* [OE-core][dunfell 01/18] grub2: CVE-2022-28735 shim_lock verifier allows non-kernel files to be loaded
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 02/18] go: fix CVE-2022-41717 Excessive memory use in got server Steve Sakoman
` (16 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6fe755c5c07bb386fda58306bfd19e4a1c974c53
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../grub/files/CVE-2022-28735.patch | 271 ++++++++++++++++++
meta/recipes-bsp/grub/grub2.inc | 1 +
2 files changed, 272 insertions(+)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28735.patch
diff --git a/meta/recipes-bsp/grub/files/CVE-2022-28735.patch b/meta/recipes-bsp/grub/files/CVE-2022-28735.patch
new file mode 100644
index 0000000000..89b653a8da
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/CVE-2022-28735.patch
@@ -0,0 +1,271 @@
+From 6fe755c5c07bb386fda58306bfd19e4a1c974c53 Mon Sep 17 00:00:00 2001
+From: Julian Andres Klode <julian.klode@canonical.com>
+Date: Thu, 2 Dec 2021 15:03:53 +0100
+Subject: kern/efi/sb: Reject non-kernel files in the shim_lock verifier
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6fe755c5c07bb386fda58306bfd19e4a1c974c53]
+CVE: CVE-2022-28735
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+
+We must not allow other verifiers to pass things like the GRUB modules.
+Instead of maintaining a blocklist, maintain an allowlist of things
+that we do not care about.
+
+This allowlist really should be made reusable, and shared by the
+lockdown verifier, but this is the minimal patch addressing
+security concerns where the TPM verifier was able to mark modules
+as verified (or the OpenPGP verifier for that matter), when it
+should not do so on shim-powered secure boot systems.
+
+Fixes: CVE-2022-28735
+
+Signed-off-by: Julian Andres Klode <julian.klode@canonical.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ grub-core/kern/efi/sb.c | 221 ++++++++++++++++++++++++++++++++++++++++
+ include/grub/verify.h | 1 +
+ 2 files changed, 222 insertions(+)
+ create mode 100644 grub-core/kern/efi/sb.c
+
+diff --git a/grub-core/kern/efi/sb.c b/grub-core/kern/efi/sb.c
+new file mode 100644
+index 0000000..89c4bb3
+--- /dev/null
++++ b/grub-core/kern/efi/sb.c
+@@ -0,0 +1,221 @@
++/*
++ * GRUB -- GRand Unified Bootloader
++ * Copyright (C) 2020 Free Software Foundation, Inc.
++ *
++ * GRUB is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * GRUB is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
++ *
++ * UEFI Secure Boot related checkings.
++ */
++
++#include <grub/efi/efi.h>
++#include <grub/efi/pe32.h>
++#include <grub/efi/sb.h>
++#include <grub/env.h>
++#include <grub/err.h>
++#include <grub/file.h>
++#include <grub/i386/linux.h>
++#include <grub/kernel.h>
++#include <grub/mm.h>
++#include <grub/types.h>
++#include <grub/verify.h>
++
++static grub_efi_guid_t shim_lock_guid = GRUB_EFI_SHIM_LOCK_GUID;
++
++/*
++ * Determine whether we're in secure boot mode.
++ *
++ * Please keep the logic in sync with the Linux kernel,
++ * drivers/firmware/efi/libstub/secureboot.c:efi_get_secureboot().
++ */
++grub_uint8_t
++grub_efi_get_secureboot (void)
++{
++ static grub_efi_guid_t efi_variable_guid = GRUB_EFI_GLOBAL_VARIABLE_GUID;
++ grub_efi_status_t status;
++ grub_efi_uint32_t attr = 0;
++ grub_size_t size = 0;
++ grub_uint8_t *secboot = NULL;
++ grub_uint8_t *setupmode = NULL;
++ grub_uint8_t *moksbstate = NULL;
++ grub_uint8_t secureboot = GRUB_EFI_SECUREBOOT_MODE_UNKNOWN;
++ const char *secureboot_str = "UNKNOWN";
++
++ status = grub_efi_get_variable ("SecureBoot", &efi_variable_guid,
++ &size, (void **) &secboot);
++
++ if (status == GRUB_EFI_NOT_FOUND)
++ {
++ secureboot = GRUB_EFI_SECUREBOOT_MODE_DISABLED;
++ goto out;
++ }
++
++ if (status != GRUB_EFI_SUCCESS)
++ goto out;
++
++ status = grub_efi_get_variable ("SetupMode", &efi_variable_guid,
++ &size, (void **) &setupmode);
++
++ if (status != GRUB_EFI_SUCCESS)
++ goto out;
++
++ if ((*secboot == 0) || (*setupmode == 1))
++ {
++ secureboot = GRUB_EFI_SECUREBOOT_MODE_DISABLED;
++ goto out;
++ }
++
++ /*
++ * See if a user has put the shim into insecure mode. If so, and if the
++ * variable doesn't have the runtime attribute set, we might as well
++ * honor that.
++ */
++ status = grub_efi_get_variable_with_attributes ("MokSBState", &shim_lock_guid,
++ &size, (void **) &moksbstate, &attr);
++
++ /* If it fails, we don't care why. Default to secure. */
++ if (status != GRUB_EFI_SUCCESS)
++ {
++ secureboot = GRUB_EFI_SECUREBOOT_MODE_ENABLED;
++ goto out;
++ }
++
++ if (!(attr & GRUB_EFI_VARIABLE_RUNTIME_ACCESS) && *moksbstate == 1)
++ {
++ secureboot = GRUB_EFI_SECUREBOOT_MODE_DISABLED;
++ goto out;
++ }
++
++ secureboot = GRUB_EFI_SECUREBOOT_MODE_ENABLED;
++
++ out:
++ grub_free (moksbstate);
++ grub_free (setupmode);
++ grub_free (secboot);
++
++ if (secureboot == GRUB_EFI_SECUREBOOT_MODE_DISABLED)
++ secureboot_str = "Disabled";
++ else if (secureboot == GRUB_EFI_SECUREBOOT_MODE_ENABLED)
++ secureboot_str = "Enabled";
++
++ grub_dprintf ("efi", "UEFI Secure Boot state: %s\n", secureboot_str);
++
++ return secureboot;
++}
++
++static grub_err_t
++shim_lock_verifier_init (grub_file_t io __attribute__ ((unused)),
++ enum grub_file_type type,
++ void **context __attribute__ ((unused)),
++ enum grub_verify_flags *flags)
++{
++ *flags = GRUB_VERIFY_FLAGS_NONE;
++
++ switch (type & GRUB_FILE_TYPE_MASK)
++ {
++ /* Files we check. */
++ case GRUB_FILE_TYPE_LINUX_KERNEL:
++ case GRUB_FILE_TYPE_MULTIBOOT_KERNEL:
++ case GRUB_FILE_TYPE_BSD_KERNEL:
++ case GRUB_FILE_TYPE_XNU_KERNEL:
++ case GRUB_FILE_TYPE_PLAN9_KERNEL:
++ case GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE:
++ *flags = GRUB_VERIFY_FLAGS_SINGLE_CHUNK;
++ return GRUB_ERR_NONE;
++
++ /* Files that do not affect secureboot state. */
++ case GRUB_FILE_TYPE_NONE:
++ case GRUB_FILE_TYPE_LOOPBACK:
++ case GRUB_FILE_TYPE_LINUX_INITRD:
++ case GRUB_FILE_TYPE_OPENBSD_RAMDISK:
++ case GRUB_FILE_TYPE_XNU_RAMDISK:
++ case GRUB_FILE_TYPE_SIGNATURE:
++ case GRUB_FILE_TYPE_PUBLIC_KEY:
++ case GRUB_FILE_TYPE_PUBLIC_KEY_TRUST:
++ case GRUB_FILE_TYPE_PRINT_BLOCKLIST:
++ case GRUB_FILE_TYPE_TESTLOAD:
++ case GRUB_FILE_TYPE_GET_SIZE:
++ case GRUB_FILE_TYPE_FONT:
++ case GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY:
++ case GRUB_FILE_TYPE_CAT:
++ case GRUB_FILE_TYPE_HEXCAT:
++ case GRUB_FILE_TYPE_CMP:
++ case GRUB_FILE_TYPE_HASHLIST:
++ case GRUB_FILE_TYPE_TO_HASH:
++ case GRUB_FILE_TYPE_KEYBOARD_LAYOUT:
++ case GRUB_FILE_TYPE_PIXMAP:
++ case GRUB_FILE_TYPE_GRUB_MODULE_LIST:
++ case GRUB_FILE_TYPE_CONFIG:
++ case GRUB_FILE_TYPE_THEME:
++ case GRUB_FILE_TYPE_GETTEXT_CATALOG:
++ case GRUB_FILE_TYPE_FS_SEARCH:
++ case GRUB_FILE_TYPE_LOADENV:
++ case GRUB_FILE_TYPE_SAVEENV:
++ case GRUB_FILE_TYPE_VERIFY_SIGNATURE:
++ *flags = GRUB_VERIFY_FLAGS_SKIP_VERIFICATION;
++ return GRUB_ERR_NONE;
++
++ /* Other files. */
++ default:
++ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("prohibited by secure boot policy"));
++ }
++}
++
++static grub_err_t
++shim_lock_verifier_write (void *context __attribute__ ((unused)), void *buf, grub_size_t size)
++{
++ grub_efi_shim_lock_protocol_t *sl = grub_efi_locate_protocol (&shim_lock_guid, 0);
++
++ if (!sl)
++ return grub_error (GRUB_ERR_ACCESS_DENIED, N_("shim_lock protocol not found"));
++
++ if (sl->verify (buf, size) != GRUB_EFI_SUCCESS)
++ return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad shim signature"));
++
++ return GRUB_ERR_NONE;
++}
++
++struct grub_file_verifier shim_lock_verifier =
++ {
++ .name = "shim_lock_verifier",
++ .init = shim_lock_verifier_init,
++ .write = shim_lock_verifier_write
++ };
++
++void
++grub_shim_lock_verifier_setup (void)
++{
++ struct grub_module_header *header;
++ grub_efi_shim_lock_protocol_t *sl =
++ grub_efi_locate_protocol (&shim_lock_guid, 0);
++
++ /* shim_lock is missing, check if GRUB image is built with --disable-shim-lock. */
++ if (!sl)
++ {
++ FOR_MODULES (header)
++ {
++ if (header->type == OBJ_TYPE_DISABLE_SHIM_LOCK)
++ return;
++ }
++ }
++
++ /* Secure Boot is off. Do not load shim_lock. */
++ if (grub_efi_get_secureboot () != GRUB_EFI_SECUREBOOT_MODE_ENABLED)
++ return;
++
++ /* Enforce shim_lock_verifier. */
++ grub_verifier_register (&shim_lock_verifier);
++
++ grub_env_set ("shim_lock", "y");
++ grub_env_export ("shim_lock");
++}
+diff --git a/include/grub/verify.h b/include/grub/verify.h
+index cd129c3..672ae16 100644
+--- a/include/grub/verify.h
++++ b/include/grub/verify.h
+@@ -24,6 +24,7 @@
+
+ enum grub_verify_flags
+ {
++ GRUB_VERIFY_FLAGS_NONE = 0,
+ GRUB_VERIFY_FLAGS_SKIP_VERIFICATION = 1,
+ GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2,
+ /* Defer verification to another authority. */
+--
+2.25.1
+
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index a248af0073..777839d0b6 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -102,6 +102,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
file://CVE-2022-28733.patch \
file://CVE-2022-28734.patch \
file://CVE-2022-28736.patch \
+ file://CVE-2022-28735.patch \
"
SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 02/18] go: fix CVE-2022-41717 Excessive memory use in got server
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 01/18] grub2: CVE-2022-28735 shim_lock verifier allows non-kernel files to be loaded Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 03/18] rsync: fix CVE-2022-29154 remote arbitrary files write inside the directories of connecting peers Steve Sakoman
` (15 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-1.14.inc | 1 +
.../go/go-1.14/CVE-2022-41717.patch | 75 +++++++++++++++++++
2 files changed, 76 insertions(+)
create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index b4a137b8c8..1d97001654 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -50,6 +50,7 @@ SRC_URI += "\
file://CVE-2022-28131.patch \
file://CVE-2022-28327.patch \
file://CVE-2022-41715.patch \
+ file://CVE-2022-41717.patch \
"
SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch b/meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch
new file mode 100644
index 0000000000..8bf22ee4d4
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2022-41717.patch
@@ -0,0 +1,75 @@
+From 618120c165669c00a1606505defea6ca755cdc27 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Wed, 30 Nov 2022 16:46:33 -0500
+Subject: [PATCH] [release-branch.go1.19] net/http: update bundled
+ golang.org/x/net/http2
+
+Disable cmd/internal/moddeps test, since this update includes PRIVATE
+track fixes.
+
+For #56350.
+For #57009.
+Fixes CVE-2022-41717.
+
+Change-Id: I5c6ce546add81f361dcf0d5123fa4eaaf8f0a03b
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1663835
+Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/455363
+TryBot-Result: Gopher Robot <gobot@golang.org>
+Run-TryBot: Jenny Rakoczy <jenny@golang.org>
+Reviewed-by: Michael Pratt <mpratt@google.com>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27]
+CVE-2022-41717
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ src/net/http/h2_bundle.go | 18 +++++++++++-------
+ 1 file changed, 11 insertions(+), 7 deletions(-)
+
+diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
+index 83f2a72..cc03a62 100644
+--- a/src/net/http/h2_bundle.go
++++ b/src/net/http/h2_bundle.go
+@@ -4096,6 +4096,7 @@ type http2serverConn struct {
+ headerTableSize uint32
+ peerMaxHeaderListSize uint32 // zero means unknown (default)
+ canonHeader map[string]string // http2-lower-case -> Go-Canonical-Case
++ canonHeaderKeysSize int // canonHeader keys size in bytes
+ writingFrame bool // started writing a frame (on serve goroutine or separate)
+ writingFrameAsync bool // started a frame on its own goroutine but haven't heard back on wroteFrameCh
+ needsFrameFlush bool // last frame write wasn't a flush
+@@ -4278,6 +4279,13 @@ func (sc *http2serverConn) condlogf(err error, format string, args ...interface{
+ }
+ }
+
++// maxCachedCanonicalHeadersKeysSize is an arbitrarily-chosen limit on the size
++// of the entries in the canonHeader cache.
++// This should be larger than the size of unique, uncommon header keys likely to
++// be sent by the peer, while not so high as to permit unreasonable memory usage
++// if the peer sends an unbounded number of unique header keys.
++const http2maxCachedCanonicalHeadersKeysSize = 2048
++
+ func (sc *http2serverConn) canonicalHeader(v string) string {
+ sc.serveG.check()
+ http2buildCommonHeaderMapsOnce()
+@@ -4293,14 +4301,10 @@ func (sc *http2serverConn) canonicalHeader(v string) string {
+ sc.canonHeader = make(map[string]string)
+ }
+ cv = CanonicalHeaderKey(v)
+- // maxCachedCanonicalHeaders is an arbitrarily-chosen limit on the number of
+- // entries in the canonHeader cache. This should be larger than the number
+- // of unique, uncommon header keys likely to be sent by the peer, while not
+- // so high as to permit unreaasonable memory usage if the peer sends an unbounded
+- // number of unique header keys.
+- const maxCachedCanonicalHeaders = 32
+- if len(sc.canonHeader) < maxCachedCanonicalHeaders {
++ size := 100 + len(v)*2 // 100 bytes of map overhead + key + value
++ if sc.canonHeaderKeysSize+size <= http2maxCachedCanonicalHeadersKeysSize {
+ sc.canonHeader[v] = cv
++ sc.canonHeaderKeysSize += size
+ }
+ return cv
+ }
+--
+2.30.2
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 03/18] rsync: fix CVE-2022-29154 remote arbitrary files write inside the directories of connecting peers
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 01/18] grub2: CVE-2022-28735 shim_lock verifier allows non-kernel files to be loaded Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 02/18] go: fix CVE-2022-41717 Excessive memory use in got server Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 04/18] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c Steve Sakoman
` (14 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../rsync/files/CVE-2022-29154.patch | 334 ++++++++++++++++++
meta/recipes-devtools/rsync/rsync_3.1.3.bb | 1 +
2 files changed, 335 insertions(+)
create mode 100644 meta/recipes-devtools/rsync/files/CVE-2022-29154.patch
diff --git a/meta/recipes-devtools/rsync/files/CVE-2022-29154.patch b/meta/recipes-devtools/rsync/files/CVE-2022-29154.patch
new file mode 100644
index 0000000000..61e4e03254
--- /dev/null
+++ b/meta/recipes-devtools/rsync/files/CVE-2022-29154.patch
@@ -0,0 +1,334 @@
+From b7231c7d02cfb65d291af74ff66e7d8c507ee871 Mon Sep 17 00:00:00 2001
+From: Wayne Davison <wayne@opencoder.net>
+Date: Sun, 31 Jul 2022 16:55:34 -0700
+Subject: [PATCH] Some extra file-list safety checks.
+
+CVE-2022-29154 rsync: remote arbitrary files write inside the
+
+Upstream-Status: Backport from [https://git.samba.org/?p=rsync.git;a=patch;h=b7231c7d02cfb65d291af74ff66e7d8c507ee871]
+CVE:CVE-2022-29154
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ exclude.c | 127 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
+ flist.c | 17 ++++++-
+ io.c | 4 ++
+ main.c | 7 ++-
+ receiver.c | 11 +++--
+ 5 files changed, 158 insertions(+), 8 deletions(-)
+
+diff --git a/exclude.c b/exclude.c
+index 7989fb3..e146e96 100644
+--- a/exclude.c
++++ b/exclude.c
+@@ -26,16 +26,21 @@ extern int am_server;
+ extern int am_sender;
+ extern int eol_nulls;
+ extern int io_error;
++extern int xfer_dirs;
++extern int recurse;
+ extern int local_server;
+ extern int prune_empty_dirs;
+ extern int ignore_perishable;
++extern int relative_paths;
+ extern int delete_mode;
+ extern int delete_excluded;
+ extern int cvs_exclude;
+ extern int sanitize_paths;
+ extern int protocol_version;
++extern int list_only;
+ extern int module_id;
+
++extern char *filesfrom_host;
+ extern char curr_dir[MAXPATHLEN];
+ extern unsigned int curr_dir_len;
+ extern unsigned int module_dirlen;
+@@ -43,8 +48,10 @@ extern unsigned int module_dirlen;
+ filter_rule_list filter_list = { .debug_type = "" };
+ filter_rule_list cvs_filter_list = { .debug_type = " [global CVS]" };
+ filter_rule_list daemon_filter_list = { .debug_type = " [daemon]" };
++filter_rule_list implied_filter_list = { .debug_type = " [implied]" };
+
+ int saw_xattr_filter = 0;
++int trust_sender_filter = 0;
+
+ /* Need room enough for ":MODS " prefix plus some room to grow. */
+ #define MAX_RULE_PREFIX (16)
+@@ -293,6 +300,123 @@ static void add_rule(filter_rule_list *listp, const char *pat, unsigned int pat_
+ }
+ }
+
++/* Each arg the client sends to the remote sender turns into an implied include
++ * that the receiver uses to validate the file list from the sender. */
++void add_implied_include(const char *arg)
++{
++ filter_rule *rule;
++ int arg_len, saw_wild = 0, backslash_cnt = 0;
++ int slash_cnt = 1; /* We know we're adding a leading slash. */
++ const char *cp;
++ char *p;
++ if (relative_paths) {
++ cp = strstr(arg, "/./");
++ if (cp)
++ arg = cp+3;
++ } else {
++ if ((cp = strrchr(arg, '/')) != NULL)
++ arg = cp + 1;
++ }
++ arg_len = strlen(arg);
++ if (arg_len) {
++ if (strpbrk(arg, "*[?")) {
++ /* We need to add room to escape backslashes if wildcard chars are present. */
++ cp = arg;
++ while ((cp = strchr(cp, '\\')) != NULL) {
++ arg_len++;
++ cp++;
++ }
++ saw_wild = 1;
++ }
++ arg_len++; /* Leave room for the prefixed slash */
++ rule = new0(filter_rule);
++ if (!implied_filter_list.head)
++ implied_filter_list.head = implied_filter_list.tail = rule;
++ else {
++ rule->next = implied_filter_list.head;
++ implied_filter_list.head = rule;
++ }
++ rule->rflags = FILTRULE_INCLUDE + (saw_wild ? FILTRULE_WILD : 0);
++ p = rule->pattern = new_array(char, arg_len + 1);
++ *p++ = '/';
++ cp = arg;
++ while (*cp) {
++ switch (*cp) {
++ case '\\':
++ backslash_cnt++;
++ if (saw_wild)
++ *p++ = '\\';
++ *p++ = *cp++;
++ break;
++ case '/':
++ if (p[-1] == '/') /* This is safe because of the initial slash. */
++ break;
++ if (relative_paths) {
++ filter_rule const *ent;
++ int found = 0;
++ *p = '\0';
++ for (ent = implied_filter_list.head; ent; ent = ent->next) {
++ if (ent != rule && strcmp(ent->pattern, rule->pattern) == 0)
++ found = 1;
++ }
++ if (!found) {
++ filter_rule *R_rule = new0(filter_rule);
++ R_rule->rflags = FILTRULE_INCLUDE + (saw_wild ? FILTRULE_WILD : 0);
++ R_rule->pattern = strdup(rule->pattern);
++ R_rule->u.slash_cnt = slash_cnt;
++ R_rule->next = implied_filter_list.head;
++ implied_filter_list.head = R_rule;
++ }
++ }
++ slash_cnt++;
++ *p++ = *cp++;
++ break;
++ default:
++ *p++ = *cp++;
++ break;
++ }
++ }
++ *p = '\0';
++ rule->u.slash_cnt = slash_cnt;
++ arg = (const char *)rule->pattern;
++ }
++
++ if (recurse || xfer_dirs) {
++ /* Now create a rule with an added "/" & "**" or "*" at the end */
++ rule = new0(filter_rule);
++ if (recurse)
++ rule->rflags = FILTRULE_INCLUDE | FILTRULE_WILD | FILTRULE_WILD2;
++ else
++ rule->rflags = FILTRULE_INCLUDE | FILTRULE_WILD;
++ /* A +4 in the len leaves enough room for / * * \0 or / * \0 \0 */
++ if (!saw_wild && backslash_cnt) {
++ /* We are appending a wildcard, so now the backslashes need to be escaped. */
++ p = rule->pattern = new_array(char, arg_len + backslash_cnt + 3 + 1);
++ cp = arg;
++ while (*cp) {
++ if (*cp == '\\')
++ *p++ = '\\';
++ *p++ = *cp++;
++ }
++ } else {
++ p = rule->pattern = new_array(char, arg_len + 3 + 1);
++ if (arg_len) {
++ memcpy(p, arg, arg_len);
++ p += arg_len;
++ }
++ }
++ if (p[-1] != '/')
++ *p++ = '/';
++ *p++ = '*';
++ if (recurse)
++ *p++ = '*';
++ *p = '\0';
++ rule->u.slash_cnt = slash_cnt + 1;
++ rule->next = implied_filter_list.head;
++ implied_filter_list.head = rule;
++ }
++}
++
+ /* This frees any non-inherited items, leaving just inherited items on the list. */
+ static void pop_filter_list(filter_rule_list *listp)
+ {
+@@ -721,7 +845,7 @@ static void report_filter_result(enum logcode code, char const *name,
+ : name_flags & NAME_IS_DIR ? "directory"
+ : "file";
+ rprintf(code, "[%s] %sing %s %s because of pattern %s%s%s\n",
+- w, actions[*w!='s'][!(ent->rflags & FILTRULE_INCLUDE)],
++ w, actions[*w=='g'][!(ent->rflags & FILTRULE_INCLUDE)],
+ t, name, ent->pattern,
+ ent->rflags & FILTRULE_DIRECTORY ? "/" : "", type);
+ }
+@@ -894,6 +1018,7 @@ static filter_rule *parse_rule_tok(const char **rulestr_ptr,
+ }
+ switch (ch) {
+ case ':':
++ trust_sender_filter = 1;
+ rule->rflags |= FILTRULE_PERDIR_MERGE
+ | FILTRULE_FINISH_SETUP;
+ /* FALL THROUGH */
+diff --git a/flist.c b/flist.c
+index 499440c..630d685 100644
+--- a/flist.c
++++ b/flist.c
+@@ -70,6 +70,7 @@ extern int need_unsorted_flist;
+ extern int sender_symlink_iconv;
+ extern int output_needs_newline;
+ extern int sender_keeps_checksum;
++extern int trust_sender_filter;
+ extern int unsort_ndx;
+ extern uid_t our_uid;
+ extern struct stats stats;
+@@ -80,8 +81,7 @@ extern char curr_dir[MAXPATHLEN];
+
+ extern struct chmod_mode_struct *chmod_modes;
+
+-extern filter_rule_list filter_list;
+-extern filter_rule_list daemon_filter_list;
++extern filter_rule_list filter_list, implied_filter_list, daemon_filter_list;
+
+ #ifdef ICONV_OPTION
+ extern int filesfrom_convert;
+@@ -904,6 +904,19 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
+ exit_cleanup(RERR_UNSUPPORTED);
+ }
+
++ if (*thisname != '.' || thisname[1] != '\0') {
++ int filt_flags = S_ISDIR(mode) ? NAME_IS_DIR : NAME_IS_FILE;
++ if (!trust_sender_filter /* a per-dir filter rule means we must trust the sender's filtering */
++ && filter_list.head && check_filter(&filter_list, FINFO, thisname, filt_flags) < 0) {
++ rprintf(FERROR, "ERROR: rejecting excluded file-list name: %s\n", thisname);
++ exit_cleanup(RERR_PROTOCOL);
++ }
++ if (implied_filter_list.head && check_filter(&implied_filter_list, FINFO, thisname, filt_flags) <= 0) {
++ rprintf(FERROR, "ERROR: rejecting unrequested file-list name: %s\n", thisname);
++ exit_cleanup(RERR_PROTOCOL);
++ }
++ }
++
+ if (inc_recurse && S_ISDIR(mode)) {
+ if (one_file_system) {
+ /* Room to save the dir's device for -x */
+diff --git a/io.c b/io.c
+index c04dbd5..698a7da 100644
+--- a/io.c
++++ b/io.c
+@@ -415,6 +415,7 @@ static void forward_filesfrom_data(void)
+ while (s != eob) {
+ if (*s++ == '\0') {
+ ff_xb.len = s - sob - 1;
++ add_implied_include(sob);
+ if (iconvbufs(ic_send, &ff_xb, &iobuf.out, flags) < 0)
+ exit_cleanup(RERR_PROTOCOL); /* impossible? */
+ write_buf(iobuf.out_fd, s-1, 1); /* Send the '\0'. */
+@@ -446,9 +447,12 @@ static void forward_filesfrom_data(void)
+ char *f = ff_xb.buf + ff_xb.pos;
+ char *t = ff_xb.buf;
+ char *eob = f + len;
++ char *cur = t;
+ /* Eliminate any multi-'\0' runs. */
+ while (f != eob) {
+ if (!(*t++ = *f++)) {
++ add_implied_include(cur);
++ cur = t;
+ while (f != eob && *f == '\0')
+ f++;
+ }
+diff --git a/main.c b/main.c
+index ee9630f..6ec56e7 100644
+--- a/main.c
++++ b/main.c
+@@ -78,6 +78,7 @@ extern BOOL flist_receiving_enabled;
+ extern BOOL shutting_down;
+ extern int backup_dir_len;
+ extern int basis_dir_cnt;
++extern int trust_sender_filter;
+ extern struct stats stats;
+ extern char *stdout_format;
+ extern char *logfile_format;
+@@ -93,7 +94,7 @@ extern char curr_dir[MAXPATHLEN];
+ extern char backup_dir_buf[MAXPATHLEN];
+ extern char *basis_dir[MAX_BASIS_DIRS+1];
+ extern struct file_list *first_flist;
+-extern filter_rule_list daemon_filter_list;
++extern filter_rule_list daemon_filter_list, implied_filter_list;
+
+ uid_t our_uid;
+ gid_t our_gid;
+@@ -534,6 +535,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
+ #ifdef ICONV_CONST
+ setup_iconv();
+ #endif
++ trust_sender_filter = 1;
+ } else if (local_server) {
+ /* If the user didn't request --[no-]whole-file, force
+ * it on, but only if we're not batch processing. */
+@@ -1358,6 +1360,8 @@ static int start_client(int argc, char *argv[])
+ char *dummy_host;
+ int dummy_port = rsync_port;
+ int i;
++ if (filesfrom_fd < 0)
++ add_implied_include(remote_argv[0]);
+ /* For remote source, any extra source args must have either
+ * the same hostname or an empty hostname. */
+ for (i = 1; i < remote_argc; i++) {
+@@ -1381,6 +1385,7 @@ static int start_client(int argc, char *argv[])
+ if (!rsync_port && !*arg) /* Turn an empty arg into a dot dir. */
+ arg = ".";
+ remote_argv[i] = arg;
++ add_implied_include(arg);
+ }
+ }
+
+diff --git a/receiver.c b/receiver.c
+index d6a48f1..c0aa893 100644
+--- a/receiver.c
++++ b/receiver.c
+@@ -577,10 +577,13 @@ int recv_files(int f_in, int f_out, char *local_name)
+ if (DEBUG_GTE(RECV, 1))
+ rprintf(FINFO, "recv_files(%s)\n", fname);
+
+- if (daemon_filter_list.head && (*fname != '.' || fname[1] != '\0')
+- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
+- rprintf(FERROR, "attempt to hack rsync failed.\n");
+- exit_cleanup(RERR_PROTOCOL);
++ if (daemon_filter_list.head && (*fname != '.' || fname[1] != '\0')) {
++ int filt_flags = S_ISDIR(file->mode) ? NAME_IS_DIR : NAME_IS_FILE;
++ if (check_filter(&daemon_filter_list, FLOG, fname, filt_flags) < 0) {
++ rprintf(FERROR, "ERROR: rejecting file transfer request for daemon excluded file: %s\n",
++ fname);
++ exit_cleanup(RERR_PROTOCOL);
++ }
+ }
+
+ #ifdef SUPPORT_XATTRS
+--
+2.30.2
+
diff --git a/meta/recipes-devtools/rsync/rsync_3.1.3.bb b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
index c743e3f75b..a5c20dee34 100644
--- a/meta/recipes-devtools/rsync/rsync_3.1.3.bb
+++ b/meta/recipes-devtools/rsync/rsync_3.1.3.bb
@@ -16,6 +16,7 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
file://CVE-2016-9841.patch \
file://CVE-2016-9842.patch \
file://CVE-2016-9843.patch \
+ file://CVE-2022-29154.patch \
"
SRC_URI[md5sum] = "1581a588fde9d89f6bc6201e8129afaf"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 04/18] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (2 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 03/18] rsync: fix CVE-2022-29154 remote arbitrary files write inside the directories of connecting peers Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 05/18] qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data transfers Steve Sakoman
` (13 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../xorg-lib/libx11/CVE-2022-3555.patch | 38 +++++++++++++++++++
.../recipes-graphics/xorg-lib/libx11_1.6.9.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
diff --git a/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch b/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
new file mode 100644
index 0000000000..855ce80e77
--- /dev/null
+++ b/meta/recipes-graphics/xorg-lib/libx11/CVE-2022-3555.patch
@@ -0,0 +1,38 @@
+From 8a368d808fec166b5fb3dfe6312aab22c7ee20af Mon Sep 17 00:00:00 2001
+From: Hodong <hodong@yozmos.com>
+Date: Thu, 20 Jan 2022 00:57:41 +0900
+Subject: [PATCH] Fix two memory leaks in _XFreeX11XCBStructure()
+
+Even when XCloseDisplay() was called, some memory was leaked.
+
+XCloseDisplay() calls _XFreeDisplayStructure(), which calls
+_XFreeX11XCBStructure().
+
+However, _XFreeX11XCBStructure() did not destroy the condition variables,
+resulting in the leaking of some 40 bytes.
+
+Signed-off-by: Hodong <hodong@yozmos.com>
+
+Upstream-Status: Backport from [https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af]
+CVE:CVE-2022-3555
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ src/xcb_disp.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/xcb_disp.c b/src/xcb_disp.c
+index 70a602f4..e9becee3 100644
+--- a/src/xcb_disp.c
++++ b/src/xcb_disp.c
+@@ -102,6 +102,8 @@ void _XFreeX11XCBStructure(Display *dpy)
+ dpy->xcb->pending_requests = tmp->next;
+ free(tmp);
+ }
++ xcondition_clear(dpy->xcb->event_notify);
++ xcondition_clear(dpy->xcb->reply_notify);
+ xcondition_free(dpy->xcb->event_notify);
+ xcondition_free(dpy->xcb->reply_notify);
+ Xfree(dpy->xcb);
+--
+2.18.2
+
diff --git a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
index 72ab1d4150..ad3fab1204 100644
--- a/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
+++ b/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb
@@ -17,6 +17,7 @@ SRC_URI += "file://Fix-hanging-issue-in-_XReply.patch \
file://CVE-2020-14363.patch \
file://CVE-2021-31535.patch \
file://CVE-2022-3554.patch \
+ file://CVE-2022-3555.patch \
"
SRC_URI[md5sum] = "55adbfb6d4370ecac5e70598c4e7eed2"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 05/18] qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data transfers
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (3 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 04/18] libx11: fix CVE-2022-3555 memory leak in _XFreeX11XCBStructure() of xcb_disp.c Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 06/18] ppp: fix CVE-2022-4603 Steve Sakoman
` (12 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/qemu/qemu.inc | 1 +
.../qemu/qemu/CVE-2021-3507.patch | 87 +++++++++++++++++++
2 files changed, 88 insertions(+)
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index a915b54c1a..fff2c87780 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -114,6 +114,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2021-3750.patch \
file://CVE-2021-3638.patch \
file://CVE-2021-20196.patch \
+ file://CVE-2021-3507.patch \
"
UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch
new file mode 100644
index 0000000000..4ff3413f8e
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3507.patch
@@ -0,0 +1,87 @@
+From defac5e2fbddf8423a354ff0454283a2115e1367 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com>
+Date: Thu, 18 Nov 2021 12:57:32 +0100
+Subject: [PATCH] hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Per the 82078 datasheet, if the end-of-track (EOT byte in
+the FIFO) is more than the number of sectors per side, the
+command is terminated unsuccessfully:
+
+* 5.2.5 DATA TRANSFER TERMINATION
+
+ The 82078 supports terminal count explicitly through
+ the TC pin and implicitly through the underrun/over-
+ run and end-of-track (EOT) functions. For full sector
+ transfers, the EOT parameter can define the last
+ sector to be transferred in a single or multisector
+ transfer. If the last sector to be transferred is a par-
+ tial sector, the host can stop transferring the data in
+ mid-sector, and the 82078 will continue to complete
+ the sector as if a hardware TC was received. The
+ only difference between these implicit functions and
+ TC is that they return "abnormal termination" result
+ status. Such status indications can be ignored if they
+ were expected.
+
+* 6.1.3 READ TRACK
+
+ This command terminates when the EOT specified
+ number of sectors have been read. If the 82078
+ does not find an I D Address Mark on the diskette
+ after the second· occurrence of a pulse on the
+ INDX# pin, then it sets the IC code in Status Regis-
+ ter 0 to "01" (Abnormal termination), sets the MA bit
+ in Status Register 1 to "1", and terminates the com-
+ mand.
+
+* 6.1.6 VERIFY
+
+ Refer to Table 6-6 and Table 6-7 for information
+ concerning the values of MT and EC versus SC and
+ EOT value.
+
+* Table 6·6. Result Phase Table
+
+* Table 6-7. Verify Command Result Phase Table
+
+Fix by aborting the transfer when EOT > # Sectors Per Side.
+
+Cc: qemu-stable@nongnu.org
+Cc: Hervé Poussineau <hpoussin@reactos.org>
+Fixes: baca51faff0 ("floppy driver: disk geometry auto detect")
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/339
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Message-Id: <20211118115733.4038610-2-philmd@redhat.com>
+Reviewed-by: Hanna Reitz <hreitz@redhat.com>
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+
+Upstream-Status: Backport [https://github.com/qemu/qemu/commit/defac5e2fbddf8423a354ff0454283a2115e1367]
+CVE: CVE-2021-3507
+Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
+---
+ hw/block/fdc.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/hw/block/fdc.c b/hw/block/fdc.c
+index 347875a0cdae..57bb355794a9 100644
+--- a/hw/block/fdc.c
++++ b/hw/block/fdc.c
+@@ -1530,6 +1530,14 @@ static void fdctrl_start_transfer(FDCtrl *fdctrl, int direction)
+ int tmp;
+ fdctrl->data_len = 128 << (fdctrl->fifo[5] > 7 ? 7 : fdctrl->fifo[5]);
+ tmp = (fdctrl->fifo[6] - ks + 1);
++ if (tmp < 0) {
++ FLOPPY_DPRINTF("invalid EOT: %d\n", tmp);
++ fdctrl_stop_transfer(fdctrl, FD_SR0_ABNTERM, FD_SR1_MA, 0x00);
++ fdctrl->fifo[3] = kt;
++ fdctrl->fifo[4] = kh;
++ fdctrl->fifo[5] = ks;
++ return;
++ }
+ if (fdctrl->fifo[0] & 0x80)
+ tmp += fdctrl->fifo[6];
+ fdctrl->data_len *= tmp;
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 06/18] ppp: fix CVE-2022-4603
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (4 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 05/18] qemu: fix CVE-2021-3507 fdc heap buffer overflow in DMA read data transfers Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 07/18] cairo: update patch for CVE-2019-6461 with upstream solution Steve Sakoman
` (11 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Minjae Kim <flowergom@gmail.com>
<CVE-2022-4603>
Avoid out-of-range access to packet buffer
Upstream-Status: Backport[https://github.com/ppp-project/ppp/commit/a75fb7b198eed50d769c80c36629f38346882cbf]
Signed-off-by:Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ppp/ppp/CVE-2022-4603.patch | 50 +++++++++++++++++++
meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 1 +
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
diff --git a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
new file mode 100644
index 0000000000..27b8863a4e
--- /dev/null
+++ b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
@@ -0,0 +1,50 @@
+From 2aeb41a9a3a43b11b1e46628d0bf98197ff9f141 Mon Sep 17 00:00:00 2001
+From: Paul Mackerras <paulus@ozlabs.org>
+Date: Thu, 29 Dec 2022 18:00:20 +0100
+Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer
+
+This fixes a potential vulnerability where data is written to spkt.buf
+and rpkt.buf without a check on the array index. To fix this, we
+check the array index (pkt->cnt) before storing the byte or
+incrementing the count. This also means we no longer have a potential
+signed integer overflow on the increment of pkt->cnt.
+
+Fortunately, pppdump is not used in the normal process of setting up a
+PPP connection, is not installed setuid-root, and is not invoked
+automatically in any scenario that I am aware of.
+
+Ustream-Status: Backport [https://github.com/ppp-project/ppp/commit/a75fb7b198eed50d769c80c36629f38346882cbf]
+CVE: CVE-2022-4603
+Signed-off-by:Minjae Kim <flowergom@gmail.com>
+---
+ pppdump/pppdump.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c
+index 87c2e8f..dec4def 100644
+--- a/pppdump/pppdump.c
++++ b/pppdump/pppdump.c
+@@ -296,6 +296,10 @@ dumpppp(f)
+ printf("%s aborted packet:\n ", dir);
+ q = " ";
+ }
++ if (pkt->cnt >= sizeof(pkt->buf)) {
++ printf("%s over-long packet truncated:\n ", dir);
++ q = " ";
++ }
+ nb = pkt->cnt;
+ p = pkt->buf;
+ pkt->cnt = 0;
+@@ -399,7 +403,8 @@ dumpppp(f)
+ c ^= 0x20;
+ pkt->esc = 0;
+ }
+- pkt->buf[pkt->cnt++] = c;
++ if (pkt->cnt < sizeof(pkt->buf))
++ pkt->buf[pkt->cnt++] = c;
+ break;
+ }
+ }
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
index 76c1cc62a7..51ec25e660 100644
--- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
+++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
@@ -34,6 +34,7 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \
file://0001-ppp-Remove-unneeded-include.patch \
file://ppp-2.4.7-DES-openssl.patch \
file://0001-pppd-Fix-bounds-check-in-EAP-code.patch \
+ file://CVE-2022-4603.patch \
"
SRC_URI_append_libc-musl = "\
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 07/18] cairo: update patch for CVE-2019-6461 with upstream solution
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (5 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 06/18] ppp: fix CVE-2022-4603 Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 08/18] linux-yocto/5.4: update to v5.4.221 Steve Sakoman
` (10 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Upstream went with something slightly different so let's update the
patch so we don't have to carry a patch that isn't going to be merged.
This patch is part of snapshot 1.17.6.
Cc: Quentin Schulz <foss+yocto@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 19eb1e388fbbe5bfb8462710c745f2bb5446b5b5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../cairo/cairo/CVE-2019-6461.patch | 35 +++++++++++++++----
1 file changed, 28 insertions(+), 7 deletions(-)
diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
index 5232cf70c6..0b7d9a0c36 100644
--- a/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
+++ b/meta/recipes-graphics/cairo/cairo/CVE-2019-6461.patch
@@ -1,19 +1,40 @@
-There is a potential infinite-loop in function _arc_error_normalized().
-
CVE: CVE-2019-6461
-Upstream-Status: Pending
-Signed-off-by: Ross Burton <ross.burton@intel.com>
+Upstream-Status: Backport
+Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
+
+From ab2c5ee21e5f3d3ee4b3f67cfcd5811a4f99c3a0 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <hlewin@gmx.de>
+Date: Sun, 1 Aug 2021 11:16:03 +0000
+Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
+
+---
+ src/cairo-arc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/cairo-arc.c b/src/cairo-arc.c
-index 390397bae..f9249dbeb 100644
+index 390397bae..1c891d1a0 100644
--- a/src/cairo-arc.c
+++ b/src/cairo-arc.c
-@@ -99,7 +99,7 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+ { M_PI / 11.0, 9.81410988043554039085e-09 },
+ };
+ int table_size = ARRAY_LENGTH (table);
++ const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
+
+ for (i = 0; i < table_size; i++)
+ if (table[i].error < tolerance)
+ return table[i].angle;
+
+ ++i;
++
do {
angle = M_PI / i++;
error = _arc_error_normalized (angle);
- } while (error > tolerance);
-+ } while (error > tolerance && error > __DBL_EPSILON__);
++ } while (error > tolerance && i < max_segments);
return angle;
}
+--
+2.38.1
+
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 08/18] linux-yocto/5.4: update to v5.4.221
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (6 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 07/18] cairo: update patch for CVE-2019-6461 with upstream solution Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 09/18] linux-yocto/5.4: update to v5.4.224 Steve Sakoman
` (9 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
b70bfeb98635 Linux 5.4.221
6bb8769326c4 mm: /proc/pid/smaps_rollup: fix no vma's null-deref
a351077e589d hv_netvsc: Fix race between VF offering and VF association message from host
2f1b3377b6fc Makefile.debug: re-enable debug info for .S files
9220881831c3 ACPI: video: Force backlight native for more TongFang devices
8ad8fc82eee8 riscv: topology: fix default topology reporting
60dd3dc2acc4 arm64: topology: move store_cpu_topology() to shared code
724483b585a1 iommu/vt-d: Clean up si_domain in the init_dmars() error path
dfc0337c6dce net: hns: fix possible memory leak in hnae_ae_register()
bc8301ea7e7f net: sched: cake: fix null pointer access issue when cake_init() fails
b87f88d58f1b net: phy: dp83867: Extend RX strap quirk for SGMII mode
6453077a00c1 net/atm: fix proc_mpc_write incorrect return value
4258c473ee03 HID: magicmouse: Do not set BTN_MOUSE on double report
567f8de358b6 tipc: fix an information leak in tipc_topsrv_kern_subscr
27ee73c1199e tipc: Fix recognition of trial period
fa0676d94fa4 ACPI: extlog: Handle multiple records
13a2719ec89f btrfs: fix processing of delayed tree block refs during backref walking
b397ce347775 btrfs: fix processing of delayed data refs during backref walking
96894a4fe6b0 r8152: add PID for the Lenovo OneLink+ Dock
7f6d2188ec33 arm64: errata: Remove AES hwcap for COMPAT tasks
aae35081633f media: venus: dec: Handle the case where find_format fails
fd596e7371ac KVM: arm64: vgic: Fix exit condition in scan_its_table()
383b7c50f544 ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
da9793150297 ata: ahci-imx: Fix MODULE_ALIAS
c00cdfc9bd76 hwmon/coretemp: Handle large core ID value
3ea7da6a97d5 x86/microcode/AMD: Apply the patch early on every logical thread
3064c74198cf ocfs2: fix BUG when iput after ocfs2_mknod fails
c2489774a2f0 ocfs2: clear dinode links count in case of error
6391ed32b101 xfs: fix use-after-free on CIL context on shutdown
ac055fee2544 xfs: move inode flush to the sync workqueue
d3eb14b8ea26 xfs: reflink should force the log out if mounted with wsync
05e2b279ead4 xfs: factor out a new xfs_log_force_inode helper
f1172b08bb8e xfs: trylock underlying buffer on dquot flush
890d7dfff79d xfs: don't write a corrupt unmount record to force summary counter recalc
8ebd3ba932df xfs: tail updates only need to occur when LSN changes
87b8a7fb6263 xfs: factor common AIL item deletion code
4202b103d382 xfs: Throttle commits on delayed background CIL push
7a8f95bfb9e3 xfs: Lower CIL flush limit for large logs
f43ff28b0183 xfs: preserve default grace interval during quotacheck
553e5c8031f5 xfs: fix unmount hang and memory leak on shutdown during quotaoff
835306dd3f0c xfs: factor out quotaoff intent AIL removal and memory free
a1e03f160019 xfs: Replace function declaration by actual definition
fdce40c8fd92 xfs: remove the xfs_qoff_logitem_t typedef
926ddf7846ee xfs: remove the xfs_dq_logitem_t typedef
80f78aa76a17 xfs: remove the xfs_disk_dquot_t and xfs_dquot_t
4776ae328ccb xfs: Use scnprintf() for avoiding potential buffer overflow
2f55a0389154 xfs: check owner of dir3 blocks
15b0651f383f xfs: check owner of dir3 data blocks
bc013efdcf17 xfs: fix buffer corruption reporting when xfs_dir3_free_header_check fails
6e204b9e67f3 xfs: xfs_buf_corruption_error should take __this_address
0213ee5f4c93 xfs: add a function to deal with corrupt buffers post-verifiers
3c88c3c00c97 xfs: rework collapse range into an atomic operation
3602df3f1f5f xfs: rework insert range into an atomic operation
7cd181cb2333 xfs: open code insert range extent split helper
fe18f1af38a7 Linux 5.4.220
d9fdda5efe76 thermal: intel_powerclamp: Use first online CPU as control_cpu
c3bb4a7e8cbc inet: fully convert sk->sk_rx_dst to RCU rules
96e2e21284ca efi: libstub: drop pointless get_memory_map() call
97238b88583c md: Replace snprintf with scnprintf
8b766dd70791 ext4: continue to expand file system when the target size doesn't reach
4a36de894779 net/ieee802154: don't warn zero-sized raw_sendmsg()
cff6131217e6 Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
1210359a6854 net: ieee802154: return -EINVAL for unknown addr type
04df9719df18 io_uring/af_unix: defer registered files gc to io_uring release
f5dd24a66462 perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
036b1f3bca7e clk: bcm2835: Make peripheral PLLC critical
1eae30c0113d usb: idmouse: fix an uninit-value in idmouse_open
0d150ccd55db nvmet-tcp: add bounds check on Transfer Tag
3a3a8d75af4d nvme: copy firmware_rev on each init
e5d8f05edb36 staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
072b5a41c5f8 Revert "usb: storage: Add quirk for Samsung Fit flash"
d6afcab1b48f usb: musb: Fix musb_gadget.c rxstate overflow bug
9fa81cbd2dd3 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
1c00bb624cd0 md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
e30c3a9a8881 HID: roccat: Fix use-after-free in roccat_read()
81247850b8ab bcache: fix set_at_max_writeback_rate() for multiple attached devices
7cfc77f4fe1d ata: libahci_platform: Sanity check the DT child nodes number
16a45e78a687 staging: vt6655: fix potential memory leak
3376a0cf138d power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
3575949513ea nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
22f49d9d6e04 scsi: 3w-9xxx: Avoid disabling device if failing to enable it
66de92207600 clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
9181af2dbf06 media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
5dbfcf7b0803 clk: zynqmp: Fix stack-out-of-bounds in strncpy`
715fe15785b4 btrfs: scrub: try to fix super block errors
8054f824a725 ARM: dts: imx6sx: add missing properties for sram
05f789afaf69 ARM: dts: imx6sll: add missing properties for sram
48d1766b35f3 ARM: dts: imx6sl: add missing properties for sram
ef4a3baf0042 ARM: dts: imx6qp: add missing properties for sram
ee239c0340a2 ARM: dts: imx6dl: add missing properties for sram
82e5191b124a ARM: dts: imx6q: add missing properties for sram
0b2013ace8df ARM: dts: imx7d-sdb: config the max pressure for tsc2046
aec01503ba7f mmc: sdhci-msm: add compatible string check for sdm670
e67c2cda3d60 drm/amdgpu: fix initial connector audio value
079f64a1ea33 platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading
30a3601c2f59 drm: panel-orientation-quirks: Add quirk for Anbernic Win600
7de3e3514cab drm/vc4: vec: Fix timings for VEC modes
8f6cad7c4b68 drm/amd/display: fix overflow on MIN_I64 definition
cdde55f97298 drm: Prevent drm_copy_field() to attempt copying a NULL pointer
fb282b4e8aef drm: Use size_t type for len variable in drm_copy_field()
1d0803b1532d drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
61fd56b0a1a3 r8152: Rate limit overflow messages
7d6f9cb24d2b Bluetooth: L2CAP: Fix user-after-free
a76462dbdd8b net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
4037270ea6d6 wifi: rt2x00: correctly set BBP register 86 for MT7620
2021a5aaf835 wifi: rt2x00: set SoC wmac clock register
f9c053c3e4e9 wifi: rt2x00: set VGC gain for both chains of MT7620
0facbe608305 wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
2f383edcb703 wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
fdcc57ef8c1f can: bcm: check the result of can_send() in bcm_can_tx()
6e85d2ad958c Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
776f33c12fdb Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
49c742afd60f wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
18373ed500f7 xfrm: Update ipcomp_scratches with NULL when freed
2c485f4f2a64 wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
42d579d91051 tcp: annotate data-race around tcp_md5sig_pool_populated
ce25d7caf35d openvswitch: Fix overreporting of drops in dropwatch
a7fe12cea515 openvswitch: Fix double reporting of drops in dropwatch
06d73f4e6bd6 bpftool: Clear errno after libcap's checks
56a0ac486341 wifi: brcmfmac: fix invalid address access when enabling SCAN log level
38ca9ece960d NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
5a646c38f648 thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
49a6ffdaed60 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
ac84b26a1689 MIPS: BCM47XX: Cast memcmp() of function to (void *)
13f4d3665bf6 ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
c5ed3a378978 f2fs: fix race condition on setting FI_NO_EXTENT flag
584561e94260 crypto: cavium - prevent integer overflow loading firmware
00791e017b5f kbuild: remove the target in signal traps when interrupted
d59d36aa4c3f iommu/iova: Fix module config properly
0f224fde6324 crypto: ccp - Release dma channels before dmaengine unrgister
95c4e20adc3e crypto: akcipher - default implementation for setting a private key
4010a1afaae1 iommu/omap: Fix buffer overflow in debugfs
b32a285998d4 cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
3317c7d211ef powerpc: Fix SPE Power ISA properties for e500v1 platforms
6191f0310ebf powerpc/64s: Fix GENERIC_CPU build flags for PPC970 / G5
f11bce700b7a x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
828d19038019 powerpc/powernv: add missing of_node_put() in opal_export_attrs()
0a5cee97c017 powerpc/pci_dn: Add missing of_node_put()
1535e14731e9 powerpc/sysdev/fsl_msi: Add missing of_node_put()
85d23c49336c powerpc/math_emu/efp: Include module.h
e77a85c3fbfd mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
f28eec40785e clk: ast2600: BCLK comes from EPLL
fc39ebf85d03 clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
111369bb8cd9 clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
2ee652f072cf spmi: pmic-arb: correct duplicate APID to PPID mapping logic
1ea4efc09fee dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup()
8498490b3c91 clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
8542422192d0 mfd: sm501: Add check for platform_driver_register()
f95ba4aab698 mfd: fsl-imx25: Fix check for platform_get_irq() errors
6804b4fedee2 mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init()
595d077f3cf5 mfd: lp8788: Fix an error handling path in lp8788_probe()
b75f4912b371 mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
1f4f8b6adb3d mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe()
b6c2c3059e72 fsi: core: Check error number after calling ida_simple_get
117331a2a522 scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
558a9fcb6ce7 serial: 8250: Fix restoring termios speed after suspend
c969316eeefb firmware: google: Test spinlock on panic path to avoid lockups
88b9cc60f26e staging: vt6655: fix some erroneous memory clean-up loops
83d11dd92a51 phy: qualcomm: call clk_disable_unprepare in the error handling
29b897ac7b99 tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
744c2d33a88b drivers: serial: jsm: fix some leaks in probe
9fe0a8c0694c usb: gadget: function: fix dangling pnp_string in f_printer.c
59e3d41265f3 xhci: Don't show warning for reinit on known broken suspend
f8ba29ae237e md/raid5: Ensure stripe_fill happens on non-read IO with journal
9b881a2ca0c6 mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
22830560eb2f ata: fix ata_id_has_dipm()
10d52d8dd1cb ata: fix ata_id_has_ncq_autosense()
99e7e6445154 ata: fix ata_id_has_devslp()
6ea4b3303abf ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
e09caa38e10b RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
b21b0d17ad99 mtd: devices: docg3: check the return value of devm_ioremap() in the probe
3ca6939b5d1a dyndbg: let query-modname override actual module name
ad0a65517cff dyndbg: fix module.dyndbg handling
fc797285c40a misc: ocxl: fix possible refcount leak in afu_ioctl()
7ed37be3a2ce RDMA/rxe: Fix the error caused by qp->sk
0d773c58d702 RDMA/rxe: Fix "kernel NULL pointer dereference" error
59b315353252 media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
80a955dabb82 tty: xilinx_uartps: Fix the ignore_status
3e77ac46f290 media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
3baf53328aee HSI: omap_ssi_port: Fix dma_map_sg error check
aa9c0598b109 HSI: omap_ssi: Fix refcount leak in ssi_probe
5d9fb09612de clk: tegra20: Fix refcount leak in tegra20_clock_init
5984b1d66126 clk: tegra: Fix refcount leak in tegra114_clock_init
6d3ac23b952f clk: tegra: Fix refcount leak in tegra210_clock_init
aa3898dec1b6 clk: berlin: Add of_node_put() for of_get_parent()
fcaff9bc6bbc clk: oxnas: Hold reference returned by of_get_parent()
ad3a056982b7 clk: meson: Hold reference returned by of_get_parent()
633c574e0f8b iio: ABI: Fix wrong format of differential capacitance channel ABI.
0111032d9a02 iio: inkern: only release the device node when done with it
246af4216379 iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
46778752bbd5 iio: adc: at91-sama5d2_adc: check return status for pressure and touch
d50e3817a4b6 iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
c29c3d32bd01 ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
e00480d42b1a ARM: Drop CMDLINE_* dependency on ATAGS
fcad2eef0030 ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
6858d8599c65 ARM: dts: kirkwood: lsxl: remove first ethernet port
d45424d980e8 ARM: dts: kirkwood: lsxl: fix serial line
1edbceda073d ARM: dts: turris-omnia: Fix mpp26 pin name and comment
673db1cf4db8 soc: qcom: smem_state: Add refcounting for the 'state->of_node'
1e3ed59370c7 soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
85a40bfb8e7a memory: of: Fix refcount leak bug in of_get_ddr_timings()
b37f4a711e5d memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
56c4299f7670 ALSA: hda/hdmi: Don't skip notification handling during PM operation
45387ca42277 ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
371d4dbece4d ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
aa182988c0e6 ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
28a12e24d125 mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
93c86281838c ALSA: dmaengine: increment buffer pointer atomically
6c85495e5882 drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
c240431717d6 ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
9e421bd9fd29 mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
9d7af9b1624d drm/omap: dss: Fix refcount leak bugs
0c55618aaad3 ALSA: hda: beep: Simplify keep-power-at-enable behavior
3ac2045d0419 ASoC: rsnd: Add check for rsnd_mod_power_on
1daf69228e31 drm/bridge: megachips: Fix a null pointer dereference bug
b33b60afa53c drm: fix drm_mipi_dbi build errors
a367b7a96a5e platform/x86: msi-laptop: Fix resource cleanup
a9b32c9fe56d platform/x86: msi-laptop: Fix old-ec check for backlight registering
e548f9503c4b platform/chrome: fix memory corruption in ioctl
783c1c5000e8 platform/chrome: fix double-free in chromeos_laptop_prepare()
8242167cfc83 drm/mipi-dsi: Detach devices when removing the host
4d4a58c9d4db drm: bridge: adv7511: fix CEC power down control register offset
72c0d361940a net: mvpp2: fix mvpp2 debugfs leak
131287ff833d once: add DO_ONCE_SLOW() for sleepable contexts
03ac583eefc9 net/ieee802154: reject zero-sized raw_sendmsg()
71e0ab5b7598 bnx2x: fix potential memory leak in bnx2x_tpa_stop()
360aa7219285 net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
3625b684a285 tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
382ff4471660 sctp: handle the error returned from sctp_auth_asoc_init_active_key
466ed722f205 mISDN: fix use-after-free bugs in l1oip timer handlers
e6d0152c9510 vhost/vsock: Use kvmalloc/kvfree for larger packets.
c202ad048f50 spi: s3c64xx: Fix large transfers with DMA
60a7496b40e8 netfilter: nft_fib: Fix for rpath check with VRF devices
610798a58e72 spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
1d8c928ed729 x86/microcode/AMD: Track patch allocation size explicitly
215c146b4021 bpf: Ensure correct locking around vulnerable function find_vpid()
4017e91ff25d net: fs_enet: Fix wrong check in do_pd_setup
08a441a4ad54 wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
e0bab93245b6 bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
374dd4e51966 wifi: rtl8xxxu: Fix skb misuse in TX queue selection
df0b024ade10 spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime()
026ffbb07f8f spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
321c51aa59df wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
7993680752bb x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register
bbe293db7e67 bpftool: Fix a wrong type cast in btf_dumper_int
9ee70c3cb4f8 wifi: mac80211: allow bw change during channel switch in mesh
4494ec1c0bb8 wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
acc393aecda0 nfsd: Fix a memory leak in an error handling path
d7f1e7af1ef4 ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
5abd2626ca37 sh: machvec: Use char[] for section boundaries
c0f4be8303d0 userfaultfd: open userfaultfds with O_RDONLY
29d0c45cf16e tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
b0c2e34be932 selinux: use "grep -E" instead of "egrep"
56ee9577915d drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
16435e58e57c gcov: support GCC 12.1 and newer compilers
b6094c482935 KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
764478646115 KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
45779be5ced6 KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
c3a98fc6c2f2 media: cedrus: Set the platform driver data earlier
3cf2ef86e01a ring-buffer: Fix race between reset page and reading page
7e06ef0345ea ring-buffer: Check pending waiters when doing wake ups as well
cc1f35733c19 ring-buffer: Have the shortest_full queue be the shortest not longest
22707f033d8e ring-buffer: Allow splice to read previous partially read pages
e755b65a4727 ftrace: Properly unset FTRACE_HASH_FL_MOD
f66de70930f7 livepatch: fix race between fork and KLP transition
1211121f0e73 ext4: place buffer head allocation before handle start
52c7b8d3b75e ext4: make ext4_lazyinit_thread freezable
3638aa1c7d87 ext4: fix null-ptr-deref in ext4_write_info
a22f52d88331 ext4: avoid crash when inline data creation follows DIO write
21ea616f1e59 jbd2: wake up journal waiters in FIFO order, not LIFO
d1c2d820a2cd nilfs2: fix use-after-free bug of struct nilfs_root
c99860f9a750 f2fs: fix to do sanity check on summary info
68b1e607559d f2fs: fix to do sanity check on destination blkaddr during recovery
c5d8198ce863 f2fs: increase the limit for reserve_root
26b7c0ac49a3 btrfs: fix race between quota enable and quota rescan ioctl
3742e9fd552e fbdev: smscufx: Fix use-after-free in ufx_ops_open()
52895c495b62 powerpc/boot: Explicitly disable usage of SPE instructions
e3f7e99337c6 PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
cd251d39b134 UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
08f03b333c4f riscv: Pass -mno-relax only on lld < 15.0.0
c61f553ba87c riscv: Allow PROT_WRITE-only mmap()
09058e5ef7c1 parisc: fbdev/stifb: Align graphics memory size to 4MB
2c60db6869fe RISC-V: Make port I/O string accessors actually work
14c06375c853 regulator: qcom_rpm: Fix circular deferral regression
79b7547eeb37 ASoC: wcd9335: fix order of Slimbus unprepare/disable
6927ee818fe1 quota: Check next/prev free block number after reading from quota file
4cf9233eb175 HID: multitouch: Add memory barriers
477ac1d57f60 fs: dlm: handle -EBUSY first in lock arg validation
d3961f732d85 fs: dlm: fix race between test_bit() and queue_work()
4352db1e330a mmc: sdhci-sprd: Fix minimum clock limit
fbefc5cce481 can: kvaser_usb_leaf: Fix CAN state after restart
9948b80910e2 can: kvaser_usb_leaf: Fix TX queue out of sync after restart
76d9afd30ef3 can: kvaser_usb_leaf: Fix overread with an invalid command
953bb1dfea88 can: kvaser_usb: Fix use of uninitialized completion
42f7d9339612 usb: add quirks for Lenovo OneLink+ Dock
37daa23f2850 iio: pressure: dps310: Reset chip after timeout
228348a9fe5f iio: pressure: dps310: Refactor startup procedure
974c1f15ac9a iio: dac: ad5593r: Fix i2c read protocol requirements
d0050ec3ebbc cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
bd09adde6771 cifs: destage dirty pages before re-reading them for cache=none
8298f20e1149 mtd: rawnand: atmel: Unmap streaming DMA mappings
8d763c8e6cdb ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
4c354105176f ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
a943c4a16bfb ALSA: hda/realtek: Correct pin configs for ASUS G533Z
19731649623b ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
121fadc0cae5 ALSA: usb-audio: Fix NULL dererence at error path
988ec0cd0a26 ALSA: usb-audio: Fix potential memory leaks
de7d80d0fe10 ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
afb507303ea9 ALSA: oss: Fix potential deadlock at unregistration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 5da86988ce..9a68f2680c 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "983b2c21d3fa76840461947f3f644dd9442d8e40"
-SRCREV_meta ?= "7e9781b04df1fc0aac9309734bbe23b36c050b42"
+SRCREV_machine ?= "c6d759ae0dff9466208b68335bf502446253585f"
+SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.219"
+LINUX_VERSION ?= "5.4.221"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 269ad6e459..0860d27ed7 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.219"
+LINUX_VERSION ?= "5.4.221"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "a4c846b5cacb954ae98a8eba9e0450812f1db42c"
-SRCREV_machine ?= "ae25c500cf7dae5520897489b3fe49bdf068528b"
-SRCREV_meta ?= "7e9781b04df1fc0aac9309734bbe23b36c050b42"
+SRCREV_machine_qemuarm ?= "9f6cf5893f239082af0628843c64bf28712bc3a3"
+SRCREV_machine ?= "602bb6499410dea02c84839a318f9cedea1edbed"
+SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index d740333ff4..f9326e4686 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "88065fdc7d5d404312da98b78229996b61f56c21"
-SRCREV_machine_qemuarm64 ?= "ac9667e4dba109088d7ed5922f28d6ef1ba66e9b"
-SRCREV_machine_qemumips ?= "e0dd90f622f78e0ad05797996756528623070da4"
-SRCREV_machine_qemuppc ?= "0d45c84c8240fadec9a36a13d9cf077b6793bcfb"
-SRCREV_machine_qemuriscv64 ?= "35826e154ee014b64ccfa0d1f12d36b8f8a75939"
-SRCREV_machine_qemux86 ?= "35826e154ee014b64ccfa0d1f12d36b8f8a75939"
-SRCREV_machine_qemux86-64 ?= "35826e154ee014b64ccfa0d1f12d36b8f8a75939"
-SRCREV_machine_qemumips64 ?= "a5cc27ae60c504fc309926d8e72129128befdbd5"
-SRCREV_machine ?= "35826e154ee014b64ccfa0d1f12d36b8f8a75939"
-SRCREV_meta ?= "7e9781b04df1fc0aac9309734bbe23b36c050b42"
+SRCREV_machine_qemuarm ?= "d2e7e83b8c22f5e3ecc668837f3ae0201e042871"
+SRCREV_machine_qemuarm64 ?= "8238c28a0df87b72be92f0809a1dba6b3bc4a816"
+SRCREV_machine_qemumips ?= "5c3d5714e849f7844b82488e828eb00b49c86274"
+SRCREV_machine_qemuppc ?= "01887f1f1117db202e3b5ca06cde1261e7c2d296"
+SRCREV_machine_qemuriscv64 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
+SRCREV_machine_qemux86 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
+SRCREV_machine_qemux86-64 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
+SRCREV_machine_qemumips64 ?= "35b0ae02eb9f6f989e54bd75adf7669f528ef5d9"
+SRCREV_machine ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
+SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.219"
+LINUX_VERSION ?= "5.4.221"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 09/18] linux-yocto/5.4: update to v5.4.224
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (7 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 08/18] linux-yocto/5.4: update to v5.4.221 Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 10/18] linux-yocto/5.4: update to v5.4.225 Steve Sakoman
` (8 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
771a8acbb841 Linux 5.4.224
3e0c1ab197eb ipc: remove memcg accounting for sops objects in do_semtimedop()
a16415c8f156 wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker()
a24bf3c317b2 drm/i915/sdvo: Setup DDC fully before output init
4dadd4b16178 drm/i915/sdvo: Filter out invalid outputs more sensibly
57306fef4d10 drm/rockchip: dsi: Force synchronous probe
e09ff743e30b mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times
8b1174d05896 KVM: x86: emulator: update the emulation mode after CR0 write
ac3bc06c9ac5 KVM: x86: emulator: introduce emulator_recalc_and_set_mode
f159cd915d73 KVM: x86: emulator: em_sysexit should update ctxt->mode
ef3094c4e9ee KVM: x86: Mask off reserved bits in CPUID.80000008H
da1bf3732d0f KVM: x86: Mask off reserved bits in CPUID.8000001AH
2fa24d0274fb ext4: fix BUG_ON() when directory entry has invalid rec_len
72743d5598b9 ext4: fix warning in 'ext4_da_release_space'
eed040fd35e9 parisc: Avoid printing the hardware path twice
9e902284ee3e parisc: Export iosapic_serial_irq() symbol for serial port driver
506ae301672e parisc: Make 8250_gsc driver dependend on CONFIG_PARISC
c586068aad62 ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
4e8ee3cf74e2 perf/x86/intel: Add Cooper Lake stepping to isolation_ucodes[]
6ffa48150b9b perf/x86/intel: Fix pebs event constraints for ICL
fee896d4534f efi: random: reduce seed size to 32 bytes
0c7275743498 fuse: add file_modified() to fallocate
0c3e6288da65 capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
4bc52ddf6347 tracing/histogram: Update document for KEYS_MAX size
c8938263e640 tools/nolibc/string: Fix memcmp() implementation
993bd0de8b53 kprobe: reverse kp->flags when arm_kprobe failed
fe3da74428bf tcp/udp: Make early_demux back namespacified.
4ae03c869c9a btrfs: fix type of parameter generation in btrfs_get_dentry
27a594bc7a7c binder: fix UAF of alloc->vma in race with munmap()
bad83d55134e memcg: enable accounting of ipc resources
92aaa5e8fe90 tcp/udp: Fix memory leak in ipv6_renew_options().
c494ae149858 block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
6949400ec9fe Bluetooth: L2CAP: Fix attempting to access uninitialized memory
ad18f624e3da xfs: Add the missed xfs_perag_put() for xfs_ifree_cluster()
0802130a4d0b xfs: don't fail unwritten extent conversion on writeback due to edquot
fef141f9e4c1 xfs: group quota should return EDQUOT when prj quota enabled
4267433dd3d3 xfs: gut error handling in xfs_trans_unreserve_and_mod_sb()
24e7e3935309 xfs: use ordered buffers to initialize dquot buffers during quotacheck
52802e9a035f xfs: don't fail verifier on empty attr3 leaf block
71d487a82d2c i2c: xiic: Add platform module alias
cdd19e559a72 HID: saitek: add madcatz variant of MMO7 mouse device ID
efdcd1e32c0d scsi: core: Restrict legal sdev_state transitions via sysfs
70119756311a media: meson: vdec: fix possible refcount leak in vdec_probe()
bfa8ccf70597 media: dvb-frontends/drxk: initialize err to 0
11c8f19e0f5a media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
4a449430ecfb media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
381453770f73 ipv6: fix WARNING in ip6_route_net_exit_late()
b49f6b2f21f5 net, neigh: Fix null-ptr-deref in neigh_table_clear()
4954b5359eb1 net: mdio: fix undefined behavior in bit shift for __mdiobus_register
c1f594dddd9f Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
4cd094fd5d87 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
5d1a47ebf845 btrfs: fix ulist leaks in error paths of qgroup self tests
6a6731a0df8c btrfs: fix inode list leak during backref walking at find_parent_nodes()
2c0329406bb2 btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
3d74329d8cff isdn: mISDN: netjet: fix wrong check of device registration
2ff6b669523d mISDN: fix possible memory leak in mISDN_register_device()
b13be5e852b0 rose: Fix NULL pointer dereference in rose_send_frame()
8457a00c981f ipvs: fix WARNING in ip_vs_app_net_cleanup()
7effc4ce3d14 ipvs: fix WARNING in __ip_vs_cleanup_batch()
2cc523978f1c ipvs: use explicitly signed chars
74fd58394670 netfilter: nf_tables: release flow rule object from commit path
ca791952d42c net: tun: fix bugs for oversize packet when napi frags enabled
52e042947197 net: sched: Fix use after free in red_enqueue()
d605da3e5f74 ata: pata_legacy: fix pdc20230_set_piomode()
704b92c51b64 net: fec: fix improper use of NETDEV_TX_BUSY
f30060efcf18 nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
aef89b91c7d7 nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
875082ae8329 RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
af8fb5a0600e RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
bbc5d7b46a72 net: dsa: Fix possible memory leaks in dsa_loop_init()
925cb538bd58 nfs4: Fix kmemleak when allocate slot failed
0bc335d0100e NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
405309d86021 NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
25760a41e380 IB/hfi1: Correctly move list in sc_disable()
6b5c87f9b3f8 RDMA/cma: Use output interface for net_dev check
a0d938496721 Linux 5.4.223
a0a2a4bdd101 can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive
fc0eecb8b457 net: enetc: survive memory pressure without crashing
69dd3ad406c4 net/mlx5: Fix possible use-after-free in async command interface
827e36a031e4 net/mlx5e: Do not increment ESN when updating IPsec ESN state
7dc6ce3ef20f nh: fix scope used to find saddr when adding non gw nh
ba6ee85355ad net: ehea: fix possible memory leak in ehea_register_port()
4175d6381f6f openvswitch: switch from WARN to pr_warn
0667bb60000d ALSA: aoa: Fix I2S device accounting
5bdea6745341 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
2a47cc2a3d04 PM: domains: Fix handling of unavailable/disabled idle states
a49e74cc7489 net: ksz884x: fix missing pci_disable_device() on error in pcidev_init()
e46f699ac23d i40e: Fix flow-type by setting GL_HASH_INSET registers
e88c2a1e28c5 i40e: Fix VF hang when reset is triggered on another VF
28c47fd23c20 i40e: Fix ethtool rx-flow-hash setting for X722
d303dabe7e03 media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
b4a3a01762ae media: v4l2-dv-timings: add sanity checks for blanking values
d8f479c777b4 media: vivid: dev->bitmap_cap wasn't freed in all cases
9d6870949c2c media: vivid: s_fbuf: add more sanity checks
8e1592d41519 PM: hibernate: Allow hybrid sleep to work with s2idle
77454bc744e2 can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path
f79de6451eaf tcp: fix indefinite deferral of RTO with SACK reneging
38e451696057 net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY
97ad240fd9aa net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
663682cd3192 kcm: annotate data-races around kcm->rx_wait
e94395e916b4 kcm: annotate data-races around kcm->rx_psock
f85e54b4f3e5 amd-xgbe: add the bit rate quirk for Molex cables
71ba2a95663a amd-xgbe: fix the SFP compliance codes check for DAC cables
fe3fd27083db x86/unwind/orc: Fix unreliable stack dump with gcov
fda2d07234a2 net: netsec: fix error handling in netsec_register_mdio()
24b129aed873 tipc: fix a null-ptr-deref in tipc_topsrv_accept
758dbcc6fbf2 ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
ccaeef126ed1 arc: iounmap() arg is volatile
fa434a64a4ea drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
29a6902eb076 media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
6f3511eb8654 net: ieee802154: fix error return code in dgram_bind()
11993652d0b4 mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
5a2d7c93d9b9 cgroup-v1: add disabled controller check in cgroup1_parse_param()
3d056d81b93a xen/gntdev: Prevent leaking grants
8f589b5c0e7b Xen/gntdev: don't ignore kernel unmapping error
f45ee2038464 xfs: force the log after remapping a synchronous-writes file
102de7717d63 xfs: clear XFS_DQ_FREEING if we can't lock the dquot buffer to flush
03b449a880d1 xfs: finish dfops on every insert range shift iteration
3d295076ba4e s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser()
344e1cb0bafe s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
4f969d0753bd perf auxtrace: Fix address filter symbol name match for modules
c78b0dc6fb7f kernfs: fix use-after-free in __kernfs_remove
7a09c64b7da0 mmc: core: Fix kernel panic when remove non-standard SDIO card
ed7f1ff87a4a drm/msm/hdmi: fix memory corruption with too many bridges
f649ed0e1b7a drm/msm/dsi: fix memory corruption with too many bridges
e7348308f668 mac802154: Fix LQI recording
5385af2f89bc fbdev: smscufx: Fix several use-after-free bugs
07ef3be6cae3 iio: light: tsl2583: Fix module unloading
cb972e6d01ef tools: iio: iio_utils: fix digit calculation
8f1cd9633d1f xhci: Remove device endpoints from bandwidth list when freeing the device
914704e0d283 mtd: rawnand: marvell: Use correct logic for nand-keep-config
5d36037b224d usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller
7b7a0d54333c usb: bdc: change state when port disconnected
6827b58a957d usb: dwc3: gadget: Don't set IMI for no_interrupt
9aa025430346 usb: dwc3: gadget: Stop processing more requests on IMI
035dda2bfd7f USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
e4045fbcd98e ALSA: au88x0: use explicitly signed char
d853b4380835 ALSA: Use del_timer_sync() before freeing timer
caea5b20ef9b can: kvaser_usb: Fix possible completions during init_completion
5437642f91fd can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb()
5282d4de783b Linux 5.4.222
59f89518f510 once: fix section mismatch on clang builds
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 9a68f2680c..c748e9afdb 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "c6d759ae0dff9466208b68335bf502446253585f"
-SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
+SRCREV_machine ?= "cde409b485372556f74ca484023b9b29c9c4033b"
+SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.221"
+LINUX_VERSION ?= "5.4.224"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 0860d27ed7..e4e45604c6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.221"
+LINUX_VERSION ?= "5.4.224"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "9f6cf5893f239082af0628843c64bf28712bc3a3"
-SRCREV_machine ?= "602bb6499410dea02c84839a318f9cedea1edbed"
-SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
+SRCREV_machine_qemuarm ?= "8023cf1d720eea113ca49b7876b25d767dac778c"
+SRCREV_machine ?= "61e75f4b3ca1a7c8ad179896ddd546a6f2f01cef"
+SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index f9326e4686..3c83e3118b 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "d2e7e83b8c22f5e3ecc668837f3ae0201e042871"
-SRCREV_machine_qemuarm64 ?= "8238c28a0df87b72be92f0809a1dba6b3bc4a816"
-SRCREV_machine_qemumips ?= "5c3d5714e849f7844b82488e828eb00b49c86274"
-SRCREV_machine_qemuppc ?= "01887f1f1117db202e3b5ca06cde1261e7c2d296"
-SRCREV_machine_qemuriscv64 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
-SRCREV_machine_qemux86 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
-SRCREV_machine_qemux86-64 ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
-SRCREV_machine_qemumips64 ?= "35b0ae02eb9f6f989e54bd75adf7669f528ef5d9"
-SRCREV_machine ?= "9b2a3ded50b3a704478170c57808fd76039f02a1"
-SRCREV_meta ?= "c917f683a6394ae00f81139ae57ae0112d4b7528"
+SRCREV_machine_qemuarm ?= "5a025566942a9ace3426b926d87249fcb1f297f3"
+SRCREV_machine_qemuarm64 ?= "1ccea77e0b446db75d7fe886a1b74045e0e9a96e"
+SRCREV_machine_qemumips ?= "c22ce9aaf491340881366e151ac73450989e03a5"
+SRCREV_machine_qemuppc ?= "390f256c86e74503d285392b76ab1678f5f57697"
+SRCREV_machine_qemuriscv64 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
+SRCREV_machine_qemux86 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
+SRCREV_machine_qemux86-64 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
+SRCREV_machine_qemumips64 ?= "34cc9064800203ae6b1eb5c96d808e3ed3a359b8"
+SRCREV_machine ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
+SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.221"
+LINUX_VERSION ?= "5.4.224"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 10/18] linux-yocto/5.4: update to v5.4.225
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (8 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 09/18] linux-yocto/5.4: update to v5.4.224 Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 11/18] linux-yocto/5.4: update to v5.4.228 Steve Sakoman
` (7 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
4d2a309b5c28 Linux 5.4.225
b612f924f296 ntfs: check overflow when iterating ATTR_RECORDs
0e2ce0954b39 ntfs: fix out-of-bounds read in ntfs_attr_find()
266bd5306286 ntfs: fix use-after-free in ntfs_attr_find()
ed8b990e89aa mm: fs: initialize fsdata passed to write_begin/write_end interface
b1ad04da7fe4 9p/trans_fd: always use O_NONBLOCK read/write
179236a122a1 gfs2: Switch from strlcpy to strscpy
8b6534c9ae9d gfs2: Check sb_bsize_shift after reading superblock
96760723aae1 9p: trans_fd/p9_conn_cancel: drop client lock earlier
ce57d6474ae9 kcm: close race conditions on sk_receive_queue
7a704dbfd373 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
ad39d09190a5 kcm: avoid potential race in kcm_tx_work
78be2ee01124 tcp: cdg: allow tcp_cdg_release() to be called multiple times
a62aa84fe19e macvlan: enforce a consistent minimal mtu
4f348b60c796 Input: i8042 - fix leaking of platform device on module removal
7b0007b28dd9 kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
28f7ff5e7559 scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
ec59a1325230 ring-buffer: Include dropped pages in counting dirty patches
32a7f0645111 serial: 8250: Flush DMA Rx on RLSI
e7061dd1fef2 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
3da7098e8ffa docs: update mediator contact information in CoC doc
27f712cd47d6 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
616c6695dd42 mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout
076712ff50dc mmc: core: properly select voltage range without power cycle
1bf8ed585501 scsi: zfcp: Fix double free of FSF request when qdio send fails
5d53797ce7ce Input: iforce - invert valid length check when fetching device IDs
89c0c27ab39a serial: 8250_lpss: Configure DMA also w/o DMA filter
d6ebe11ad322 serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
b545c0e1e409 dm ioctl: fix misbehavior if list_versions races with module loading
1c5866b4ddec iio: pressure: ms5611: changed hardcoded SPI speed to value limited
0dd52e141afd iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
7b75515728b6 iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
c025c4505fba usb: chipidea: fix deadlock in ci_otg_del_timer
8c8039ede2f9 usb: add NO_LPM quirk for Realforce 87U Keyboard
bec9f91f7b0c USB: serial: option: add Fibocom FM160 0x0111 composition
1972f20f365d USB: serial: option: add u-blox LARA-L6 modem
089839cccf82 USB: serial: option: add u-blox LARA-R6 00B modem
31e6aba26b44 USB: serial: option: remove old LARA-R6 PID
5ee0a017e52a USB: serial: option: add Sierra Wireless EM9191
0410c2ae2105 speakup: fix a segfault caused by switching consoles
6ed6a5dfa3fa slimbus: stream: correct presence rate frequencies
56607f0bfc9a Revert "usb: dwc3: disable USB core PHY management"
e7dc436aea80 ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
72c2ea34faa1 ring_buffer: Do not deactivate non-existant pages
f715f31559b8 ftrace: Fix null pointer dereference in ftrace_add_mod()
c50e0bcf4a1b ftrace: Optimize the allocation for mcount entries
3041feeedbdd ftrace: Fix the possible incorrect kernel message
04e9e5eb4551 cifs: add check for returning value of SMB2_set_info_init
293c0d7182ee net: thunderbolt: Fix error handling in tbnet_init()
e6546d541206 cifs: Fix wrong return value checking when GETFLAGS
e109b41870db net/x25: Fix skb leak in x25_lapb_receive_frame()
e313efddce71 platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized
813a8dd9c45f drbd: use after free in drbd_create_device()
0199bf0a8f74 xen/pcpu: fix possible memory leak in register_pcpu()
aa2ba356507f bnxt_en: Remove debugfs when pci_register_driver failed
6134357f568e net: caif: fix double disconnect client in chnl_net_open()
90638373f19f net: macvlan: Use built-in RCU list checking
83672c1b83d1 mISDN: fix misuse of put_device() in mISDN_register_device()
8c85770d1ad0 net: liquidio: release resources when liquidio driver open failed
0f2c681900a0 mISDN: fix possible memory leak in mISDN_dsp_element_register()
d697f78cab64 net: bgmac: Drop free_netdev() from bgmac_enet_remove()
bec9ded5404c ata: libata-transport: fix double ata_host_put() in ata_tport_add()
2ff7e852bd4c arm64: dts: imx8mn: Fix NAND controller size-cells
bb4a2f898ef7 arm64: dts: imx8mm: Fix NAND controller size-cells
040f726fecd8 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
5b3d6d510bb8 parport_pc: Avoid FIFO port location truncation
f9fe7ba4ea5b siox: fix possible memory leak in siox_device_add()
6bb50c14c958 block: sed-opal: kmalloc the cmd/resp buffers
8555c6c1125f ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
b768afc68b10 tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
476b09e07bd5 serial: imx: Add missing .thaw_noirq hook
b7c6033a8fa3 serial: 8250: omap: Flush PM QOS work on remove
2d66412563ef serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in omap8250_remove()
747e76f4ccb2 serial: 8250_omap: remove wait loop from Errata i202 workaround
2ec3f558db34 ASoC: core: Fix use-after-free in snd_soc_exit()
ee31abd04754 spi: stm32: Print summary 'callbacks suppressed' message
a39357b4ec86 ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" -> "Route"
1a5f13b0c542 Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
6fa082ad96d6 btrfs: remove pointless and double ulist frees in error paths of qgroup tests
741bded210db drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid
761976a6175d i2c: i801: add lis3lv02d's I2C address for Vostro 5568
18a501e5c7a8 NFSv4: Retry LOCK on OLD_STATEID during delegation return
281b93e42e40 selftests/intel_pstate: fix build for ARCH=x86_64
2cce0a36cec9 selftests/futex: fix build for clang
c81ab3d7d1e2 ASoC: codecs: jz4725b: fix capture selector naming
5b94d1bb1ea2 ASoC: codecs: jz4725b: use right control for Capture Volume
21b6fbb934b5 ASoC: codecs: jz4725b: fix reported volume for Master ctl
c9fb6a03112d ASoC: codecs: jz4725b: add missed Line In power control bit
1719b9c0fb37 spi: intel: Fix the offset to get the 64K erase opcode
af93d7c9d94c ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK
a3b07bb0b3fc ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe"
4d487873ba5f ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe"
f0901e1551a8 ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe"
1fd66e3b02d5 x86/cpu: Restore AMD's DE_CFG MSR after resume
30b0263d0366 net: tun: call napi_schedule_prep() to ensure we own a napi
7a6e564ff259 dmaengine: at_hdmac: Check return code of dma_async_device_register
966dd087de9a dmaengine: at_hdmac: Fix impossible condition
d6ce23165ccc dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
a5352470299f dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors
77b97ef4908a dmaengine: at_hdmac: Don't start transactions at tx_submit level
3d35e36d7a90 dmaengine: at_hdmac: Fix at_lli struct definition
ab390c532e3c cert host tools: Stop complaining about deprecated OpenSSL functions
d0513b095e1e can: j1939: j1939_send_one(): fix missing CAN header initialization
d8971f410739 udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
c914c56ac058 btrfs: selftests: fix wrong error check in btrfs_free_dummy_root()
aa05252ab4b8 platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
431b70544bb1 drm/i915/dmabuf: fix sg_table handling in map_dma_buf
9b162e810452 nilfs2: fix use-after-free bug of ns_writer on remount
36ff974b0310 nilfs2: fix deadlock in nilfs_count_free_blocks()
b4421e6d9a96 vmlinux.lds.h: Fix placement of '.data..decrypted' section
022d8696a7dd ALSA: usb-audio: Add DSD support for Accuphase DAC-60
ded2d51b85e3 ALSA: usb-audio: Add quirk entry for M-Audio Micro
02dea987ec1c ALSA: hda: fix potential memleak in 'add_widget_node'
9ab40b1df6ab ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
d51861d2911b mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
d2cf28caf5f1 mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
ae2aeee895ec mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
9fbe02082912 MIPS: jump_label: Fix compat branch range check
f967bbc72f20 arm64: efi: Fix handling of misaligned runtime regions and drop warning
c5c0b3167537 riscv: process: fix kernel info leakage
685e73e3f7a9 net: macvlan: fix memory leaks of macvlan_common_newlink
d1dddadf4cbb ethernet: tundra: free irq when alloc ring failed in tsi108_open()
1b7a5651432e net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open()
ec8a47afc5ee ethernet: s2io: disable napi when start nic failed in s2io_card_up()
b03f505c5d1e cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open()
834d2da28fd9 net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
834445168191 net: cpsw: disable napi in cpsw_ndo_open()
3892c2d33573 net/mlx5: Allow async trigger completion execution on single CPU systems
5b72cf7a4066 net: nixge: disable napi when enable interrupts failed in nixge_open()
a8aade318d7e perf stat: Fix printing os->prefix in CSV metrics output
da4daa36ea2e drivers: net: xgene: disable napi when register irq failed in xgene_enet_open()
1d8488732765 dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
7c77e272b4b3 dmaengine: pxa_dma: use platform_get_irq_optional
36769b947749 tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
afab4655750f can: af_can: fix NULL pointer dereference in can_rx_register()
58cd7fdc8c1e ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
3ad34145911d drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register()
831ea56c3470 hamradio: fix issue of dev reference count leakage in bpq_device_event()
c7e0024852c3 net: lapbether: fix issue of dev reference count leakage in lapbeth_device_event()
5661f111a161 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
08c3d22f1080 net: fman: Unregister ethernet device on removal
aa94d1a607c7 bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
a5a05fbef4a0 bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
a4f73f6adc53 net: tun: Fix memory leaks of napi_get_frags
65ad047fd835 net: gso: fix panic on frag_list with mixed head alloc types
e29289d0d819 HID: hyperv: fix possible memory leak in mousevsc_probe()
d975bec1eaeb bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
0ede1a988299 wifi: cfg80211: fix memory leak in query_regdb_file()
1c8d06631749 wifi: cfg80211: silence a sparse RCU warning
c38ea831691b phy: stm32: fix an error code in probe
45a841719fe0 xfs: drain the buf delwri queue before xfsaild idles
e107e953d24d xfs: preserve inode versioning across remounts
7d57979052c4 xfs: use MMAPLOCK around filemap_map_pages()
8b27e684a6a9 xfs: redesign the reflink remap loop to fix blkres depletion crash
ece1eb995787 xfs: rename xfs_bmap_is_real_extent to is_written_extent
d304fafb978d xfs: preserve rmapbt swapext block reservation from freed blocks
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index c748e9afdb..5601c43b8e 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "cde409b485372556f74ca484023b9b29c9c4033b"
-SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
+SRCREV_machine ?= "c06836b5ea27b0b97c04cd205959e21b2a60f32e"
+SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.224"
+LINUX_VERSION ?= "5.4.225"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index e4e45604c6..5916a42f34 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.224"
+LINUX_VERSION ?= "5.4.225"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "8023cf1d720eea113ca49b7876b25d767dac778c"
-SRCREV_machine ?= "61e75f4b3ca1a7c8ad179896ddd546a6f2f01cef"
-SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
+SRCREV_machine_qemuarm ?= "92964f40a4e096e1971b65ce0572ad909ab41e84"
+SRCREV_machine ?= "00e9d6d6f5c09bd5fd47af67fd7d03881d74c608"
+SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 3c83e3118b..5951668c57 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "5a025566942a9ace3426b926d87249fcb1f297f3"
-SRCREV_machine_qemuarm64 ?= "1ccea77e0b446db75d7fe886a1b74045e0e9a96e"
-SRCREV_machine_qemumips ?= "c22ce9aaf491340881366e151ac73450989e03a5"
-SRCREV_machine_qemuppc ?= "390f256c86e74503d285392b76ab1678f5f57697"
-SRCREV_machine_qemuriscv64 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
-SRCREV_machine_qemux86 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
-SRCREV_machine_qemux86-64 ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
-SRCREV_machine_qemumips64 ?= "34cc9064800203ae6b1eb5c96d808e3ed3a359b8"
-SRCREV_machine ?= "6abbe5044a60abdec4b84bd15381ac4d6a1e7742"
-SRCREV_meta ?= "a384efcff80a36817e159f5b3c3ce5d91de1831f"
+SRCREV_machine_qemuarm ?= "13d88d2fc15f1edfa91378bc3a76aa4274969ed8"
+SRCREV_machine_qemuarm64 ?= "14d0e6d0baf0c7b2308ff1270bd706f927c72df4"
+SRCREV_machine_qemumips ?= "11472a4308590f1858d1ba7bb03bdc25cd2c9b3f"
+SRCREV_machine_qemuppc ?= "daf1282f1c6fd653fcae25e8d1d49540a932baeb"
+SRCREV_machine_qemuriscv64 ?= "15231fe2f4542b044e279e53269ee506bced9988"
+SRCREV_machine_qemux86 ?= "15231fe2f4542b044e279e53269ee506bced9988"
+SRCREV_machine_qemux86-64 ?= "15231fe2f4542b044e279e53269ee506bced9988"
+SRCREV_machine_qemumips64 ?= "31f08b9f81298e80e00ea37886db6f88092a5cf6"
+SRCREV_machine ?= "15231fe2f4542b044e279e53269ee506bced9988"
+SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.224"
+LINUX_VERSION ?= "5.4.225"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 11/18] linux-yocto/5.4: update to v5.4.228
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (9 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 10/18] linux-yocto/5.4: update to v5.4.225 Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 12/18] tzdata: update 2022d -> 2022g Steve Sakoman
` (6 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
851c2b5fb793 Linux 5.4.228
ff484a9ba449 ASoC: ops: Correct bounds check for second channel on SX controls
7d4aa0929963 can: mcba_usb: Fix termination command argument
f843fdcac054 can: sja1000: fix size of OCR_MODE_MASK define
b439b12d1050 pinctrl: meditatek: Startup with the IRQs disabled
9796d07c7531 ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
3c837460f920 nfp: fix use-after-free in area_cache_get()
a40c3c9ae58f block: unhash blkdev part inode when the part is deleted
176ba4c19d1b mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
69d4f3baa694 x86/smpboot: Move rcu_cpu_starting() earlier
d1988bf2bba3 net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
66bb2e2b24ce Linux 5.4.227
898270ec11be can: esd_usb: Allow REC and TEC to return to zero
08bf219d62f5 net: mvneta: Fix an out of bounds check
6b6d3be3661b ipv6: avoid use-after-free in ip6_fragment()
f73eb3fc9b41 net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq()
f0af234e2e55 xen/netback: fix build warning
99669d94ce14 ethernet: aeroflex: fix potential skb leak in greth_init_rings()
3295582cd7a5 ipv4: Fix incorrect route flushing when table ID 0 is used
2537b637eac0 ipv4: Fix incorrect route flushing when source address is deleted
36eedb9a05a7 tipc: Fix potential OOB in tipc_link_proto_rcv()
1b6360a093ab net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
e71a46cc8c9a net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
7081cf86e1f6 net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq
bc06207b4c1c net: stmmac: fix "snps,axi-config" node property parsing
7fab7add08f5 nvme initialize core quirks before calling nvme_init_subsystem
677843470694 NFC: nci: Bounds check struct nfc_target arrays
e5292711b020 i40e: Disallow ip4 and ip6 l4_4_bytes
9337d87da417 i40e: Fix for VF MAC address 0
a1e295517b36 i40e: Fix not setting default xps_cpus after reset
eec1fc21edc2 net: mvneta: Prevent out of bounds read in mvneta_config_rss()
ed773dd798bf xen-netfront: Fix NULL sring after live migration
18e10a9e0e32 net: encx24j600: Fix invalid logic in reading of MISTAT register
1356c17758b8 net: encx24j600: Add parentheses to fix precedence
1831d4540406 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
8fb4b50f5436 selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload
0834d4b121e7 net: dsa: ksz: Check return value
2c6cf0afc385 Bluetooth: Fix not cleanup led when bt_init fails
07ea5d74fc12 Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
c66d78aee55d af_unix: Get user_ns from in_skb in unix_diag_get_exact().
9d2ee8abf160 igb: Allocate MSI-X vector when testing
cff8ba243f5f e1000e: Fix TX dispatch condition
48bd5d3801f6 gpio: amd8111: Fix PCI device reference count leak
d2be7ba2d47b drm/bridge: ti-sn65dsi86: Fix output polarity setting bug
e2e218177271 ca8210: Fix crash by zero initializing data
efbca8234aee ieee802154: cc2520: Fix error return code in cc2520_hw_init()
3982652957e8 can: af_can: fix NULL pointer dereference in can_rcv_filter
db1ed1b3fb4e HID: core: fix shift-out-of-bounds in hid_report_raw_event
60bce926a8f3 HID: hid-lg4ff: Add check for empty lbuf
625814b85f74 HID: usbhid: Add ALWAYS_POLL quirk for some mice
585a07b82005 drm/shmem-helper: Remove errant put in error path
b8419d16f47e KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field
04edfa3dc06e mm/gup: fix gup_pud_range() for dax
35963b318219 memcg: fix possible use-after-free in memcg_write_event_control()
4afc77068e36 media: v4l2-dv-timings.c: fix too strict blanking sanity checks
91516ba54a02 Revert "net: dsa: b53: Fix valid setting for MDB entries"
50e1ab7e638f xen/netback: don't call kfree_skb() with interrupts disabled
6b1d47f9c34b xen/netback: do some code cleanup
8fe1bf6f32cd xen/netback: Ensure protocol headers don't fall in the non-linear area
5ffc2a75534d mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
48b00ceb5472 mm/khugepaged: fix GUP-fast interaction by sending IPI
324abbd8b91c mm/khugepaged: take the right locks for page table retraction
b2963819d03b net: usb: qmi_wwan: add u-blox 0x1342 composition
e35c3ad0c208 9p/xen: check logical size for buffer size
9d5126b574c9 fbcon: Use kzalloc() in fbcon_prepare_logo()
102459222d41 regulator: twl6030: fix get status of twl6032 regulators
f2ba66d87385 ASoC: soc-pcm: Add NULL check in BE reparenting
3b2c064a8e11 btrfs: send: avoid unaligned encoded writes when attempting to clone range
63badfed2002 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
8d16d3826ff2 regulator: slg51000: Wait after asserting CS pin
9327a9c624ee 9p/fd: Use P9_HDRSZ for header size
671f950d17d5 ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188
2c2c5d1d10f7 ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation
29917e381e02 ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels
3f39d53bc731 ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name
135fcc458170 ARM: dts: rockchip: fix ir-receiver node names
368f2c2640be arm: dts: rockchip: fix node name for hym8563 rtc
4b346f07f064 arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series
316cdfc48d4d Linux 5.4.226
3ab84e89135b ipc/sem: Fix dangling sem_array access in semtimedop race
210f96fb7ed5 v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
0390da0565ad proc: proc_skip_spaces() shouldn't think it is working on C strings
dd3124a051a1 proc: avoid integer type confusion in get_proc_long
1061bf5d018b mmc: sdhci: Fix voltage switch delay
9a5f49c0f532 mmc: sdhci: use FIELD_GET for preset value bit masks
d699373ac5f3 char: tpm: Protect tpm_pm_suspend with locks
9decec299337 Revert "clocksource/drivers/riscv: Events are stopped during CPU suspend"
e67e119adf3e x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
0d87bb607036 Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
b5041a3daa7f x86/pm: Add enumeration check before spec MSRs save/restore setup
3b2859457688 x86/tsx: Add a feature bit for TSX control MSR support
99c59256ea00 nvme: ensure subsystem reset is single threaded
dc85ff0a5f32 nvme: restrict management ioctls to admin
c41a89af7b7a epoll: check for events when removing a timed out thread from the wait queue
b8e803cda58b epoll: call final ep_events_available() check under the lock
e65ac2bdda54 tracing/ring-buffer: Have polling block on watermark
899e148171c6 ipv4: Fix route deletion when nexthop info is not specified
cc3cd130ecfb ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
a14f1a9c5313 selftests: net: fix nexthop warning cleanup double ip typo
8aefb9329522 selftests: net: add delete nexthop route warning test
dd6d2d82f0be Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled
7da3a10f39c9 parisc: Increase FRAME_WARN to 2048 bytes on parisc
15568cdbe599 xtensa: increase size of gcc stack frame check
76f48511a1c8 parisc: Increase size of gcc stack frame check
cbdd83bd2fd6 iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
0090231df2cf pinctrl: single: Fix potential division by zero
73dce3c1d48c ASoC: ops: Fix bounds check for _sx controls
ced17a55a8e7 mm: Fix '.data.once' orphan section warning
c9ecc420941f arm64: errata: Fix KVM Spectre-v2 mitigation selection for Cortex-A57/A72
44ccd8c52fb7 arm64: Fix panic() when Spectre-v2 causes Spectre-BHB to re-allocate KVM vectors
1603feac154f tracing: Free buffers when a used dynamic event is removed
dcd1daad31ac mmc: sdhci-sprd: Fix no reset data and command after voltage switch
9e5581c772cf mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
bfdfe86d839f mmc: core: Fix ambiguous TRIM and DISCARD arg
040d08c99620 mmc: mmc_test: Fix removal of debugfs file
eb5001ecfb4f pinctrl: intel: Save and restore pins in "direct IRQ" mode
ae34a4f4a209 x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3
9a130b72e6bd nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
3ae3bb33c47e tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep"
cf1c12bc5c8c error-injection: Add prompt for function error injection
2f6fd2de726d net/mlx5: DR, Fix uninitialized var warning
ea5844f946b1 hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
89eecabe6a47 hwmon: (coretemp) Check for null before removing sysfs attrs
0aacac75b8d6 net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
a7555681e50b sctp: fix memory leak in sctp_stream_outq_migrate()
168de4096b9c packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE
16c244bc65d1 net: tun: Fix use-after-free in tun_detach()
1c1d4830a960 afs: Fix fileserver probe RTT handling
53a62c5efe91 net: hsr: Fix potential use-after-free
ae633816ddf1 dsa: lan9303: Correct stat name
910c0264b64e net: ethernet: nixge: fix NULL dereference
2d24d91b9f44 net/9p: Fix a potential socket leak in p9_socket_open
4720725e22e1 net: net_netdev: Fix error handling in ntb_netdev_init_module()
3e21f85d87c8 net: phy: fix null-ptr-deref while probe() failed
f5c2ec288a86 wifi: cfg80211: fix buffer overflow in elem comparison
06785845e150 qlcnic: fix sleep-in-atomic-context bugs caused by msleep
78f8a34b375f can: cc770: cc770_isa_probe(): add missing free_cc770dev()
e4b474fa787c can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
0a2d73a77060 net/mlx5e: Fix use-after-free when reverting termination table
093ccc2f8450 net/mlx5: Fix uninitialized variable bug in outlen_write()
b10dd3bd14ec of: property: decrement node refcount in of_fwnode_get_reference_args()
7b2b67fe1339 hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
45a643783435 hwmon: (i5500_temp) fix missing pci_disable_device()
dbcc3390015f scripts/faddr2line: Fix regression in name resolution on ppc64le
2b916ee1d37c iio: light: rpr0521: add missing Kconfig dependencies
3f566b626029 iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
2d6a437064ff iio: health: afe4403: Fix oob read in afe4403_read_raw
8eb912af5250 btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
7e88a416ed43 drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read"
41f0abeadc09 drm/amdgpu: update drm_display_info correctly when the edid is read
787138e4b9e1 btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker
255289adce05 spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock
83aae3204e5c btrfs: free btrfs_path before copying inodes to userspace
9fd11e2de746 fuse: lock inode unconditionally in fuse_fallocate()
3659e33c1e4f drm/i915: fix TLB invalidation for Gen12 video and compute engines
0d1cad597199 drm/amdgpu: always register an MMU notifier for userptr
d4e9bab771aa drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN
a541f1f0ce90 btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs()
d037681515b6 btrfs: free btrfs_path before copying subvol info to userspace
69e2f1dd93c1 btrfs: free btrfs_path before copying fspath to userspace
3cde2bc70819 btrfs: free btrfs_path before copying root refs to userspace
4741b00cac23 binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
4e682ce5601a binder: Address corner cases in deferred copy and fixup
15e098ab1d3c binder: fix pointer cast warning
74e7f1828ab4 binder: defer copies of pre-patched txn data
7b31ab0d9efb binder: read pre-translated fds from sender buffer
c056a6ba35e0 binder: avoid potential data leakage when copying txn
f8fee36515f4 dm integrity: flush the journal on suspend
096e1bd659d8 net: usb: qmi_wwan: add Telit 0x103a composition
86136bf62387 tcp: configurable source port perturb table size
07da8fca307e platform/x86: hp-wmi: Ignore Smart Experience App event
82d758c9daf1 platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
846c0f9cd05b platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr()
6579436fd1a6 xen/platform-pci: add missing free_irq() in error path
375e79c57155 serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
e3a2211fe17c ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
3e2452cbc6f6 Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
47b4949335cb gcov: clang: fix the buffer overflow issue
ecbde4222e6b nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
7d08b4eba1e1 firmware: coreboot: Register bus in module init
a2012335aa53 firmware: google: Release devices before unregistering the bus
cb7495fe9575 ceph: avoid putting the realm twice when decoding snaps fails
12a93545b2ed ceph: do not update snapshot context when there is no new snapshot
0528b19d5701 iio: pressure: ms5611: fixed value compensation bug
562f415bb378 iio: ms5611: Simplify IO callback parameters
def48fbbac1c nios2: add FORCE for vmlinuz.gz
da849abded31 init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
03949acb58f0 iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails
f8a76c28e957 iio: light: apds9960: fix wrong register for gesture gain
d3ad47426a58 arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency
ae6bcb26984b usb: dwc3: exynos: Fix remove() function
15f8b52523ba lib/vdso: use "grep -E" instead of "egrep"
960cf3c7ff95 s390/crashdump: fix TOD programmable field size
fabd3ab6a19d net: thunderx: Fix the ACPI memory leak
1633e6d6aa82 nfc: st-nci: fix memory leaks in EVT_TRANSACTION
0e2a4560db77 nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
420b21235d63 s390/dasd: fix no record found for raw_track_access
9d1264c914d3 dccp/tcp: Reset saddr on failure after inet6?_hash_connect().
08f25427d81a bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
59612acf6b5e regulator: twl6030: re-add TWL6032_SUBCLASS
1c12909a7820 NFC: nci: fix memory leak in nci_rx_data_packet()
23b83a3c76b3 xfrm: Fix ignored return value in xfrm6_init()
23ba1997ebc0 tipc: check skb_linearize() return value in tipc_disc_rcv()
59f9aad22fd7 tipc: add an extra conn_get in tipc_conn_alloc
30f91687fa25 tipc: set con sock in tipc_conn_alloc
5c12136c00b5 net/mlx5: Fix FW tracer timestamp calculation
00492f823f30 Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
e0d5becab1d0 Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work()
ec3d7202e99f nfp: add port from netdev validation for EEPROM access
9b8061a6dbd0 net: pch_gbe: fix pci device refcount leak while module exiting
9a39ea43f16a net/qla3xxx: fix potential memleak in ql3xxx_send()
a07149c10bae net/mlx4: Check retval of mlx4_bitmap_init
bbf6d1bc077f ARM: mxs: fix memory leak in mxs_machine_init()
3afa86449ee8 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
bfadcbf5bac5 net: pch_gbe: fix potential memleak in pch_gbe_tx_queue()
e00b42cbec15 nfc/nci: fix race with opening and closing
04ffa53ab7ae net: liquidio: simplify if expression
79c55e66caa0 ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
897f6a309138 tee: optee: fix possible memory leak in optee_register_device()
9c1fbac623cb bus: sunxi-rsb: Support atomic transfers
347875ff9ad4 regulator: core: fix UAF in destroy_regulator()
556121103170 regulator: core: fix kobject release warning and memory leak in regulator_register()
c06267652886 ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
168d59f7f72d ARM: dts: am335x-pcm-953: Define fixed regulators in root node
dd56c671ccca af_key: Fix send_acquire race with pfkey_register
9221a53bfcba MIPS: pic32: treat port as signed integer
dff9b25cb977 RISC-V: vdso: Do not add missing symbols to version section in linker script
b0e025dd87ab arm64/syscall: Include asm/ptrace.h in syscall_wrapper header.
0ba7c091f7f1 block, bfq: fix null pointer dereference in bfq_bio_bfqg()
b848811655db drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
5dfbb54fe115 spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run
9029aee8742e wifi: mac80211: Fix ack frame idr leak when mesh has no route
1f75f9c1af6a audit: fix undefined behavior in bit shift for AUDIT_BIT
3129cec05f3d wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
b4cb3dc11185 wifi: mac80211: fix memory free error when registering wiphy fail
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.4.bb | 6 ++---
.../linux/linux-yocto-tiny_5.4.bb | 8 +++----
meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +++++++++----------
3 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 5601c43b8e..e9abb46493 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "c06836b5ea27b0b97c04cd205959e21b2a60f32e"
-SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
+SRCREV_machine ?= "acaf6e01f6ecd6d80ac02f552344c6c0de1c7fe1"
+SRCREV_meta ?= "b00c12ce7affe7e5da43fa4285998866a51e6e79"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.4.225"
+LINUX_VERSION ?= "5.4.228"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 5916a42f34..a9f83f2835 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.4.225"
+LINUX_VERSION ?= "5.4.228"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine_qemuarm ?= "92964f40a4e096e1971b65ce0572ad909ab41e84"
-SRCREV_machine ?= "00e9d6d6f5c09bd5fd47af67fd7d03881d74c608"
-SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
+SRCREV_machine_qemuarm ?= "575c3de9d720c998b5b4ab0253893a4132b4423f"
+SRCREV_machine ?= "b72387f2b7f2babf1b0ca6e4ced3b22538162474"
+SRCREV_meta ?= "b00c12ce7affe7e5da43fa4285998866a51e6e79"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 5951668c57..d76ed47f03 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base"
KBRANCH_qemux86-64 ?= "v5.4/standard/base"
KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
-SRCREV_machine_qemuarm ?= "13d88d2fc15f1edfa91378bc3a76aa4274969ed8"
-SRCREV_machine_qemuarm64 ?= "14d0e6d0baf0c7b2308ff1270bd706f927c72df4"
-SRCREV_machine_qemumips ?= "11472a4308590f1858d1ba7bb03bdc25cd2c9b3f"
-SRCREV_machine_qemuppc ?= "daf1282f1c6fd653fcae25e8d1d49540a932baeb"
-SRCREV_machine_qemuriscv64 ?= "15231fe2f4542b044e279e53269ee506bced9988"
-SRCREV_machine_qemux86 ?= "15231fe2f4542b044e279e53269ee506bced9988"
-SRCREV_machine_qemux86-64 ?= "15231fe2f4542b044e279e53269ee506bced9988"
-SRCREV_machine_qemumips64 ?= "31f08b9f81298e80e00ea37886db6f88092a5cf6"
-SRCREV_machine ?= "15231fe2f4542b044e279e53269ee506bced9988"
-SRCREV_meta ?= "3e7ca0fe77707fabb1beefd5d3cd322a4db1eb41"
+SRCREV_machine_qemuarm ?= "32654a547b05ba63c604503fc865d7052ae96992"
+SRCREV_machine_qemuarm64 ?= "2bd8ca7c0973870753b103107513689a598383d7"
+SRCREV_machine_qemumips ?= "84a8ba0ada556ba3307c33e2b5a0ca8f9e3df1dd"
+SRCREV_machine_qemuppc ?= "20db90d7935c8760bfc68c0de4f7d7085cba7c14"
+SRCREV_machine_qemuriscv64 ?= "921d9e22542506ba26c2e5e2f25ec00ff9bffa63"
+SRCREV_machine_qemux86 ?= "921d9e22542506ba26c2e5e2f25ec00ff9bffa63"
+SRCREV_machine_qemux86-64 ?= "921d9e22542506ba26c2e5e2f25ec00ff9bffa63"
+SRCREV_machine_qemumips64 ?= "929fde255b362923e9bba63250005b09c3a50f45"
+SRCREV_machine ?= "921d9e22542506ba26c2e5e2f25ec00ff9bffa63"
+SRCREV_meta ?= "b00c12ce7affe7e5da43fa4285998866a51e6e79"
# remap qemuarm to qemuarma15 for the 5.4 kernel
# KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.225"
+LINUX_VERSION ?= "5.4.228"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 12/18] tzdata: update 2022d -> 2022g
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (10 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 11/18] linux-yocto/5.4: update to v5.4.228 Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 13/18] sudo: Use specific BSD license variant Steve Sakoman
` (5 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2394a481db1b41ad4581e22ba901ac76fa7b3dcd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/timezone/timezone.inc | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc
index d3c78e9157..1834665a1e 100644
--- a/meta/recipes-extended/timezone/timezone.inc
+++ b/meta/recipes-extended/timezone/timezone.inc
@@ -6,7 +6,7 @@ SECTION = "base"
LICENSE = "PD & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba"
-PV = "2022d"
+PV = "2022g"
SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \
http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \
@@ -14,6 +14,5 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz
UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones"
-SRC_URI[tzcode.sha256sum] = "d644ba0f938899374ea8cb554e35fb4afa0f7bd7b716c61777cd00500b8759e0"
-SRC_URI[tzdata.sha256sum] = "6ecdbee27fa43dcfa49f3d4fd8bb1dfef54c90da1abcd82c9abcf2dc4f321de0"
-
+SRC_URI[tzcode.sha256sum] = "9610bb0b9656ff404c361a41f3286da53064b5469d84f00c9cb2314c8614da74"
+SRC_URI[tzdata.sha256sum] = "4491db8281ae94a84d939e427bdd83dc389f26764d27d9a5c52d782c16764478"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 13/18] sudo: Use specific BSD license variant
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (11 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 12/18] tzdata: update 2022d -> 2022g Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 14/18] bc: extend to nativesdk Steve Sakoman
` (4 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Joshua Watt <JPEWhacker@gmail.com>
Make the license more accurate by specifying the specific variant of BSD
license instead of the generic one. This helps with SPDX license
attribution as "BSD" is not a valid SPDX license.
(From OE-Core rev: ff27ea21d7c14086335da5c3e2fac353e44438da)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b1596d37ba13db3aff61975a31d865f33333fa45)
Signed-off-by: Nikhil R <nikhil.r@kpit.com>
Signed-off-by: Omkar Patil <omkarpatil10.93@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/sudo/sudo.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 153731c807..9c7279d25a 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -3,7 +3,7 @@ DESCRIPTION = "Sudo (superuser do) allows a system administrator to give certain
HOMEPAGE = "http://www.sudo.ws"
BUGTRACKER = "http://www.sudo.ws/bugs/"
SECTION = "admin"
-LICENSE = "ISC & BSD & Zlib"
+LICENSE = "ISC & BSD-3-Clause & BSD-2-Clause & Zlib"
LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=07966675feaddba70cc812895b248230 \
file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \
file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 14/18] bc: extend to nativesdk
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (12 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 13/18] sudo: Use specific BSD license variant Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 15/18] lib/buildstats: fix parsing of trees with reduced_proc_pressure directories Steve Sakoman
` (3 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Chen Qi <Qi.Chen@windriver.com>
bc is needed for compiling kernel modules, more specifially
whenr running `make scripts prepare'.
In linux-yocto.inc, we have bc-native in DEPENDS. But we will
need nativesdk-bc in case we compile a kernel module inside
SDK.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 95b5c89066baccb1e64bfba7d9a66feeeb086da9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/bc/bc_1.07.1.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/bc/bc_1.07.1.bb b/meta/recipes-extended/bc/bc_1.07.1.bb
index ff3e8f4409..8ed10d14c2 100644
--- a/meta/recipes-extended/bc/bc_1.07.1.bb
+++ b/meta/recipes-extended/bc/bc_1.07.1.bb
@@ -32,4 +32,4 @@ do_compile_prepend() {
ALTERNATIVE_${PN} = "bc dc"
ALTERNATIVE_PRIORITY = "100"
-BBCLASSEXTEND = "native"
+BBCLASSEXTEND = "native nativesdk"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 15/18] lib/buildstats: fix parsing of trees with reduced_proc_pressure directories
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (13 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 14/18] bc: extend to nativesdk Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 16/18] externalsrc: fix lookup for .gitmodules Steve Sakoman
` (2 subsequent siblings)
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
The /proc/pressure support in buildstats is creating directories in the
buildstats tree called reduced_proc_pressure, which confuses the parsing
logic as that cannot be parsed as a name-epoc-version-revision tuple.
Explicitly skip this directory to solve the problem.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 24f0331f0b7e51161b1fa43d4592b491d2037fe9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
scripts/lib/buildstats.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/scripts/lib/buildstats.py b/scripts/lib/buildstats.py
index c69b5bf4d7..3b76286ba5 100644
--- a/scripts/lib/buildstats.py
+++ b/scripts/lib/buildstats.py
@@ -8,7 +8,7 @@ import json
import logging
import os
import re
-from collections import namedtuple,OrderedDict
+from collections import namedtuple
from statistics import mean
@@ -238,7 +238,7 @@ class BuildStats(dict):
subdirs = os.listdir(path)
for dirname in subdirs:
recipe_dir = os.path.join(path, dirname)
- if not os.path.isdir(recipe_dir):
+ if dirname == "reduced_proc_pressure" or not os.path.isdir(recipe_dir):
continue
name, epoch, version, revision = cls.split_nevr(dirname)
bsrecipe = BSRecipe(name, epoch, version, revision)
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 16/18] externalsrc: fix lookup for .gitmodules
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (14 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 15/18] lib/buildstats: fix parsing of trees with reduced_proc_pressure directories Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 17/18] go-crosssdk: avoid host contamination by GOCACHE Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 18/18] qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image Steve Sakoman
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Commit 0533edac277080e1bd130c14df0cbac61ba01a0c broke
bitbake parsing when bitbake is executed from directory with existing .gitmodules
and the recipe in externalsrc does not have .gitmodules
The check needs to search for .gitmodules in sources path, not cwd.
iParsing recipes...ERROR: ExpansionError during parsing <path to recipe>
...
bb.data_smart.ExpansionError: Failure expanding variable do_compile[file-checksums], expression was ${@srctree_hash_files(d)} which triggered exception CalledProcessError: Command '['git', 'config', '--file', '.gitmodules', '--get-regexp', 'path']' returned non-zero exit status 1.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 66ff3d1f65cd2e7f5319e98fa41f47a59b714c72)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/externalsrc.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass
index 3f7f533cc6..ed118afada 100644
--- a/meta/classes/externalsrc.bbclass
+++ b/meta/classes/externalsrc.bbclass
@@ -225,7 +225,7 @@ def srctree_hash_files(d, srcdir=None):
env['GIT_INDEX_FILE'] = tmp_index.name
subprocess.check_output(['git', 'add', '-A', '.'], cwd=s_dir, env=env)
git_sha1 = subprocess.check_output(['git', 'write-tree'], cwd=s_dir, env=env).decode("utf-8")
- if os.path.exists(".gitmodules"):
+ if os.path.exists(os.path.join(s_dir, ".gitmodules")):
submodule_helper = subprocess.check_output(["git", "config", "--file", ".gitmodules", "--get-regexp", "path"], cwd=s_dir, env=env).decode("utf-8")
for line in submodule_helper.splitlines():
module_dir = os.path.join(s_dir, line.rsplit(maxsplit=1)[1])
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 17/18] go-crosssdk: avoid host contamination by GOCACHE
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (15 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 16/18] externalsrc: fix lookup for .gitmodules Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
2023-01-01 17:42 ` [OE-core][dunfell 18/18] qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image Steve Sakoman
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Robert Andersson <robert.m.andersson@atlascopco.com>
By default GOCACHE is set to $HOME/.cache.
Same issue for all other go recipes had been fixed by commit 9a6d208b:
[ go: avoid host contamination by GOCACHE ]
but that commit missed go-crosssdk recipe.
Signed-off-by: Robert Andersson <robert.m.andersson@atlascopco.com>
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit e5fd10c647ac4baad65f9efa964c3380aad7dd10)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-crosssdk.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/go/go-crosssdk.inc b/meta/recipes-devtools/go/go-crosssdk.inc
index f0bec79719..36c9b12af8 100644
--- a/meta/recipes-devtools/go/go-crosssdk.inc
+++ b/meta/recipes-devtools/go/go-crosssdk.inc
@@ -4,6 +4,8 @@ DEPENDS = "go-native virtual/${TARGET_PREFIX}gcc-crosssdk virtual/nativesdk-${TA
PN = "go-crosssdk-${SDK_SYS}"
PROVIDES = "virtual/${TARGET_PREFIX}go-crosssdk"
+export GOCACHE = "${B}/.cache"
+
do_configure[noexec] = "1"
do_compile() {
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][dunfell 18/18] qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image
2023-01-01 17:42 [OE-core][dunfell 00/18] Patch review Steve Sakoman
` (16 preceding siblings ...)
2023-01-01 17:42 ` [OE-core][dunfell 17/18] go-crosssdk: avoid host contamination by GOCACHE Steve Sakoman
@ 2023-01-01 17:42 ` Steve Sakoman
17 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-01-01 17:42 UTC (permalink / raw)
To: openembedded-core
From: Jagadeesh Krishnanjanappa <workjagadeesh@gmail.com>
The QB_DEFAULT_KERNEL is set to pick bundled initramfs kernel image
if the Linux kernel image is generated with INITRAMFS_IMAGE_BUNDLE="1".
This makes runqemu to automatically pick bundled initramfs kernel image
instead of explicitly mentioning bundled initramfs kernel image in
runqemu.
[YOCTO #14748]
Signed-off-by: Jagadeesh Krishnanjanappa <workjagadeesh@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 52371624313184e1a825519160c3833e282df8b9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/qemuboot.bbclass | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/classes/qemuboot.bbclass b/meta/classes/qemuboot.bbclass
index 648af09b6e..92ae69d9f2 100644
--- a/meta/classes/qemuboot.bbclass
+++ b/meta/classes/qemuboot.bbclass
@@ -7,6 +7,7 @@
# QB_OPT_APPEND: options to append to qemu, e.g., "-show-cursor"
#
# QB_DEFAULT_KERNEL: default kernel to boot, e.g., "bzImage"
+# e.g., "bzImage-initramfs-qemux86-64.bin" if INITRAMFS_IMAGE_BUNDLE is set to 1.
#
# QB_DEFAULT_FSTYPE: default FSTYPE to boot, e.g., "ext4"
#
@@ -75,7 +76,7 @@
QB_MEM ?= "-m 256"
QB_SERIAL_OPT ?= "-serial mon:stdio -serial null"
-QB_DEFAULT_KERNEL ?= "${KERNEL_IMAGETYPE}"
+QB_DEFAULT_KERNEL ?= "${@bb.utils.contains("INITRAMFS_IMAGE_BUNDLE", "1", "${KERNEL_IMAGETYPE}-${INITRAMFS_LINK_NAME}.bin", "${KERNEL_IMAGETYPE}", d)}"
QB_DEFAULT_FSTYPE ?= "ext4"
QB_OPT_APPEND ?= "-show-cursor"
QB_NETWORK_DEVICE ?= "-device virtio-net-pci,netdev=net0,mac=@MAC@"
--
2.25.1
^ permalink raw reply related [flat|nested] 24+ messages in thread