[OE-core][dunfell 00/11] Patch review

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this next set of patches for dunfell and have comments back by
end of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/2031

except for a known autobuilder intermittent issue on qemuppc which passed on
subsequent retest:

https://autobuilder.yoctoproject.org/typhoon/#/builders/63/builds/3261

The following changes since commit d044d9c0cb672c499059eb273e399ce4aee17e0d:

  image,populate_sdk_base: move 'func' flag setting for sdk command vars (2021-04-02 04:21:56 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (3):
  selftest/reproducible: enable world reproducibility test
  selftest/reproducible: add an exclusion list for items that are not
    yet reproducible
  selftest/reproducible: track unusued entries in the exclusion list

Guillaume Champagne (1):
  image-live.bbclass: optional depends when ROOTFS empty

Mike Crowe (1):
  curl: Patch CVE-2021-22876 & CVE-2021-22890

Peter Morrow (2):
  goarch: map target os to windows for mingw* TARGET_OS
  go_1.14: don't set -buildmode=pie when building for windows targets

Richard Purdie (3):
  selftest/reproducible: Sort the unused exclusion list
  diffoscope: Upgrade 136 -> 168
  diffoscope: Upgrade 168 -> 172

Steve Sakoman (1):
  selftest/reproducible: adjust exclusion list for dunfell

 meta/classes/go.bbclass                       |   8 +-
 meta/classes/goarch.bbclass                   |   2 +
 meta/classes/image-live.bbclass               |   2 +-
 meta/lib/oeqa/selftest/cases/reproducible.py  |  80 ++-
 meta/recipes-devtools/go/go_1.14.bb           |   8 +-
 .../curl/curl/CVE-2021-22876.patch            |  59 +++
 .../curl/curl/CVE-2021-22890.patch            | 464 ++++++++++++++++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   2 +
 .../{diffoscope_136.bb => diffoscope_172.bb}  |  15 +-
 9 files changed, 620 insertions(+), 20 deletions(-)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22876.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2021-22890.patch
 rename meta/recipes-support/diffoscope/{diffoscope_136.bb => diffoscope_172.bb} (46%)

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3112

The following changes since commit da3bd5e0934b6462ae53225a58305235849b32d5:

  asciidoc: properly detect and compare Python versions >= 3.10 (2022-01-09 06:49:29 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Akash Hadke (1):
  glibc: Add fix for data races in pthread_create and TLS access

Alexander Kanavin (1):
  parselogs: add a couple systemd false positives

Anuj Mittal (1):
  xserver-xorg: update CVE_PRODUCT

Konrad Weihmann (1):
  cve-check: add lockfile to task

Mingli Yu (1):
  wic: use shutil.which

Ricardo Ribalda Delgado (1):
  wic: misc: Do not find for executables in ASSUME_PROVIDED

Richard Purdie (1):
  expat: Update HOMEPAGE to current url

Ross Burton (2):
  cve-update-db-native: use fetch task
  xserver-xorg: whitelist two CVEs

Steve Sakoman (2):
  valgrind: skip flakey ptest (gdbserver_tests/hginfo)
  oeqa/selftest/cases/tinfoil.py: increase timeout 60->120s
    test_wait_event

 meta/classes/cve-check.bbclass                |   3 +-
 meta/lib/oeqa/runtime/cases/parselogs.py      |   2 +
 meta/lib/oeqa/selftest/cases/tinfoil.py       |   4 +-
 meta/recipes-core/expat/expat_2.2.9.bb        |   2 +-
 ...ate-slotinfo-to-avoid-use-after-free.patch |  66 +++++
 ...hread_create-and-TLS-access-BZ-19329.patch | 191 ++++++++++++
 ...d-atomics-for-racy-accesses-BZ-19329.patch | 206 +++++++++++++
 .../0033-elf-Add-test-case-for-BZ-19329.patch | 144 +++++++++
 ...elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch | 180 ++++++++++++
 ...-lazy-relocation-of-tlsdesc-BZ-27137.patch |  56 ++++
 ...-lazy-relocation-of-tlsdesc-BZ-27137.patch | 124 ++++++++
 ...ock-between-pthread_create-and-ctors.patch | 276 ++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.31.bb         |   8 +
 .../recipes-core/meta/cve-update-db-native.bb |   9 +-
 .../valgrind/valgrind/remove-for-aarch64      |   1 +
 .../valgrind/valgrind/remove-for-all          |   1 +
 .../xorg-xserver/xserver-xorg.inc             |  10 +-
 scripts/lib/wic/engine.py                     |   6 +-
 scripts/lib/wic/misc.py                       |  16 +-
 scripts/wic                                   |   4 +-
 20 files changed, 1292 insertions(+), 17 deletions(-)
 create mode 100644 meta/recipes-core/glibc/glibc/0030-elf-Refactor_dl_update-slotinfo-to-avoid-use-after-free.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0031-elf-Fix-data-races-in-pthread_create-and-TLS-access-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0032-elf-Use-relaxed-atomics-for-racy-accesses-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0033-elf-Add-test-case-for-BZ-19329.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0034-elf-Fix-DTV-gap-reuse-logic-BZ-27135.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0035-x86_64-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0036-i386-Avoid-lazy-relocation-of-tlsdesc-BZ-27137.patch
 create mode 100644 meta/recipes-core/glibc/glibc/0037-Avoid-deadlock-between-pthread_create-and-ctors.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Monday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3141

The following changes since commit 01f256bc72fb45c80b6a6c77506bc4c375965a3a:

  glibc: Add fix for data races in pthread_create and TLS access (2022-01-12 04:37:31 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.169
  linux-yocto/5.4: update to v5.4.170
  linux-yocto/5.4: update to v5.4.171
  linux-yocto/5.4: update to v5.4.172
  kernel: introduce python3-dtschema-wrapper

Kai Kang (1):
  speex: fix CVE-2020-23903

Marek Vasut (1):
  Revert "weston: Use systemd notify,"

Richard Purdie (1):
  lttng-tools: Add missing DEPENDS on bison-native

Steve Sakoman (3):
  expat fix CVE-2022-22822 through CVE-2022-22827
  expat: fix CVE-2021-45960
  expat: fix CVE-2021-46143

 meta/conf/distro/include/maintainers.inc      |   1 +
 .../expat/expat/CVE-2021-45960.patch          |  65 +++++
 .../expat/expat/CVE-2021-46143.patch          |  43 +++
 .../expat/expat/CVE-2022-22822-27.patch       | 257 ++++++++++++++++++
 meta/recipes-core/expat/expat_2.2.9.bb        |   3 +
 .../wayland/weston-init/weston-start          |  12 -
 .../wayland/weston-init/weston@.service       |   6 -
 .../weston/systemd-notify.weston-start        |   9 -
 .../wayland/weston/xwayland.weston-start      |   3 +-
 meta/recipes-graphics/wayland/weston_8.0.0.bb |   6 -
 .../python3-dtschema-wrapper/dt-doc-validate  |  20 ++
 .../dtc/python3-dtschema-wrapper/dt-mk-schema |  20 ++
 .../dtc/python3-dtschema-wrapper/dt-validate  |  20 ++
 .../dtc/python3-dtschema-wrapper_2021.10.bb   |  17 ++
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../lttng/lttng-tools_2.11.5.bb               |   2 +-
 .../speex/speex/CVE-2020-23903.patch          |  30 ++
 meta/recipes-multimedia/speex/speex_1.2.0.bb  |   4 +-
 20 files changed, 500 insertions(+), 54 deletions(-)
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-45960.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2021-46143.patch
 create mode 100644 meta/recipes-core/expat/expat/CVE-2022-22822-27.patch
 delete mode 100644 meta/recipes-graphics/wayland/weston/systemd-notify.weston-start
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-doc-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-mk-schema
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper/dt-validate
 create mode 100644 meta/recipes-kernel/dtc/python3-dtschema-wrapper_2021.10.bb
 create mode 100644 meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3537

with the exception of a known issue with meta-intel due to the zlib CVE fix, see:

https://lists.openembedded.org/g/openembedded-core/message/163793

The intent is to fix meta-intel after this patch set is merged to dunfell.

The following changes since commit aa762b7ca2417b80dd114a4ab263d69074912f82:

  tzdata: update to 2022a (2022-04-04 04:22:32 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexandre Belloni (1):
  pseudo: Fix handling of absolute links

Martin Jansa (1):
  license_image.bbclass: close package.manifest file

Peter Kjellerstedt (1):
  metadata_scm.bbclass: Use immediate expansion for the METADATA_*
    variables

Ralph Siemsen (3):
  gzip: fix CVE-2022-1271
  xz: fix CVE-2022-1271
  apt: add -fno-strict-aliasing to CXXFLAGS to fix SHA256 bug

Richard Purdie (4):
  vim: Upgrade 8.2.4524 -> 8.2.4681
  git: Ignore CVE-2022-24975
  pseudo: Add patch to workaround paths with crazy lengths
  libxshmfence: Correct LICENSE to HPND

Ross Burton (1):
  zlib: backport the fix for CVE-2018-25032

 .../recipeutils/recipeutils-test_1.2.bb       |   2 +-
 meta/classes/license_image.bbclass            |   4 +-
 meta/classes/metadata_scm.bbclass             |  10 +-
 .../zlib/zlib/CVE-2018-25032.patch            | 347 ++++++++++++++++++
 meta/recipes-core/zlib/zlib_1.2.11.bb         |   1 +
 meta/recipes-devtools/apt/apt.inc             |   4 +
 meta/recipes-devtools/git/git.inc             |   5 +
 meta/recipes-devtools/pseudo/pseudo_git.bb    |   2 +-
 .../gzip/gzip-1.10/CVE-2022-1271.patch        |  45 +++
 meta/recipes-extended/gzip/gzip_1.10.bb       |   1 +
 .../xz/xz/CVE-2022-1271.patch                 |  96 +++++
 meta/recipes-extended/xz/xz_5.2.4.bb          |   4 +-
 .../xorg-lib/libxshmfence_1.3.bb              |   2 +-
 meta/recipes-support/vim/vim.inc              |   6 +-
 14 files changed, 515 insertions(+), 14 deletions(-)
 create mode 100644 meta/recipes-core/zlib/zlib/CVE-2018-25032.patch
 create mode 100644 meta/recipes-extended/gzip/gzip-1.10/CVE-2022-1271.patch
 create mode 100644 meta/recipes-extended/xz/xz/CVE-2022-1271.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3738

The following changes since commit add860e1a69f848097bbc511137a62d5746e5019:

  oeqa/selftest/cve_check: add tests for recipe and image reports (2022-05-24 04:31:18 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Dan Tran (1):
  ncurses: Fix CVE-2022-29458

Ernst Sjöstrand (2):
  cve-check: Add helper for symlink handling
  cve-check: Only include installed packages for rootfs manifest

Ranjitsinh Rathod (3):
  ruby: Upgrade ruby to 2.7.6 for security fix
  ruby: Whitelist CVE-2021-28966 as this affects Windows OS only
  libsdl2: Add fix for CVE-2021-33657

Richard Purdie (2):
  vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
  cve-check: Allow warnings to be disabled

Riyaz (1):
  libxml2: Fix CVE-2022-29824 for libxml2

Virendra Thakur (1):
  ffmpeg: Fix for CVE-2022-1475

leimaohui (1):
  cve-check.bbclass: Added do_populate_sdk[recrdeptask].

 meta/classes/cve-check.bbclass                | 109 ++++--
 .../libxml2/CVE-2022-29824-dependent.patch    |  53 +++
 .../libxml/libxml2/CVE-2022-29824.patch       | 348 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |   2 +
 .../ncurses/files/CVE-2022-29458.patch        | 135 +++++++
 meta/recipes-core/ncurses/ncurses_6.2.bb      |   1 +
 .../ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb}     |   8 +-
 .../libsdl2/libsdl2/CVE-2021-33657.patch      |  38 ++
 .../libsdl2/libsdl2_2.0.12.bb                 |   1 +
 .../ffmpeg/ffmpeg/CVE-2022-1475.patch         |  36 ++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 meta/recipes-support/vim/vim.inc              |   4 +-
 12 files changed, 694 insertions(+), 42 deletions(-)
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch
 create mode 100644 meta/recipes-core/ncurses/files/CVE-2022-29458.patch
 rename meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} (90%)
 create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4058

The following changes since commit 73d2b640ad665f6ff3c4fbe8f5da4ef0dbb175f2:

  libtirpc: CVE-2021-46828 DoS vulnerability with lots of connections (2022-07-28 06:26:48 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssh: Add openssh-sftp-server to openssh RDEPENDS

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.208
  linux-yocto/5.4: update to v5.4.209

Hitendra Prajapati (2):
  grub2: Fix several security issue of integer underflow
  gdk-pixbuf: CVE-2021-46829 a heap-based buffer overflow

Jose Quaresma (1):
  gstreamer1.0: use the correct meson option for the capabilities

Khem Raj (1):
  libmodule-build-perl: Use env utility to find perl interpreter

Martin Jansa (1):
  libxml2: Port gentest.py to Python-3

Richard Purdie (1):
  insane: Fix buildpaths test to work with special devices

Ross Burton (1):
  cve_check: skip remote patches that haven't been fetched when
    searching for CVE tags

Steve Sakoman (1):
  selftest: skip virgl test on fedora 36

 meta/classes/insane.bbclass                   |   6 +-
 meta/lib/oe/cve_check.py                      |   5 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +
 .../grub/files/CVE-2022-28733.patch           |  60 ++
 .../grub/files/CVE-2022-28734.patch           |  67 ++
 .../grub/files/CVE-2022-28736.patch           | 275 ++++++
 meta/recipes-bsp/grub/grub2.inc               |   3 +
 .../openssh/openssh_8.2p1.bb                  |   2 +-
 .../0001-Port-gentest.py-to-Python-3.patch    | 813 ++++++++++++++++++
 meta/recipes-core/libxml/libxml2_2.9.10.bb    |  11 +
 .../perl/libmodule-build-perl_0.4231.bb       |   1 +
 .../gdk-pixbuf/CVE-2021-46829.patch           |  61 ++
 .../gdk-pixbuf/gdk-pixbuf_2.40.0.bb           |   1 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 .../gstreamer/gstreamer1.0_1.16.3.bb          |   2 +-
 17 files changed, 1321 insertions(+), 24 deletions(-)
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28733.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28734.patch
 create mode 100644 meta/recipes-bsp/grub/files/CVE-2022-28736.patch
 create mode 100644 meta/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch
 create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2021-46829.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by end
of day Sunday.

This is the final patch set for the 3.1.19 release.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4098

The following changes since commit ac6ea1a96645d2a4dd54660256603f0b191bb4d3:

  gstreamer1.0: use the correct meson option for the capabilities (2022-08-10 05:04:10 -1000)

are available in the Git repository at:

  git://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alexander Kanavin (1):
  linux-firmware: update 20220610 -> 20220708

Dmitry Baryshkov (1):
  linux-firwmare: restore WHENCE_CHKSUM variable

Hitendra Prajapati (3):
  qemu: CVE-2020-27821 heap buffer overflow in msix_table_mmio_write
  gnutls: CVE-2022-2509 Double free during gnutls_pkcs7_verify
  zlib: CVE-2022-37434 a heap-based buffer over-read

Ming Liu (1):
  rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}

Pascal Bach (1):
  bin_package: install into base_prefix

Randy MacLeod (1):
  vim: update from 9.0.0063 to 9.0.0115

Richard Purdie (2):
  vim: Upgrade 9.0.0021 -> 9.0.0063
  kernel-arch: Fix buildpaths leaking into external module compiles

Shruthi Ravichandran (1):
  initscripts: run umountnfs as a KILL script

 meta/classes/bin_package.bbclass              |   3 +-
 meta/classes/kernel-arch.bbclass              |   2 +-
 meta/classes/rootfs-postcommands.bbclass      |   2 +-
 .../initscripts/initscripts_1.0.bb            |   2 +-
 .../zlib/zlib/CVE-2022-37434.patch            |  44 +++
 meta/recipes-core/zlib/zlib_1.2.11.bb         |   1 +
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2020-27821.patch            |  73 +++++
 ...20220610.bb => linux-firmware_20220708.bb} |  14 +-
 .../gnutls/gnutls/CVE-2022-2509.patch         | 282 ++++++++++++++++++
 meta/recipes-support/gnutls/gnutls_3.6.14.bb  |   1 +
 meta/recipes-support/vim/files/racefix.patch  |  33 --
 meta/recipes-support/vim/vim.inc              |  10 +-
 13 files changed, 418 insertions(+), 50 deletions(-)
 create mode 100644 meta/recipes-core/zlib/zlib/CVE-2022-37434.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-27821.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220610.bb => linux-firmware_20220708.bb} (98%)
 create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2022-2509.patch
 delete mode 100644 meta/recipes-support/vim/files/racefix.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4469

The following changes since commit babcb7cd3bbefe9c0ea28e960e4fd6cefbc03cae:

  bluez5: add dbus to RDEPENDS (2022-11-04 07:52:01 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssl: upgrade 1.1.1q to 1.1.1s

Hitendra Prajapati (1):
  bluez: CVE-2022-3637 A DoS exists in monitor/jlink.c

Martin Jansa (1):
  externalsrc.bbclass: fix git repo detection

Peter Kjellerstedt (1):
  externalsrc.bbclass: Remove a trailing slash from ${B}

Ross Burton (1):
  sanity: check for GNU tar specifically

Sundeep KOKKONDA (2):
  binutils: stable 2.34 branch updates
  glibc : stable 2.31 branch updates.

Sunil Kumar (1):
  go: Security Fix for CVE-2022-2879

Vivek Kumbhar (2):
  curl: fix CVE-2022-32221 POST following PUT
  qemu: fix CVE-2021-3638 ati-vga: inconsistent check in ati_2d_blt()
    may lead to out-of-bounds write

ciarancourtney (1):
  wic: swap partitions are not added to fstab

 meta/classes/externalsrc.bbclass              |   6 +-
 meta/classes/sanity.bbclass                   |   8 ++
 meta/recipes-connectivity/bluez5/bluez5.inc   |   1 +
 .../bluez5/bluez5/CVE-2022-3637.patch         |  39 ++++++
 .../{openssl_1.1.1q.bb => openssl_1.1.1s.bb}  |   2 +-
 meta/recipes-core/glibc/glibc-version.inc     |   2 +-
 .../glibc/glibc/CVE-2021-33574_1.patch        |  26 ++--
 .../binutils/binutils-2.34.inc                |   2 +-
 .../binutils/binutils/CVE-2020-16593.patch    |   4 +-
 .../binutils/binutils/CVE-2021-3549.patch     |  80 ++++++-------
 meta/recipes-devtools/go/go-1.14.inc          |   1 +
 .../go/go-1.14/CVE-2022-2879.patch            | 111 ++++++++++++++++++
 meta/recipes-devtools/qemu/qemu.inc           |   1 +
 .../qemu/qemu/CVE-2021-3638.patch             |  80 +++++++++++++
 .../curl/curl/CVE-2022-32221.patch            |  29 +++++
 meta/recipes-support/curl/curl_7.69.1.bb      |   1 +
 scripts/lib/wic/plugins/imager/direct.py      |   2 +-
 17 files changed, 329 insertions(+), 66 deletions(-)
 create mode 100644 meta/recipes-connectivity/bluez5/bluez5/CVE-2022-3637.patch
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1q.bb => openssl_1.1.1s.bb} (98%)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-2879.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3638.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2022-32221.patch

-- 
2.25.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of patches for dunfell and have comments back by
end of day Tuesday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5324

The following changes since commit 1bc254e7969f3d5470bacf9ad9f065d38b7b7fde:

  run-postinsts: Set dependency for ldconfig to avoid boot issues (2023-05-11 07:47:14 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE

Dmitry Baryshkov (1):
  linux-firmware: upgrade 20230210 -> 20230404

Hitendra Prajapati (2):
  git: fix CVE-2023-29007
  git: fix CVE-2023-25652

Khem Raj (1):
  perf: Depend on native setuptools3

Marek Vasut (1):
  cpio: Fix wrong CRC with ASCII CRC for large files

Martin Jansa (1):
  populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO
    override

Randolph Sapp (1):
  wic/bootimg-efi: if fixed-size is set then use that for mkdosfs

Siddharth (1):
  curl: ammend fix for CVE-2023-27534 to fix error when ssh is enabled

Steve Sakoman (1):
  selftest: skip virgl test on ubuntu 22.10, fedora 37, and all rocky

Thomas Roos (1):
  oeqa/utils/metadata.py: Fix running oe-selftest running with no distro
    set

 meta/classes/populate_sdk_ext.bbclass         |   3 +-
 meta/classes/pypi.bbclass                     |   2 +
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   6 +
 meta/lib/oeqa/utils/metadata.py               |   6 +-
 .../git/files/CVE-2023-25652.patch            |  94 +++++++++++
 .../git/files/CVE-2023-29007.patch            | 159 ++++++++++++++++++
 meta/recipes-devtools/git/git.inc             |   2 +
 ...g-CRC-with-ASCII-CRC-for-large-files.patch |  39 +++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   1 +
 ...20230210.bb => linux-firmware_20230404.bb} |   6 +-
 meta/recipes-kernel/perf/perf.bb              |   2 +-
 .../curl/curl/CVE-2023-27534-pre1.patch       |  51 ++++++
 .../curl/curl/CVE-2023-27534.patch            | 122 ++------------
 meta/recipes-support/curl/curl_7.69.1.bb      |   1 +
 scripts/lib/wic/plugins/source/bootimg-efi.py |   7 +
 15 files changed, 387 insertions(+), 114 deletions(-)
 create mode 100644 meta/recipes-devtools/git/files/CVE-2023-25652.patch
 create mode 100644 meta/recipes-devtools/git/files/CVE-2023-29007.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
 rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230210.bb => linux-firmware_20230404.bb} (99%)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27534-pre1.patch

-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5422

The following changes since commit e4b98a42970574296e0da06842691b9fc1ffc9a1:

  selftest: skip virgl test on ubuntu 22.10, fedora 37, and all rocky (2023-05-20 06:02:24 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Alex Kiernan (1):
  openssh: Move sshdgenkeys.service to sshd.socket

Ashish Sharma (1):
  golang: Fix CVE-2023-24539

Bruce Ashfield (5):
  linux-yocto/5.4: update to v5.4.238
  linux-yocto/5.4: update to v5.4.240
  linux-yocto/5.4: update to v5.4.241
  linux-yocto/5.4: update to v5.4.242
  linux-yocto/5.4: update to v5.4.243

Nikhil R (1):
  ffmpeg: Fix CVE-2022-48434

Vijay Anusuri (3):
  ghostscript: Fix CVE-2023-28879
  xserver-xorg: Security fix CVE-2023-0494 and CVE-2023-1393
  go: Security fix CVE-2023-24540

 .../openssh/openssh/sshd.socket               |   1 +
 .../openssh/openssh/sshd@.service             |   2 -
 meta/recipes-devtools/go/go-1.14.inc          |   2 +
 .../go/go-1.14/CVE-2023-24539.patch           |  60 ++++++++
 .../go/go-1.14/CVE-2023-24540.patch           |  90 ++++++++++++
 .../ghostscript/CVE-2023-28879.patch          |  54 +++++++
 .../ghostscript/ghostscript_9.52.bb           |   1 +
 .../xserver-xorg/CVE-2023-0494.patch          |  38 +++++
 .../xserver-xorg/CVE-2023-1393.patch          |  46 ++++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |   2 +
 .../linux/linux-yocto-rt_5.4.bb               |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +--
 .../ffmpeg/ffmpeg/CVE-2022-48434.patch        | 136 ++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 15 files changed, 449 insertions(+), 20 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch

-- 
2.34.1

[OE-core][dunfell 01/11] ffmpeg: Fix CVE-2022-48434

[Steve Sakoman]

From: Nikhil R <nikhilar2410@gmail.com>

Add a patch to fix CVE-2022-48434 which allows attackers to trigger a
use-after-free and execute arbitrary code in some circumstances

Link: https://ubuntu.com/security/CVE-2022-48434
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-48434

Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Ranjitsinh Rathod ranjitsinh.rathod@kpit.com
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Nikhil R <nikhilar2410@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ffmpeg/ffmpeg/CVE-2022-48434.patch        | 136 ++++++++++++++++++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 2 files changed, 137 insertions(+)
 create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch
new file mode 100644
index 0000000000..707073709a
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch
@@ -0,0 +1,136 @@
+From d4b7b3c03ee2baf0166ce49dff17ec9beff684db Mon Sep 17 00:00:00 2001
+From: Anton Khirnov <anton@khirnov.net>
+Date: Fri, 2 Sep 2022 22:21:27 +0200
+Subject: [PATCH] lavc/pthread_frame: avoid leaving stale hwaccel state in
+ worker threads
+
+This state is not refcounted, so make sure it always has a well-defined
+owner.
+
+Remove the block added in 091341f2ab5bd35ca1a2aae90503adc74f8d3523, as
+this commit also solves that issue in a more general way.
+
+(cherry picked from commit cc867f2c09d2b69cee8a0eccd62aff002cbbfe11)
+Signed-off-by: Anton Khirnov <anton@khirnov.net>
+(cherry picked from commit 35aa7e70e7ec350319e7634a30d8d8aa1e6ecdda)
+Signed-off-by: Anton Khirnov <anton@khirnov.net>
+(cherry picked from commit 3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba)
+Signed-off-by: Anton Khirnov <anton@khirnov.net>
+
+CVE: CVE-2022-48434
+Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/d4b7b3c03ee2baf0166ce49dff17ec9beff684db]
+Signed-off-by: Ranjitsinh Rathod ranjitsinh.rathod@kpit.com
+Comment: Hunk#6 refreshed to backport changes and other to remove patch-fuzz warnings
+---
+ libavcodec/pthread_frame.c | 46 +++++++++++++++++++++++++++++---------
+ 1 file changed, 35 insertions(+), 11 deletions(-)
+
+diff --git a/libavcodec/pthread_frame.c b/libavcodec/pthread_frame.c
+index 36ac0ac..bbc5ba6 100644
+--- a/libavcodec/pthread_frame.c
++++ b/libavcodec/pthread_frame.c
+@@ -135,6 +135,12 @@ typedef struct FrameThreadContext {
+                                     * Set for the first N packets, where N is the number of threads.
+                                     * While it is set, ff_thread_en/decode_frame won't return any results.
+                                     */
++
++    /* hwaccel state is temporarily stored here in order to transfer its ownership
++     * to the next decoding thread without the need for extra synchronization */
++    const AVHWAccel *stash_hwaccel;
++    void            *stash_hwaccel_context;
++    void            *stash_hwaccel_priv;
+ } FrameThreadContext;
+ 
+ #define THREAD_SAFE_CALLBACKS(avctx) \
+@@ -211,9 +217,17 @@ static attribute_align_arg void *frame_worker_thread(void *arg)
+             ff_thread_finish_setup(avctx);
+ 
+         if (p->hwaccel_serializing) {
++            /* wipe hwaccel state to avoid stale pointers lying around;
++             * the state was transferred to FrameThreadContext in
++             * ff_thread_finish_setup(), so nothing is leaked */
++            avctx->hwaccel                     = NULL;
++            avctx->hwaccel_context             = NULL;
++            avctx->internal->hwaccel_priv_data = NULL;
++
+             p->hwaccel_serializing = 0;
+             pthread_mutex_unlock(&p->parent->hwaccel_mutex);
+         }
++        av_assert0(!avctx->hwaccel);
+ 
+         if (p->async_serializing) {
+             p->async_serializing = 0;
+@@ -275,14 +289,10 @@ static int update_context_from_thread(AVCodecContext *dst, AVCodecContext *src,
+         dst->color_range = src->color_range;
+         dst->chroma_sample_location = src->chroma_sample_location;
+ 
+-        dst->hwaccel = src->hwaccel;
+-        dst->hwaccel_context = src->hwaccel_context;
+-
+         dst->channels       = src->channels;
+         dst->sample_rate    = src->sample_rate;
+         dst->sample_fmt     = src->sample_fmt;
+         dst->channel_layout = src->channel_layout;
+-        dst->internal->hwaccel_priv_data = src->internal->hwaccel_priv_data;
+ 
+         if (!!dst->hw_frames_ctx != !!src->hw_frames_ctx ||
+             (dst->hw_frames_ctx && dst->hw_frames_ctx->data != src->hw_frames_ctx->data)) {
+@@ -415,6 +425,12 @@ static int submit_packet(PerThreadContext *p, AVCodecContext *user_avctx,
+             pthread_mutex_unlock(&p->mutex);
+             return err;
+         }
++
++        /* transfer hwaccel state stashed from previous thread, if any */
++        av_assert0(!p->avctx->hwaccel);
++        FFSWAP(const AVHWAccel*, p->avctx->hwaccel,                     fctx->stash_hwaccel);
++        FFSWAP(void*,            p->avctx->hwaccel_context,             fctx->stash_hwaccel_context);
++        FFSWAP(void*,            p->avctx->internal->hwaccel_priv_data, fctx->stash_hwaccel_priv);
+     }
+ 
+     av_packet_unref(&p->avpkt);
+@@ -616,6 +632,14 @@ void ff_thread_finish_setup(AVCodecContext *avctx) {
+         async_lock(p->parent);
+     }
+ 
++    /* save hwaccel state for passing to the next thread;
++     * this is done here so that this worker thread can wipe its own hwaccel
++     * state after decoding, without requiring synchronization */
++    av_assert0(!p->parent->stash_hwaccel);
++    p->parent->stash_hwaccel         = avctx->hwaccel;
++    p->parent->stash_hwaccel_context = avctx->hwaccel_context;
++    p->parent->stash_hwaccel_priv    = avctx->internal->hwaccel_priv_data;
++
+     pthread_mutex_lock(&p->progress_mutex);
+     if(atomic_load(&p->state) == STATE_SETUP_FINISHED){
+         av_log(avctx, AV_LOG_WARNING, "Multiple ff_thread_finish_setup() calls\n");
+@@ -657,13 +681,6 @@ void ff_frame_thread_free(AVCodecContext *avctx, int thread_count)
+ 
+     park_frame_worker_threads(fctx, thread_count);
+ 
+-    if (fctx->prev_thread && fctx->prev_thread != fctx->threads)
+-        if (update_context_from_thread(fctx->threads->avctx, fctx->prev_thread->avctx, 0) < 0) {
+-            av_log(avctx, AV_LOG_ERROR, "Final thread update failed\n");
+-            fctx->prev_thread->avctx->internal->is_copy = fctx->threads->avctx->internal->is_copy;
+-            fctx->threads->avctx->internal->is_copy = 1;
+-        }
+-
+     for (i = 0; i < thread_count; i++) {
+         PerThreadContext *p = &fctx->threads[i];
+ 
+@@ -713,6 +730,13 @@ void ff_frame_thread_free(AVCodecContext *avctx, int thread_count)
+     pthread_mutex_destroy(&fctx->async_mutex);
+     pthread_cond_destroy(&fctx->async_cond);
+ 
++    /* if we have stashed hwaccel state, move it to the user-facing context,
++     * so it will be freed in avcodec_close() */
++    av_assert0(!avctx->hwaccel);
++    FFSWAP(const AVHWAccel*, avctx->hwaccel,                     fctx->stash_hwaccel);
++    FFSWAP(void*,            avctx->hwaccel_context,             fctx->stash_hwaccel_context);
++    FFSWAP(void*,            avctx->internal->hwaccel_priv_data, fctx->stash_hwaccel_priv);
++
+     av_freep(&avctx->internal->thread_ctx);
+ 
+     if (avctx->priv_data && avctx->codec && avctx->codec->priv_class)
+-- 
+2.25.1
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
index 1e000dddfa..f12052548f 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
@@ -32,6 +32,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
            file://CVE-2022-1475.patch \
            file://CVE-2022-3109.patch \
            file://CVE-2022-3341.patch \
+           file://CVE-2022-48434.patch \
           "
 SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3"
 SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c"
-- 
2.34.1

[OE-core][dunfell 02/11] ghostscript: Fix CVE-2023-28879

[Steve Sakoman]

From: Vijay Anusuri <vanusuri@mvista.com>

Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;h=37ed5022cecd584de868933b5b60da2e995b3179]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../ghostscript/CVE-2023-28879.patch          | 54 +++++++++++++++++++
 .../ghostscript/ghostscript_9.52.bb           |  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch
new file mode 100644
index 0000000000..852f2459f7
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch
@@ -0,0 +1,54 @@
+From 37ed5022cecd584de868933b5b60da2e995b3179 Mon Sep 17 00:00:00 2001
+From: Ken Sharp <ken.sharp@artifex.com>
+Date: Fri, 24 Mar 2023 13:19:57 +0000
+Subject: [PATCH] Graphics library - prevent buffer overrun in (T)BCP encoding
+
+Bug #706494 "Buffer Overflow in s_xBCPE_process"
+
+As described in detail in the bug report, if the write buffer is filled
+to one byte less than full, and we then try to write an escaped
+character, we overrun the buffer because we don't check before
+writing two bytes to it.
+
+This just checks if we have two bytes before starting to write an
+escaped character and exits if we don't (replacing the consumed byte
+of the input).
+
+Up for further discussion; why do we even permit a BCP encoding filter
+anyway ? I think we should remove this, at least when SAFER is true.
+
+Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;h=37ed5022cecd584de868933b5b60da2e995b3179]
+CVE: CVE-2023-28879
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ base/sbcp.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/base/sbcp.c b/base/sbcp.c
+index 6b0383c..90784b5 100644
+--- a/base/sbcp.c
++++ b/base/sbcp.c
+@@ -1,4 +1,4 @@
+-/* Copyright (C) 2001-2019 Artifex Software, Inc.
++/* Copyright (C) 2001-2023 Artifex Software, Inc.
+    All Rights Reserved.
+ 
+    This software is provided AS-IS with no warranty, either express or
+@@ -50,6 +50,14 @@ s_xBCPE_process(stream_state * st, stream_cursor_read * pr,
+         byte ch = *++p;
+ 
+         if (ch <= 31 && escaped[ch]) {
++            /* Make sure we have space to store two characters in the write buffer,
++	     * if we don't then exit without consuming the input character, we'll process
++	     * that on the next time round.
++	     */
++            if (pw->limit - q < 2) {
++                p--;
++                break;
++            }
+             if (p == rlimit) {
+                 p--;
+                 break;
+-- 
+2.25.1
+
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
index a829d4b4ae..57f0b51ad3 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb
@@ -39,6 +39,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
                 file://CVE-2021-3781_1.patch \
                 file://CVE-2021-3781_2.patch \
                 file://CVE-2021-3781_3.patch \
+                file://CVE-2023-28879.patch \
 "
 
 SRC_URI = "${SRC_URI_BASE} \
-- 
2.34.1

[OE-core][dunfell 03/11] xserver-xorg: Security fix CVE-2023-0494 and CVE-2023-1393

[Steve Sakoman]

From: Vijay Anusuri <vanusuri@mvista.com>

Upstream-Status: Backport
[https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec
&
https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../xserver-xorg/CVE-2023-0494.patch          | 38 +++++++++++++++
 .../xserver-xorg/CVE-2023-1393.patch          | 46 +++++++++++++++++++
 .../xorg-xserver/xserver-xorg_1.20.14.bb      |  2 +
 3 files changed, 86 insertions(+)
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch
 create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch
new file mode 100644
index 0000000000..ef2ee5d55e
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch
@@ -0,0 +1,38 @@
+From 0ba6d8c37071131a49790243cdac55392ecf71ec Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Wed, 25 Jan 2023 11:41:40 +1000
+Subject: [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses
+
+CVE-2023-0494, ZDI-CAN-19596
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec]
+CVE: CVE-2023-0494
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ Xi/exevents.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/Xi/exevents.c b/Xi/exevents.c
+index 217baa9561..dcd4efb3bc 100644
+--- a/Xi/exevents.c
++++ b/Xi/exevents.c
+@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
+             memcpy(to->button->xkb_acts, from->button->xkb_acts,
+                    sizeof(XkbAction));
+         }
+-        else
++        else {
+             free(to->button->xkb_acts);
++            to->button->xkb_acts = NULL;
++        }
+ 
+         memcpy(to->button->labels, from->button->labels,
+                from->button->numButtons * sizeof(Atom));
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch
new file mode 100644
index 0000000000..51d0e0cab6
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch
@@ -0,0 +1,46 @@
+From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001
+From: Olivier Fourdan <ofourdan@redhat.com>
+Date: Mon, 13 Mar 2023 11:08:47 +0100
+Subject: [PATCH] composite: Fix use-after-free of the COW
+
+ZDI-CAN-19866/CVE-2023-1393
+
+If a client explicitly destroys the compositor overlay window (aka COW),
+we would leave a dangling pointer to that window in the CompScreen
+structure, which will trigger a use-after-free later.
+
+Make sure to clear the CompScreen pointer to the COW when the latter gets
+destroyed explicitly by the client.
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110]
+CVE: CVE-2023-1393
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ composite/compwindow.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/composite/compwindow.c b/composite/compwindow.c
+index 4e2494b86b..b30da589e9 100644
+--- a/composite/compwindow.c
++++ b/composite/compwindow.c
+@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin)
+     ret = (*pScreen->DestroyWindow) (pWin);
+     cs->DestroyWindow = pScreen->DestroyWindow;
+     pScreen->DestroyWindow = compDestroyWindow;
++
++    /* Did we just destroy the overlay window? */
++    if (pWin == cs->pOverlayWin)
++        cs->pOverlayWin = NULL;
++
+ /*    compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/
+     return ret;
+ }
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb
index ab18a87a3d..5c604fa86e 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb
@@ -14,6 +14,8 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
            file://CVE-2022-46342.patch \
            file://CVE-2022-46343.patch \
            file://CVE-2022-46344.patch \
+           file://CVE-2023-0494.patch \
+           file://CVE-2023-1393.patch \
 "
 SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf"
 SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066"
-- 
2.34.1

[OE-core][dunfell 04/11] golang: Fix CVE-2023-24539

[Steve Sakoman]

From: Ashish Sharma <asharma@mvista.com>

Improper sanitization of CSS values in html/template

Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-1.14.inc          |  1 +
 .../go/go-1.14/CVE-2023-24539.patch           | 60 +++++++++++++++++++
 2 files changed, 61 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index f734fe1ac8..d0fbde9cae 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -61,6 +61,7 @@ SRC_URI += "\
     file://CVE-2023-24538-1.patch \
     file://CVE-2023-24538-2.patch \
     file://CVE-2023-24538-3.patch \
+    file://CVE-2023-24539.patch \
 "
 
 SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch
new file mode 100644
index 0000000000..281b6486a8
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch
@@ -0,0 +1,60 @@
+From 8673ca81e5340b87709db2d9749c92a3bf925df1 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <bracewell@google.com>
+Date: Thu, 13 Apr 2023 15:40:44 -0700
+Subject: [PATCH] html/template: disallow angle brackets in CSS values
+
+Angle brackets should not appear in CSS contexts, as they may affect
+token boundaries (such as closing a <style> tag, resulting in
+injection). Instead emit filterFailsafe, matching the behavior for other
+dangerous characters.
+
+Thanks to Juho Nurminen of Mattermost for reporting this issue.
+
+Fixes #59720
+Fixes CVE-2023-24539
+
+Change-Id: Iccc659c9a18415992b0c05c178792228e3a7bae4
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1826636
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/491615
+Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Run-TryBot: Carlos Amedee <carlos@golang.org>
+TryBot-Result: Gopher Robot <gobot@golang.org>
+
+Upstream-Status: Backport from [https://github.com/golang/go/commit/8673ca81e5340b87709db2d9749c92a3bf925df1]
+CVE: CVE-2023-24539
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+---
+ src/html/template/css.go      | 2 +-
+ src/html/template/css_test.go | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/html/template/css.go b/src/html/template/css.go
+index 890a0c6b227fe..f650d8b3e843a 100644
+--- a/src/html/template/css.go
++++ b/src/html/template/css.go
+@@ -238,7 +238,7 @@ func cssValueFilter(args ...any) string {
+ 	// inside a string that might embed JavaScript source.
+ 	for i, c := range b {
+ 		switch c {
+-		case 0, '"', '\'', '(', ')', '/', ';', '@', '[', '\\', ']', '`', '{', '}':
++		case 0, '"', '\'', '(', ')', '/', ';', '@', '[', '\\', ']', '`', '{', '}', '<', '>':
+ 			return filterFailsafe
+ 		case '-':
+ 			// Disallow <!-- or -->.
+diff --git a/src/html/template/css_test.go b/src/html/template/css_test.go
+index a735638b0314f..2b76256a766e9 100644
+--- a/src/html/template/css_test.go
++++ b/src/html/template/css_test.go
+@@ -231,6 +231,8 @@ func TestCSSValueFilter(t *testing.T) {
+ 		{`-exp\000052 ession(alert(1337))`, "ZgotmplZ"},
+ 		{`-expre\0000073sion`, "-expre\x073sion"},
+ 		{`@import url evil.css`, "ZgotmplZ"},
++		{"<", "ZgotmplZ"},
++		{">", "ZgotmplZ"},
+ 	}
+ 	for _, test := range tests {
+ 		got := cssValueFilter(test.css)
-- 
2.34.1

[OE-core][dunfell 05/11] go: Security fix CVE-2023-24540

[Steve Sakoman]

From: Vijay Anusuri <vanusuri@mvista.com>

Upstream-Status: Backport [https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797]

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-1.14.inc          |  1 +
 .../go/go-1.14/CVE-2023-24540.patch           | 90 +++++++++++++++++++
 2 files changed, 91 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index d0fbde9cae..2c500e8331 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -62,6 +62,7 @@ SRC_URI += "\
     file://CVE-2023-24538-2.patch \
     file://CVE-2023-24538-3.patch \
     file://CVE-2023-24539.patch \
+    file://CVE-2023-24540.patch \
 "
 
 SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch
new file mode 100644
index 0000000000..799a0dfcda
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch
@@ -0,0 +1,90 @@
+From ce7bd33345416e6d8cac901792060591cafc2797 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <bracewell@google.com>
+Date: Tue, 11 Apr 2023 16:27:43 +0100
+Subject: [PATCH] [release-branch.go1.19] html/template: handle all JS
+ whitespace characters
+
+Rather than just a small set. Character class as defined by \s [0].
+
+Thanks to Juho Nurminen of Mattermost for reporting this.
+
+For #59721
+Fixes  #59813
+Fixes CVE-2023-24540
+
+[0] https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Character_Classes
+
+Change-Id: I56d4fa1ef08125b417106ee7dbfb5b0923b901ba
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1821459
+Reviewed-by: Julie Qiu <julieqiu@google.com>
+Run-TryBot: Roland Shoemaker <bracewell@google.com>
+Reviewed-by: Damien Neil <dneil@google.com>
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1851497
+Run-TryBot: Damien Neil <dneil@google.com>
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/491355
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Reviewed-by: Carlos Amedee <carlos@golang.org>
+TryBot-Bypass: Carlos Amedee <carlos@golang.org>
+Run-TryBot: Carlos Amedee <carlos@golang.org>
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797]
+CVE: CVE-2023-24540
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ src/html/template/js.go      |  8 +++++++-
+ src/html/template/js_test.go | 11 +++++++----
+ 2 files changed, 14 insertions(+), 5 deletions(-)
+
+diff --git a/src/html/template/js.go b/src/html/template/js.go
+index fe7054efe5cd8..4e05c1455723f 100644
+--- a/src/html/template/js.go
++++ b/src/html/template/js.go
+@@ -13,6 +13,11 @@ import (
+ 	"unicode/utf8"
+ )
+ 
++// jsWhitespace contains all of the JS whitespace characters, as defined
++// by the \s character class.
++// See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_expressions/Character_classes.
++const jsWhitespace = "\f\n\r\t\v\u0020\u00a0\u1680\u2000\u2001\u2002\u2003\u2004\u2005\u2006\u2007\u2008\u2009\u200a\u2028\u2029\u202f\u205f\u3000\ufeff"
++
+ // nextJSCtx returns the context that determines whether a slash after the
+ // given run of tokens starts a regular expression instead of a division
+ // operator: / or /=.
+@@ -26,7 +31,8 @@ import (
+ // JavaScript 2.0 lexical grammar and requires one token of lookbehind:
+ // https://www.mozilla.org/js/language/js20-2000-07/rationale/syntax.html
+ func nextJSCtx(s []byte, preceding jsCtx) jsCtx {
+-	s = bytes.TrimRight(s, "\t\n\f\r \u2028\u2029")
++	// Trim all JS whitespace characters
++	s = bytes.TrimRight(s, jsWhitespace)
+ 	if len(s) == 0 {
+ 		return preceding
+ 	}
+diff --git a/src/html/template/js_test.go b/src/html/template/js_test.go
+index e07c695f7a77d..e52180cc113b5 100644
+--- a/src/html/template/js_test.go
++++ b/src/html/template/js_test.go
+@@ -81,14 +81,17 @@ func TestNextJsCtx(t *testing.T) {
+ 		{jsCtxDivOp, "0"},
+ 		// Dots that are part of a number are div preceders.
+ 		{jsCtxDivOp, "0."},
++		// Some JS interpreters treat NBSP as a normal space, so
++		// we must too in order to properly escape things.
++		{jsCtxRegexp, "=\u00A0"},
+ 	}
+ 
+ 	for _, test := range tests {
+-		if nextJSCtx([]byte(test.s), jsCtxRegexp) != test.jsCtx {
+-			t.Errorf("want %s got %q", test.jsCtx, test.s)
++		if ctx := nextJSCtx([]byte(test.s), jsCtxRegexp); ctx != test.jsCtx {
++			t.Errorf("%q: want %s got %s", test.s, test.jsCtx, ctx)
+ 		}
+-		if nextJSCtx([]byte(test.s), jsCtxDivOp) != test.jsCtx {
+-			t.Errorf("want %s got %q", test.jsCtx, test.s)
++		if ctx := nextJSCtx([]byte(test.s), jsCtxDivOp); ctx != test.jsCtx {
++			t.Errorf("%q: want %s got %s", test.s, test.jsCtx, ctx)
+ 		}
+ 	}
+ 
-- 
2.34.1

[OE-core][dunfell 06/11] linux-yocto/5.4: update to v5.4.238

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    6849d8c4a61a Linux 5.4.238
    eb7716a054a6 HID: uhid: Over-ride the default maximum data buffer value with our own
    b687ac70e66a HID: core: Provide new max_buffer_size attribute to over-ride the default
    144019e81396 PCI: Unify delay handling for reset and resume
    d2130f37a4a0 s390/ipl: add missing intersection check to ipl_report handling
    3f5a833dca66 serial: 8250_em: Fix UART port type
    c5afb97d1b51 drm/i915: Don't use stolen memory for ring buffers with LLC
    8d26a4fecce5 x86/mm: Fix use of uninitialized buffer in sme_enable()
    a976ff743eb1 fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
    ac58b88ccbbb ftrace: Fix invalid address access in lookup_rec() when index is 0
    65e4c9a6d0c9 KVM: nVMX: add missing consistency checks for CR0 and CR4
    6fe55dce9dd6 tracing: Make tracepoint lockdep check actually test something
    780f69a2685b tracing: Check field value in hist_field_name()
    f1e3a20c6019 interconnect: fix mem leak when freeing nodes
    325608ab60fa tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted
    c16cbd8233d6 ext4: fix possible double unlock when moving a directory
    6a1bd14d5e34 sh: intc: Avoid spurious sizeof-pointer-div warning
    bbf5eada4334 drm/amdkfd: Fix an illegal memory access
    2c96c52aeaa6 ext4: fix task hung in ext4_xattr_delete_inode
    20ba6f8a8073 ext4: fail ext4_iget if special inode unallocated
    ab519e29891d jffs2: correct logic when creating a hole in jffs2_write_begin
    00bfc67c65a1 mmc: atmel-mci: fix race between stop command and start of next command
    75f6faae2de6 media: m5mols: fix off-by-one loop termination error
    9eb394919c97 hwmon: (ina3221) return prober error code
    26c176ce9028 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition
    13efd488d398 hwmon: (adt7475) Fix masking of hysteresis registers
    0d3095e958f0 hwmon: (adt7475) Display smoothing attributes in correct order
    674fce59d61d ethernet: sun: add check for the mdesc_grab()
    71da5991b643 net/iucv: Fix size of interrupt data
    e0d07a3203c3 net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
    5c06bd3de134 ipv4: Fix incorrect table ID in IOCTL path
    c4fcfbf80c3c block: sunvdc: add check for mdesc_grab() returning NULL
    04c394208831 nvmet: avoid potential UAF in nvmet_req_complete()
    9fabdd79051a net: usb: smsc75xx: Limit packet length to skb->len
    b0c202a8dc63 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
    668de67d4110 net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
    5aaab217c8f5 net: tunnels: annotate lockless accesses to dev->needed_headroom
    cba20ade78ef qed/qed_dev: guard against a possible division by zero
    6e18f66b704b i40e: Fix kernel crash during reboot when adapter is in recovery mode
    f0216046aeb8 ipvlan: Make skb->skb_iif track skb->dev for l3s mode
    0f9c1f26d434 nfc: pn533: initialize struct pn533_out_arg properly
    442aa78ed701 tcp: tcp_make_synack() can be called from process context
    88c3d3bb6469 scsi: core: Fix a procfs host directory removal regression
    4b4f5e34f08b scsi: core: Fix a comment in function scsi_host_dev_release()
    0d59732f2a5b netfilter: nft_redir: correct value of inet type `.maxattrs`
    90279211e96b ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
    0b7057c52377 ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
    5bb9fcaadb8c ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid
    9efbdc743ded ALSA: hda - controller is in GPU on the DG1
    fc52e51c2c30 ALSA: hda - add Intel DG1 PCI and HDMI ids
    090305c36185 scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
    b8849e31a056 docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate
    9e45e4571576 clk: HI655X: select REGMAP instead of depending on it
    dac08e46f0ad drm/meson: fix 1px pink line on GXM when scaling video overlay
    d7e48aa17a81 cifs: Move the in_send statistic to __smb_send_rqst()
    06c208002d0d drm/panfrost: Don't sync rpm suspension after mmu flushing
    c9900d1d86f0 xfrm: Allow transport-mode states with AF_UNSPEC selector
    4008fb9ad474 ext4: fix cgroup writeback accounting with fs-layer encryption

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index e0967223b9..46a1d77778 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "f064f6017b7ce09ade0f365e1b7d776dc9e2e168"
-SRCREV_meta ?= "c7e2e528893abbebd14447510d38ded1ef98dcd2"
+SRCREV_machine ?= "bdf5848b4aedd93895b490c65b52edc488c383b2"
+SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.237"
+LINUX_VERSION ?= "5.4.238"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 6cdf00763b..64c81e7f4f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.237"
+LINUX_VERSION ?= "5.4.238"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "00c3a33c0f772ff1fa8902e8fe8856131c27a9b5"
-SRCREV_machine ?= "0693cbc007cf6a7b335edb5f78542d77b048d5dd"
-SRCREV_meta ?= "c7e2e528893abbebd14447510d38ded1ef98dcd2"
+SRCREV_machine_qemuarm ?= "63e8209e8066ca7d6b3075af199875d77c4596d0"
+SRCREV_machine ?= "2a1e69d2aa0fabdecb015972c5824590a70b8225"
+SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index e95a044099..42fc71f7b2 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "981be716d817e38d2d67269aab3caaa095bd2bdd"
-SRCREV_machine_qemuarm64 ?= "32083245f7eb993b85a33a8d30bd9f41128b6147"
-SRCREV_machine_qemumips ?= "4d002b5ac3b434b21ae58ac15cd73be3ae5ef5a8"
-SRCREV_machine_qemuppc ?= "82b4b51143a6beeb49efa548494bdb5c01f336b2"
-SRCREV_machine_qemuriscv64 ?= "936721bc390034d774b28393bf61808de8899718"
-SRCREV_machine_qemux86 ?= "936721bc390034d774b28393bf61808de8899718"
-SRCREV_machine_qemux86-64 ?= "936721bc390034d774b28393bf61808de8899718"
-SRCREV_machine_qemumips64 ?= "d662d749c441de5a09bfd8870cd10e41b1e27b6b"
-SRCREV_machine ?= "936721bc390034d774b28393bf61808de8899718"
-SRCREV_meta ?= "c7e2e528893abbebd14447510d38ded1ef98dcd2"
+SRCREV_machine_qemuarm ?= "db8e7ac090eb96b687edbb988c3fb7d9a9d83973"
+SRCREV_machine_qemuarm64 ?= "01fe45561dc40cc40b057ee40d722388174733ed"
+SRCREV_machine_qemumips ?= "9bf85e111f1a77b41b39fa1b45a8439fa66e8c4d"
+SRCREV_machine_qemuppc ?= "5743a4eef97e79e05c6780714ffc559fbedea0bb"
+SRCREV_machine_qemuriscv64 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
+SRCREV_machine_qemux86 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
+SRCREV_machine_qemux86-64 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
+SRCREV_machine_qemumips64 ?= "41ecd49609ac6164d8022065e5028984fa5c84ce"
+SRCREV_machine ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
+SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.237"
+LINUX_VERSION ?= "5.4.238"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.34.1

[OE-core][dunfell 07/11] linux-yocto/5.4: update to v5.4.240

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    32bea3bac5ca Linux 5.4.240
    4d4cb7663613 gfs2: Always check inode size of inline inodes
    928240c36891 firmware: arm_scmi: Fix device node validation for mailbox transport
    0f5c0e0a4c0b net: sched: fix race condition in qdisc_graft()
    22d95b544924 net_sched: add __rcu annotation to netdev->qdisc
    14b6ad56df25 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
    9b189af3577e btrfs: scan device in non-exclusive mode
    45a9877d6cc3 s390/uaccess: add missing earlyclobber annotations to __clear_user()
    0c6df5364798 drm/etnaviv: fix reference leak when mmaping imported buffer
    37958ac31fe2 ALSA: usb-audio: Fix regression on detection of Roland VS-100
    6dabafd82968 ALSA: hda/conexant: Partial revert of a quirk for Lenovo
    f3a67268784c NFSv4: Fix hangs when recovering open state after a server reboot
    c81e2965a9e0 pinctrl: at91-pio4: fix domain name assignment
    82c25ac3a258 xen/netback: don't do grant copy across page boundary
    99c8ba920fc2 Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
    657d7c215ca9 cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
    03af69bd674d cifs: prevent infinite recursion in CIFSGetDFSRefer()
    51d657371106 Input: focaltech - use explicitly signed char type
    f0f85f5e402b Input: alps - fix compatibility with -funsigned-char
    7e71d4d190df pinctrl: ocelot: Fix alt mode for ocelot
    70728d639efb net: mvneta: make tx buffer array agnostic
    704e06b97920 net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
    fd7cff506614 bnxt_en: Fix typo in PCI id to device description string mapping
    58279cea0b10 i40e: fix registers dump after run ethtool adapter self test
    5195de1d5f66 s390/vfio-ap: fix memory leak in vfio_ap device driver
    78bc7f0ab994 can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
    105cc2683282 net/net_failover: fix txq exceeding warning
    e633fd26abfd regulator: Handle deferred clk
    be7b622cd63f regulator: fix spelling mistake "Cant" -> "Can't"
    46c4993a1514 ptp_qoriq: fix memory leak in probe()
    c122daa0fa4c scsi: megaraid_sas: Fix crash after a double completion
    317c07d382b1 mtd: rawnand: meson: invalidate cache on polling ECC bit
    d65de5ee8b72 mips: bmips: BCM6358: disable RAC flush for TP1
    9690e34f2247 dma-mapping: drop the dev argument to arch_sync_dma_for_*
    f6e2d76aa362 ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
    856fb74f601a fbdev: au1200fb: Fix potential divide by zero
    deef33c08104 fbdev: lxfb: Fix potential divide by zero
    4f5cc5ffa8c5 fbdev: intelfb: Fix potential divide by zero
    868f247e47ef fbdev: nvidia: Fix potential divide by zero
    f3359f5fc9b7 sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
    521877bf2651 fbdev: tgafb: Fix potential divide by zero
    7f12f99b8017 ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
    9155a5958ed0 ALSA: asihpi: check pao in control_message()
    88a3c63a9635 md: avoid signed overflow in slot_store()
    9966fc59d3a0 bus: imx-weim: fix branch condition evaluates to a garbage value
    d121f7883a17 fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
    4c24eb49ab44 ocfs2: fix data corruption after failed write
    0c0e566f0387 tun: avoid double free in tun_free_netdev
    d253120a580a sched/fair: Sanitize vruntime of entity being migrated
    c23928c70bc8 sched/fair: sanitize vruntime of entity being placed
    885c28ceae7d dm crypt: add cond_resched() to dmcrypt_write()
    4a32a9a818a8 dm stats: check for and propagate alloc_percpu failure
    f8cbad984b16 i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
    8f5cbf6a8c0e nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
    4ae966a7f6a7 wifi: mac80211: fix qos on mesh interfaces
    f558789a886c usb: chipidea: core: fix possible concurrent when switch role
    6b3287b14739 usb: chipdea: core: fix return -EINVAL if request role is the same with current role
    0b2a56fe4659 usb: cdns3: Fix issue with using incorrect PCI device function
    e9e93fdfcefb dm thin: fix deadlock when swapping to thin device
    cd1e320ac095 igb: revert rtnl_lock() that causes deadlock
    123698a5c619 fsverity: Remove WQ_UNBOUND from fsverity read workqueue
    0eda2004f38d usb: gadget: u_audio: don't let userspace block driver unbind
    44f080d7d75a scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
    223274d5c310 cifs: empty interface list when server doesn't support query interfaces
    299a309b98df sh: sanitize the flags on sigreturn
    f4c610f6ca13 net: usb: qmi_wwan: add Telit 0x1080 composition
    e6b1fa6d0626 net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
    04f4a1aa9410 scsi: lpfc: Avoid usage of list iterator variable after loop
    11cdced6a03d scsi: ufs: core: Add soft dependency on governor_simpleondemand
    54ec697e3ca8 scsi: target: iscsi: Fix an error message in iscsi_check_key()
    97115221912c selftests/bpf: check that modifier resolves after pointer
    2100e374251a m68k: Only force 030 bus error if PC not in exception table
    d2b3bd0d4cad ca8210: fix mac_len negative array access
    9e7723b684c0 riscv: Bump COMMAND_LINE_SIZE value to 1024
    32518cd0fcc0 thunderbolt: Use const qualifier for `ring_interrupt_index`
    b40fe2e1f91b uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
    9189f20b4c53 scsi: qla2xxx: Perform lockless command completion in abort path
    da0383f0e86c hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
    13493ad6a220 platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
    a18fb433ceb5 Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work
    b517808795d3 Bluetooth: btqcomsmd: Fix command timeout after setting BD address
    dcd4d3646221 net: mdio: thunder: Add missing fwnode_handle_put()
    707335918f73 hvc/xen: prevent concurrent accesses to the shared ring
    83e442eba39b nvme-tcp: fix nvme_tcp_term_pdu to match spec
    d673ae18406e net/sonic: use dma_mapping_error() for error check
    b72f453e886a erspan: do not use skb_mac_header() in ndo_start_xmit()
    82e07cc5a6ca atm: idt77252: fix kmemleak when rmmod idt77252
    fd6f643dea07 net/mlx5: Read the TC mapping of all priorities on ETS query
    d69c2ded95b1 bpf: Adjust insufficient default bpf_jit_limit
    97674f4cd05e keys: Do not cache key in task struct if key is requested from kernel thread
    f8ee2c8b0d0c net/ps3_gelic_net: Use dma_mapping_error
    6d7e18b1d00a net/ps3_gelic_net: Fix RX sk_buff length
    0e5c7d00ec4f net: qcom/emac: Fix use after free bug in emac_remove due to race condition
    a07ec453e86a xirc2ps_cs: Fix use after free bug in xirc2ps_detach
    42d72c6d1edc qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
    f2111c791d88 net: usb: smsc95xx: Limit packet length to skb->len
    5c4d71424df3 scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
    283fdc5cfbeb i2c: imx-lpi2c: check only for enabled interrupt flags
    90116b8289fd igbvf: Regard vf reset nack as success
    584771762c3e intel/igbvf: free irq on the error path in igbvf_request_msix()
    6999f854184e iavf: fix non-tunneled IPv6 UDP packet type and hashing
    4e752d2baea3 iavf: fix inverted Rx hash condition leading to disabled hash
    6fe078c2864b power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition
    754838aa0205 net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
    09b1a76e7879 Linux 5.4.239
    f0c95f229a67 selftests: Fix the executable permissions for fib_tests.sh

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 46a1d77778..a20525abb9 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "bdf5848b4aedd93895b490c65b52edc488c383b2"
-SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
+SRCREV_machine ?= "304e411fa33ff303ec73d29376dd975c0d5f9cea"
+SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.238"
+LINUX_VERSION ?= "5.4.240"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 64c81e7f4f..19b6e2fa66 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.238"
+LINUX_VERSION ?= "5.4.240"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "63e8209e8066ca7d6b3075af199875d77c4596d0"
-SRCREV_machine ?= "2a1e69d2aa0fabdecb015972c5824590a70b8225"
-SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
+SRCREV_machine_qemuarm ?= "718954ab9a87d4414eb24c502a4a9a772c7020f8"
+SRCREV_machine ?= "e5560b6cd3de039d68422b61746dcf3343ec73e2"
+SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 42fc71f7b2..989d3a2049 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "db8e7ac090eb96b687edbb988c3fb7d9a9d83973"
-SRCREV_machine_qemuarm64 ?= "01fe45561dc40cc40b057ee40d722388174733ed"
-SRCREV_machine_qemumips ?= "9bf85e111f1a77b41b39fa1b45a8439fa66e8c4d"
-SRCREV_machine_qemuppc ?= "5743a4eef97e79e05c6780714ffc559fbedea0bb"
-SRCREV_machine_qemuriscv64 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
-SRCREV_machine_qemux86 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
-SRCREV_machine_qemux86-64 ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
-SRCREV_machine_qemumips64 ?= "41ecd49609ac6164d8022065e5028984fa5c84ce"
-SRCREV_machine ?= "f2e879840d91250606ae3c2fd177c310df11fde0"
-SRCREV_meta ?= "8a7a83b45c543cd7b05fce9ff09abe21ea92f193"
+SRCREV_machine_qemuarm ?= "a17398a736969b170c742324a65c885203234b8e"
+SRCREV_machine_qemuarm64 ?= "c3ae9d7cd0727680ec16b97ba6f92b82d35a9cfb"
+SRCREV_machine_qemumips ?= "bfd98dba6758a2f47aad79e09e3509dfb99b6886"
+SRCREV_machine_qemuppc ?= "6030458f53886df464fe9fbf3e52c4f91a6ad3ec"
+SRCREV_machine_qemuriscv64 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
+SRCREV_machine_qemux86 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
+SRCREV_machine_qemux86-64 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
+SRCREV_machine_qemumips64 ?= "53a370f9356803b7d5b93369439c97572916bcad"
+SRCREV_machine ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
+SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.238"
+LINUX_VERSION ?= "5.4.240"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.34.1

[OE-core][dunfell 08/11] linux-yocto/5.4: update to v5.4.241

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    58f42ed1cd31 Linux 5.4.241
    879593643717 xfs: force log and push AIL to clear pinned inodes when aborting mount
    c76dd368759a xfs: don't reuse busy extents on extent trim
    4679b73a8ed4 xfs: consider shutdown in bmapbt cursor delete assert
    9355fd118b4e xfs: shut down the filesystem if we screw up quota reservation
    48f75df5b3bb xfs: report corruption only as a regular error
    3cce34ceb2ef xfs: set inode size after creating symlink
    e76bd6da5123 xfs: fix up non-directory creation in SGID directories
    ad6613c98463 xfs: remove the di_version field from struct icdinode
    ca4533c951e1 xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize
    e078b3de3e41 xfs: simplify di_flags2 inheritance in xfs_ialloc
    0c553917b61a xfs: only check the superblock version for dinode size calculation
    90aab52d062c xfs: add a new xfs_sb_version_has_v3inode helper
    edd36a57b4a6 xfs: remove the kuid/kgid conversion wrappers
    3ef81874f71c xfs: remove the icdinode di_uid/di_gid members
    cc508a41ae48 xfs: ensure that the inode uid/gid match values match the icdinode ones
    7a9dc7977140 xfs: merge the projid fields in struct xfs_icdinode
    4f3252e7e132 xfs: show the proper user quota options
    799cafa4f304 coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug
    440bdc49f744 watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
    70ca826d3ddb i2c: ocores: generate stop condition after timeout in polling mode
    5fb5bdcdcd5a ubi: Fix deadlock caused by recursively holding work_sem
    0b27716f2d44 mtd: ubi: wl: Fix a couple of kernel-doc issues
    e55588c44255 ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size
    a652c30fa2ba asymmetric_keys: log on fatal failures in PE/pkcs7
    5809dbacc431 verify_pefile: relax wrapper length check
    0213f027d030 drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F
    b3052e5d468b efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L
    02a78e653933 i2c: imx-lpi2c: clean rx/tx buffers upon new message
    1ef56397449e power: supply: cros_usbpd: reclassify "default case!" as debug
    7169d1638824 net: macb: fix a memory corruption in extended buffer descriptor mode
    c39fa0398a30 udp6: fix potential access to stale information
    9c46c49ad3ff RDMA/core: Fix GID entry ref leak when create_ah fails
    ad831a7079c9 sctp: fix a potential overflow in sctp_ifwdtsn_skip
    afffe0d1e6b9 qlcnic: check pci_reset_function result
    a841f6a0a39d niu: Fix missing unwind goto in niu_alloc_channels()
    fcd084e199b9 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition
    1b77cb6f5e4a mtd: rawnand: stm32_fmc2: remove unsupported EDO mode
    4c1d882b53a3 mtd: rawnand: meson: fix bitmask for length in command word
    266746003439 mtdblock: tolerate corrected bit-flips
    50dbfd9dacda btrfs: fix fast csum implementation detection
    c6db5f2a31cd btrfs: print checksum type and implementation at mount time
    8a99e6200c38 Bluetooth: Fix race condition in hidp_session_thread
    c02421992505 Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
    9025cea8e03b ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards
    4d419195d6b8 ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex()
    fe158eeccc38 ALSA: i2c/cs8427: fix iec958 mixer control deactivation
    aa23fa32e5ff ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard
    62ccf2e0b106 ALSA: emu10k1: fix capture interrupt handler unlinking
    9a3ba7b24d08 Revert "pinctrl: amd: Disable and mask interrupts on resume"
    2945f948aa84 irqdomain: Fix mapping-creation race
    e8f3aea716d2 irqdomain: Refactor __irq_domain_alloc_irqs()
    3804f265c1bf irqdomain: Look for existing mapping only once
    e7bba7ddb431 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    fd644712bccd ring-buffer: Fix race while reader and writer are on the same page
    c208b4321e8f drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    c381527918b1 net_sched: prevent NULL dereference if default qdisc setup failed
    987f599fc556 tracing: Free error logs of tracing instances
    d2136f05690c can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    5a74a75fc3d3 ftrace: Mark get_lock_parent_ip() __always_inline
    95bbfeb4ff0e perf/core: Fix the same task check in perf_event_set_output
    666c25d35e5e ALSA: hda/realtek: Add quirk for Clevo X370SNW
    83b16a60e413 nilfs2: fix sysfs interface lifetime
    613bf23c070d nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    aa8e50688d44 tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty
    aabba4440409 tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    209ab5c234c5 tty: serial: sh-sci: Fix transmit end interrupt handler
    9a2a6443d655 iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    e469ebb28dbe iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    abc5b4f8cdff USB: serial: option: add Quectel RM500U-CN modem
    b9c11537efcf USB: serial: option: add Telit FE990 compositions
    38c00a22d67b usb: typec: altmodes/displayport: Fix configure initial pin assignment
    f417d3fea3de USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    47132be17d7b xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    5fccf2c546ed NFSD: callback request does not use correct credential for AUTH_SYS
    3686380d9d60 sunrpc: only free unix grouplist after RCU settles
    1627119153d9 gpio: davinci: Add irq chip flag to skip set wake
    0cf600ca1bdf ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    0443fff49d63 sctp: check send stream number after wait_for_sndbuf
    93f3885211ae net: don't let netpoll invoke NAPI if in xmit context
    0d2fa30078af icmp: guard against too small mtu
    a3593082e0da wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta
    4220f83b9f03 pwm: sprd: Explicitly set .polarity in .get_state()
    6e1f29397dea pwm: cros-ec: Explicitly set .polarity in .get_state()
    dbd764e9d422 pinctrl: amd: Disable and mask interrupts on resume
    dd7e19f97f71 pinctrl: amd: disable and mask interrupts on probe
    3f3e4bd3f0cc pinctrl: amd: Use irqchip template
    387236b9e002 smb3: fix problem with null cifs super block with previous patch
    2e64d7b182c6 treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
    199197660bdd Revert "treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()"
    522af69af24f cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    4311ae04b386 x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    110d425cdfb1 scsi: ses: Handle enclosure with just a primary component gracefully

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index a20525abb9..5d77bc3ae3 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "304e411fa33ff303ec73d29376dd975c0d5f9cea"
-SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
+SRCREV_machine ?= "bf0fd4b1c757c39b99fb742f7023718fca6477de"
+SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.240"
+LINUX_VERSION ?= "5.4.241"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 19b6e2fa66..245e049b60 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.240"
+LINUX_VERSION ?= "5.4.241"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "718954ab9a87d4414eb24c502a4a9a772c7020f8"
-SRCREV_machine ?= "e5560b6cd3de039d68422b61746dcf3343ec73e2"
-SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
+SRCREV_machine_qemuarm ?= "8ccc251148dca811482b01afe95b24f02e9c0b8b"
+SRCREV_machine ?= "e0fc5fe58eac8f2a552a3fe5b3da0f18c8fd5a52"
+SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 989d3a2049..60b4c44ec9 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "a17398a736969b170c742324a65c885203234b8e"
-SRCREV_machine_qemuarm64 ?= "c3ae9d7cd0727680ec16b97ba6f92b82d35a9cfb"
-SRCREV_machine_qemumips ?= "bfd98dba6758a2f47aad79e09e3509dfb99b6886"
-SRCREV_machine_qemuppc ?= "6030458f53886df464fe9fbf3e52c4f91a6ad3ec"
-SRCREV_machine_qemuriscv64 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
-SRCREV_machine_qemux86 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
-SRCREV_machine_qemux86-64 ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
-SRCREV_machine_qemumips64 ?= "53a370f9356803b7d5b93369439c97572916bcad"
-SRCREV_machine ?= "b1db2f47a35d8a71c038a3438779f4d50807e5e5"
-SRCREV_meta ?= "aaa00d56c80ea2cbb07f7a018b80b89dc59f28e0"
+SRCREV_machine_qemuarm ?= "a38fd554c6a9d49f33b4097a7300f5a2d134cb83"
+SRCREV_machine_qemuarm64 ?= "99b6ecddbf3cf1909e8208a46842c81cce09d02c"
+SRCREV_machine_qemumips ?= "55f3e8be5f53e522210db32f6bf60c9d153fe5d6"
+SRCREV_machine_qemuppc ?= "536eee19189590e19bdcb5baf5b6c752abd14455"
+SRCREV_machine_qemuriscv64 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
+SRCREV_machine_qemux86 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
+SRCREV_machine_qemux86-64 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
+SRCREV_machine_qemumips64 ?= "60b346865774d6d320f8b5b3ef35661fdaa6dffb"
+SRCREV_machine ?= "2dc29af86649e3006eb05972e1e175989d64d537"
+SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.240"
+LINUX_VERSION ?= "5.4.241"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.34.1

[OE-core][dunfell 09/11] linux-yocto/5.4: update to v5.4.242

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    ea7862c507ec Linux 5.4.242
    d54a9f999ea7 ASN.1: Fix check for strdup() success
    2500d7edebfb iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger()
    760c2e6dee32 pwm: meson: Explicitly set .polarity in .get_state()
    7f2b8046da83 xfs: fix forkoff miscalculation related to XFS_LITINO(mp)
    c27a6bb1788f sctp: Call inet6_destroy_sock() via sk->sk_destruct().
    97ce6cde1f51 dccp: Call inet6_destroy_sock() via sk->sk_destruct().
    a01b75620e1a inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
    9374db5bd1e3 tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
    2ac4697b7779 udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
    5a62248c5855 ext4: fix use-after-free in ext4_xattr_set_entry
    3b0044cb28f7 ext4: remove duplicate definition of ext4_xattr_ibody_inline_set()
    3c4fdbf368ba Revert "ext4: fix use-after-free in ext4_xattr_set_entry"
    ef2aab86c34c x86/purgatory: Don't generate debug info for purgatory.ro
    c22aefaef8ae MIPS: Define RUNTIME_DISCARD_EXIT in LD script
    a5167e902b64 mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25
    1b8b54fc55a4 memstick: fix memory leak if card device is never registered
    5ad61a5268de nilfs2: initialize unused bytes in segment summary blocks
    988766b9d124 iio: light: tsl2772: fix reading proximity-diodes from device tree
    5cb867f1ecb4 xen/netback: use same error messages for same errors
    903f82b1a6b2 nvme-tcp: fix a possible UAF when failing to allocate an io queue
    34b74c32ff4f s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
    64cd99da25c1 net: dsa: b53: mmap: add phy ops
    89dcf0dd7aae scsi: core: Improve scsi_vpd_inquiry() checks
    f729b74bb489 scsi: megaraid_sas: Fix fw_crash_buffer_show()
    4f4ef354f95d selftests: sigaltstack: fix -Wuninitialized
    a725dddf2139 Input: i8042 - add quirk for Fujitsu Lifebook A574/H
    9df3f502e33d f2fs: Fix f2fs_truncate_partial_nodes ftrace event
    2f3730f182fc e1000e: Disable TSO on i219-LM card to increase speed
    0f0a291cc520 bpf: Fix incorrect verifier pruning due to missing register precision taints
    ba610df83b04 mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
    d8e120057cee i40e: fix i40e_setup_misc_vector() error handling
    59fba01b6c72 i40e: fix accessing vsi->active_filters without holding lock
    01125379e2dc netfilter: nf_tables: fix ifdef to also consider nf_tables=m
    7c1019391bd6 virtio_net: bugfix overflow inside xdp_linearize_page()
    35dceaeab97c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
    d61f24a45410 regulator: fan53555: Explicitly include bits header
    36f098e1e4d1 netfilter: br_netfilter: fix recent physdev match breakage
    375e445b1022 arm64: dts: meson-g12-common: specify full DMC range
    cb1f89fe934b ARM: dts: rockchip: fix a typo error for rk3288 spdif node

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 5d77bc3ae3..8ad2207dd2 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "bf0fd4b1c757c39b99fb742f7023718fca6477de"
-SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
+SRCREV_machine ?= "b2e35e842864b87c1b081e27327799f9e0d2ac97"
+SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.241"
+LINUX_VERSION ?= "5.4.242"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 245e049b60..31a1ee783b 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.241"
+LINUX_VERSION ?= "5.4.242"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "8ccc251148dca811482b01afe95b24f02e9c0b8b"
-SRCREV_machine ?= "e0fc5fe58eac8f2a552a3fe5b3da0f18c8fd5a52"
-SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
+SRCREV_machine_qemuarm ?= "1091132f5b9b1f56bbd6b408a2d3652aeb1b5405"
+SRCREV_machine ?= "98224933ef9fd6b6f600c27037d7c59c3af2aab2"
+SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index 60b4c44ec9..e606bb4c73 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "a38fd554c6a9d49f33b4097a7300f5a2d134cb83"
-SRCREV_machine_qemuarm64 ?= "99b6ecddbf3cf1909e8208a46842c81cce09d02c"
-SRCREV_machine_qemumips ?= "55f3e8be5f53e522210db32f6bf60c9d153fe5d6"
-SRCREV_machine_qemuppc ?= "536eee19189590e19bdcb5baf5b6c752abd14455"
-SRCREV_machine_qemuriscv64 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
-SRCREV_machine_qemux86 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
-SRCREV_machine_qemux86-64 ?= "2dc29af86649e3006eb05972e1e175989d64d537"
-SRCREV_machine_qemumips64 ?= "60b346865774d6d320f8b5b3ef35661fdaa6dffb"
-SRCREV_machine ?= "2dc29af86649e3006eb05972e1e175989d64d537"
-SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1"
+SRCREV_machine_qemuarm ?= "210301f79471a6b8bbd8ce7da56f19f34beacf1d"
+SRCREV_machine_qemuarm64 ?= "78a9e72b8046e89a23e44e8f3ad79ded96484237"
+SRCREV_machine_qemumips ?= "d71f42f88b7b8fb09b722d269e140edf465af454"
+SRCREV_machine_qemuppc ?= "2144b992dd135ca0ffe168d112d99d48a2896b98"
+SRCREV_machine_qemuriscv64 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
+SRCREV_machine_qemux86 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
+SRCREV_machine_qemux86-64 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
+SRCREV_machine_qemumips64 ?= "8e77596aadf62832d1a8bc307dab9598ce6a85d1"
+SRCREV_machine ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
+SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.241"
+LINUX_VERSION ?= "5.4.242"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.34.1

[OE-core][dunfell 10/11] linux-yocto/5.4: update to v5.4.243

[Steve Sakoman]

From: Bruce Ashfield <bruce.ashfield@gmail.com>

Updating  to the latest korg -stable release that comprises
the following commits:

    f53660ec669f Linux 5.4.243
    d60f15682a5c drm/amd/display: Fix hang when skipping modeset
    93ca0d7b88e8 mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
    3f231e30cdeb drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag
    65a8b6d129cf drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
    62ac943eb2a9 firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
    a781ea3437a0 drm/msm: Fix double pm_runtime_disable() call
    e4e88f74eb2f PM: domains: Restore comment indentation for generic_pm_domain.child_links
    ddcca7299de3 printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
    c2c3ffc79896 PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
    6a24285f64ea PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
    dde34ef0bc73 drbd: correctly submit flush bio on barrier
    373720b9289c serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
    f2a1071100fe tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
    ba04d6af5ac4 ext4: fix invalid free tracking in ext4_xattr_move_to_block()
    185062a21976 ext4: remove a BUG_ON in ext4_mb_release_group_pa()
    d7ff83a71d77 ext4: bail out of ext4_xattr_ibody_get() fails for any reason
    486efbbc9445 ext4: add bounds checking in get_max_inline_xattr_value_size()
    b4fa4768c9ac ext4: fix deadlock when converting an inline directory in nojournal mode
    2dda20290671 ext4: improve error recovery code paths in __ext4_remount()
    525c802de3f9 ext4: fix data races when using cached status extents
    4f4fd982d972 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
    1b90fbc75901 ext4: fix WARNING in mb_find_extent
    f9e27d4bdb1f HID: wacom: insert timestamp to packed Bluetooth (BT) events
    d8b609e66244 HID: wacom: Set a default resolution for older tablets
    3decf3a750a9 drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
    625d4112ea25 drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras
    b1fabc379463 drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
    c6bb59662432 drm/panel: otm8009a: Set backlight parent to panel device
    3e7703624612 f2fs: fix potential corruption when moving a directory
    dafc5a5c8fda ARM: dts: s5pv210: correct MIPI CSIS clock name
    ad751b896eae ARM: dts: exynos: fix WM8960 clock name in Itop Elite
    823496470790 remoteproc: st: Call of_node_put() on iteration error
    a1366ecb0905 remoteproc: stm32: Call of_node_put() on iteration error
    f16bc5111cc6 sh: nmi_debug: fix return value of __setup handler
    c9871a47f4ce sh: init: use OF_EARLY_FLATTREE for early init
    111b08116dac sh: math-emu: fix macro redefined warning
    8fb33166aed8 inotify: Avoid reporting event with invalid wd
    0ccea97abe6d platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i
    871641c7ebe5 cifs: fix pcchunk length type in smb2_copychunk_range
    3e2b4bceaaf9 btrfs: print-tree: parent bytenr must be aligned to sector size
    1e05bf5e80bb btrfs: don't free qgroup space unless specified
    b232f5e8cf81 btrfs: fix btrfs_prev_leaf() to not return the same key twice
    96f71f669bee perf symbols: Fix return incorrect build_id size in elf_read_build_id()
    78190a6ebe4e perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp()
    ffec80cc6761 perf vendor events power9: Remove UTF-8 characters from JSON files
    62f1ebfe9aac virtio_net: suppress cpu stall when free_unused_bufs
    1dc5faf30a6c virtio_net: split free_unused_bufs()
    b15637e717ad net: dsa: mt7530: fix corrupt frames using trgmii on 40 MHz XTAL MT7621
    544b0de2d767 ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init`
    35f2642f4abd drm/amdgpu: add a missing lock for AMDGPU_SCHED
    5cfe3f910f7c af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
    fbcfa00386e1 ionic: remove noise from ethtool rxnfc error msg
    4a56f1f6fe92 rxrpc: Fix hard call timeout units
    dfa36eb38020 net/sched: act_mirred: Add carrier check
    cc5ccfb7c0ee writeback: fix call of incorrect macro
    9c1fcb97f98f net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
    e80412439030 sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
    cc5fe387c629 net/sched: cls_api: remove block_cb from driver_list before freeing
    8acd3a28873f net/ncsi: clear Tx enable mode when handling a Config required AEN
    bc0905a76531 relayfs: fix out-of-bounds access in relay_file_read
    c038ae623a7c kernel/relay.c: fix read_pos error when multiple readers
    4f4de392f492 crypto: safexcel - Cleanup ring IRQ workqueues on load failure
    b9878f485d70 crypto: inside-secure - irq balance
    439d3a7056d5 dm verity: fix error handling for check_at_most_once on FEC
    0156f7dbd822 dm verity: skip redundant verity_handle_err() on I/O errors
    e4875d6e053d mailbox: zynqmp: Fix counts of child nodes
    ff0d64f5127e mailbox: zynq: Switch to flexible array to simplify code
    352b152905cc tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
    9b2ed144318e nohz: Add TICK_DEP_BIT_RCU
    c8b6063f13ad netfilter: nf_tables: deactivate anonymous set from preparation phase
    29fb2a1a5f71 debugobject: Ensure pool refill (again)
    cef1b8a4df5c perf intel-pt: Fix CYC timestamps after standalone CBR
    5ead86d57583 perf auxtrace: Fix address filter entire kernel size
    29a1ef57c3be dm ioctl: fix nested locking in table_clear() to remove deadlock concern
    337b7af27356 dm flakey: fix a crash with invalid table line
    6d126899b074 dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
    cbe0a7ec67c3 dm clone: call kmem_cache_destroy() in dm_clone_init() error path
    d8f66a19f8be s390/dasd: fix hanging blockdevice after request requeue
    5492d4081274 btrfs: scrub: reject unsupported scrub flags
    946e067b4cda scripts/gdb: fix lx-timerlist for Python3
    7cf5ce2857b8 clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
    4379d5ce9235 wifi: rtl8xxxu: RTL8192EU always needs full init
    ecdcefd312d4 mailbox: zynqmp: Fix typo in IPI documentation
    38afc633d374 mailbox: zynqmp: Fix IPI isr handling
    14964127be77 md/raid10: fix null-ptr-deref in raid10_sync_request
    fe1cbbcb1a25 nilfs2: fix infinite loop in nilfs_mdt_get_block()
    4569a292a84e nilfs2: do not write dirty data after degenerating to read-only
    fd37a5c6998b parisc: Fix argument pointer in real64_call_asm()
    736aeb17b6a0 afs: Fix updating of i_size with dv jump from server
    27263ff39784 dmaengine: at_xdmac: do not enable all cyclic channels
    8c821199bc28 dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
    24c9c4ad23d3 dmaengine: dw-edma: Fix to change for continuous transfer
    2e900f363174 phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
    58e026465814 pwm: mtk-disp: Disable shadow registers before setting backlight values
    33f00f0a7368 pwm: mtk-disp: Adjust the clocks to avoid them mismatch
    e5e9e59c4564 pwm: mtk-disp: Don't check the return code of pwmchip_remove()
    8e238e88822f dmaengine: mv_xor_v2: Fix an error code.
    026df12f3c4d leds: TI_LMU_COMMON: select REGMAP instead of depending on it
    a34f6dcb78c6 ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
    6dfd85ada867 openrisc: Properly store r31 to pt_regs on unhandled exceptions
    2fd44d2bde34 clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails
    f2aaf419889c clocksource: davinci: axe a pointless __GFP_NOFAIL
    fc051820d616 clocksource/drivers/davinci: Avoid trailing '\n' hidden in pr_fmt()
    945e9898624d RDMA/mlx5: Use correct device num_ports when modify DC
    9bf843683a32 SUNRPC: remove the maximum number of retries in call_bind_status
    1dfa3c9dd27b Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
    ce6c42f0b644 input: raspberrypi-ts: Release firmware handle when not needed
    de85be00a8f3 firmware: raspberrypi: Introduce devm_rpi_firmware_get()
    d537afa08e15 firmware: raspberrypi: Keep count of all consumers
    919f470337e1 NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
    fe60c3af70bf IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
    b4f12e2402a5 RDMA/siw: Remove namespace check from siw_netdev_event()
    795d11e8ff35 clk: add missing of_node_put() in "assigned-clocks" property parsing
    0c770f95a2d7 power: supply: generic-adc-battery: fix unit scaling
    31ca78dc1f50 rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time
    8feca6259007 RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
    683cd87041ac rtc: omap: include header for omap_rtc_power_off_program prototype
    a48403e8c325 RDMA/rdmavt: Delete unnecessary NULL check
    b24e0e4612a5 RDMA/siw: Fix potential page_array out of range access
    318bc22decd4 perf/core: Fix hardlockup failure caused by perf throttle
    ff3edfb3c825 powerpc/rtas: use memmove for potentially overlapping buffer copy
    333a2a9846b9 macintosh: via-pmu-led: requires ATA to be set
    e2dd8bbab7b5 powerpc/sysdev/tsi108: fix resource printk format warnings
    770d583cd5ae powerpc/wii: fix resource printk format warnings
    f60c8d7c16bb powerpc/mpc512x: fix resource printk format warning
    97cd970f8add macintosh/windfarm_smu_sat: Add missing of_node_put()
    54dda7322255 spmi: Add a check for remove callback when removing a SPMI driver
    af9bfe1c0a50 staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
    572d48361aa0 serial: 8250: Add missing wakeup event reporting
    488baa8038fa tty: serial: fsl_lpuart: adjust buffer length to the intended size
    8fa80b452bc9 firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
    26ca30516b2c usb: mtu3: fix kernel panic at qmu transfer done irq handler
    bd7a3e6416ab usb: chipidea: fix missing goto in `ci_hdrc_probe`
    f9e2abb6df6d sh: sq: Fix incorrect element size for allocating bitmap buffer
    e1431faa89bd uapi/linux/const.h: prefer ISO-friendly __typeof__
    6716203844bc spi: cadence-quadspi: fix suspend-resume implementations
    caaefbf823ab mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA channel
    ee5ffe4cdfea mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure
    7c69aeca59f2 mtd: spi-nor: cadence-quadspi: Provide a way to disable DAC mode
    df9708297bb2 mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry
    30ac77e99525 scripts/gdb: bail early if there are no generic PD
    35a2681e9937 PM: domains: Fix up terminology with parent/child
    0fbc62db7e10 scripts/gdb: bail early if there are no clocks
    0988baae3984 ia64: salinfo: placate defined-but-not-used warning
    d6cb7b6868b9 ia64: mm/contig: fix section mismatch warning/error
    d3c6d52148a1 of: Fix modalias string generation
    ca0f4ad2b7a3 vmci_host: fix a race condition in vmci_host_poll() causing GPF
    170e22324052 spi: fsl-spi: Fix CPM/QE mode Litte Endian
    863238433703 spi: qup: Don't skip cleanup in remove's error path
    814a9a6de1b1 linux/vt_buffer.h: allow either builtin or modular for macros
    3547e5bd0d10 ASoC: es8316: Handle optional IRQ assignment
    9650d5a1e7df ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
    f5ce428e3eae genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
    0f31993721f9 PCI: imx6: Install the fault handler only on compatible match
    0fee5030c094 usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
    7d2bc728cc8d iio: light: max44009: add missing OF device matching
    ee0e2f7af02a fpga: bridge: fix kernel-doc parameter description
    3fb02404c1e0 usb: host: xhci-rcar: remove leftover quirk handling
    36fb7843f1c3 pstore: Revert pmsg_lock back to a normal mutex
    602fa8af44fd tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
    638810f5d020 net: amd: Fix link leak when verifying config failed
    9ef809945edd netlink: Use copy_to_user() for optval in netlink_getsockopt().
    de0ffb5145c9 Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
    27c468ec1af1 ipv4: Fix potential uninit variable access bug in __ip_make_skb()
    3b9960e21e8b netfilter: nf_tables: don't write table validation state without mutex
    64d2c1cfd04f bpf: Don't EFAULT for getsockopt with optval=NULL
    3bf918f90f93 ixgbe: Enable setting RSS table to default values
    053b36c50bdd ixgbe: Allow flow hash to be set via ethtool
    ae23fc2b230a wifi: iwlwifi: mvm: check firmware response size
    ffdfaf27ebf1 wifi: iwlwifi: make the loop for card preparation effective
    3725b35fc0e5 md/raid10: fix memleak of md thread
    fb3f2f2fa0f3 md: update the optimal I/O size on reshape
    b6460f68c1cc md/raid10: fix memleak for 'conf->bio_split'
    8c5d5d7ffd1e md/raid10: fix leak of 'r10bio->remaining' for recovery
    1fee7e391d99 bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
    d5fdcd2384ff nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage"
    b1e6b3fd1104 nvme: fix async event trace event
    eaaa0c6b0540 nvme: handle the persistent internal error AER
    c229821510df bpf, sockmap: fix deadlocks in the sockhash and sockmap
    74d90f92eafe scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
    01993768b3e7 crypto: drbg - Only fail when jent is unavailable in FIPS mode
    b21c7e28e801 crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
    14efbe2499c1 bpftool: Fix bug for long instructions in program CFG dumps
    3e3533c56cf8 wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
    03109f1870e2 wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
    e163e64227ad rtlwifi: Replace RT_TRACE with rtl_dbg
    faec6b865468 rtlwifi: Start changing RT_TRACE into rtl_dbg
    7c5e804b6d52 f2fs: handle dqget error in f2fs_transfer_project_quota()
    7a2ae008a53c scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
    a4245323d272 scsi: target: iscsit: Fix TAS handling during conn cleanup
    8e402d5198b3 net/packet: convert po->auxdata to an atomic flag
    f3ac72c7ab20 net/packet: convert po->origdev to an atomic flag
    4760229b820d net/packet: annotate accesses to po->xmit
    47464e0c658a vlan: partially enable SIOCSHWTSTAMP in container
    8f851a75bbc7 scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
    7160c6940a97 wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
    743ae09b28ce wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
    72d5edceb2de tools: bpftool: Remove invalid \' json escape
    0d1792c98351 wifi: ath6kl: reduce WARN to dev_dbg() in callback
    8d17563174b0 wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
    d98993186607 wifi: ath9k: hif_usb: fix memory leak of remain_skbs
    1286c4ce1f01 wifi: ath6kl: minor fix for allocation size
    a3e7a3d472c2 tick/common: Align tick period with the HZ tick.
    04be737176e6 tick: Get rid of tick_period
    3df29117d8a6 tick/sched: Optimize tick_do_update_jiffies64() further
    b6fe34d93655 tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64()
    746eac77e008 tick/sched: Use tick_next_period for lockless quick check
    a23607579f12 timekeeping: Split jiffies seqlock
    22d7ec50ffdd debugobject: Prevent init race with static objects
    a687da500464 arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
    442470948c04 x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
    824683dbec23 regulator: stm32-pwr: fix of_iomap leak
    53adb408b170 media: rc: gpio-ir-recv: Fix support for wake-up
    9df630dafa1a media: rcar_fdp1: Fix refcount leak in probe and remove function
    6fd6e2f29c18 media: rcar_fdp1: Fix the correct variable assignments
    75b55a3cbb4a media: rcar_fdp1: Make use of the helper function devm_platform_ioremap_resource()
    03d234459259 media: rcar_fdp1: fix pm_runtime_get_sync() usage count
    aebe8e43d85e media: rcar_fdp1: simplify error check logic at fdp_open()
    a4b6ab360f56 media: saa7134: fix use after free bug in saa7134_finidev due to race condition
    cd1583caed7e media: dm1105: Fix use after free bug in dm1105_remove due to race condition
    0c61a6897c47 x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
    5224ea575196 regulator: core: Avoid lockdep reports when resolving supplies
    73b262115f5f regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow()
    9b53238b3be2 drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe()
    0a6d476d9c9d mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
    f79421c36070 drm/msm/adreno: drop bogus pm_runtime_set_active()
    438d00b18d55 drm/msm/adreno: Defer enabling runpm until hw_init()
    594726c93841 drm/msm: fix unbalanced pm_runtime_enable in adreno_gpu_{init, cleanup}
    37c8085cf9c0 firmware: qcom_scm: Clear download bit during reboot
    620b983589e0 media: av7110: prevent underflow in write_ts_to_decoder()
    1205c52cf270 media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format.
    c6a315f0b140 media: bdisp: Add missing check for create_workqueue
    1a057b68952d ARM: dts: qcom: ipq8064: Fix the PCI I/O port range
    699bf5a793ca ARM: dts: qcom: ipq8064: reduce pci IO size to 64K
    1d207fcdf670 ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
    e0162c92973b EDAC/skx: Fix overflows on the DRAM row address mapping arrays
    acb6f45775bb arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
    0524eb688297 arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
    a535b5d4a2c3 drm/probe-helper: Cancel previous job before starting new one
    4223f98d4d45 drm/vgem: add missing mutex_destroy
    8747cd580b59 drm/rockchip: Drop unbalanced obj unref
    9773c58594ff erofs: fix potential overflow calculating xattr_isize
    880c79bdb002 erofs: stop parsing non-compact HEAD index if clusterofs is invalid
    e998107daad2 tpm, tpm_tis: Do not skip reset of original interrupt vector
    1c131a32a9b5 selinux: ensure av_permissions.h is built when needed
    11458692ebd2 selinux: fix Makefile dependencies of flask.h
    823f554747f8 ubifs: Free memory for tmpfile name
    d3f1b113a503 ubi: Fix return value overwrite issue in try_write_vid_and_data()
    6f2eee5457bc ubifs: Fix memleak when insert_old_idx() failed
    2c2a76b7c4b5 Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
    5d1f14beabab i2c: omap: Fix standard mode false ACK readings
    d482617fa662 KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
    67d33b8c5696 reiserfs: Add security prefix to xattr name in reiserfs_security_write()
    2399b1fda025 ring-buffer: Sync IRQ works before buffer destruction
    a7fa8c9dc851 pwm: meson: Fix g12a ao clk81 name
    a3e0d3430f33 pwm: meson: Fix axg ao mux parents
    719459877d58 kheaders: Use array declaration instead of char
    4ec3be7003b6 ipmi: fix SSIF not responding under certain cond.
    bead854bcca2 ipmi:ssif: Add send_retries increment
    0f91290774c7 MIPS: fw: Allow firmware to pass a empty env
    3092933b2637 xhci: fix debugfs register accesses while suspended
    3c5a28658d12 debugfs: regset32: Add Runtime PM support
    2298b30010fd staging: iio: resolver: ads1210: fix config mode
    fbd11f086bf1 perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE)
    6525d2fd6f83 USB: dwc3: fix runtime pm imbalance on unbind
    2d5844aa6e56 USB: dwc3: fix runtime pm imbalance on probe errors
    0804f3715c09 asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    944ff47a19f2 ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
    f00e4bfd7f08 iio: adc: palmas_gpadc: fix NULL dereference on rmmod
    85ed09c33021 USB: serial: option: add UNISOC vendor and TOZED LT70C product
    48cdcb40d589 bluetooth: Perform careful capability checks in hci_sock_ioctl()
    c8258fc827c8 drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
    425eea395f1f wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
    3b7509b6f5e2 counter: 104-quad-8: Fix race condition between FLAG and CNTR reads

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../linux/linux-yocto-rt_5.4.bb               |  6 ++---
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +++----
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 +++++++++----------
 3 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
index 8ad2207dd2..01eca24a00 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb
@@ -11,13 +11,13 @@ python () {
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "b2e35e842864b87c1b081e27327799f9e0d2ac97"
-SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
+SRCREV_machine ?= "c705bb899d37bbd61a87a2f850e4d6f04613a908"
+SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
-LINUX_VERSION ?= "5.4.242"
+LINUX_VERSION ?= "5.4.243"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
index 31a1ee783b..c3d4ff4608 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig"
 
 require recipes-kernel/linux/linux-yocto.inc
 
-LINUX_VERSION ?= "5.4.242"
+LINUX_VERSION ?= "5.4.243"
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native"
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine_qemuarm ?= "1091132f5b9b1f56bbd6b408a2d3652aeb1b5405"
-SRCREV_machine ?= "98224933ef9fd6b6f600c27037d7c59c3af2aab2"
-SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
+SRCREV_machine_qemuarm ?= "140d4ff6bab1e5959377d4974ade490c837ef9cc"
+SRCREV_machine ?= "66990885cd865944a093b47ee7164ef2838f75a3"
+SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
 
 PV = "${LINUX_VERSION}+git${SRCPV}"
 
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
index e606bb4c73..c361f0c701 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb
@@ -12,16 +12,16 @@ KBRANCH_qemux86  ?= "v5.4/standard/base"
 KBRANCH_qemux86-64 ?= "v5.4/standard/base"
 KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64"
 
-SRCREV_machine_qemuarm ?= "210301f79471a6b8bbd8ce7da56f19f34beacf1d"
-SRCREV_machine_qemuarm64 ?= "78a9e72b8046e89a23e44e8f3ad79ded96484237"
-SRCREV_machine_qemumips ?= "d71f42f88b7b8fb09b722d269e140edf465af454"
-SRCREV_machine_qemuppc ?= "2144b992dd135ca0ffe168d112d99d48a2896b98"
-SRCREV_machine_qemuriscv64 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
-SRCREV_machine_qemux86 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
-SRCREV_machine_qemux86-64 ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
-SRCREV_machine_qemumips64 ?= "8e77596aadf62832d1a8bc307dab9598ce6a85d1"
-SRCREV_machine ?= "37cd360d09d440f38d15efcd9f2a57ab9d3a10b7"
-SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767"
+SRCREV_machine_qemuarm ?= "3c105623bdba36118195e9c188d728edcc00345a"
+SRCREV_machine_qemuarm64 ?= "993c666984249097d093ee71eb3dffa0844fef6c"
+SRCREV_machine_qemumips ?= "2469bc35f1c2ef5ab2e85b7b705b32e33c6350c7"
+SRCREV_machine_qemuppc ?= "98229034b888ad319d7d030d279381a671c41dc0"
+SRCREV_machine_qemuriscv64 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
+SRCREV_machine_qemux86 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
+SRCREV_machine_qemux86-64 ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
+SRCREV_machine_qemumips64 ?= "fb1936fa93be6bfd1b18cd8568cfc5b279904fa5"
+SRCREV_machine ?= "ba7e46214a9d60247170245cc09e2e1faf6622a1"
+SRCREV_meta ?= "c7d5b73674d53f51772862b951d8cc56683ef04f"
 
 # remap qemuarm to qemuarma15 for the 5.4 kernel
 # KMACHINE_qemuarm ?= "qemuarma15"
@@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
            git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814"
-LINUX_VERSION ?= "5.4.242"
+LINUX_VERSION ?= "5.4.243"
 
 DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
 DEPENDS += "openssl-native util-linux-native"
-- 
2.34.1

[OE-core][dunfell 11/11] openssh: Move sshdgenkeys.service to sshd.socket

[Steve Sakoman]

From: Alex Kiernan <alex.kiernan@gmail.com>

sshd.socket launches the templated sshd@.service, so by moving the
sshdgenkeys.service to sshd.socket, key generation can start in advance
of a connection.

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af38a39b4bed9e43c5075008be47ca72191a489e)
Signed-off-by: Jermain Horsman <jermain.horsman@nedap.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/openssh/openssh/sshd.socket   | 1 +
 meta/recipes-connectivity/openssh/openssh/sshd@.service | 2 --
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.socket b/meta/recipes-connectivity/openssh/openssh/sshd.socket
index 12c39b26b5..8d76d62309 100644
--- a/meta/recipes-connectivity/openssh/openssh/sshd.socket
+++ b/meta/recipes-connectivity/openssh/openssh/sshd.socket
@@ -1,5 +1,6 @@
 [Unit]
 Conflicts=sshd.service
+Wants=sshdgenkeys.service
 
 [Socket]
 ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd
diff --git a/meta/recipes-connectivity/openssh/openssh/sshd@.service b/meta/recipes-connectivity/openssh/openssh/sshd@.service
index 9d83dfb2bb..422450c7a1 100644
--- a/meta/recipes-connectivity/openssh/openssh/sshd@.service
+++ b/meta/recipes-connectivity/openssh/openssh/sshd@.service
@@ -1,13 +1,11 @@
 [Unit]
 Description=OpenSSH Per-Connection Daemon
-Wants=sshdgenkeys.service
 After=sshdgenkeys.service
 
 [Service]
 Environment="SSHD_OPTS="
 EnvironmentFile=-/etc/default/ssh
 ExecStart=-@SBINDIR@/sshd -i $SSHD_OPTS
-ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID
 StandardInput=socket
 StandardError=syslog
 KillMode=process
-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Thursday, October 12.

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6026

The following changes since commit 9a800a2e2c2b14eab8c1f83cb4ac3b94a70dd23c:

  glibc: Fix CVE-2023-4911 "Looney Tunables" (2023-10-05 13:10:56 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Hitendra Prajapati (1):
  xdg-utils: Fix CVE-2022-4055

Julian Haller (2):
  dbus: Backport fix for CVE-2023-34969
  dbus: Add missing CVE_PRODUCT

Marek Vasut (2):
  busybox: Backport CVE-2022-48174 fix
  cpio: Replace fix wrong CRC with ASCII CRC for large files with
    upstream backport

Shinu Chandran (1):
  libpcre2 : Follow up fix CVE-2022-1586

Shubham Kulkarni (1):
  go: Update fix for CVE-2023-24538 & CVE-2023-39318

Sourav Pramanik (1):
  openssl: Upgrade 1.1.1v -> 1.1.1w

Vijay Anusuri (3):
  cups: Backport fix for CVE-2023-32360 and CVE-2023-4504
  gawk: backport Debian patch to fix CVE-2023-4156
  ghostscript: Backport fix CVE-2023-43115

 .../{openssl_1.1.1v.bb => openssl_1.1.1w.bb}  |   2 +-
 .../busybox/busybox/CVE-2022-48174.patch      |  82 +++
 meta/recipes-core/busybox/busybox_1.31.1.bb   |   1 +
 meta/recipes-core/dbus/dbus.inc               |   3 +
 .../dbus/dbus/CVE-2023-34969.patch            |  96 +++
 meta/recipes-devtools/go/go-1.14.inc          |   5 +-
 .../go/go-1.14/CVE-2023-24538-1.patch         |   4 +-
 .../go/go-1.14/CVE-2023-24538-2.patch         | 447 ++++++++++++-
 .../go/go-1.14/CVE-2023-24538_3.patch         | 393 ++++++++++++
 .../go/go-1.14/CVE-2023-24538_4.patch         | 497 +++++++++++++++
 .../go/go-1.14/CVE-2023-24538_5.patch         | 585 ++++++++++++++++++
 ...3-24538-3.patch => CVE-2023-24538_6.patch} | 175 +++++-
 .../go/go-1.14/CVE-2023-39318.patch           |  38 +-
 ...g-CRC-with-ASCII-CRC-for-large-files.patch |  39 --
 ...-calculation-of-CRC-in-copy-out-mode.patch |  58 ++
 ...appending-to-archives-bigger-than-2G.patch | 312 ++++++++++
 meta/recipes-extended/cpio/cpio_2.13.bb       |   3 +-
 meta/recipes-extended/cups/cups.inc           |   2 +
 .../cups/cups/CVE-2023-32360.patch            |  31 +
 .../cups/cups/CVE-2023-4504.patch             |  40 ++
 .../gawk/gawk/CVE-2023-4156.patch             |  28 +
 meta/recipes-extended/gawk/gawk_5.0.1.bb      |   1 +
 .../ghostscript/CVE-2023-43115.patch          |  62 ++
 .../ghostscript/ghostscript_9.52.bb           |   1 +
 .../xdg-utils/xdg-utils/CVE-2022-4055.patch   | 165 +++++
 .../xdg-utils/xdg-utils_1.1.3.bb              |   1 +
 .../libpcre2/CVE-2022-1586-regression.patch   |  30 +
 .../recipes-support/libpcre/libpcre2_10.34.bb |   1 +
 28 files changed, 3041 insertions(+), 61 deletions(-)
 rename meta/recipes-connectivity/openssl/{openssl_1.1.1v.bb => openssl_1.1.1w.bb} (98%)
 create mode 100644 meta/recipes-core/busybox/busybox/CVE-2022-48174.patch
 create mode 100644 meta/recipes-core/dbus/dbus/CVE-2023-34969.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_3.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_4.patch
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24538_5.patch
 rename meta/recipes-devtools/go/go-1.14/{CVE-2023-24538-3.patch => CVE-2023-24538_6.patch} (53%)
 delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Wrong-CRC-with-ASCII-CRC-for-large-files.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0003-Fix-calculation-of-CRC-in-copy-out-mode.patch
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/0004-Fix-appending-to-archives-bigger-than-2G.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32360.patch
 create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-4504.patch
 create mode 100644 meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch
 create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-43115.patch
 create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586-regression.patch

-- 
2.34.1

[OE-core][dunfell 00/11] Patch review

[Steve Sakoman]

Please review this set of changes for dunfell and have comments back by
end of day Friday, December 8

Passed a-full on autobuilder:

https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6293

The following changes since commit 0764da7e3f1d71eb390e5eb8a9aa1323c24d1c19:

  vim: use upstream generated .po files (2023-11-28 12:31:43 -1000)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut
  http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut

Ashish Sharma (1):
  mdadm: Backport fix for CVE-2023-28938

Bruce Ashfield (3):
  linux-yocto/5.4: update to v5.4.258
  linux-yocto/5.4: update to v5.4.260
  linux-yocto/5.4: update to v5.4.262

Lee Chee Yang (2):
  epiphany: fix CVE-2022-29536
  qemu: ignore CVE-2021-20295 CVE-2023-2680

Steve Sakoman (1):
  cve-exclusion_5.4.inc: update for 5.4.262

Tim Orling (1):
  vim: upgrade 9.0.2068 -> 9.0.2130

Vivek Kumbhar (1):
  libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c

poojitha adireddy (2):
  binutils 2.34: Fix CVE-2021-46174
  binutils: Mark CVE-2022-47696 as patched

 .../binutils/binutils-2.34.inc                |  1 +
 .../binutils/binutils/CVE-2021-46174.patch    | 35 ++++++++
 .../binutils/binutils/CVE-2023-25588.patch    |  3 +
 meta/recipes-devtools/qemu/qemu.inc           |  7 ++
 .../mdadm/files/CVE-2023-28938.patch          | 80 +++++++++++++++++++
 meta/recipes-extended/mdadm/mdadm_4.1.bb      |  1 +
 .../recipes-gnome/epiphany/epiphany_3.34.4.bb |  1 +
 .../epiphany/files/CVE-2022-29536.patch       | 46 +++++++++++
 .../linux/cve-exclusion_5.4.inc               | 79 ++++++++++++++----
 .../linux/linux-yocto-rt_5.4.bb               |  6 +-
 .../linux/linux-yocto-tiny_5.4.bb             |  8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  | 22 ++---
 .../libsndfile1/CVE-2022-33065.patch          | 46 +++++++++++
 .../libsndfile/libsndfile1_1.0.28.bb          |  3 +-
 meta/recipes-support/vim/vim.inc              |  4 +-
 15 files changed, 306 insertions(+), 36 deletions(-)
 create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2021-46174.patch
 create mode 100644 meta/recipes-extended/mdadm/files/CVE-2023-28938.patch
 create mode 100644 meta/recipes-gnome/epiphany/files/CVE-2022-29536.patch
 create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065.patch

-- 
2.34.1