup tables
215019d6ef10 media: don't drop front-end reference count for ->detach
11f20198e922 media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table
682dbe2cb5e7 media: videobuf-core.c: poll_wait needs a non-NULL buf pointer
e1bbf7d2cd21 KVM: x86/mmu: Use fast invalidate mechanism to zap MMIO sptes
32076032e7db KVM: x86: Disable posted interrupts for non-standard IRQs delivery modes
fb817d533600 KVM: x86: Manually calculate reserved bits when loading PDPTRS
c5c761130003 KVM: x86: set ctxt->have_exception in x86_decode_insn()
8d1e0c157027 KVM: x86: always stop emulation on page fault
8e422d4af87d platform/x86: intel_int0002_vgpio: Fix wakeups not working on Cherry Trail
c1b3752b5f25 parisc: Disable HP HSC-PCI Cards to prevent kernel crash
3a1f5551534d fuse: fix beyond-end-of-page access in fuse_parse_cache()
99a21e616426 fuse: fix missing unlock_page in fuse_writepage()
831bd6ec1633 fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
843d38c96532 tpm: Wrap the buffer from the caller to tpm_buf in tpm_send()
d59609b135ac tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts
43e8e81e357c tpm_tis_core: Turn on the TPM before probing IRQ's
830afcbc9391 powerpc/imc: Dont create debugfs files for cpu-less nodes
c9321577cbc9 scsi: implement .cleanup_rq callback
2492d1d7f34a blk-mq: add callback of .cleanup_rq
22b97cad6d67 ALSA: hda/realtek - PCI quirk for Medion E4254
f0028c2bed93 rcu/tree: Fix SCHED_FIFO params
d567e81a20c0 ARM: dts: am3517-evm: Fix missing video
5f8095b682d6 randstruct: Check member structs in is_pure_ops_struct()
03d53cb8acb8 RDMA: Fix double-free in srq creation error flow
3d97d7d688e7 IB/hfi1: Do not update hcrc for a KDETH packet during fault injection
040fc3258d95 IB/hfi1: Define variables as unsigned long to fix KASAN warning
dcbb25d9400b IB/mlx5: Free mpi in mp_slave mode
44602a8a1406 printk: Do not lose last line in kmsg buffer dump
9dfb1ce6b615 scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag
a16791fccaf6 scsi: scsi_dh_rdac: zero cdb in send_mode_select()
6e8f051e504d ALSA: firewire-tascam: check intermediate state of clock status and retry
75c1a117e1f7 ALSA: firewire-tascam: handle error code when getting current source of clock
77567ebc4060 iwlwifi: fw: don't send GEO_TX_POWER_LIMIT command to FW version 36
9d9c01542848 ARM: omap2plus_defconfig: Fix missing video
3d226661238e ARM: dts: logicpd-torpedo-baseboard: Fix missing video
2e847a842b2b PM / devfreq: passive: fix compiler warning
8e16bddcc6bd media: omap3isp: Set device on omap3isp subdevs
d6595ad8ca5d kvm: Nested KVM MMUs need PAE root too
37099d7a3e66 btrfs: Detect unbalanced tree with empty leaf before crashing btree operations
3d95c52d789c btrfs: tree-checker: Add ROOT_ITEM check
9ae8394e41d7 btrfs: extent-tree: Make sure we only allocate extents from block groups with the same type
7ee67b37a0bf btrfs: delayed-inode: Kill the BUG_ON() in btrfs_delete_delayed_dir_index()
9e6431c0f2e4 zd1211rw: remove false assertion from zd_mac_clear()
8e9a39559b73 iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems
d6dfca753d7a ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93
798b010be17b drm: fix module name in edid_firmware log message
dae45bd9b873 media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
06752109ced1 drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)
33e91a59bf81 ALSA: hda - Drop unsol event handler for Intel HDMI codecs
5397eb1a1fb0 ALSA: hda - Add a quirk model for fixing Huawei Matebook X right speaker
354098b7045d e1000e: add workaround for possible stalled packet
27a2b39359f8 libertas: Add missing sentinel at end of if_usb.c fw_table
9eff1ebe2c90 mmc: mtk-sd: Re-store SDIO IRQs mask at system resume
c5f89ff633d2 raid5: don't increment read_errors on EILSEQ return
7cb4bc790e12 mmc: dw_mmc: Re-store SDIO IRQs mask at system resume
6d9a663aca54 mmc: core: Add helper function to indicate if SDIO IRQs is enabled
d32263d8b9b5 mmc: sdhci: Fix incorrect switch to HS mode
de6fea9fcf1e sched/psi: Correct overly pessimistic size calculation
106af0369442 mmc: core: Clarify sdio_irq_pending flag for MMC_CAP2_SDIO_IRQ_NOTHREAD
f9762c19d883 raid5: don't set STRIPE_HANDLE to stripe which is in batch list
d54de8cfa4a1 block: make rq sector size accessible for block stats
6c7b70e220d5 io_uring: fix wrong sequence setting logic
38b24f688d64 ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
a7963f92406d platform/x86: intel_pmc_core: Do not ioremap RAM
c7e971d4f027 x86/cpu: Add Tiger Lake to Intel family
6e2056c4424c irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices
74a94a7e0a01 s390/crypto: xts-aes-s390 fix extra run-time crypto self tests finding
cf8360a5be18 irqchip/sifive-plic: set max threshold for ignored handlers
1f57c45eaab5 x86/mm: Fix cpumask_of_node() error condition
daecd8d05e3d kprobes: Prohibit probing on BUG() and WARN() address
6265d3c8b96b dmaengine: ti: edma: Do not reset reserved paRAM slots
18a00f37f418 md/raid1: fail run raid1 array when active disk less than one
b92d8e39fa70 hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
d57d9213d8b8 hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs
94a379db627a closures: fix a race on wakeup from closure_sync
4b88669aa2f8 ACPI / PCI: fix acpi_pci_irq_enable() memory leak
70424999fbf1 ACPI: custom_method: fix memory leaks
997c08a49443 x86/amd_nb: Add PCI device IDs for family 17h, model 70h
91180767bba9 ARM: dts: exynos: Mark LDO10 as always-on on Peach Pit/Pi Chromebooks
a6ff82b2cb60 libtraceevent: Change users plugin directory
4509537c378a iommu/iova: Avoid false sharing on fq_timer_on
b20a5ef80779 libata/ahci: Drop PCS quirk for Denverton and beyond
aecef5f0a4fd ASoC: Intel: Haswell: Adjust machine device private context
a9c3dacf2939 iommu/amd: Silence warnings under memory pressure
4d3f9cdc0f3e ALSA: firewire-motu: add support for MOTU 4pre
311abc6a314c nvme-multipath: fix ana log nsid lookup when nsid is not found
3c971d5dc374 nvmet: fix data units read and written counters in SMART log
07e66eb2a8c0 x86/mm/pti: Handle unaligned address gracefully in pti_clone_pagetable()
6198f3954f15 ASoC: fsl_ssi: Fix clock control issue in master mode
c9e116d055f9 x86/mm/pti: Do not invoke PTI functions when PTI is disabled
6e46d1f16473 perf evlist: Use unshare(CLONE_FS) in sb threads to let setns(CLONE_NEWNS) work
b70a9f2ab2fa arm64: kpti: ensure patched kernel text is fetched from PoU
9093a2e343f2 x86/apic/vector: Warn when vector space exhaustion breaks affinity
12dae85048f1 sched/cpufreq: Align trace event behavior of fast switching
92402bba4f32 ACPI / CPPC: do not require the _PSD method
51f464d8bce7 ASoC: es8316: fix headphone mixer volume table
57869649b230 leds: lm3532: Fixes for the driver for stability
ee3251c9e71f media: ov9650: add a sanity check
826a67380c4a media: aspeed-video: address a protential usage of an unitialized var
c10ea8447736 perf script: Fix memory leaks in list_scripts()
8d70572f69cc perf report: Fix --ns time sort key output
fffe93c89d8b perf trace beauty ioctl: Fix off-by-one error in cmd->string table
723809bb6d16 media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
1c6a694568db media: cpia2_usb: fix memory leaks
ecc548676360 media: saa7146: add cleanup in hexium_attach()
730e14891202 media: cec-notifier: clear cec_adap in cec_notifier_unregister
b74f2a4c0af2 PM / devfreq: exynos-bus: Correct clock enable sequence
61496a6956d5 PM / devfreq: passive: Use non-devm notifiers
6cf8764ed327 ARM: OMAP2+: move platform-specific asm-offset.h to arch/arm/mach-omap2
7f6346e814ec PM / devfreq: Fix kernel oops on governor module load
0ac4a7a4562b soc: renesas: Enable ARM_ERRATA_754322 for affected Cortex-A9
841ee26cb0eb soc: renesas: rmobile-sysc: Set GENPD_FLAG_ALWAYS_ON for always-on domain
c5a678041db9 ARM: at91: move platform-specific asm-offset.h to arch/arm/mach-at91
45a550e54f0c EDAC/amd64: Decode syndrome before translating address
71e85351f2d3 EDAC/amd64: Recognize DRAM device type ECC capability
e4739ed9e9f4 libperf: Fix alignment trap with xyarray contents in 'perf stat'
28e3cfd1c820 EDAC/amd64: Support more than two controllers for chip selects handling
8c17f6f5d0d6 media: dvb-core: fix a memory leak bug
de23b986dd21 posix-cpu-timers: Sanitize bogus WARNONS
3df4944a75a3 media: dvb-frontends: use ida for pll number
328d309f578d media: mceusb: fix (eliminate) TX IR signal length limit
14944c1cdf66 s390/kasan: provide uninstrumented __strlen
ad856c85132c arm64: entry: Move ct_user_exit before any other exception
919bb091f3bb ACPI / APEI: Release resources if gen_pool_add() fails
8e8821e51180 nbd: add missing config put
cb00bdfdf4a1 ASoC: mchp-i2s-mcc: Fix unprepare of GCLK
fd3a27888511 led: triggers: Fix a memory leak bug
78a5d7570357 ASoC: mchp-i2s-mcc: Wait for RX/TX RDY only if controller is running
cf37fc6525e6 ASoC: sun4i-i2s: Don't use the oversample to calculate BCLK
cfc27d524fe8 tools headers: Fixup bitsperlong per arch includes
0de9cb3ccaf4 powerpc/Makefile: Always pass --synthetic to nm if supported
b72464b49572 ASoC: uniphier: Fix double reset assersion when transitioning to suspend state
a6856ba2704a media: hdpvr: add terminating 0 at end of string
ea9b3fba2de5 media: radio/si470x: kill urb on error
abec08cc8afd x86/platform/intel/iosf_mbi Rewrite locking
5ac00c9194ae ARM: dts: imx7-colibri: disable HS400
d89e114b2f42 ARM: dts: imx7d: cl-som-imx7: make ethernet work again
a510a16fee76 m68k: Prevent some compiler warnings in Coldfire builds
751ac20a3913 net: lpc-enet: fix printk format strings
c3e1334bc47a kasan/arm64: fix CONFIG_KASAN_SW_TAGS && KASAN_INLINE
3c88b089e592 media: imx: mipi csi-2: Don't fail if initial state times-out
cab41bda0849 media: omap3isp: Don't set streaming state on random subdevs
ebe068d7bb79 media: i2c: ov5645: Fix power sequence
3993c8429927 media: vsp1: fix memory leak of dl on error return path
91faaa0e282f perf record: Support aarch64 random socket_id assignment
b8179cfaf017 ARM: xscale: fix multi-cpu compilation
cb2d2b999afe dmaengine: iop-adma: use correct printk format strings
50ab41d72d35 media: rc: imon: Allow iMON RC protocol for ffdc 7e device
b251e979c979 perf unwind: Fix libunwind when tid != pid
2bc1f53cc46a arm64/efi: Move variable assignments after SECTIONS
c0282736b94f media: em28xx: modules workqueue not inited for 2nd device
de122406a437 media: fdp1: Reduce FCP not found message level to debug
b18c1c75b90a media: i2c: tda1997x: prevent potential NULL pointer access
f5d115ba1687 media: mtk-mdp: fix reference count on old device tree
6156280768c3 perf test vfs_getname: Disable ~/.perfconfig to get default output
a056ef7090e2 perf config: Honour $PERF_CONFIG env var to specify alternate .perfconfig
b134b502d3b6 media: gspca: zero usb_buf on error
5e1feedf563e blk-mq: Fix memory leak in blk_mq_init_allocated_queue error handling
503ac6efb245 idle: Prevent late-arriving interrupts from disrupting offline
b2ee96a78c9a sched/fair: Use rq_lock/unlock in online_fair_sched_group
fc31f1c241b0 firmware: arm_scmi: Check if platform has released shmem before using
a1a19299a6a5 efi: cper: print AER info of PCIe fatal error
30ff832e9a23 EDAC, pnd2: Fix ioremap() size in dnv_rd_reg()
cdfe5e064210 perf tools: Fix paths in include statements
43894a0475c6 loop: Add LOOP_SET_DIRECT_IO to compat ioctl
bb07be974180 ACPI / processor: don't print errors for processorIDs == 0xff
fd8bd7dfb04f ASoC: hdac_hda: fix page fault issue by removing race
338c95ab2187 RAS: Build debugfs.o only when enabled in Kconfig
ff45dc5d103f media: media/platform: fsl-viu.c: fix build for MICROBLAZE
c0053b3c6142 md: don't set In_sync if array is frozen
274971880ff9 md: don't call spare_active in md_reap_sync_thread if all member devices can't work
a1f4fcb88098 md/raid1: end bio when the device faulty
998d765255aa arm64/prefetch: fix a -Wtype-limits warning
912d58f959f1 ASoC: rsnd: don't call clk_get_rate() under atomic context
5da3a9eb8159 EDAC/altera: Use the proper type for the IRQ status bits
873aa4af4fdd ia64:unwind: fix double free for mod->arch.init_unw_table
e89c79710aed ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid
42c6b180a7bf base: soc: Export soc_device_register/unregister APIs
383466793900 soc: amlogic: meson-clk-measure: protect measure with a mutex
55b520f85a97 arm64: mm: free the initrd reserved memblock in a aligned manner
bfae8c471054 cpuidle: teo: Allow tick to be stopped if PM QoS is used
c02ec6220cf3 media: iguanair: add sanity checks
db934a6df6d9 EDAC/mc: Fix grain_bits calculation
7b1c5aa61d98 ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls()
0294075e5872 ALSA: hda - Show the fatal CORB/RIRB error more clearly
9107c9b7bcce x86/apic: Soft disable APIC before initializing it
be86447601cb rcu/tree: Call setschedule() gp ktread to SCHED_FIFO outside of atomic region
cc41123523d1 x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails
2965c2e1ec69 sched/deadline: Fix bandwidth accounting at all levels after offline migration
6c4121115c87 x86/apic: Make apic_pending_intr_clear() more robust
e75ff42011f1 sched/core: Fix CPU controller for !RT_GROUP_SCHED
a02f3db8994e sched/fair: Fix imbalance due to CPU affinity
2af6db20ceae time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint
5db042229a8c media: i2c: ov5640: Check for devm_gpiod_get_optional() error
7c36a65b2ea1 media: hdpvr: Add device num check and handling
988a38ff1cf0 media: vivid: work around high stack usage with clang
615883ae490f media: vb2: reorder checks in vb2_poll()
4610656c129e media: vivid:add sanity check to avoid divide error and set value to 1 if 0.
7fe87b686cb9 media: exynos4-is: fix leaked of_node references
1a53850754a9 ASoC: SOF: pci: mark last_busy value at runtime PM init
f76aa9d803b6 media: mtk-cir: lower de-glitch counter for rc-mm protocol
5efaf000347a media: dib0700: fix link error for dibx000_i2c_set_speed
8d68efb7e270 leds: leds-lp5562 allow firmware files up to the maximum length
3dee582e6190 dmaengine: bcm2835: Print error in case setting DMA mask fails
5d6d34ade679 firmware: qcom_scm: Use proper types for dma mappings
8e81af05436c ASoC: sgtl5000: Fix charge pump source assignment
57868b5cbc50 ASoC: sgtl5000: Fix of unmute outputs on probe
27879a37f7ad ASoC: tlv320aic31xx: suppress error message for EPROBE_DEFER
dae532b1a1cc spi: dw-mmio: Clock should be shut when error occurs
e534295b4c17 regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg
8c3a9421b2ef cpufreq: ap806: Add NULL check after kcalloc
4defe8b0f2f5 ASoC: SOF: Intel: hda: Make hdac_device device-managed
6646813ee81d ALSA: hda: Flush interrupts on disabling
a269a7a7632b nfc: enforce CAP_NET_RAW for raw sockets
f91ee5bc2100 ieee802154: enforce CAP_NET_RAW for raw sockets
faf60340e231 ax25: enforce CAP_NET_RAW for raw sockets
ef03ebc40bc8 appletalk: enforce CAP_NET_RAW for raw sockets
1ca53dc648e8 mISDN: enforce CAP_NET_RAW for raw sockets
df20d3ce66c5 net/mlx5: Add device ID of upcoming BlueField-2
38be58c880d9 tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
4378493fed94 net: sched: fix possible crash in tcf_action_destroy()
5f39dd75e078 net/mlx5e: Fix traffic duplication in ethtool steering
6386577b2927 vrf: Do not attempt to create IPv6 mcast rule if IPv6 is disabled
229b983d5221 net_sched: add policy validation for action attributes
629815b9e1eb ipv4: Revert removal of rt_uses_gateway
d5f1d310bb2b net/sched: cbs: Fix not adding cbs instance to list
4bbf97f6c114 net: phy: micrel: add Asym Pause workaround for KSZ9021
3ef1d54a72ca usbnet: sanity checking of packet sizes and device mtu
b5e57553acde usbnet: ignore endpoints with invalid wMaxPacketSize
35ad2e82044d tcp_bbr: fix quantization code to not raise cwnd if not probing bandwidth
afc7190e3847 skge: fix checksum byte order
0102608d70f0 selftests: Update fib_tests to handle missing ping6
da0d6e47c20d sch_netem: fix a divide by zero in tabledist()
9f64c6630929 ppp: Fix memory leak in ppp_write
bd1df844b1f9 openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
b86bd41b767a nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
9561c1351232 nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
ba5f359f2be0 net_sched: add max len check for TCA_KIND
19bd1045958b net/sched: act_sample: don't push mac header on ip6gre ingress
ee8c5c7a6f9a net: qrtr: Stop rx_worker before freeing node
6ee46a2b68fc net/phy: fix DP83865 10 Mbps HDX loopback disable function
d879091836db macsec: drop skb sk before calling gro_cells_receive
d37c96675204 ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule
98f1a3a21500 cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
890984f31888 arcnet: provide a buffer big enough to actually receive packets
0a9d6a58b4ac Linux 5.2.18
c704eb3aaffa f2fs: use generic EFSBADCRC/EFSCORRUPTED
673d1167b40e net/rds: Check laddr_check before calling it
fc5b59770306 net/rds: An rds_sock is added too early to the hash table
719532b9b832 net_sched: check cops->tcf_block in tc_bind_tclass()
bd740eacb1d2 Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices
f63432cd1bb2 netfilter: nft_socket: fix erroneous socket assignment
a2a3638f3e6f xfrm: policy: avoid warning splat when merging nodes
b442b6d3742b xfs: don't crash on null attr fork xfs_bmapi_read
baa3902119f5 drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling
452b129e4876 ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35
62b72c1f7ba5 Bluetooth: btrtl: HCI reset on close for Realtek BT chip
f6983a936fbf net: don't warn in inet diag when IPV6 is disabled
955b7a09bf57 drm/dp: Add DP_DPCD_QUIRK_NO_SINK_COUNT
a7734a035acf drm: Flush output polling on shutdown
453bcdd2432b f2fs: fix to do sanity check on segment bitmap of LFS curseg
d331d4b99fb6 net/ibmvnic: Fix missing { in __ibmvnic_reset
8defaa56897e dm zoned: fix invalid memory access
bca9bfa41e3f Revert "f2fs: avoid out-of-range memory access"
47af17950b03 objtool: Clobber user CFLAGS variable
0f5df0b76e4f platform/x86: i2c-multi-instantiate: Derive the device name from parent
811fc53c37be ALSA: hda - Apply AMD controller workaround for Raven platform
b5215e9269c7 ALSA: hda - Add laptop imic fixup for ASUS M9V laptop
d51c3b844afb ALSA: dice: fix wrong packet parameter for Alesis iO26
bf4d30e9950e ALSA: usb-audio: Add DSD support for EVGA NU Audio
284a30488891 ALSA: usb-audio: Add Hiby device family to quirks for native DSD support
d17860e1e894 Revert "mm/z3fold.c: fix race between migration and destruction"
2de3de21bc8a Revert "HID: logitech-hidpp: add USB PID for a few more supported mice"
807370d02413 clk: imx: imx8mm: fix audio pll setting
bdbf837b89a9 crypto: talitos - fix missing break in switch statement
a1e67dae1599 mtd: cfi_cmdset_0002: Use chip_good() to retry in do_write_oneword()
6c6d88dc737a HID: Add quirk for HP X500 PIXART OEM mouse
af5676bf7d89 HID: hidraw: Fix invalid read in hidraw_ioctl
8d88e0d1b3e6 HID: logitech-dj: Fix crash when initial logi_dj_recv_query_paired_devices fails
55c2b2ac2706 HID: logitech: Fix general protection fault caused by Logitech driver
a069e96b5280 HID: sony: Fix memory corruption issue on cleanup.
5f2ba05924ca HID: prodikeys: Fix general protection fault during probe
df3cc96b2049 Revert "net: hns: fix LED configuration for marvell phy"
3349449ae730 drm/amd/display: readd -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines
be3b5f44206e powerpc/xive: Fix bogus error code returned by OPAL
606f7f9fc442 drm/amd/display: Don't replace the dc_state for fast updates
0365d15f565a drm/amd/display: Skip determining update type for async updates
891eae79f7a5 drm/amd/display: Allow cursor async updates for framebuffer swaps
f6faeecb3659 net/ibmvnic: free reset work of removed device from queue
cdc112b9cb64 phy: qcom-qmp: Correct ready status, again
b08d7b36f11d phy: qcom-qmp: Raise qcom_qmp_phy_enable() polling delay
3da810f95b86 smb3: fix unmount hang in open_shroot
e6d6a001ed5a Revert "Bluetooth: validate BLE connection interval updates"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb | 6 +++---
meta/recipes-kernel/linux/linux-yocto-tiny_5.2.bb | 8 ++++----
meta/recipes-kernel/linux/linux-yocto_5.2.bb | 22 +++++++++++-----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb
index e3fe544..423331e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.2.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "0a9f6ee2443b54c614107728ca76485916010023"
-SRCREV_meta ?= "b867b78b5019ae455af97dec7794cff7527d7624"
+SRCREV_machine ?= "55e3ee387b073d8d609e8899859561340d8b6911"
+SRCREV_meta ?= "bd0762cd138f1624b5a5f8669cfa3ac2b71cb87b"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.2;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.2.17"
+LINUX_VERSION ?= "5.2.20"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.2.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.2.bb
index f3f5468..f7239d0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.2.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.2.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.2.17"
+LINUX_VERSION ?= "5.2.20"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "aaa66d462ec17345dadd69b1ec0f3fcc83e82536"
-SRCREV_machine ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_meta ?= "b867b78b5019ae455af97dec7794cff7527d7624"
+SRCREV_machine_qemuarm ?= "501d680535903acc00808c36f2cc07f2dc725adc"
+SRCREV_machine ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_meta ?= "bd0762cd138f1624b5a5f8669cfa3ac2b71cb87b"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.2.bb b/meta/recipes-kernel/linux/linux-yocto_5.2.bb
index 1a2c3ff..8f75f67 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.2.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.2.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.2/standard/base"
KBRANCH_qemux86-64 ?= "v5.2/standard/base"
KBRANCH_qemumips64 ?= "v5.2/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "47b80ef7bd932830f299ed76e2302df631ae4fbe"
-SRCREV_machine_qemuarm64 ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_machine_qemumips ?= "45ff64cb3f87c38db6f46353ea93005d049b0cf6"
-SRCREV_machine_qemuppc ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_machine_qemuriscv64 ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_machine_qemux86 ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_machine_qemux86-64 ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_machine_qemumips64 ?= "ea0fd387a459803ac60e9b8a1729f2fc7d3215f1"
-SRCREV_machine ?= "255a750d28cd45df8923c3aba1e82c322757a50d"
-SRCREV_meta ?= "b867b78b5019ae455af97dec7794cff7527d7624"
+SRCREV_machine_qemuarm ?= "fcbe51dfa0a763a07e4cd66204d6c0ba054663ce"
+SRCREV_machine_qemuarm64 ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_machine_qemumips ?= "9cad7bb8bcd3686f580a3363847ee9c9e86928b1"
+SRCREV_machine_qemuppc ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_machine_qemuriscv64 ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_machine_qemux86 ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_machine_qemux86-64 ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_machine_qemumips64 ?= "dc2be1a546e937374590ce3858b717489ded2c21"
+SRCREV_machine ?= "dd25a04fc5e2e4549fc9b86157a01e0c72b53b03"
+SRCREV_meta ?= "bd0762cd138f1624b5a5f8669cfa3ac2b71cb87b"
# remap qemuarm to qemuarma15 for the 5.2 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.2;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.2.17"
+LINUX_VERSION ?= "5.2.20"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 23/31] cve-check: failure to parse versions should be more visible
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (21 preceding siblings ...)
2019-11-13 15:32 ` [zeus 22/31] linux-yocto/5.2: update to v5.2.20 Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 24/31] selftest: skip virgl test on centos 7 entirely Armin Kuster
` (7 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/classes/cve-check.bbclass | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index f87bcc9..1c8b222 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -222,7 +222,7 @@ def check_cves(d, patched_cves):
to_append_start = (operator_start == '>=' and LooseVersion(pv) >= LooseVersion(version_start))
to_append_start |= (operator_start == '>' and LooseVersion(pv) > LooseVersion(version_start))
except:
- bb.note("%s: Failed to compare %s %s %s for %s" %
+ bb.warn("%s: Failed to compare %s %s %s for %s" %
(product, pv, operator_start, version_start, cve))
to_append_start = False
else:
@@ -233,7 +233,7 @@ def check_cves(d, patched_cves):
to_append_end = (operator_end == '<=' and LooseVersion(pv) <= LooseVersion(version_end))
to_append_end |= (operator_end == '<' and LooseVersion(pv) < LooseVersion(version_end))
except:
- bb.note("%s: Failed to compare %s %s %s for %s" %
+ bb.warn("%s: Failed to compare %s %s %s for %s" %
(product, pv, operator_end, version_end, cve))
to_append_end = False
else:
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 24/31] selftest: skip virgl test on centos 7 entirely
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (22 preceding siblings ...)
2019-11-13 15:32 ` [zeus 23/31] cve-check: failure to parse versions should be more visible Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 25/31] recipeutils-test: use a small dependency in the dummy recipe Armin Kuster
` (6 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
With the sdl frontend, qemu isn't able to even boot fully,
so let's skip the test early.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-selftest/lib/oeqa/runtime/cases/virgl.py | 5 -----
meta/lib/oeqa/selftest/cases/runtime_test.py | 2 ++
2 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/meta-selftest/lib/oeqa/runtime/cases/virgl.py b/meta-selftest/lib/oeqa/runtime/cases/virgl.py
index d301a19..c0abfd1 100644
--- a/meta-selftest/lib/oeqa/runtime/cases/virgl.py
+++ b/meta-selftest/lib/oeqa/runtime/cases/virgl.py
@@ -13,11 +13,6 @@ class VirglTest(OERuntimeTestCase):
@OETestDepends(['virgl.VirglTest.test_kernel_driver'])
def test_kmscube(self):
-
- distro = oe.lsb.distro_identifier()
- if distro and distro == 'centos-7':
- self.skipTest('kmscube is not working when centos 7 is the host OS')
-
status, output = self.target.run('kmscube', timeout=30)
self.assertEqual(status, 0, "kmscube exited with non-zero status %d and output:\n%s" %(status, output))
self.assertIn('renderer: "virgl"', output, "kmscube does not seem to use virgl:\n%s" %(output))
diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index 3f212bd..7d3922c 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -179,6 +179,8 @@ class TestImage(OESelftestTestCase):
distro = oe.lsb.distro_identifier()
if distro and distro == 'debian-8':
self.skipTest('virgl isn\'t working with Debian 8')
+ if distro and distro == 'centos-7':
+ self.skipTest('virgl isn\'t working with Centos 7')
qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native')
features = 'INHERIT += "testimage"\n'
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 25/31] recipeutils-test: use a small dependency in the dummy recipe
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (23 preceding siblings ...)
2019-11-13 15:32 ` [zeus 24/31] selftest: skip virgl test on centos 7 entirely Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 26/31] patch: the CVE-2019-13638 fix also handles CVE-2018-20969 Armin Kuster
` (5 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
recipeutils-test has virtual/libx11 as a DEPENDS, but this will cause errors if
the recipe is built in an environment without x11 in DISTRO_FEATURES.
This dependency isn't actually used for anything so we could remove it, but to
save updating the test cases too just swap virtual/libx11 for zlib.
[ YOCTO #13611 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb b/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb
index 7c20d9a..0cd0494 100644
--- a/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb
+++ b/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb
@@ -4,7 +4,7 @@ require recipeutils-test.inc
LICENSE = "Proprietary"
LIC_FILES_CHKSUM = "file://${WORKDIR}/somefile;md5=d41d8cd98f00b204e9800998ecf8427e"
-DEPENDS += "virtual/libx11"
+DEPENDS += "zlib"
BBCLASSEXTEND = "native nativesdk"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 26/31] patch: the CVE-2019-13638 fix also handles CVE-2018-20969
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (24 preceding siblings ...)
2019-11-13 15:32 ` [zeus 25/31] recipeutils-test: use a small dependency in the dummy recipe Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 27/31] linux-firmware: update packaging for brcm files Armin Kuster
` (4 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
index f60dfe8..d13d419 100644
--- a/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
+++ b/meta/recipes-devtools/patch/patch/0001-Invoke-ed-directly-instead-of-using-the-shell.patch
@@ -6,8 +6,8 @@ Subject: [PATCH] Invoke ed directly instead of using the shell
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
-CVE: CVE-2019-13638
-Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
+CVE: CVE-2019-13638 CVE-2018-20969
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0]
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
---
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 27/31] linux-firmware: update packaging for brcm files
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (25 preceding siblings ...)
2019-11-13 15:32 ` [zeus 26/31] patch: the CVE-2019-13638 fix also handles CVE-2018-20969 Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 28/31] rm_work: Promote do_image_qa stamps to setscene versions Armin Kuster
` (3 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Samuli Piippo <samuli.piippo@qt.io>
Add new package for bcm4366c and include available NVRAM config files
into the corrent bcm* packages.
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../linux-firmware/linux-firmware_20190815.bb | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20190815.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20190815.bb
index 5186388..d83000b 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20190815.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20190815.bb
@@ -273,6 +273,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
${PN}-bcm4358 \
${PN}-bcm43602 \
${PN}-bcm4366b \
+ ${PN}-bcm4366c \
${PN}-bcm4371 \
${PN}-bcm4373 \
${PN}-bcm43xx \
@@ -571,7 +572,7 @@ FILES_${PN}-bcm43xx-hdr = "${nonarch_base_libdir}/firmware/brcm/bcm43xx_hdr-0.fw
FILES_${PN}-bcm4329-fullmac = "${nonarch_base_libdir}/firmware/brcm/bcm4329-fullmac-4.bin"
FILES_${PN}-bcm43236b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43236b.bin"
FILES_${PN}-bcm4329 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4329-sdio.bin"
-FILES_${PN}-bcm4330 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4330-sdio.bin"
+FILES_${PN}-bcm4330 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4330-sdio.*"
FILES_${PN}-bcm4334 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4334-sdio.bin"
FILES_${PN}-bcm4335 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4335-sdio.bin"
FILES_${PN}-bcm4339 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4339-sdio.bin"
@@ -582,8 +583,8 @@ FILES_${PN}-bcm43242a = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43242a.bin
FILES_${PN}-bcm43143 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43143.bin \
${nonarch_base_libdir}/firmware/brcm/brcmfmac43143-sdio.bin \
"
-FILES_${PN}-bcm43430a0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430a0-sdio.bin"
-FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.bin"
+FILES_${PN}-bcm43430a0 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430a0-sdio.*"
+FILES_${PN}-bcm43455 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43455-sdio.*"
FILES_${PN}-bcm4350c2 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350c2-pcie.bin"
FILES_${PN}-bcm4350 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4350-pcie.bin"
FILES_${PN}-bcm4356 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-sdio.bin"
@@ -594,6 +595,7 @@ FILES_${PN}-bcm43602 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.
${nonarch_base_libdir}/firmware/brcm/brcmfmac43602-pcie.ap.bin \
"
FILES_${PN}-bcm4366b = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366b-pcie.bin"
+FILES_${PN}-bcm4366c = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4366c-pcie.bin"
FILES_${PN}-bcm4371 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4371-pcie.bin"
# for i in `grep brcm WHENCE | grep ^File | sed 's/File: brcm.//g'`; do pkg=`echo $i | sed 's/-[sp40].*//g; s/\.bin//g; s/brcmfmac/bcm/g; s/_hdr/-hdr/g; s/BCM/bcm-0bb4-0306/g'`; echo -e "LICENSE_\${PN}-$pkg = \"Firmware-broadcom_bcm43xx\"\nRDEPENDS_\${PN}-$pkg += \"\${PN}-broadcom-license\""; done
@@ -647,6 +649,8 @@ LICENSE_${PN}-bcm43602 = "Firmware-broadcom_bcm43xx"
RDEPENDS_${PN}-bcm43602 += "${PN}-broadcom-license"
LICENSE_${PN}-bcm4366b = "Firmware-broadcom_bcm43xx"
RDEPENDS_${PN}-bcm4366b += "${PN}-broadcom-license"
+LICENSE_${PN}-bcm4366c = "Firmware-broadcom_bcm43xx"
+RDEPENDS_${PN}-bcm4366c += "${PN}-broadcom-license"
LICENSE_${PN}-bcm4371 = "Firmware-broadcom_bcm43xx"
RDEPENDS_${PN}-bcm4371 += "${PN}-broadcom-license"
@@ -656,11 +660,11 @@ LICENSE_${PN}-cypress-license = "Firmware-cypress"
FILES_${PN}-cypress-license = "${nonarch_base_libdir}/firmware/LICENCE.cypress"
FILES_${PN}-bcm-0bb4-0306 = "${nonarch_base_libdir}/firmware/brcm/BCM-0bb4-0306.hcd"
-FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.bin"
-FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.bin"
-FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.bin"
+FILES_${PN}-bcm43340 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43340-sdio.*"
+FILES_${PN}-bcm43362 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43362-sdio.*"
+FILES_${PN}-bcm43430 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac43430-sdio.*"
FILES_${PN}-bcm4354 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4354-sdio.bin"
-FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.bin"
+FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pcie.*"
FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \
${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \
"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 28/31] rm_work: Promote do_image_qa stamps to setscene versions
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (26 preceding siblings ...)
2019-11-13 15:32 ` [zeus 27/31] linux-firmware: update packaging for brcm files Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 29/31] libtirpc: create the symbol link for rpc header files Armin Kuster
` (2 subsequent siblings)
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Jacob Kroon <jacob.kroon@gmail.com>
[ YOCTO #13212 ]
Suggested-by: Romuald Jeanne <romuald.jeanne@st.com>
Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/classes/rm_work.bbclass | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/meta/classes/rm_work.bbclass b/meta/classes/rm_work.bbclass
index a6bd3f7..0bbc450 100644
--- a/meta/classes/rm_work.bbclass
+++ b/meta/classes/rm_work.bbclass
@@ -64,6 +64,15 @@ do_rm_work () {
mv $i `echo $i | sed -e "s#do_image_complete#do_image_complete_setscene#"`
i=dummy
;;
+ *do_image_qa_setscene*)
+ # Ensure we don't 'stack' setscene extensions to this stamp with the section below
+ i=dummy
+ ;;
+ *do_image_qa*)
+ # Promote do_image_qa stamps to setscene versions (ahead of *do_image* below)
+ mv $i `echo $i | sed -e "s#do_image_qa#do_image_qa_setscene#"`
+ i=dummy
+ ;;
*do_package_write*|*do_rootfs*|*do_image*|*do_bootimg*|*do_write_qemuboot_conf*|*do_build*)
i=dummy
;;
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 29/31] libtirpc: create the symbol link for rpc header files
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (27 preceding siblings ...)
2019-11-13 15:32 ` [zeus 28/31] rm_work: Promote do_image_qa stamps to setscene versions Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 30/31] initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possible Armin Kuster
2019-11-13 15:32 ` [zeus 31/31] pseudo: Add statx support to fix fedora30 issues Armin Kuster
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Zhixiong Chi <zhixiong.chi@windriver.com>
Since the Sun RPC is deprecated in glibc, the rpc header files
are not provided any more, but it allows alternative RPC
implementations, such as TIRPC or rpcsvc-proto, to be used.
So we create the symbol link for rpc header files for tirpc to
be more compatible with the glibc version and the application usage.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb b/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb
index 9c480b8..8977a37 100644
--- a/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb
+++ b/meta/recipes-extended/libtirpc/libtirpc_1.1.4.bb
@@ -23,6 +23,20 @@ EXTRA_OECONF = "--disable-gssapi"
do_install_append() {
chown root:root ${D}${sysconfdir}/netconfig
+ install -d ${D}${includedir}/rpc
+ install -d ${D}${includedir}/rpcsvc
+ for link_header in ${D}${includedir}/tirpc/rpc/*; do
+ if [ -f $link_header -a ! -e ${D}/${includedir}/rpc/$(basename $link_header) ]; then
+ ln -sf ../tirpc/rpc/$(basename $link_header) ${D}${includedir}/rpc/$(basename $link_header)
+ fi
+ done
+ for link_header in ${D}${includedir}/tirpc/rpcsvc/*; do
+ if [ -f $link_header -a ! -e ${D}/${includedir}/rpcsvc/$(basename $link_header) ]; then
+ ln -sf ../tirpc/rpc/$(basename $link_header) ${D}${includedir}/rpcsvc/$(basename $link_header)
+ fi
+ done
+ ln -sf tirpc/netconfig.h ${D}/${includedir}/netconfig.h
+
}
BBCLASSEXTEND = "native nativesdk"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 30/31] initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possible
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (28 preceding siblings ...)
2019-11-13 15:32 ` [zeus 29/31] libtirpc: create the symbol link for rpc header files Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
2019-11-13 15:32 ` [zeus 31/31] pseudo: Add statx support to fix fedora30 issues Armin Kuster
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Haris Okanovic <haris.okanovic@ni.com>
Without this change, efibootmgr is unable to recover BootOrder if lost
during a previous write operation, e.g. exceeded storage capacity. This
is problematic using EFI to manage boot flow from Linux (E.g. via RAUC).
https://www.kernel.org/doc/Documentation/filesystems/efivarfs.txt
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/recipes-core/initscripts/initscripts-1.0/sysfs.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/sysfs.sh b/meta/recipes-core/initscripts/initscripts-1.0/sysfs.sh
index f5b5b99..4871ee9 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/sysfs.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/sysfs.sh
@@ -26,6 +26,10 @@ if [ -e /sys/kernel/config ] && grep -q configfs /proc/filesystems; then
mount -t configfs configfs /sys/kernel/config
fi
+if [ -e /sys/firmware/efi/efivars ] && grep -q efivarfs /proc/filesystems; then
+ mount -t efivarfs efivarfs /sys/firmware/efi/efivars
+fi
+
if ! [ -e /dev/zero ] && [ -e /dev ] && grep -q devtmpfs /proc/filesystems; then
mount -n -t devtmpfs devtmpfs /dev
fi
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread* [zeus 31/31] pseudo: Add statx support to fix fedora30 issues
2019-11-13 15:31 [zeus 00/31] zeus pull request Armin Kuster
` (29 preceding siblings ...)
2019-11-13 15:32 ` [zeus 30/31] initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possible Armin Kuster
@ 2019-11-13 15:32 ` Armin Kuster
30 siblings, 0 replies; 32+ messages in thread
From: Armin Kuster @ 2019-11-13 15:32 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Modern distros (e.g. fedora30) are starting to use the new statx() syscall through
the newly exposed glibc wrapper function in software like coreutils (e.g. the ls
command). Add support to intercept this to pseudo.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../pseudo/files/0001-Add-statx.patch | 106 +++++++++++++++++++++
meta/recipes-devtools/pseudo/pseudo_git.bb | 1 +
2 files changed, 107 insertions(+)
create mode 100644 meta/recipes-devtools/pseudo/files/0001-Add-statx.patch
diff --git a/meta/recipes-devtools/pseudo/files/0001-Add-statx.patch b/meta/recipes-devtools/pseudo/files/0001-Add-statx.patch
new file mode 100644
index 0000000..f01e699
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/0001-Add-statx.patch
@@ -0,0 +1,106 @@
+From 4e41a05de1f34ba00a68ca4f20fb49c4d1cbd2d0 Mon Sep 17 00:00:00 2001
+From: Richard Purdie <richard.purdie@linuxfoundation.org>
+Date: Wed, 6 Nov 2019 12:17:46 +0000
+Subject: [PATCH] Add statx glibc/syscall support
+
+Modern distros (e.g. fedora30) are starting to use the new statx() syscall through
+the newly exposed glibc wrapper function in software like coreutils (e.g. the ls
+command). Add support to intercept this to pseudo.
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Submitted [Emailed to seebs]
+---
+ ports/linux/guts/statx.c | 48 ++++++++++++++++++++++++++++++++++++++++
+ ports/linux/portdefs.h | 1 +
+ ports/linux/wrapfuncs.in | 1 +
+ 3 files changed, 50 insertions(+)
+ create mode 100644 ports/linux/guts/statx.c
+
+diff --git a/ports/linux/statx/guts/statx.c b/ports/linux/statx/guts/statx.c
+new file mode 100644
+index 0000000..a3259c4
+--- /dev/null
++++ b/ports/linux/statx/guts/statx.c
+@@ -0,0 +1,42 @@
++/*
++ * Copyright (c) 2019 Linux Foundation
++ * Author: Richard Purdie
++ *
++ * SPDX-License-Identifier: LGPL-2.1-only
++ *
++ * int
++ * statx(int dirfd, const char *pathname, int flags, unsigned int mask, struct statx *statxbuf) {
++ * int rc = -1;
++ */
++ pseudo_msg_t *msg;
++ PSEUDO_STATBUF buf;
++ int save_errno;
++
++ rc = real_statx(dirfd, pathname, flags, mask, statxbuf);
++ save_errno = errno;
++ if (rc == -1) {
++ return rc;
++ }
++
++ buf.st_uid = statxbuf->stx_uid;
++ buf.st_gid = statxbuf->stx_gid;
++ buf.st_dev = makedev(statxbuf->stx_dev_major, statxbuf->stx_dev_minor);
++ buf.st_ino = statxbuf->stx_ino;
++ buf.st_mode = statxbuf->stx_mode;
++ buf.st_rdev = makedev(statxbuf->stx_rdev_major, statxbuf->stx_rdev_minor);
++ buf.st_nlink = statxbuf->stx_nlink;
++ msg = pseudo_client_op(OP_STAT, 0, -1, dirfd, pathname, &buf);
++ if (msg && msg->result == RESULT_SUCCEED) {
++ pseudo_debug(PDBGF_FILE, "statx(path %s), flags %o, stat rc %d, stat uid %o\n", pathname, flags, rc, statxbuf->stx_uid);
++ statxbuf->stx_uid = msg->uid;
++ statxbuf->stx_gid = msg->gid;
++ statxbuf->stx_mode = msg->mode;
++ statxbuf->stx_rdev_major = major(msg->rdev);
++ statxbuf->stx_rdev_minor = minor(msg->rdev);
++ } else {
++ pseudo_debug(PDBGF_FILE, "statx(path %s) failed, flags %o, stat rc %d, stat uid %o\n", pathname, flags, rc, statxbuf->stx_uid);
++ }
++ errno = save_errno;
++/* return rc;
++ * }
++ */
+diff --git a/ports/linux/statx/portdefs.h b/ports/linux/statx/portdefs.h
+new file mode 100644
+index 0000000..bf934dc
+--- /dev/null
++++ b/ports/linux/statx/portdefs.h
+@@ -0,0 +1,6 @@
++/*
++ * SPDX-License-Identifier: LGPL-2.1-only
++ *
++ */
++#include <sys/stat.h>
++#include <sys/sysmacros.h>
+diff --git a/ports/linux/statx/wrapfuncs.in b/ports/linux/statx/wrapfuncs.in
+new file mode 100644
+index 0000000..c9cd4c3
+--- /dev/null
++++ b/ports/linux/statx/wrapfuncs.in
+@@ -0,0 +1 @@
++int statx(int dirfd, const char *pathname, int flags, unsigned int mask, struct statx *statxbuf);
+diff --git a/ports/linux/subports b/ports/linux/subports
+index a29044a..49081bf 100755
+--- a/ports/linux/subports
++++ b/ports/linux/subports
+@@ -54,3 +54,13 @@ else
+ fi
+ rm -f dummy.c dummy.o
+
++cat > dummy.c <<EOF
++#define _GNU_SOURCE
++#include <sys/stat.h>
++struct statx x;
++EOF
++if ${CC} -c -o dummy.o dummy.c >/dev/null 2>&1; then
++ echo "linux/statx"
++fi
++rm -f dummy.c dummy.o
++
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index 78500e1..1f2df4a 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -7,6 +7,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo \
file://moreretries.patch \
file://toomanyfiles.patch \
file://0001-maketables-wrappers-use-Python-3.patch \
+ file://0001-Add-statx.patch \
"
SRCREV = "060058bb29f70b244e685b3c704eb0641b736f73"
--
2.7.4
^ permalink raw reply related [flat|nested] 32+ messages in thread