* [OE-core][kirkstone 01/18] openssh: fix CVE-2023-28531
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324 Steve Sakoman
` (17 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Chen Qi <Qi.Chen@windriver.com>
Backport patch to fix CVE-2023-28531.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...-destination-constraints-for-smartca.patch | 35 +++++++++++++++++++
.../openssh/openssh_8.9p1.bb | 1 +
2 files changed, 36 insertions(+)
create mode 100644 meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch
diff --git a/meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch b/meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch
new file mode 100644
index 0000000000..b4e7ce7ef6
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch
@@ -0,0 +1,35 @@
+From 91889b5a3e7554af474a21ce8e1ffd3eb1542f06 Mon Sep 17 00:00:00 2001
+From: "djm@openbsd.org" <djm@openbsd.org>
+Date: Thu, 9 Mar 2023 06:58:26 +0000
+Subject: [PATCH] upstream: include destination constraints for smartcard keys
+ too.
+
+Spotted by Luci Stanescu; ok deraadt@ markus@
+
+OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
+
+CVE: CVE-2023-28531
+
+Upstream-Status: Backport [54ac4ab2b53ce9fcb66b8250dee91c070e4167ed]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ authfd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/authfd.c b/authfd.c
+index 76e48aab..dca8e55b 100644
+--- a/authfd.c
++++ b/authfd.c
+@@ -665,7 +665,7 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
+ struct dest_constraint **dest_constraints, size_t ndest_constraints)
+ {
+ struct sshbuf *msg;
+- int r, constrained = (life || confirm);
++ int r, constrained = (life || confirm || dest_constraints);
+ u_char type;
+
+ if (add) {
+--
+2.37.1
+
diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
index 1d53c2488b..b403b355a6 100644
--- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb
@@ -27,6 +27,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://f107467179428a0e3ea9e4aa9738ac12ff02822d.patch \
file://0001-Default-to-not-using-sandbox-when-cross-compiling.patch \
file://7280401bdd77ca54be6867a154cc01e0d72612e0.patch \
+ file://0001-upstream-include-destination-constraints-for-smartca.patch \
"
SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 01/18] openssh: fix CVE-2023-28531 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-21 8:00 ` Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco)
2023-06-19 2:55 ` [OE-core][kirkstone 03/18] webkitgtk: fix CVE-2022-46691 Steve Sakoman
` (16 subsequent siblings)
18 siblings, 1 reply; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Sanjay Chitroda <schitrod@cisco.com>
OpenPrinting CUPS is an open source printing system. In versions 2.4.2
and prior, a heap buffer overflow vulnerability would allow a remote
attacker to launch a denial of service (DoS) attack. A buffer overflow
vulnerability in the function `format_log_line` could allow remote
attackers to cause a DoS on the affected system. Exploitation of the
vulnerability can be triggered when the configuration file `cupsd.conf`
sets the value of `loglevel `to `DEBUG`. No known patches or
workarounds exist at time of publication.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-32324
https://security-tracker.debian.org/tracker/CVE-2023-32324
Upstream Patch:
https://github.com/OpenPrinting/cups/commit/fd8bc2d32589
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-32324.patch | 36 +++++++++++++++++++
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 0acc5c575e..1b87d47a49 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -15,6 +15,7 @@ SRC_URI = "https://github.com/OpenPrinting/cups/releases/download/v${PV}/cups-${
file://0004-cups-fix-multilib-install-file-conflicts.patch \
file://volatiles.99_cups \
file://cups-volatiles.conf \
+ file://CVE-2023-32324.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/OpenPrinting/cups/releases"
diff --git a/meta/recipes-extended/cups/cups/CVE-2023-32324.patch b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
new file mode 100644
index 0000000000..40b89c9899
--- /dev/null
+++ b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
@@ -0,0 +1,36 @@
+From 07cbffd11107eed3aaf1c64e35552aec20f792da Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Thu, 1 Jun 2023 12:04:00 +0200
+Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes CVE-2023-32324)
+
+CVE: CVE-2023-32324
+Upstream-Status: Backport [https://github.com/OpenPrinting/cups/commit/fd8bc2d32589]
+
+(cherry picked from commit fd8bc2d32589d1fd91fe1c0521be2a7c0462109e)
+Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
+---
+ cups/string.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/cups/string.c b/cups/string.c
+index 93cdad19..6ef58515 100644
+--- a/cups/string.c
++++ b/cups/string.c
+@@ -1,6 +1,7 @@
+ /*
+ * String functions for CUPS.
+ *
++ * Copyright © 2023 by OpenPrinting.
+ * Copyright © 2007-2019 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products.
+ *
+@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
+ size_t srclen; /* Length of source string */
+
+
++ if (size == 0)
++ return (0);
++
+ /*
+ * Figure out how much room is needed...
+ */
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* RE: [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324
2023-06-19 2:55 ` [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324 Steve Sakoman
@ 2023-06-21 8:00 ` Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco)
2023-06-21 14:09 ` Steve Sakoman
0 siblings, 1 reply; 24+ messages in thread
From: Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco) @ 2023-06-21 8:00 UTC (permalink / raw)
To: Steve Sakoman, openembedded-core@lists.openembedded.org
Hi Steve,
CVE fix for cups package is accepted and merged on master.
https://github.com/openembedded/openembedded-core/commit/a4bdbc82f7e5cc9a5cb603cb720f09b0216b0a0e
Is there any comment for similar fix on kirkstone branch?
Thanks,
Sanjay
-----Original Message-----
From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Steve Sakoman
Sent: Monday, June 19, 2023 8:25 AM
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324
From: Sanjay Chitroda <schitrod@cisco.com>
OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-32324
https://security-tracker.debian.org/tracker/CVE-2023-32324
Upstream Patch:
https://github.com/OpenPrinting/cups/commit/fd8bc2d32589
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/cups/cups.inc | 1 +
.../cups/cups/CVE-2023-32324.patch | 36 +++++++++++++++++++
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 0acc5c575e..1b87d47a49 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -15,6 +15,7 @@ SRC_URI = "https://github.com/OpenPrinting/cups/releases/download/v${PV}/cups-${
file://0004-cups-fix-multilib-install-file-conflicts.patch \
file://volatiles.99_cups \
file://cups-volatiles.conf \
+ file://CVE-2023-32324.patch \
"
UPSTREAM_CHECK_URI = "https://github.com/OpenPrinting/cups/releases"
diff --git a/meta/recipes-extended/cups/cups/CVE-2023-32324.patch b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
new file mode 100644
index 0000000000..40b89c9899
--- /dev/null
+++ b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
@@ -0,0 +1,36 @@
+From 07cbffd11107eed3aaf1c64e35552aec20f792da Mon Sep 17 00:00:00 2001
+From: Zdenek Dohnal <zdohnal@redhat.com>
+Date: Thu, 1 Jun 2023 12:04:00 +0200
+Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes
+CVE-2023-32324)
+
+CVE: CVE-2023-32324
+Upstream-Status: Backport
+[https://github.com/OpenPrinting/cups/commit/fd8bc2d32589]
+
+(cherry picked from commit fd8bc2d32589d1fd91fe1c0521be2a7c0462109e)
+Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
+---
+ cups/string.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/cups/string.c b/cups/string.c index 93cdad19..6ef58515
+100644
+--- a/cups/string.c
++++ b/cups/string.c
+@@ -1,6 +1,7 @@
+ /*
+ * String functions for CUPS.
+ *
++ * Copyright © 2023 by OpenPrinting.
+ * Copyright © 2007-2019 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products.
+ *
+@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
+ size_t srclen; /* Length of source string */
+
+
++ if (size == 0)
++ return (0);
++
+ /*
+ * Figure out how much room is needed...
+ */
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* Re: [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324
2023-06-21 8:00 ` Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco)
@ 2023-06-21 14:09 ` Steve Sakoman
0 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-21 14:09 UTC (permalink / raw)
To: Sanjaykumar kantibhai Chitroda -X (schitrod - E-INFO CHIPS INC at Cisco)
Cc: openembedded-core@lists.openembedded.org
On Tue, Jun 20, 2023 at 10:00 PM Sanjaykumar kantibhai Chitroda -X
(schitrod - E-INFO CHIPS INC at Cisco) <schitrod@cisco.com> wrote:
>
> Hi Steve,
>
> CVE fix for cups package is accepted and merged on master.
> https://github.com/openembedded/openembedded-core/commit/a4bdbc82f7e5cc9a5cb603cb720f09b0216b0a0e
>
> Is there any comment for similar fix on kirkstone branch?
Hi Sanjay,
Also accepted and merged on kirkstone:
https://git.openembedded.org/openembedded-core/commit/?h=kirkstone&id=cf741646f41835024c7e53234cfd527ff3f8542b
Steve
> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Steve Sakoman
> Sent: Monday, June 19, 2023 8:25 AM
> To: openembedded-core@lists.openembedded.org
> Subject: [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324
>
> From: Sanjay Chitroda <schitrod@cisco.com>
>
> OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format_log_line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel `to `DEBUG`. No known patches or workarounds exist at time of publication.
>
> References:
> https://nvd.nist.gov/vuln/detail/CVE-2023-32324
> https://security-tracker.debian.org/tracker/CVE-2023-32324
>
> Upstream Patch:
> https://github.com/OpenPrinting/cups/commit/fd8bc2d32589
>
> Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
> ---
> meta/recipes-extended/cups/cups.inc | 1 +
> .../cups/cups/CVE-2023-32324.patch | 36 +++++++++++++++++++
> 2 files changed, 37 insertions(+)
> create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch
>
> diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
> index 0acc5c575e..1b87d47a49 100644
> --- a/meta/recipes-extended/cups/cups.inc
> +++ b/meta/recipes-extended/cups/cups.inc
> @@ -15,6 +15,7 @@ SRC_URI = "https://github.com/OpenPrinting/cups/releases/download/v${PV}/cups-${
> file://0004-cups-fix-multilib-install-file-conflicts.patch \
> file://volatiles.99_cups \
> file://cups-volatiles.conf \
> + file://CVE-2023-32324.patch \
> "
>
> UPSTREAM_CHECK_URI = "https://github.com/OpenPrinting/cups/releases"
> diff --git a/meta/recipes-extended/cups/cups/CVE-2023-32324.patch b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
> new file mode 100644
> index 0000000000..40b89c9899
> --- /dev/null
> +++ b/meta/recipes-extended/cups/cups/CVE-2023-32324.patch
> @@ -0,0 +1,36 @@
> +From 07cbffd11107eed3aaf1c64e35552aec20f792da Mon Sep 17 00:00:00 2001
> +From: Zdenek Dohnal <zdohnal@redhat.com>
> +Date: Thu, 1 Jun 2023 12:04:00 +0200
> +Subject: [PATCH] cups/string.c: Return if `size` is 0 (fixes
> +CVE-2023-32324)
> +
> +CVE: CVE-2023-32324
> +Upstream-Status: Backport
> +[https://github.com/OpenPrinting/cups/commit/fd8bc2d32589]
> +
> +(cherry picked from commit fd8bc2d32589d1fd91fe1c0521be2a7c0462109e)
> +Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
> +---
> + cups/string.c | 4 ++++
> + 1 file changed, 4 insertions(+)
> +
> +diff --git a/cups/string.c b/cups/string.c index 93cdad19..6ef58515
> +100644
> +--- a/cups/string.c
> ++++ b/cups/string.c
> +@@ -1,6 +1,7 @@
> + /*
> + * String functions for CUPS.
> + *
> ++ * Copyright © 2023 by OpenPrinting.
> + * Copyright © 2007-2019 by Apple Inc.
> + * Copyright © 1997-2007 by Easy Software Products.
> + *
> +@@ -730,6 +731,9 @@ _cups_strlcpy(char *dst, /* O - Destination string */
> + size_t srclen; /* Length of source string */
> +
> +
> ++ if (size == 0)
> ++ return (0);
> ++
> + /*
> + * Figure out how much room is needed...
> + */
> --
> 2.34.1
>
^ permalink raw reply [flat|nested] 24+ messages in thread
* [OE-core][kirkstone 03/18] webkitgtk: fix CVE-2022-46691
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 01/18] openssh: fix CVE-2023-28531 Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 02/18] cups: Fix CVE-2023-32324 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 04/18] webkitgtk: fix CVE-2022-46699 Steve Sakoman
` (15 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Yogita Urade <yogita.urade@windriver.com>
A memory consumption issue was addressed with improved memory handling.
This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS
15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing
maliciously crafted web content may lead to arbitrary code execution.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46691
https://support.apple.com/en-us/HT213531
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkit/webkitgtk/CVE-2022-46691.patch | 43 +++++++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch
diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch
new file mode 100644
index 0000000000..ff9df40433
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch
@@ -0,0 +1,43 @@
+From fd57a49d07c9c285780495344073350182fd7c7c Mon Sep 17 00:00:00 2001
+From: Yijia Huang <hyjorc1@gmail.com>
+Date: Mon, 10 Oct 2022 15:42:34 -0700
+Subject: [PATCH] [JSC] Should model BigInt with side effects
+ https://bugs.webkit.org/show_bug.cgi?id=246291 rdar://100494823
+
+Reviewed by Yusuke Suzuki.
+
+Operations with two BigInt operands have side effects,
+which should not be hoisted from loops.
+
+* Source/JavaScriptCore/dfg/DFGClobberize.cpp:
+(JSC::DFG::doesWrites):
+* Source/JavaScriptCore/dfg/DFGClobberize.h:
+(JSC::DFG::clobberize):
+
+Canonical link: https://commits.webkit.org/255368@main
+
+CVE: CVE-2022-46691
+
+Upstream-Status: Backport
+[https://github.com/WebKit/WebKit/commit/fd57a49d07c9c285780495344073350182fd7c7c]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ Source/JavaScriptCore/dfg/DFGClobberize.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/Source/JavaScriptCore/dfg/DFGClobberize.h b/Source/JavaScriptCore/dfg/DFGClobberize.h
+index 0363ab20dcd8..4b1bcfea1fd7 100644
+--- a/Source/JavaScriptCore/dfg/DFGClobberize.h
++++ b/Source/JavaScriptCore/dfg/DFGClobberize.h
+@@ -811,6 +811,8 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
+ case ValueBitRShift:
+ // FIXME: this use of single-argument isBinaryUseKind would prevent us from specializing (for example) for a HeapBigInt left-operand and a BigInt32 right-operand.
+ if (node->isBinaryUseKind(AnyBigIntUse) || node->isBinaryUseKind(BigInt32Use) || node->isBinaryUseKind(HeapBigIntUse)) {
++ read(World);
++ write(SideState);
+ def(PureValue(node));
+ return;
+ }
+--
+2.40.0
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
index 1dac4f5677..02258f84e4 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
@@ -17,6 +17,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BP}.tar.xz \
file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \
file://CVE-2022-32888.patch \
file://CVE-2022-32923.patch \
+ file://CVE-2022-46691.patch \
"
SRC_URI[sha256sum] = "0ad9fb6bf28308fe3889faf184bd179d13ac1b46835d2136edbab2c133d00437"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 04/18] webkitgtk: fix CVE-2022-46699
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (2 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 03/18] webkitgtk: fix CVE-2022-46691 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 05/18] webkitgtk: fix CVE-2022-42867 Steve Sakoman
` (14 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Yogita Urade <yogita.urade@windriver.com>
A memory corruption issue was addressed with improved state management.
This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS
16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web
content may lead to arbitrary code execution.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46699
https://support.apple.com/en-us/HT213537
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkit/webkitgtk/CVE-2022-46699.patch | 136 ++++++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
2 files changed, 137 insertions(+)
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch
diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch
new file mode 100644
index 0000000000..0752b9c0e2
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch
@@ -0,0 +1,136 @@
+From 28686e63de0d3d7270a49b0d6b656467bc4fbf68 Mon Sep 17 00:00:00 2001
+From: Justin Michaud <justin_michaud@apple.com>
+Date: Wed, 9 Nov 2022 19:20:41 -0800
+Subject: [PATCH] Error() ICs should not cache special properties.
+ https://bugs.webkit.org/show_bug.cgi?id=247699
+
+Reviewed by Yusuke Suzuki.
+
+HasOwnProperty/DeleteProperty are not always cacheable for special Error()
+properties like column. These special properties are materialized on-demand
+in materializeErrorInfoIfNeeded, but this function's behaviour can be changed
+by Error.stackTraceLimit without causing a structure transition or firing watchpoints.
+
+That is, we cannot cache property misses, and we cannot assume HasOwnProperty is deterministic
+for a given structure if we are using one of these properties.
+
+* Source/JavaScriptCore/runtime/ErrorInstance.cpp:
+(JSC::ErrorInstance::deleteProperty):
+* Source/JavaScriptCore/runtime/ErrorInstance.h:
+
+Canonical link: https://commits.webkit.org/256519@main
+
+CVE: CVE-2022-46699
+
+Upstream-Status: Backport
+[https://github.com/WebKit/WebKit/commit/28686e63de0d3d7270a49b0d6b656467bc4fbf68]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ JSTests/stress/delete-cache-error.js | 19 ++++++++++++++++++
+ .../get-own-property-slot-cache-error.js | 6 ++++++
+ JSTests/stress/get-property-cache-error.js | 20 +++++++++++++++++++
+ .../JavaScriptCore/runtime/ErrorInstance.cpp | 4 +++-
+ Source/JavaScriptCore/runtime/ErrorInstance.h | 3 ++-
+ 5 files changed, 50 insertions(+), 2 deletions(-)
+ create mode 100644 JSTests/stress/delete-cache-error.js
+ create mode 100644 JSTests/stress/get-own-property-slot-cache-error.js
+ create mode 100644 JSTests/stress/get-property-cache-error.js
+
+diff --git a/JSTests/stress/delete-cache-error.js b/JSTests/stress/delete-cache-error.js
+new file mode 100644
+index 000000000000..d77c09185a13
+--- /dev/null
++++ b/JSTests/stress/delete-cache-error.js
+@@ -0,0 +1,19 @@
++delete Error.stackTraceLimit
++
++// sourceURL is not materialized
++function cacheColumn(o) {
++ delete o.sourceURL
++}
++noInline(cacheColumn)
++
++for (let i = 0; i < 200; ++i) {
++ let e = Error()
++ cacheColumn(e)
++ if (e.sourceURL !== undefined)
++ throw "Test failed on iteration " + i + " " + e.sourceURL
++
++ if (i == 197) {
++ // now it is
++ Error.stackTraceLimit = 10
++ }
++}
+\ No newline at end of file
+diff --git a/JSTests/stress/get-own-property-slot-cache-error.js b/JSTests/stress/get-own-property-slot-cache-error.js
+new file mode 100644
+index 000000000000..f8202213bf79
+--- /dev/null
++++ b/JSTests/stress/get-own-property-slot-cache-error.js
+@@ -0,0 +1,6 @@
++delete Error.stackTraceLimit
++// GetOwnPropertySlot does not materializeErrorInfoIfNeeded because stackString is null.
++Object.hasOwn(Error(), "column")
++Error.stackTraceLimit = 10
++// Now it does
++Object.hasOwn(Error(), "column")
+\ No newline at end of file
+diff --git a/JSTests/stress/get-property-cache-error.js b/JSTests/stress/get-property-cache-error.js
+new file mode 100644
+index 000000000000..b35272ea6fe2
+--- /dev/null
++++ b/JSTests/stress/get-property-cache-error.js
+@@ -0,0 +1,20 @@
++// GetOwnPropertySlot does not materializeErrorInfoIfNeeded because stackString is null.
++delete Error.stackTraceLimit
++expected = undefined
++
++function cacheColumn(o) {
++ return o.column
++}
++noInline(cacheColumn)
++
++for (let i = 0; i < 1000; ++i) {
++ let val = cacheColumn(Error())
++ if (val !== expected)
++ throw "Test failed on iteration " + i + ": " + val
++
++ if (i == 900) {
++ // now it does
++ Error.stackTraceLimit = 10
++ expected = 32
++ }
++}
+\ No newline at end of file
+diff --git a/Source/JavaScriptCore/runtime/ErrorInstance.cpp b/Source/JavaScriptCore/runtime/ErrorInstance.cpp
+index ddf96869e84a..8e5373257d34 100644
+--- a/Source/JavaScriptCore/runtime/ErrorInstance.cpp
++++ b/Source/JavaScriptCore/runtime/ErrorInstance.cpp
+@@ -303,7 +303,9 @@ bool ErrorInstance::deleteProperty(JSCell* cell, JSGlobalObject* globalObject, P
+ {
+ VM& vm = globalObject->vm();
+ ErrorInstance* thisObject = jsCast<ErrorInstance*>(cell);
+- thisObject->materializeErrorInfoIfNeeded(vm, propertyName);
++ bool materializedProperties = thisObject->materializeErrorInfoIfNeeded(vm, propertyName);
++ if (materializedProperties)
++ slot.disableCaching();
+ return Base::deleteProperty(thisObject, globalObject, propertyName, slot);
+ }
+
+diff --git a/Source/JavaScriptCore/runtime/ErrorInstance.h b/Source/JavaScriptCore/runtime/ErrorInstance.h
+index 28807b4ea33e..2afb153a7442 100644
+--- a/Source/JavaScriptCore/runtime/ErrorInstance.h
++++ b/Source/JavaScriptCore/runtime/ErrorInstance.h
+@@ -30,7 +30,8 @@ namespace JSC {
+ class ErrorInstance : public JSNonFinalObject {
+ public:
+ using Base = JSNonFinalObject;
+- static constexpr unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | OverridesGetOwnSpecialPropertyNames | OverridesPut;
++
++ static constexpr unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | OverridesGetOwnSpecialPropertyNames | OverridesPut | GetOwnPropertySlotIsImpureForPropertyAbsence;
+ static constexpr bool needsDestruction = true;
+
+ static void destroy(JSCell* cell)
+--
+2.40.0
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
index 02258f84e4..8f6514a82b 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
@@ -18,6 +18,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BP}.tar.xz \
file://CVE-2022-32888.patch \
file://CVE-2022-32923.patch \
file://CVE-2022-46691.patch \
+ file://CVE-2022-46699.patch \
"
SRC_URI[sha256sum] = "0ad9fb6bf28308fe3889faf184bd179d13ac1b46835d2136edbab2c133d00437"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 05/18] webkitgtk: fix CVE-2022-42867
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (3 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 04/18] webkitgtk: fix CVE-2022-46699 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 06/18] webkitgtk: fix CVE-2022-46700 Steve Sakoman
` (13 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Yogita Urade <yogita.urade@windriver.com>
A use after free issue was addressed with improved memory management.
This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS
16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web
content may lead to arbitrary code execution.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-42867
https://support.apple.com/en-us/HT213537
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkit/webkitgtk/CVE-2022-42867.patch | 104 ++++++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
2 files changed, 105 insertions(+)
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch
diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch
new file mode 100644
index 0000000000..bf06809051
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch
@@ -0,0 +1,104 @@
+From f67a882170609d15836204a689dc552322fbe653 Mon Sep 17 00:00:00 2001
+From: Yogita Urade <yogita.urade@windriver.com>
+Date: Wed, 7 Jun 2023 08:15:11 +0000
+Subject: [oe-core][kirkstone][PATCH 1/1] RenderElement::updateFillImages
+ should take pointer arguments like other similar functions
+ https://bugs.webkit.org/show_bug.cgi?id=247317 rdar://100273147
+
+Reviewed by Alan Baradlay.
+
+* Source/WebCore/rendering/RenderElement.cpp:
+(WebCore::RenderElement::updateFillImages):
+(WebCore::RenderElement::styleDidChange):
+* Source/WebCore/rendering/RenderElement.h:
+
+Canonical link: https://commits.webkit.org/256215@main
+
+CVE: CVE-2022-42867
+
+Upstream-Status: Backport
+[https://github.com/WebKit/WebKit/commit/091a04e55c801ac6ba13f4b328fbee2eece853fc]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ Source/WebCore/rendering/RenderElement.cpp | 27 ++++++++++++++--------
+ Source/WebCore/rendering/RenderElement.h | 2 +-
+ 2 files changed, 19 insertions(+), 10 deletions(-)
+
+diff --git a/Source/WebCore/rendering/RenderElement.cpp b/Source/WebCore/rendering/RenderElement.cpp
+index da43bf3d..931686b8 100644
+--- a/Source/WebCore/rendering/RenderElement.cpp
++++ b/Source/WebCore/rendering/RenderElement.cpp
+@@ -358,7 +358,7 @@ inline bool RenderElement::shouldRepaintForStyleDifference(StyleDifference diff)
+ return diff == StyleDifference::Repaint || (diff == StyleDifference::RepaintIfTextOrBorderOrOutline && hasImmediateNonWhitespaceTextChildOrBorderOrOutline());
+ }
+
+-void RenderElement::updateFillImages(const FillLayer* oldLayers, const FillLayer& newLayers)
++void RenderElement::updateFillImages(const FillLayer* oldLayers, const FillLayer* newLayers)
+ {
+ auto fillImagesAreIdentical = [](const FillLayer* layer1, const FillLayer* layer2) -> bool {
+ if (layer1 == layer2)
+@@ -379,7 +379,7 @@ void RenderElement::updateFillImages(const FillLayer* oldLayers, const FillLayer
+ };
+
+ auto isRegisteredWithNewFillImages = [&]() -> bool {
+- for (auto* layer = &newLayers; layer; layer = layer->next()) {
++ for (auto* layer = newLayers; layer; layer = layer->next()) {
+ if (layer->image() && !layer->image()->hasClient(*this))
+ return false;
+ }
+@@ -388,11 +388,11 @@ void RenderElement::updateFillImages(const FillLayer* oldLayers, const FillLayer
+
+ // If images have the same characteristics and this element is already registered as a
+ // client to the new images, there is nothing to do.
+- if (fillImagesAreIdentical(oldLayers, &newLayers) && isRegisteredWithNewFillImages())
++ if (fillImagesAreIdentical(oldLayers, newLayers) && isRegisteredWithNewFillImages())
+ return;
+
+ // Add before removing, to avoid removing all clients of an image that is in both sets.
+- for (auto* layer = &newLayers; layer; layer = layer->next()) {
++ for (auto* layer = newLayers; layer; layer = layer->next()) {
+ if (layer->image())
+ layer->image()->addClient(*this);
+ }
+@@ -937,11 +937,20 @@ static inline bool areCursorsEqual(const RenderStyle* a, const RenderStyle* b)
+
+ void RenderElement::styleDidChange(StyleDifference diff, const RenderStyle* oldStyle)
+ {
+- updateFillImages(oldStyle ? &oldStyle->backgroundLayers() : nullptr, m_style.backgroundLayers());
+- updateFillImages(oldStyle ? &oldStyle->maskLayers() : nullptr, m_style.maskLayers());
+- updateImage(oldStyle ? oldStyle->borderImage().image() : nullptr, m_style.borderImage().image());
+- updateImage(oldStyle ? oldStyle->maskBoxImage().image() : nullptr, m_style.maskBoxImage().image());
+- updateShapeImage(oldStyle ? oldStyle->shapeOutside() : nullptr, m_style.shapeOutside());
++ auto registerImages = [this](auto* style, auto* oldStyle) {
++ if (!style && !oldStyle)
++ return;
++ updateFillImages(oldStyle ? &oldStyle->backgroundLayers() : nullptr, style ? &style->backgroundLayers() : nullptr);
++ updateFillImages(oldStyle ? &oldStyle->maskLayers() : nullptr, style ? &style->maskLayers() : nullptr);
++ updateImage(oldStyle ? oldStyle->borderImage().image() : nullptr, style ? style->borderImage().image() : nullptr);
++ updateImage(oldStyle ? oldStyle->maskBoxImage().image() : nullptr, style ? style->maskBoxImage().image() : nullptr);
++ updateShapeImage(oldStyle ? oldStyle->shapeOutside() : nullptr, style ? style->shapeOutside() : nullptr);
++ };
++
++ registerImages(&style(), oldStyle);
++
++ // Are there other pseudo-elements that need the resources to be registered?
++ registerImages(style().getCachedPseudoStyle(PseudoId::FirstLine), oldStyle ? oldStyle->getCachedPseudoStyle(PseudoId::FirstLine) : nullptr);
+
+ SVGRenderSupport::styleChanged(*this, oldStyle);
+
+diff --git a/Source/WebCore/rendering/RenderElement.h b/Source/WebCore/rendering/RenderElement.h
+index f376cecb..d6ba2cdf 100644
+--- a/Source/WebCore/rendering/RenderElement.h
++++ b/Source/WebCore/rendering/RenderElement.h
+@@ -349,7 +349,7 @@ private:
+ bool shouldRepaintForStyleDifference(StyleDifference) const;
+ bool hasImmediateNonWhitespaceTextChildOrBorderOrOutline() const;
+
+- void updateFillImages(const FillLayer*, const FillLayer&);
++ void updateFillImages(const FillLayer*, const FillLayer*);
+ void updateImage(StyleImage*, StyleImage*);
+ void updateShapeImage(const ShapeValue*, const ShapeValue*);
+
+--
+2.35.5
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
index 8f6514a82b..062f209932 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
@@ -19,6 +19,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BP}.tar.xz \
file://CVE-2022-32923.patch \
file://CVE-2022-46691.patch \
file://CVE-2022-46699.patch \
+ file://CVE-2022-42867.patch \
"
SRC_URI[sha256sum] = "0ad9fb6bf28308fe3889faf184bd179d13ac1b46835d2136edbab2c133d00437"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 06/18] webkitgtk: fix CVE-2022-46700
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (4 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 05/18] webkitgtk: fix CVE-2022-42867 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 07/18] cve-update-nvd2-native: new CVE database fetcher Steve Sakoman
` (12 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Yogita Urade <yogita.urade@windriver.com>
A memory corruption issue was addressed with improved input validation.
This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS
15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing
maliciously crafted web content may lead to arbitrary code execution.
References:
https://support.apple.com/en-us/HT213531
https://bugs.webkit.org/show_bug.cgi?id=247562
https://github.com/WebKit/WebKit/pull/6266
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkit/webkitgtk/CVE-2022-46700.patch | 67 +++++++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 +
2 files changed, 68 insertions(+)
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch
diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch
new file mode 100644
index 0000000000..242b8337fa
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch
@@ -0,0 +1,67 @@
+From 86fbeb6fcd638e2350b09a43dde355f9830e75da Mon Sep 17 00:00:00 2001
+From: David Degazio <d_degazio@apple.com>
+Date: Tue, 8 Nov 2022 19:54:33 -0800
+Subject: [PATCH] Intl.Locale.prototype.hourCycles leaks empty JSValue to
+ script https://bugs.webkit.org/show_bug.cgi?id=247562 rdar://102031379
+
+Reviewed by Mark Lam.
+
+We currently don't check if IntlLocale::hourCycles returns a null JSArray, which allows it
+to be encoded as an empty JSValue and exposed to user code. This patch throws a TypeError
+when udatpg_open returns a failed status.
+
+* JSTests/stress/intl-locale-invalid-hourCycles.js: Added.
+(main):
+* Source/JavaScriptCore/runtime/IntlLocale.cpp:
+(JSC::IntlLocale::hourCycles):
+
+Canonical link: https://commits.webkit.org/256473@main
+
+CVE:CVE-2022-46700
+
+Upstream-Status: Backport
+[https://github.com/WebKit/WebKit/commit/86fbeb6fcd638e2350b09a43dde355f9830e75da]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ JSTests/stress/intl-locale-invalid-hourCycles.js | 12 ++++++++++++
+ Source/JavaScriptCore/runtime/IntlLocale.cpp | 4 +++-
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+ create mode 100644 JSTests/stress/intl-locale-invalid-hourCycles.js
+
+diff --git a/JSTests/stress/intl-locale-invalid-hourCycles.js b/JSTests/stress/intl-locale-invalid-hourCycles.js
+new file mode 100644
+index 000000000000..7b94eb844764
+--- /dev/null
++++ b/JSTests/stress/intl-locale-invalid-hourCycles.js
+@@ -0,0 +1,12 @@
++function main() {
++ const v24 = new Intl.Locale("trimEnd", { 'numberingSystem': "foobar" });
++ let empty = v24.hourCycles;
++ print(empty);
++}
++
++try {
++ main();
++} catch (e) {
++ if (!(e instanceof TypeError))
++ throw e;
++}
+diff --git a/Source/JavaScriptCore/runtime/IntlLocale.cpp b/Source/JavaScriptCore/runtime/IntlLocale.cpp
+index c3c346163a18..bef424727a8a 100644
+--- a/Source/JavaScriptCore/runtime/IntlLocale.cpp
++++ b/Source/JavaScriptCore/runtime/IntlLocale.cpp
+@@ -632,8 +632,10 @@ JSArray* IntlLocale::hourCycles(JSGlobalObject* globalObject)
+
+ UErrorCode status = U_ZERO_ERROR;
+ auto generator = std::unique_ptr<UDateTimePatternGenerator, ICUDeleter<udatpg_close>>(udatpg_open(m_localeID.data(), &status));
+- if (U_FAILURE(status))
++ if (U_FAILURE(status)) {
++ throwTypeError(globalObject, scope, "invalid locale"_s);
+ return nullptr;
++ }
+
+ // Use "j" skeleton and parse pattern to retrieve the configured hour-cycle information.
+ constexpr const UChar skeleton[] = { 'j', 0 };
+--
+2.40.0
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
index 062f209932..edd64b7b11 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb
@@ -20,6 +20,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BP}.tar.xz \
file://CVE-2022-46691.patch \
file://CVE-2022-46699.patch \
file://CVE-2022-42867.patch \
+ file://CVE-2022-46700.patch \
"
SRC_URI[sha256sum] = "0ad9fb6bf28308fe3889faf184bd179d13ac1b46835d2136edbab2c133d00437"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 07/18] cve-update-nvd2-native: new CVE database fetcher
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (5 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 06/18] webkitgtk: fix CVE-2022-46700 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 08/18] cve-update-nvd2-native: added the missing http import Steve Sakoman
` (11 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Marta Rybczynska <rybczynska@gmail.com>
Add new fetcher for the NVD database using the 2.0 API [1].
The implementation changes as little as possible, keeping the current
database format (but using a different database file for the transition
period), with a notable exception of not using the META table.
Minor changes that could be visible:
- the database starts in 1999 instead of 2002
- the complete fetch is longer (30 minutes typically)
[1] https://nvd.nist.gov/developers/vulnerabilities
Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit fb62c4c3dbca4e58f7ce6cf29d4b630a06411a97)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/cve-check.bbclass | 4 +-
.../meta/cve-update-nvd2-native.bb | 333 ++++++++++++++++++
2 files changed, 335 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/meta/cve-update-nvd2-native.bb
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 3c922b27af..494fa03ec1 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -26,7 +26,7 @@ CVE_PRODUCT ??= "${BPN}"
CVE_VERSION ??= "${PV}"
CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
-CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db"
+CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db"
CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock"
CVE_CHECK_LOG ?= "${T}/cve.log"
@@ -155,7 +155,7 @@ python do_cve_check () {
}
addtask cve_check before do_build
-do_cve_check[depends] = "cve-update-db-native:do_fetch"
+do_cve_check[depends] = "cve-update-nvd2-native:do_fetch"
do_cve_check[nostamp] = "1"
python cve_check_cleanup () {
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
new file mode 100644
index 0000000000..1c14481c21
--- /dev/null
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -0,0 +1,333 @@
+SUMMARY = "Updates the NVD CVE database"
+LICENSE = "MIT"
+
+# Important note:
+# This product uses the NVD API but is not endorsed or certified by the NVD.
+
+INHIBIT_DEFAULT_DEPS = "1"
+
+inherit native
+
+deltask do_unpack
+deltask do_patch
+deltask do_configure
+deltask do_compile
+deltask do_install
+deltask do_populate_sysroot
+
+NVDCVE_URL ?= "https://services.nvd.nist.gov/rest/json/cves/2.0"
+
+# CVE database update interval, in seconds. By default: once a day (24*60*60).
+# Use 0 to force the update
+# Use a negative value to skip the update
+CVE_DB_UPDATE_INTERVAL ?= "86400"
+
+# Timeout for blocking socket operations, such as the connection attempt.
+CVE_SOCKET_TIMEOUT ?= "60"
+
+CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DIR}/temp_nvdcve_2.db"
+
+CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db"
+
+python () {
+ if not bb.data.inherits_class("cve-check", d):
+ raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.")
+}
+
+python do_fetch() {
+ """
+ Update NVD database with API 2.0
+ """
+ import bb.utils
+ import bb.progress
+ import shutil
+
+ bb.utils.export_proxies(d)
+
+ db_file = d.getVar("CVE_CHECK_DB_FILE")
+ db_dir = os.path.dirname(db_file)
+ db_tmp_file = d.getVar("CVE_DB_TEMP_FILE")
+
+ cleanup_db_download(db_file, db_tmp_file)
+ # By default let's update the whole database (since time 0)
+ database_time = 0
+
+ # The NVD database changes once a day, so no need to update more frequently
+ # Allow the user to force-update
+ try:
+ import time
+ update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL"))
+ if update_interval < 0:
+ bb.note("CVE database update skipped")
+ return
+ if time.time() - os.path.getmtime(db_file) < update_interval:
+ bb.note("CVE database recently updated, skipping")
+ return
+ database_time = os.path.getmtime(db_file)
+
+ except OSError:
+ pass
+
+ bb.utils.mkdirhier(db_dir)
+ if os.path.exists(db_file):
+ shutil.copy2(db_file, db_tmp_file)
+
+ if update_db_file(db_tmp_file, d, database_time) == True:
+ # Update downloaded correctly, can swap files
+ shutil.move(db_tmp_file, db_file)
+ else:
+ # Update failed, do not modify the database
+ bb.warn("CVE database update failed")
+ os.remove(db_tmp_file)
+}
+
+do_fetch[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
+do_fetch[file-checksums] = ""
+do_fetch[vardeps] = ""
+
+def cleanup_db_download(db_file, db_tmp_file):
+ """
+ Cleanup the download space from possible failed downloads
+ """
+
+ # Clean up the updates done on the main file
+ # Remove it only if a journal file exists - it means a complete re-download
+ if os.path.exists("{0}-journal".format(db_file)):
+ # If a journal is present the last update might have been interrupted. In that case,
+ # just wipe any leftovers and force the DB to be recreated.
+ os.remove("{0}-journal".format(db_file))
+
+ if os.path.exists(db_file):
+ os.remove(db_file)
+
+ # Clean-up the temporary file downloads, we can remove both journal
+ # and the temporary database
+ if os.path.exists("{0}-journal".format(db_tmp_file)):
+ # If a journal is present the last update might have been interrupted. In that case,
+ # just wipe any leftovers and force the DB to be recreated.
+ os.remove("{0}-journal".format(db_tmp_file))
+
+ if os.path.exists(db_tmp_file):
+ os.remove(db_tmp_file)
+
+def nvd_request_next(url, api_key, args):
+ """
+ Request next part of the NVD dabase
+ """
+
+ import urllib.request
+ import urllib.parse
+ import gzip
+
+ headers = {}
+ if api_key:
+ headers['apiKey'] = api_key
+
+ data = urllib.parse.urlencode(args)
+
+ full_request = url + '?' + data
+
+ for attempt in range(3):
+ try:
+ r = urllib.request.urlopen(full_request)
+
+ if (r.headers['content-encoding'] == 'gzip'):
+ buf = r.read()
+ raw_data = gzip.decompress(buf)
+ else:
+ raw_data = r.read().decode("utf-8")
+
+ r.close()
+
+ except UnicodeDecodeError:
+ # Received garbage, retry
+ bb.debug(2, "CVE database: received malformed data, retrying (request: %s)" %(full_request))
+ pass
+ except http.client.IncompleteRead:
+ # Read incomplete, let's try again
+ bb.debug(2, "CVE database: received incomplete data, retrying (request: %s)" %(full_request))
+ pass
+ else:
+ return raw_data
+ else:
+ # We failed at all attempts
+ return None
+
+def update_db_file(db_tmp_file, d, database_time):
+ """
+ Update the given database file
+ """
+ import bb.utils, bb.progress
+ import datetime
+ import sqlite3
+ import json
+
+ # Connect to database
+ conn = sqlite3.connect(db_tmp_file)
+ initialize_db(conn)
+
+ req_args = {'startIndex' : 0}
+
+ # The maximum range for time is 120 days
+ # Force a complete update if our range is longer
+ if (database_time != 0):
+ database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time())
+ today_date = datetime.datetime.combine(datetime.date.today(), datetime.time())
+ delta = today_date - database_date
+ if delta.days < 120:
+ bb.debug(2, "CVE database: performing partial update")
+ req_args['lastModStartDate'] = database_date.isoformat()
+ req_args['lastModEndDate'] = today_date.isoformat()
+ else:
+ bb.note("CVE database: file too old, forcing a full update")
+
+ with bb.progress.ProgressHandler(d) as ph, open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') as cve_f:
+
+ bb.debug(2, "Updating entries")
+ index = 0
+ url = d.getVar("NVDCVE_URL")
+ while True:
+ req_args['startIndex'] = index
+ raw_data = nvd_request_next(url, None, req_args)
+ if raw_data is None:
+ # We haven't managed to download data
+ return False
+
+ data = json.loads(raw_data)
+
+ index = data["startIndex"]
+ total = data["totalResults"]
+ per_page = data["resultsPerPage"]
+
+ for cve in data["vulnerabilities"]:
+ update_db(conn, cve)
+
+ index += per_page
+ ph.update((float(index) / (total+1)) * 100)
+ if index >= total:
+ break
+
+ # Recommended by NVD
+ time.sleep(6)
+
+ # Update success, set the date to cve_check file.
+ cve_f.write('CVE database update : %s\n\n' % datetime.date.today())
+
+ conn.commit()
+ conn.close()
+ return True
+
+def initialize_db(conn):
+ with conn:
+ c = conn.cursor()
+
+ c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)")
+
+ c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \
+ SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)")
+
+ c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \
+ VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \
+ VERSION_END TEXT, OPERATOR_END TEXT)")
+ c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);")
+
+ c.close()
+
+def parse_node_and_insert(conn, node, cveId):
+
+ def cpe_generator():
+ for cpe in node.get('cpeMatch', ()):
+ if not cpe['vulnerable']:
+ return
+ cpe23 = cpe.get('criteria')
+ if not cpe23:
+ return
+ cpe23 = cpe23.split(':')
+ if len(cpe23) < 6:
+ return
+ vendor = cpe23[3]
+ product = cpe23[4]
+ version = cpe23[5]
+
+ if cpe23[6] == '*' or cpe23[6] == '-':
+ version_suffix = ""
+ else:
+ version_suffix = "_" + cpe23[6]
+
+ if version != '*' and version != '-':
+ # Version is defined, this is a '=' match
+ yield [cveId, vendor, product, version + version_suffix, '=', '', '']
+ elif version == '-':
+ # no version information is available
+ yield [cveId, vendor, product, version, '', '', '']
+ else:
+ # Parse start version, end version and operators
+ op_start = ''
+ op_end = ''
+ v_start = ''
+ v_end = ''
+
+ if 'versionStartIncluding' in cpe:
+ op_start = '>='
+ v_start = cpe['versionStartIncluding']
+
+ if 'versionStartExcluding' in cpe:
+ op_start = '>'
+ v_start = cpe['versionStartExcluding']
+
+ if 'versionEndIncluding' in cpe:
+ op_end = '<='
+ v_end = cpe['versionEndIncluding']
+
+ if 'versionEndExcluding' in cpe:
+ op_end = '<'
+ v_end = cpe['versionEndExcluding']
+
+ if op_start or op_end or v_start or v_end:
+ yield [cveId, vendor, product, v_start, op_start, v_end, op_end]
+ else:
+ # This is no version information, expressed differently.
+ # Save processing by representing as -.
+ yield [cveId, vendor, product, '-', '', '', '']
+
+ conn.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()).close()
+
+def update_db(conn, elt):
+ """
+ Update a single entry in the on-disk database
+ """
+
+ accessVector = None
+ cveId = elt['cve']['id']
+ if elt['cve']['vulnStatus'] == "Rejected":
+ return
+ cveDesc = ""
+ for desc in elt['cve']['descriptions']:
+ if desc['lang'] == 'en':
+ cveDesc = desc['value']
+ date = elt['cve']['lastModified']
+ try:
+ accessVector = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['accessVector']
+ cvssv2 = elt['cve']['metrics']['cvssMetricV2'][0]['cvssData']['baseScore']
+ except KeyError:
+ cvssv2 = 0.0
+ try:
+ accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector']
+ cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore']
+ except KeyError:
+ accessVector = accessVector or "UNKNOWN"
+ cvssv3 = 0.0
+
+ conn.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)",
+ [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close()
+
+ try:
+ configurations = elt['cve']['configurations'][0]['nodes']
+ for config in configurations:
+ parse_node_and_insert(conn, config, cveId)
+ except KeyError:
+ bb.debug(2, "Entry without a configuration")
+
+do_fetch[nostamp] = "1"
+
+EXCLUDE_FROM_WORLD = "1"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 08/18] cve-update-nvd2-native: added the missing http import
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (6 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 07/18] cve-update-nvd2-native: new CVE database fetcher Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 09/18] glibc: stable 2.35 branch updates Steve Sakoman
` (10 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 39d2cde7eb922cb0a2cf9402cd8b3ae3b4cc2f62)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/meta/cve-update-nvd2-native.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb
index 1c14481c21..2b585983ac 100644
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -118,6 +118,7 @@ def nvd_request_next(url, api_key, args):
import urllib.request
import urllib.parse
import gzip
+ import http
headers = {}
if api_key:
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 09/18] glibc: stable 2.35 branch updates
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (7 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 08/18] cve-update-nvd2-native: added the missing http import Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 10/18] linux-yocto/5.15: update to v5.15.109 Steve Sakoman
` (9 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Deepthi Hemraj <deepadeepthi98@gmail.com>
Below commits on glibc-2.35 stable branch are updated.
cbceb903c4 (HEAD -> release/2.35/master, origin/release/2.35/master) io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64
0967fb5861 io: Fix record locking contants on 32 bit arch with 64 bit default time_t
739de21d30 Document BZ #20975 fix
2b9906f9a0 __check_pf: Add a cancellation cleanup handler
7035f2174f gmon: Revert addition of tunables to preserve GLIBC_PRIVATE ABI
e698e8bd8e gmon: fix memory corruption issues
9f81b8fa65 gmon: improve mcount overflow handling
f2820e478c gmon: Fix allocated buffer overflow
413af1eb02 posix: Fix system blocks SIGCHLD erroneously
CVE-2023-0687.patch is dropped
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../glibc/glibc/CVE-2023-0687.patch | 82 -------------------
meta/recipes-core/glibc/glibc_2.35.bb | 1 -
3 files changed, 1 insertion(+), 84 deletions(-)
delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-0687.patch
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 4d8d96cefb..01b1abef7d 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.35/master"
PV = "2.35"
-SRCREV_glibc ?= "1c7f51c75ae300fe52ccb636e71b8e28cb20824c"
+SRCREV_glibc ?= "cbceb903c4d770acc7e4ba5641036516830ed69b"
SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/CVE-2023-0687.patch b/meta/recipes-core/glibc/glibc/CVE-2023-0687.patch
deleted file mode 100644
index 10c7e5666d..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2023-0687.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From 952aff5c00ad7c6b83c3f310f2643939538827f8 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=D0=9B=D0=B5=D0=BE=D0=BD=D0=B8=D0=B4=20=D0=AE=D1=80=D1=8C?=
- =?UTF-8?q?=D0=B5=D0=B2=20=28Leonid=20Yuriev=29?= <leo@yuriev.ru>
-Date: Sat, 4 Feb 2023 14:41:38 +0300
-Subject: [PATCH] gmon: Fix allocated buffer overflow (bug 29444)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The `__monstartup()` allocates a buffer used to store all the data
-accumulated by the monitor.
-
-The size of this buffer depends on the size of the internal structures
-used and the address range for which the monitor is activated, as well
-as on the maximum density of call instructions and/or callable functions
-that could be potentially on a segment of executable code.
-
-In particular a hash table of arcs is placed at the end of this buffer.
-The size of this hash table is calculated in bytes as
- p->fromssize = p->textsize / HASHFRACTION;
-
-but actually should be
- p->fromssize = ROUNDUP(p->textsize / HASHFRACTION, sizeof(*p->froms));
-
-This results in writing beyond the end of the allocated buffer when an
-added arc corresponds to a call near from the end of the monitored
-address range, since `_mcount()` check the incoming caller address for
-monitored range but not the intermediate result hash-like index that
-uses to write into the table.
-
-It should be noted that when the results are output to `gmon.out`, the
-table is read to the last element calculated from the allocated size in
-bytes, so the arcs stored outside the buffer boundary did not fall into
-`gprof` for analysis. Thus this "feature" help me to found this bug
-during working with https://sourceware.org/bugzilla/show_bug.cgi?id=29438
-
-Just in case, I will explicitly note that the problem breaks the
-`make test t=gmon/tst-gmon-dso` added for Bug 29438.
-There, the arc of the `f3()` call disappears from the output, since in
-the DSO case, the call to `f3` is located close to the end of the
-monitored range.
-
-Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
-
-Another minor error seems a related typo in the calculation of
-`kcountsize`, but since kcounts are smaller than froms, this is
-actually to align the p->froms data.
-
-Co-authored-by: DJ Delorie <dj@redhat.com>
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=801af9fafd4689337ebf27260aa115335a0cb2bc]
-CVE: CVE-2023-0687
-Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
----
- gmon/gmon.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/gmon/gmon.c b/gmon/gmon.c
-index dee6480..bf76358 100644
---- a/gmon/gmon.c
-+++ b/gmon/gmon.c
-@@ -132,6 +132,8 @@ __monstartup (u_long lowpc, u_long highpc)
- p->lowpc = ROUNDDOWN(lowpc, HISTFRACTION * sizeof(HISTCOUNTER));
- p->highpc = ROUNDUP(highpc, HISTFRACTION * sizeof(HISTCOUNTER));
- p->textsize = p->highpc - p->lowpc;
-+ /* This looks like a typo, but it's here to align the p->froms
-+ section. */
- p->kcountsize = ROUNDUP(p->textsize / HISTFRACTION, sizeof(*p->froms));
- p->hashfraction = HASHFRACTION;
- p->log_hashfraction = -1;
-@@ -142,7 +144,7 @@ __monstartup (u_long lowpc, u_long highpc)
- instead of integer division. Precompute shift amount. */
- p->log_hashfraction = ffs(p->hashfraction * sizeof(*p->froms)) - 1;
- }
-- p->fromssize = p->textsize / HASHFRACTION;
-+ p->fromssize = ROUNDUP(p->textsize / HASHFRACTION, sizeof(*p->froms));
- p->tolimit = p->textsize * ARCDENSITY / 100;
- if (p->tolimit < MINARCS)
- p->tolimit = MINARCS;
---
-2.7.4
diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb
index 29fcb1d627..df847e76bf 100644
--- a/meta/recipes-core/glibc/glibc_2.35.bb
+++ b/meta/recipes-core/glibc/glibc_2.35.bb
@@ -50,7 +50,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
file://0024-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \
\
file://0001-Revert-Linux-Implement-a-useful-version-of-_startup_.patch \
- file://CVE-2023-0687.patch \
"
S = "${WORKDIR}/git"
B = "${WORKDIR}/build-${TARGET_SYS}"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 10/18] linux-yocto/5.15: update to v5.15.109
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (8 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 09/18] glibc: stable 2.35 branch updates Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 11/18] linux-yocto/5.15: update to v5.15.110 Steve Sakoman
` (8 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
f48aeeaaa64c Linux 5.15.109
4aed6b5809bb soc: sifive: l2_cache: fix missing of_node_put() in sifive_l2_init()
71e7ed6e3aa9 soc: sifive: l2_cache: fix missing free_irq() in error path in sifive_l2_init()
48c5fd373345 soc: sifive: l2_cache: fix missing iounmap() in error path in sifive_l2_init()
2a2a502af466 ASN.1: Fix check for strdup() success
9fc2e7f2cf47 ASoC: fsl_asrc_dma: fix potential null-ptr-deref
0431e1323f42 mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
144ff55623e2 iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger()
e589986ef037 counter: 104-quad-8: Fix race condition between FLAG and CNTR reads
78559037632b pwm: hibvt: Explicitly set .polarity in .get_state()
2147e7c2d26f pwm: iqs620a: Explicitly set .polarity in .get_state()
a2ab4924f0c8 pwm: meson: Explicitly set .polarity in .get_state()
dbc7a6d1ec8e sctp: Call inet6_destroy_sock() via sk->sk_destruct().
4f66b180a622 dccp: Call inet6_destroy_sock() via sk->sk_destruct().
b60d534d1e70 inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy().
dd042131386f tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct().
dabbe97f369b udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM).
d58366aab868 fuse: fix deadlock between atomic O_TRUNC and page invalidation
e21d9c606839 fuse: always revalidate rename target dentry
c10a5b340681 fuse: fix attr version comparison in fuse_read_update_size()
1e5c686087dc purgatory: fix disabling debug info
a134b2ac4127 docs: futex: Fix kernel-doc references after code split-up preparation
66dd55279174 MIPS: Define RUNTIME_DISCARD_EXIT in LD script
e779884c713f sched/fair: Fixes for capacity inversion detection
4ee882e0e1ed sched/uclamp: Fix a uninitialized variable warnings
98762616db0b sched/fair: Consider capacity inversion in util_fits_cpu()
99b704ae7a17 sched/fair: Detect capacity inversion
1de6ee9d812c sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit condition
a77e3c0e067d sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
ac407e5102e9 sched/uclamp: Fix fits_capacity() check in feec()
46c631fe5a94 mm: page_alloc: skip regions with hugetlbfs pages when allocating 1G pages
981e276dd965 mm/khugepaged: check again on anon uffd-wp during isolation
29562319cba0 drm/i915: Fix fast wake AUX sync len
afbfd70cb1a0 mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25
1aaa1e0a9a0f kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
ebab1a86ca3e memstick: fix memory leak if card device is never registered
8c168553abce nilfs2: initialize unused bytes in segment summary blocks
e513fb5cadc4 iio: light: tsl2772: fix reading proximity-diodes from device tree
c15737965434 rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
a8466e335f58 platform/x86: gigabyte-wmi: add support for X570S AORUS ELITE
4a2a34a75f3e xen/netback: use same error messages for same errors
08e774db2ef1 nvme-tcp: fix a possible UAF when failing to allocate an io queue
1b91bfae3ee1 s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling
357fa038d93d net: dsa: b53: mmap: add phy ops
583d2abf1374 scsi: core: Improve scsi_vpd_inquiry() checks
139bea1d3aa1 scsi: megaraid_sas: Fix fw_crash_buffer_show()
73890c48849d selftests: sigaltstack: fix -Wuninitialized
c2680efa1507 platform/x86 (gigabyte-wmi): Add support for A320M-S2H V2
fd3e899340e1 Input: i8042 - add quirk for Fujitsu Lifebook A574/H
14bb1fb893db f2fs: Fix f2fs_truncate_partial_nodes ftrace event
0ebc93afdaf6 e1000e: Disable TSO on i219-LM card to increase speed
e722ea6dae2c bpf: Fix incorrect verifier pruning due to missing register precision taints
25e50cdf9f63 spi: spi-rockchip: Fix missing unwind goto in rockchip_sfc_probe()
cbce626dcd23 mlxsw: pci: Fix possible crash during initialization
4eee0d9d3c11 net: rpl: fix rpl header size calculation
92e0bc5e34ad bonding: Fix memory leak when changing bond type to Ethernet
b24026f1409c mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
5610d81d0214 bnxt_en: Do not initialize PTP on older P3/P4 chips
7ff875ee15bc netfilter: nf_tables: tighten netlink attribute requirements for catch-all elements
0a397535d189 netfilter: nf_tables: validate catch-all set elements
25f1b40cf9b2 i40e: fix i40e_setup_misc_vector() error handling
536ed39cbec8 i40e: fix accessing vsi->active_filters without holding lock
8089d724dd7a netfilter: nf_tables: fix ifdef to also consider nf_tables=m
69ea11769b8d sfc: Fix use-after-free due to selftest_work
aa16f7b99d23 sfc: Split STATE_READY in to STATE_NET_DOWN and STATE_NET_UP.
b36d82ddc74e virtio_net: bugfix overflow inside xdp_linearize_page()
1ffc0e810551 net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
fe0d832ea0e6 regulator: fan53555: Fix wrong TCS_SLEW_MASK
976f8482e459 regulator: fan53555: Explicitly include bits header
cb9b96c154a1 netfilter: br_netfilter: fix recent physdev match breakage
beb1c8576c23 arm64: dts: imx8mm-evk: correct pmic clock source
863473055d1d arm64: dts: meson-g12-common: specify full DMC range
dd6bd054a92c arm64: dts: qcom: ipq8074-hk01: enable QMP device, not the PHY node
bd129e4c9e34 ARM: dts: rockchip: fix a typo error for rk3288 spdif node
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 3411b2b442c44fa932e3d6065a95078a6f541dd9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 29379791f4..71c2c4042b 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "8e0611e36c848a07f9cdd778903c9e51bb90b319"
-SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312"
+SRCREV_machine ?= "63a865cbbc8ab351f44582a4fcf2999c7681cfd8"
+SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.108"
+LINUX_VERSION ?= "5.15.109"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index c19c289b97..620e85091d 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.108"
+LINUX_VERSION ?= "5.15.109"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "3d762b85647844790979dd1e17a762003aaa7476"
-SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312"
+SRCREV_machine ?= "7d734295a38a5fc03fb29fb90bb64e38708e2308"
+SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 785944c3cf..41e7c27850 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "80421c525a12141d31bf1592b0d8c176defe3010"
-SRCREV_machine:qemuarm64 ?= "9d140dbc3171bf272f51b524edeeb2f22783aca5"
-SRCREV_machine:qemumips ?= "b29a8fa62d88db512f1fa5d60e430a851d7e3aaf"
-SRCREV_machine:qemuppc ?= "7ee6b7fc4b57933114376cf012218c2ae3d23558"
-SRCREV_machine:qemuriscv64 ?= "e8c818cce43dd720c366d831aeb102c20c237652"
-SRCREV_machine:qemuriscv32 ?= "e8c818cce43dd720c366d831aeb102c20c237652"
-SRCREV_machine:qemux86 ?= "e8c818cce43dd720c366d831aeb102c20c237652"
-SRCREV_machine:qemux86-64 ?= "e8c818cce43dd720c366d831aeb102c20c237652"
-SRCREV_machine:qemumips64 ?= "5c900befc90365f6daa80989e8de0ccc546ff0f5"
-SRCREV_machine ?= "e8c818cce43dd720c366d831aeb102c20c237652"
-SRCREV_meta ?= "e4b95ec17228274acb38bf10061448224df3a312"
+SRCREV_machine:qemuarm ?= "8ac50c616d30bffb2540f2dd7bfe8ea66d737bfe"
+SRCREV_machine:qemuarm64 ?= "470798ad34773e9e60e08ba80a8b7e6c4cf65c94"
+SRCREV_machine:qemumips ?= "9dcb3aaf2e30172cfb33b13d50bae621cd449f5b"
+SRCREV_machine:qemuppc ?= "faaa6b1dd4c1bf3550efa07e788f6849729e9d7b"
+SRCREV_machine:qemuriscv64 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_machine:qemuriscv32 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_machine:qemux86 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_machine:qemux86-64 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_machine:qemumips64 ?= "a41a7b13730b656588ac38cf0f1af6f9f255e112"
+SRCREV_machine ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "3299fb36854fdc288bddc2c4d265f8a2e5105944"
+SRCREV_machine:class-devupstream ?= "f48aeeaaa64c628519273f6007a745cf55b68d95"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.108"
+LINUX_VERSION ?= "5.15.109"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 11/18] linux-yocto/5.15: update to v5.15.110
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (9 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 10/18] linux-yocto/5.15: update to v5.15.109 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 12/18] linux-yocto/5.15: update to v5.15.111 Steve Sakoman
` (7 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
8a7f2a5c5aa1 Linux 5.15.110
cab0f985037b riscv: No need to relocate the dtb as it lies in the fixmap region
1f09c9bab723 riscv: Do not set initial_boot_params to the linear address of the dtb
bbf94b042155 riscv: Move early dtb mapping into the fixmap region
ccb29694c2da selftests: mptcp: join: fix "invalid address, ADD_ADDR timeout"
0994aa001fde driver core: Don't require dynamic_debug for initcall_debug probe timing
3dcebcaa258c USB: serial: option: add UNISOC vendor and TOZED LT70C product
f1e6a14d5ae8 bluetooth: Perform careful capability checks in hci_sock_ioctl()
39c472809aab drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
936a23293bbb wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
2bd716c6e4d1 KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg()
00f74003edf5 KVM: arm64: Retry fault if vma_lookup() results become invalid
c1da649699e1 selftests/kselftest/runner/run_one(): allow running non-executable files
c88435054153 PCI/ASPM: Remove pcie_aspm_pm_state_change()
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 8fb28c7f71888d65c170c9f5400438a077860c6f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 4 ++--
.../linux/linux-yocto-tiny_5.15.bb | 4 ++--
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 24 +++++++++----------
3 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 71c2c4042b..d719a959d6 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "63a865cbbc8ab351f44582a4fcf2999c7681cfd8"
+SRCREV_machine ?= "91c85a978457d009bb57ec0a0867afe4ff7c8278"
SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.109"
+LINUX_VERSION ?= "5.15.110"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 620e85091d..88af7d2ee7 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.109"
+LINUX_VERSION ?= "5.15.110"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,7 +14,7 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "7d734295a38a5fc03fb29fb90bb64e38708e2308"
+SRCREV_machine ?= "37cc630d5574860de0b48e67fca03d8cb7d2a260"
SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 41e7c27850..9c531ab4da 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,16 +13,16 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "8ac50c616d30bffb2540f2dd7bfe8ea66d737bfe"
-SRCREV_machine:qemuarm64 ?= "470798ad34773e9e60e08ba80a8b7e6c4cf65c94"
-SRCREV_machine:qemumips ?= "9dcb3aaf2e30172cfb33b13d50bae621cd449f5b"
-SRCREV_machine:qemuppc ?= "faaa6b1dd4c1bf3550efa07e788f6849729e9d7b"
-SRCREV_machine:qemuriscv64 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
-SRCREV_machine:qemuriscv32 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
-SRCREV_machine:qemux86 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
-SRCREV_machine:qemux86-64 ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
-SRCREV_machine:qemumips64 ?= "a41a7b13730b656588ac38cf0f1af6f9f255e112"
-SRCREV_machine ?= "b8a4501ad3a651d576df481df20bf20fd3e969df"
+SRCREV_machine:qemuarm ?= "c9c4163f1d7a05a8a9e74f519ec7acc54259f53b"
+SRCREV_machine:qemuarm64 ?= "1cbfaca7888ffe8f6ce58987080a86b48161ce44"
+SRCREV_machine:qemumips ?= "9d83787163c68c2390136915fcfbf3e781d56874"
+SRCREV_machine:qemuppc ?= "a6d06d797ba2ae6c391898a42fced6c3eb71aad0"
+SRCREV_machine:qemuriscv64 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
+SRCREV_machine:qemuriscv32 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
+SRCREV_machine:qemux86 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
+SRCREV_machine:qemux86-64 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
+SRCREV_machine:qemumips64 ?= "577bbb0ffdafbe77c802b1ff6cd09beec4cf0302"
+SRCREV_machine ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
@@ -30,7 +30,7 @@ SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "f48aeeaaa64c628519273f6007a745cf55b68d95"
+SRCREV_machine:class-devupstream ?= "8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.109"
+LINUX_VERSION ?= "5.15.110"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 12/18] linux-yocto/5.15: update to v5.15.111
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (10 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 11/18] linux-yocto/5.15: update to v5.15.110 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 13/18] linux-yocto/5.15: update to v5.15.112 Steve Sakoman
` (6 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
b0ece631f84a Linux 5.15.111
0a008c5098d8 sched: Fix DEBUG && !SCHEDSTATS warn
21c2a454486d netfilter: nf_tables: deactivate anonymous set from preparation phase
aa6ff950f875 arm64: dts: qcom: sdm845: correct dynamic power coefficients - again
2931ed45bfe3 sound/oss/dmasound: fix 'dmasound_setup' defined but not used
503e554782c9 debugobject: Ensure pool refill (again)
6b84832966a0 perf intel-pt: Fix CYC timestamps after standalone CBR
06106efa20f7 perf auxtrace: Fix address filter entire kernel size
11c6fb35df5c dm: don't lock fs when the map is NULL in process of resume
e11765cea205 dm ioctl: fix nested locking in table_clear() to remove deadlock concern
f76fcb9d43ec dm flakey: fix a crash with invalid table line
a5d8c6bf58e5 dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
56e952ae6d89 dm clone: call kmem_cache_destroy() in dm_clone_init() error path
f382705d0460 dm verity: fix error handling for check_at_most_once on FEC
1821a33bb23e ia64: fix an addr to taddr in huge_pte_offset()
3a57c70e9e92 s390/dasd: fix hanging blockdevice after request requeue
ed7e8beb201b btrfs: scrub: reject unsupported scrub flags
14383698c0de scripts/gdb: fix lx-timerlist for Python3
33383fbe4f01 clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
e8353dea7d7d wifi: rtl8xxxu: RTL8192EU always needs full init
384a0dcac2a6 mailbox: zynqmp: Fix typo in IPI documentation
09206edff007 mailbox: zynqmp: Fix IPI isr handling
6d1af517817a mtd: core: fix error path for nvmem provider
8444b46e163a mtd: core: fix nvmem error reporting
7c253e98685e mtd: core: provide unique name for nvmem device, take two
68695084077e md/raid10: fix null-ptr-deref in raid10_sync_request
8d07d9119642 nilfs2: fix infinite loop in nilfs_mdt_get_block()
13f73ef77baa nilfs2: do not write dirty data after degenerating to read-only
ab0748f246b7 ALSA: usb-audio: Add quirk for Pioneer DDJ-800
a87e5b9b4c64 parisc: Fix argument pointer in real64_call_asm()
f1b4681cfa0a afs: Fix updating of i_size with dv jump from server
33f302c9bf3e mfd: tqmx86: Correct board names for TQMxE39x
ce01b75447f6 mfd: tqmx86: Specify IO port register range more precisely
a23b3b2be0d0 mfd: tqmx86: Do not access I2C_DETECT register through io_base
388d2578c7d7 thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe
bdcf9fec87b2 dmaengine: at_xdmac: do not enable all cyclic channels
a5227b3be869 dmaengine: at_xdmac: Fix race for the tx desc callback
2b68028d771a dmaengine: at_xdmac: Fix concurrency over chan's completed_cookie
738a4fdbd157 dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
fd6316dec20f dmaengine: dw-edma: Fix to change for continuous transfer
dd23c11136ff dma: gpi: remove spurious unlock in gpi_ch_init
dce3bdaee3f2 phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
1cccf7c5c7f5 pwm: mtk-disp: Configure double buffering before reading in .get_state()
d2798512fafc pwm: mtk-disp: Disable shadow registers before setting backlight values
8ffa1cb8bcfa leds: tca6507: Fix error handling of using fwnode_property_read_string
e63e3a0fc062 dmaengine: mv_xor_v2: Fix an error code.
332ca024a82e leds: TI_LMU_COMMON: select REGMAP instead of depending on it
c904a070d7cd pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration
40566def189c ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline
18eb23891aea ext4: fix i_disksize exceeding i_size problem in paritally written case
3dc3a86b88bd SMB3: Close deferred file handles in case of handle lease break
0f87e18203bd SMB3: Add missing locks to protect deferred close file list
b574e73db844 timekeeping: Fix references to nonexistent ktime_get_fast_ns()
ccfede0a2cb1 openrisc: Properly store r31 to pt_regs on unhandled exceptions
1c7456aa5d3a clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails
c87c6d50505b RDMA/mlx5: Use correct device num_ports when modify DC
d2823237dabc SUNRPC: remove the maximum number of retries in call_bind_status
c11e44ac1a71 RDMA/mlx5: Fix flow counter query via DEVX
7acad58049ac Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe
b6157a9f0fc7 clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling
33f9b8de1b00 clk: qcom: regmap: add PHY clock source implementation
0ccc1a6bac34 NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
a2bd706ab635 IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests
6bbc49661c31 IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
00cc21e32ea1 RDMA/srpt: Add a check for valid 'mad_agent' pointer
03b9d26f33e6 RDMA/cm: Trace icm_send_rej event before the cm state is reset
30218b769845 clk: qcom: gcc-sm6115: Mark RCGs shared where applicable
5255051c8f31 RDMA/siw: Remove namespace check from siw_netdev_event()
48ba87f6e14d clk: add missing of_node_put() in "assigned-clocks" property parsing
3d7c6f2076f1 power: supply: generic-adc-battery: fix unit scaling
c58ea97aa94f fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()
cd7e1d679240 fs/ntfs3: Fix OOB read in indx_insert_into_buffer
952bbfcedbf8 fs/ntfs3: Add check for kmemdup
3030f2b9b332 fs/ntfs3: Fix memory leak if ntfs_read_mft failed
d1faeb14bce3 rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time
9911be215572 RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
44438a49593a rtc: omap: include header for omap_rtc_power_off_program prototype
6d19fe968ef6 workqueue: Fix hung time report of worker pools
6c073c5a5b97 workqueue: Introduce show_one_worker_pool and show_one_workqueue.
e89f95c68536 RDMA/rdmavt: Delete unnecessary NULL check
9721b14e6c8a RDMA/siw: Fix potential page_array out of range access
8d909684bdf6 clk: at91: clk-sam9x60-pll: fix return value check
623941780df3 sched/rt: Fix bad task migration for rt tasks
594d2a055526 Revert "objtool: Support addition to set CFA base"
80973ce36f4b perf/core: Fix hardlockup failure caused by perf throttle
3e09b68fc520 sched/fair: Fix inaccurate tally of ttwu_move_affine
c3b9f95598b8 sched: Make struct sched_statistics independent of fair sched class
6002989848c5 sched/fair: Use __schedstat_set() in set_next_entity()
94bcf94c25aa powerpc/rtas: use memmove for potentially overlapping buffer copy
f7107d44dff7 macintosh: via-pmu-led: requires ATA to be set
85842228df0e powerpc/sysdev/tsi108: fix resource printk format warnings
179cc5ab9591 powerpc/wii: fix resource printk format warnings
516c27922c96 powerpc/mpc512x: fix resource printk format warning
da961d510b21 macintosh/windfarm_smu_sat: Add missing of_node_put()
5b9fc529b689 virtio_ring: don't update event idx on get_buf
ee0b6146317a spmi: Add a check for remove callback when removing a SPMI driver
be267f30b07e staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
424cf2929635 serial: 8250: Add missing wakeup event reporting
8dfd00bfd53f tty: serial: fsl_lpuart: adjust buffer length to the intended size
59ecc2cf3466 firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe
ee53a7a88027 usb: mtu3: fix kernel panic at qmu transfer done irq handler
6b0d399dac58 usb: chipidea: fix missing goto in `ci_hdrc_probe`
6d4325ebd8c0 usb: gadget: tegra-xudc: Fix crash in vbus_draw
d96f6bc10789 sh: sq: Fix incorrect element size for allocating bitmap buffer
397eb669dac0 uapi/linux/const.h: prefer ISO-friendly __typeof__
d1c4dedcd2df scripts/gdb: raise error with reduced debugging information
2d65599ad1e4 i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path
d453f25faf68 spi: cadence-quadspi: fix suspend-resume implementations
6a129c0e9935 ASoC: fsl_mqs: move of_node_put() to the correct location
850631845531 coresight: etm_pmu: Set the module field
db6f1b2bba34 HID: amd_sfh: Add support for shutdown operation
b711dd0ba9b3 scripts/gdb: bail early if there are no generic PD
eaecf281c27f scripts/gdb: bail early if there are no clocks
0110bfacff03 ia64: salinfo: placate defined-but-not-used warning
51395777f66d ia64: mm/contig: fix section mismatch warning/error
1a2a0d5b0617 PCI/EDR: Clear Device Status after EDR error recovery
cc4f0e168a56 of: Fix modalias string generation
770d30b1355c vmci_host: fix a race condition in vmci_host_poll() causing GPF
08c7608798a9 spi: fsl-spi: Fix CPM/QE mode Litte Endian
f345d4d71e87 spi: qup: Don't skip cleanup in remove's error path
77b0c0dd2c56 linux/vt_buffer.h: allow either builtin or modular for macros
af9ec18aa8ee ASoC: es8316: Handle optional IRQ assignment
39287d16b2d2 PCI: imx6: Install the fault handler only on compatible match
1e58fb6b1cef usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition
f90822ad63d1 spi: imx: Don't skip cleanup in remove's error path
e9ded9dd5d05 spi: spi-imx: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
193f7fffdcaf serial: 8250_bcm7271: Fix arbitration handling
f67cc4929ef9 iio: light: max44009: add missing OF device matching
7e42057532ea fpga: bridge: fix kernel-doc parameter description
72b1ce904567 serial: stm32: Re-assert RTS/DE GPIO in RS485 mode only if more data are transmitted
59ed254dd35e serial: stm32: re-introduce an irq flag condition in usart_receive_chars
4b7bb1c7be4f usb: dwc3: gadget: Change condition for processing suspend event
beb12083c1ac usb: host: xhci-rcar: remove leftover quirk handling
295f3fcaa8ea pstore: Revert pmsg_lock back to a normal mutex
2491b999a60d drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler()
209850f17717 drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()
1ffb2ca65051 ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it
43e4197dd5f6 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
1d2f799c1604 net: amd: Fix link leak when verifying config failed
5d6e5c054ed2 netlink: Use copy_to_user() for optval in netlink_getsockopt().
a789192f3661 Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
a54ec573d9b8 ipv4: Fix potential uninit variable access bug in __ip_make_skb()
d0b43125ec89 net/sched: sch_fq: fix integer overflow of "credit"
7a45b4e1c82b netfilter: nf_tables: don't write table validation state without mutex
8913abddad4a bpf: Don't EFAULT for getsockopt with optval=NULL
77f245ce053e net: stmmac:fix system hang when setting up tag_8021q VLAN for DSA ports
a9e96eef8218 net/mlx5: E-switch, Don't destroy indirect table in split rule
05cf6f353d3c ixgbe: Enable setting RSS table to default values
624b73f77664 ixgbe: Allow flow hash to be set via ethtool
e302e9ca14a8 wifi: iwlwifi: fw: fix memory leak in debugfs
53b3b1f563bc wifi: iwlwifi: mvm: check firmware response size
aa11a894458d wifi: mt76: mt7921e: improve reliability of dma reset
f8923ad9dd8e wifi: mt76: fix 6GHz high channel not be scanned
613b51663fc4 wifi: mt76: mt7921e: fix probe timeout after reboot
5279aaf9f5b0 wifi: mt76: add flexible polling wait-interval support
ac9fec5b5688 wifi: mt76: handle failure of vzalloc in mt7615_coredump_work
210e6d01cc49 wifi: iwlwifi: make the loop for card preparation effective
dff2a7b33060 jdb2: Don't refuse invalidation of already invalidated buffers
358317ad9cf4 wifi: iwlwifi: fw: move memset before early return
cccf85e047c3 wifi: iwlwifi: mvm: initialize seq variable
b3cecbb2571c wifi: iwlwifi: yoyo: Fix possible division by zero
4636c35b7e6e wifi: iwlwifi: yoyo: skip dump correctly on hw error
34222897e0eb md/raid10: don't call bio_start_io_acct twice for bio which experienced read error
d6cfcf98b824 md/raid10: fix memleak of md thread
7f673fa34c0e md/raid10: fix memleak for 'conf->bio_split'
8d09065802c5 md/raid10: fix leak of 'r10bio->remaining' for recovery
901b4918faa4 md/raid10: fix task hung in raid10d
fc04998351fe md/raid10: factor out code from wait_barrier() to stop_waiting_barrier()
39db562b3fed md: raid10 add nowait support
74af08efa5cd md: drop queue limitation for RAID1 and RAID10
337d1d88be9d bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
12e70c6f4ed8 selftests/bpf: Fix leaked bpf_link in get_stackid_cannot_attach
103a4275420e nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage"
9fe41e648254 nvme: fix async event trace event
13475e639162 nvme: handle the persistent internal error AER
30b9073583ac nvmet: fix I/O Command Set specific Identify Controller
42bcbc2a90a8 nvmet: fix Identify Active Namespace ID list handling
92cf81746ebc nvmet: fix Identify Controller handling
ac86d59eaa69 nvmet: fix Identify Namespace handling
c7e98afecab2 nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns()
537083b1275c nvmet: move the call to nvmet_ns_changed out of nvmet_ns_revalidate
080826d16758 nvmet: use i_size_read() to set size for file-ns
f333854dce4a bpf, sockmap: fix deadlocks in the sockhash and sockmap
c8a67bc85772 net: ethernet: stmmac: dwmac-rk: fix optional phy regulator handling
fd8c83d8375b scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()
9a7f63283af6 f2fs: fix to avoid use-after-free for cached IPU bio
119f278ea9c1 xsk: Fix unaligned descriptor validation
1056b209935d crypto: drbg - Only fail when jent is unavailable in FIPS mode
9317d6612011 crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors
80bfd8b184d8 bpftool: Fix bug for long instructions in program CFG dumps
afdc3a4bd77d selftests/bpf: Wait for receive in cg_storage_multi test
c5fa99bce673 selftests: xsk: Disable IPv6 on VETH1
c4afd6410f3c net: qrtr: correct types of trace event parameters
eb77c0c0a17c wifi: rt2x00: Fix memory leak when handling surveys
0b0c3e37a43f wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg()
0a847af3cb40 wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg()
3e660d117513 crypto: sa2ul - Select CRYPTO_DES
d82d82e0372b crypto: caam - Clear some memory in instantiate_rng
169134da419c f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages()
d0cf44f06dd4 f2fs: apply zone capacity to all zone type
2cc6a05661ad f2fs: enforce single zone capacity
e5a56f13ba2d f2fs: handle dqget error in f2fs_transfer_project_quota()
6d6415e5bce2 scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
eb4cf26d2e86 scsi: target: iscsit: Fix TAS handling during conn cleanup
9158c86fd323 scsi: target: Fix multiple LUN_RESET handling
ad4a647aa587 net/packet: convert po->auxdata to an atomic flag
f1a111ca05ce net/packet: convert po->origdev to an atomic flag
c3238c7dbed9 net/packet: annotate accesses to po->xmit
97e7b1c1da12 vlan: partially enable SIOCSHWTSTAMP in container
5f44dfa841e9 net: pcs: xpcs: remove double-read of link state when using AN
a7282fc797df bpf: Remove misleading spec_v1 check on var-offset stack read
60f9ed23b954 selftests/bpf: Fix a fd leak in an error path in network_helpers.c
9b9e803b4823 scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
670754766ac3 bpf: fix precision propagation verbose logging
c022b09fcc32 bpf: take into account liveness when propagating precision
23634d119ca7 wifi: rtw88: mac: Return the original error from rtw_mac_power_switch()
3fc0be9f48ff wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser()
2ba1e4a623bf tools: bpftool: Remove invalid \' json escape
484d95c69fc1 wifi: ath6kl: reduce WARN to dev_dbg() in callback
19ba40acb170 wifi: brcmfmac: support CQM RSSI notification with older firmware
378364abbe55 wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
59073060fe09 wifi: ath9k: hif_usb: fix memory leak of remain_skbs
104b1b48b679 wifi: ath6kl: minor fix for allocation size
d1138f118f43 hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E
f1d68061b074 cpufreq: use correct unit when verify cur freq
a55050c7989c tick/common: Align tick period with the HZ tick.
54202488c835 drm/i915: Make intel_get_crtc_new_encoder() less oopsy
500ffa58e70b debugobject: Prevent init race with static objects
af04d8d3c156 arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
00132fab90ea x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
ad6481f49fb2 regulator: stm32-pwr: fix of_iomap leak
b8c2678d0fe7 media: venus: dec: Fix handling of the start cmd
2ed8f8c09d2a media: rc: gpio-ir-recv: Fix support for wake-up
4b1afffdd940 drm/amd/display: Fix potential null dereference
2322b262d220 media: rcar_fdp1: Fix refcount leak in probe and remove function
5847021f8052 media: rcar_fdp1: Convert to platform remove callback returning void
d18789f43484 platform: Provide a remove callback that returns no value
825281f34bec media: rcar_fdp1: Fix the correct variable assignments
3c300022c188 media: rcar_fdp1: Make use of the helper function devm_platform_ioremap_resource()
2f48c0a463a3 media: saa7134: fix use after free bug in saa7134_finidev due to race condition
c94388b5b909 media: dm1105: Fix use after free bug in dm1105_remove due to race condition
cac0f4f36e22 media: rkvdec: fix use after free bug in rkvdec_remove
d991f6139fa6 x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
1e3056b8067c regulator: core: Avoid lockdep reports when resolving supplies
4e5c9738185b regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow()
678b3f29aaaf drm/ttm/pool: Fix ttm_pool_alloc error path
b19bebc96381 drm/ttm: optimize pool allocations a bit v2
1e26766dc83a arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator
bee1a285732a arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator
fb0bea59d078 arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply
8853aab16787 mailbox: mpfs: switch to txdone_poll
623275db2841 drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe()
5a8aedb7b9fe ACPI: VIOT: Initialize the correct IOMMU fwspec
111af9798356 firmware: arm_scmi: Fix xfers allocation on Rx channel
657776d47bed ARM: dts: gta04: fix excess dma channel usage
d3047a1b0422 drm: rcar-du: Fix a NULL vs IS_ERR() bug
3cfaa8713e8b mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data
60cadfcfa44c ACPI: processor: Fix evaluating _PDC method when running as Xen dom0
aa8d52ddf7c8 drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings
d28ec12c48dd drm: msm: adreno: Disable preemption on Adreno 510
2ad781393eb3 drm/msm/adreno: drop bogus pm_runtime_set_active()
86c1a99528c6 drm/msm/adreno: Defer enabling runpm until hw_init()
1ad4b8c4552b media: max9286: Free control handler
3d7003c400ca drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535
a3ea89b5978d firmware: qcom_scm: Clear download bit during reboot
ca4ce92e3ec9 media: av7110: prevent underflow in write_ts_to_decoder()
519b08494011 media: bdisp: Add missing check for create_workqueue
11c58a0c1937 x86/MCE/AMD: Use an u64 for bank_map
88a9d3c0b59a ARM: dts: qcom: ipq8064: Fix the PCI I/O port range
112ff0f25305 ARM: dts: qcom: ipq8064: reduce pci IO size to 64K
99e7b14569da ARM: dts: qcom: ipq4019: Fix the PCI I/O port range
96158bfc764f arm64: dts: qcom: sm8250: Fix the PCI I/O port range
cc1ae8710ac4 arm64: dts: qcom: msm8996: Fix the PCI I/O port range
656657bdeb8a arm64: dts: qcom: ipq6018: Fix the PCI I/O port range
a19c40b97908 arm64: dts: qcom: ipq8074: Fix the PCI I/O port range
9f89689d8b9d arm64: dts: qcom: msm8998: Fix the PCI I/O port range
16111402966e arm64: dts: qcom: sdm845: Fix the PCI I/O port range
3e7be9b63264 arm64: dts: qcom: sdm845: correct dynamic power coefficients
a9e9a4a62725 arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name
a46878476c55 arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename
1994284cb922 arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name
6ae67829fa5e arm64: dts: Move BCM4908 dts to bcmbca folder
fe8ab85ed495 arm64: dts: Add base DTS file for bcmbca device Asus GT-AX6000
aefde9ada466 ARM64: dts: Add DTS files for bcmbca SoC BCM6858
273be36e4209 arm64: dts: Add DTS files for bcmbca SoC BCM4912
fe07b3b5af01 arm64: dts: Add DTS files for bcmbca SoC BCM63158
77112d23a671 arm64: dts: broadcom: bcm4908: add DT for Netgear RAXE500
a53862a20239 arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property
e3143e6cca0a regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted
30b4edaf221d EDAC/skx: Fix overflows on the DRAM row address mapping arrays
d450fa865750 drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources
62cd3e056123 arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
667c86b2a941 arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
6a50350033e0 soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
fb2a6e00291a tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007
00f79abccc5b drm/probe-helper: Cancel previous job before starting new one
9fde84fb59e5 drm/vgem: add missing mutex_destroy
a51b71af169f drm/rockchip: Drop unbalanced obj unref
0834a2b554e5 erofs: fix potential overflow calculating xattr_isize
060fecf1114f erofs: stop parsing non-compact HEAD index if clusterofs is invalid
5a37916d988e tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
46da635566dc tpm, tpm: Implement usage counter for locality
51162b05a44c tpm, tpm_tis: Claim locality before writing interrupt registers
b665edd7a585 tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
fd9b4b2bff6b tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
8c08c74de718 tpm, tpm_tis: Do not skip reset of original interrupt vector
dfa1e84b774c selinux: ensure av_permissions.h is built when needed
8a3a1f7b54b8 selinux: fix Makefile dependencies of flask.h
08e403705778 selftests/resctrl: Check for return value after write_schemata()
25661fe5f658 selftests/resctrl: Allow ->setup() to return errors
b5adaf5045d0 selftests/resctrl: Move ->setup() call outside of test specific branches
f9eeea03a5e7 selftests/resctrl: Extend CPU vendor detection
ebd40f52de19 selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
988901984ddd rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
74f06429b727 sound/oss/dmasound: fix build when drivers are mixed =y/=m
c628b07d5974 xfs: don't consider future format versions valid
ce840284929b ubifs: Free memory for tmpfile name
20ef288612e5 ubi: Fix return value overwrite issue in try_write_vid_and_data()
3ae75f82c33f ubifs: Fix memleak when insert_old_idx() failed
149ea56995c2 Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
dc299bd1d5c4 iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
b7bc8f6c8a31 tracing: Fix permissions for the buffer_percent file
b91a5aa1e7ea riscv: mm: remove redundant parameter of create_fdt_early_page_table
ec1814116fa4 i2c: omap: Fix standard mode false ACK readings
671f21fbcb47 ksmbd: fix memleak in session setup
227eb2689b44 ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
c053e389db0d ksmbd: call rcu_barrier() in ksmbd_server_exit()
2db4b91480b2 writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
0b46ee654a9d relayfs: fix out-of-bounds access in relay_file_read
a18bdaca46d0 KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
a79fb2ce4fbe reiserfs: Add security prefix to xattr name in reiserfs_security_write()
4c3d1a6720ae rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed
09e177d6f7ed crypto: safexcel - Cleanup ring IRQ workqueues on load failure
63b7fbaa1278 crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
c63741e872fc ring-buffer: Sync IRQ works before buffer destruction
333f49fcf0e7 pinctrl: qcom: lpass-lpi: set output value before enabling output
3028ac7dc0c0 soundwire: qcom: correct setting ignore bit on v1.5.1
01fefb82fd79 pwm: meson: Fix g12a ao clk81 name
dcf6611e80f9 pwm: meson: Fix axg ao mux parents
2104e15b0072 wifi: mt76: add missing locking to protect against concurrent rx/status calls
4a07d2d511e2 kheaders: Use array declaration instead of char
99d561199bf8 ipmi: fix SSIF not responding under certain cond.
8fddbd9c5c86 ipmi:ssif: Add send_retries increment
3ef93b7bd9e0 MIPS: fw: Allow firmware to pass a empty env
e047e40676d1 tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
9c0b37d0da47 xhci: fix debugfs register accesses while suspended
321e16a5709e tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
fa30909fbd1f staging: iio: resolver: ads1210: fix config mode
ac44e1275dae ext4: use ext4_journal_start/stop for fast commit transactions
5bb4005fb667 blk-crypto: make blk_crypto_evict_key() more robust
f8d9d6c3ffcc blk-crypto: make blk_crypto_evict_key() return void
d206f79d9cd6 blk-mq: release crypto keyslot before reporting I/O complete
2c62f4abd714 posix-cpu-timers: Implement the missing timer_wait_running callback
dca7427a8b12 hwmon: (adt7475) Use device_property APIs when configuring polarity
d50321946ec0 hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
d40fa6f78835 USB: dwc3: fix runtime pm imbalance on unbind
9436221ea250 USB: dwc3: fix runtime pm imbalance on probe errors
bfd693628192 IMA: allow/fix UML builds
c23e103fd736 PCI: qcom: Fix the incorrect register usage in v2.7.0 config
8a0b61e5a7d2 PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
402d2b1d54b7 arm64: Stash shadow stack pointer in the task struct on interrupt
21cc4e5304d2 arm64: Always load shadow stack pointer directly from the task struct
a00f75f71fca wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
a646556769e1 wireguard: timers: cast enum limits members to int in prints
95ec7a59ceb2 x86/cpu: Add model number for Intel Arrow Lake processor
520820400608 asm-generic/io.h: suppress endianness warnings for readq() and writeq()
5e3c87e4d3bd selftests mount: Fix mount_setattr_test builds failed
e1383b440132 ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
21976532f274 iio: adc: palmas_gpadc: fix NULL dereference on rmmod
50015dbdec70 x86/hyperv: Block root partition functionality in a Confidential VM
a7d91f67a10a ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
cf5b14b8de0d ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 5425b3557b6efdba07bd3efa51c647bd62d5259b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index d719a959d6..6e2af48543 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "91c85a978457d009bb57ec0a0867afe4ff7c8278"
-SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
+SRCREV_machine ?= "b7b557241341ae3bd6dc793eac41232739778578"
+SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.110"
+LINUX_VERSION ?= "5.15.111"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 88af7d2ee7..7717b2d6a0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.110"
+LINUX_VERSION ?= "5.15.111"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "37cc630d5574860de0b48e67fca03d8cb7d2a260"
-SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
+SRCREV_machine ?= "a2c822d25ca2ddf1df5317a88d2319cb50330de4"
+SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 9c531ab4da..2019a07c07 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "c9c4163f1d7a05a8a9e74f519ec7acc54259f53b"
-SRCREV_machine:qemuarm64 ?= "1cbfaca7888ffe8f6ce58987080a86b48161ce44"
-SRCREV_machine:qemumips ?= "9d83787163c68c2390136915fcfbf3e781d56874"
-SRCREV_machine:qemuppc ?= "a6d06d797ba2ae6c391898a42fced6c3eb71aad0"
-SRCREV_machine:qemuriscv64 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
-SRCREV_machine:qemuriscv32 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
-SRCREV_machine:qemux86 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
-SRCREV_machine:qemux86-64 ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
-SRCREV_machine:qemumips64 ?= "577bbb0ffdafbe77c802b1ff6cd09beec4cf0302"
-SRCREV_machine ?= "4399f7dbd01bd141ad6033438eb818820322ef13"
-SRCREV_meta ?= "8ce5ee0184fb213962a82ca5ee8c74851452e260"
+SRCREV_machine:qemuarm ?= "6bea924ca14afde95155405061b7a38698b627bb"
+SRCREV_machine:qemuarm64 ?= "61af9ffc157af5a77c0df7f2a9c672e96d2dbbd9"
+SRCREV_machine:qemumips ?= "44a1952d813a46156aa652da567537a4c49cd257"
+SRCREV_machine:qemuppc ?= "931fcfcbb0537ff882718af07d0941ac4d571361"
+SRCREV_machine:qemuriscv64 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
+SRCREV_machine:qemuriscv32 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
+SRCREV_machine:qemux86 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
+SRCREV_machine:qemux86-64 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
+SRCREV_machine:qemumips64 ?= "081f014de8e7c8ff3627e54fdd5149f573df34e9"
+SRCREV_machine ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
+SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "8a7f2a5c5aa1648edb4f2029c6ec33870afb7a95"
+SRCREV_machine:class-devupstream ?= "b0ece631f84a3e70341496b000b094b7dfdf4e5f"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.110"
+LINUX_VERSION ?= "5.15.111"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 13/18] linux-yocto/5.15: update to v5.15.112
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (11 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 12/18] linux-yocto/5.15: update to v5.15.111 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 14/18] linux-yocto/5.15: update to v5.15.113 Steve Sakoman
` (5 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
9d6bde853685 Linux 5.15.112
0788273bd0a6 drm/amd/display: Fix hang when skipping modeset
de9a3ed42333 RISC-V: Fix up a cherry-pick warning in setup_vm_final()
3c9b08a16978 drbd: correctly submit flush bio on barrier
d0bcf6caa280 serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
0b401c2cccc5 drm/msm/adreno: adreno_gpu: Use suspend() instead of idle() on load error
8beaa3cb293a ext4: fix invalid free tracking in ext4_xattr_move_to_block()
978e5e9111af ext4: remove a BUG_ON in ext4_mb_release_group_pa()
2b3b8f18c0dc ext4: bail out of ext4_xattr_ibody_get() fails for any reason
f22b274429e8 ext4: add bounds checking in get_max_inline_xattr_value_size()
640c8c365999 ext4: fix deadlock when converting an inline directory in nojournal mode
b2531936118d ext4: improve error handling from ext4_dirhash()
b2f1314e6e36 ext4: improve error recovery code paths in __ext4_remount()
5f7d66e5e557 ext4: check iomap type only if ext4_iomap_begin() does not fail
f5e687698c6d ext4: fix data races when using cached status extents
6d9a705a653e ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
d55e76e11592 ext4: fix WARNING in mb_find_extent
c5c385baee9b locking/rwsem: Add __always_inline annotation to __down_read_common() and inlined callers
ed76d3a8910b ksmbd: not allow guest user on multichannel
4f9baa066749 ksmbd: fix deadlock in ksmbd_find_crypto_ctx()
bc77a6e93306 ksmbd: fix racy issue while destroying session on multichannel
a89ff57e4da1 ksmbd: fix kernel oops from idr_remove()
876a7e3b58e3 ksmbd: add channel rwlock
05cbc9806ae8 ksmbd: replace sessions list in connection with xarray
f86a1a74d9a7 ksmbd: fix multi session connection failure
bb3b772f186c ksmbd: set RSS capable in FSCTL_QUERY_NETWORK_INTERFACE_INFO
2456e2889c77 wifi: rtw88: rtw8821c: Fix rfe_option field width
615aff165bda drm/amd/display: Add NULL plane_state check for cursor disable logic
c11b90aced1a drm/amd/display: Refine condition of cursor visibility for pipe-split
bf16debcda5c drm/msm/adreno: fix runtime PM imbalance at gpu load
bac00e57cd5e drm/msm: Remove struct_mutex usage
17eeeac92b47 drm/i915/dg2: Add HDMI pixel clock frequencies 267.30 and 319.89 MHz
6d5e6d5a70e2 drm/i915/dg2: Add additional HDMI pixel clock frequencies
06af228515d1 drm/i915/dg2: Support 4k@30 on HDMI
a63c6b1eed9a ASoC: soc-pcm.c: call __soc_pcm_close() in soc_pcm_close()
aa803e6ecac7 ASoC: DPCM: Don't pick up BE without substream
44b685c4bab3 ASoC: soc-pcm: Move debugfs removal out of spinlock
0d5017dea0c6 ASoC: soc-compress: Inherit atomicity from DAI link for Compress FE
a536c367b0d8 ASoC: soc-pcm: Fix DPCM lockdep warning due to nested stream locks
e2e5b8c72998 fs/ntfs3: Refactoring of various minor issues
5047a228d4c8 HID: wacom: insert timestamp to packed Bluetooth (BT) events
db587340a004 HID: wacom: Set a default resolution for older tablets
823787470e32 drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
b39ba90d69ee drm/amdgpu: Fix vram recover doesn't work after whole GPU reset (v2)
cd3c0f7013c3 drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras
6d4b6abedd2d drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini()
db307e725d5b drm/amd/display: fix flickering caused by S/G mode
61b694b742fb drm/panel: otm8009a: Set backlight parent to panel device
8f57f3e112cf f2fs: fix potential corruption when moving a directory
e2d1cc82ad50 drm/msm: fix NULL-deref on irq uninstall
8f0e1ad5327a drm/msm: fix NULL-deref on snapshot tear down
74543041c03e drm/bridge: lt8912b: Fix DSI Video Mode
9d79ccd97199 ARM: dts: s5pv210: correct MIPI CSIS clock name
137259261cd0 ARM: dts: exynos: fix WM8960 clock name in Itop Elite
eb15fb94d44a remoteproc: imx_rproc: Call of_node_put() on iteration error
de26e064ed9e remoteproc: st: Call of_node_put() on iteration error
8915e44eb3fb remoteproc: stm32: Call of_node_put() on iteration error
975b80702f0e sh: nmi_debug: fix return value of __setup handler
66dbc361214d sh: init: use OF_EARLY_FLATTREE for early init
bb870c4b73d2 sh: mcount.S: fix build error when PRINTK is not enabled
be95f9ebaf10 sh: math-emu: fix macro redefined warning
9fdf3666e3f1 SMB3: force unmount was failing to close deferred close files
c3a0ae5259ea smb3: fix problem remounting a share after shutdown
17ad86d8c122 inotify: Avoid reporting event with invalid wd
e51cd74e32d2 platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i
21de866f75de platform/x86: touchscreen_dmi: Add upside-down quirk for GDIX1002 ts on the Juno Tablet
5af78b437cd3 cifs: release leases for deferred close handles when freezing
f43b5573cddc cifs: fix pcchunk length type in smb2_copychunk_range
69dfa5a2e89d btrfs: fix space cache inconsistency after error loading it from disk
e0710a49799f btrfs: print-tree: parent bytenr must be aligned to sector size
bcc401bb8678 btrfs: zero the buffer before marking it dirty in btrfs_redirty_list_add
f264be24146b btrfs: don't free qgroup space unless specified
29478148bb3b btrfs: fix encoded write i_size corruption with no-holes
91f585024e3e btrfs: zoned: fix wrong use of bitops API in btrfs_ensure_empty_zones
77c6323dad14 btrfs: fix btrfs_prev_leaf() to not return the same key twice
b13e20cc58e4 perf stat: Separate bperf from bpf_profiler
2baa45d8f55e perf evlist: Refactor evlist__for_each_cpu()
871149abc1b9 perf symbols: Fix return incorrect build_id size in elf_read_build_id()
f716374c4e21 crypto: engine - fix crypto_queue backlog handling
fa4e304bbd8a crypto: engine - Use crypto_request_complete
e7ce4ba11635 crypto: api - Add scaffolding to change completion function signature
a8cc4d5adfe5 crypto: engine - check if BH is disabled during completion
7b36a06bacf7 crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs()
b6e2d1e253a4 perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp()
4f128167e64b perf pmu: zfree() expects a pointer to a pointer to zero it after freeing its contents
e685e2e2bd14 perf vendor events power9: Remove UTF-8 characters from JSON files
a6ef72c38c23 perf scripts intel-pt-events.py: Fix IPC output for Python 2
53f7b55f6b3a net: enetc: check the index of the SFI rather than the handle
a0cb00295dbe virtio_net: suppress cpu stall when free_unused_bufs
b4e16ea5f146 virtio_net: split free_unused_bufs()
f495e435e588 net: dsa: mt7530: fix corrupt frames using trgmii on 40 MHz XTAL MT7621
dfad4eb4c4d8 ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init`
10c5ea39573d drm/amdgpu: add a missing lock for AMDGPU_SCHED
54c466c60e23 af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
c177dd465f5c ionic: catch failure from devlink_alloc
da81af0ef809 ethtool: Fix uninitialized number of lanes
27b0d1b81f82 ionic: remove noise from ethtool rxnfc error msg
d37f6a832331 octeontx2-vf: Detach LF resources on probe cleanup
00e985958b3e octeontx2-pf: Disable packet I/O for graceful exit
b5ad803dec80 octeontx2-af: Skip PFs if not enabled
e39148d3d719 octeontx2-af: Secure APR table update with the lock
a895ab54afce rxrpc: Fix hard call timeout units
f5b44b2a17ca sfc: Fix module EEPROM reporting for QSFP modules
98a20dceddf6 r8152: move setting r8153b_rx_agg_chg_indicate()
4fbf19a5bd31 r8152: fix the poor throughput for 2.5G devices
d0ebe36065a8 r8152: fix flow control issue of RTL8156A
55aeff5361e6 net/sched: act_mirred: Add carrier check
59bf62f0ed7e RISC-V: mm: Enable huge page support to kernel_page_present() function
cc4ae807dbef watchdog: dw_wdt: Fix the error handling path of dw_wdt_drv_probe()
b36cc1c39448 writeback: fix call of incorrect macro
f98f2ac30f75 net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu
56444f30619b selftests: srv6: make srv6_end_dt46_l3vpn_test more robust
c5ce7c4517d6 sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
cb145932fcf6 net/sched: cls_api: remove block_cb from driver_list before freeing
480577d419f9 net/ncsi: clear Tx enable mode when handling a Config required AEN
5e756a59cee6 scsi: qedi: Fix use after free bug in qedi_remove()
fd6204d7724a drm/hyperv: Don't overwrite dirt_needed value set by host
f8d9e062a695 fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
ce30b2f48b65 ASoC: soc-pcm: fix BE handling of PAUSE_RELEASE
74201b3c3e52 ASoC: soc-pcm: test refcount before triggering
2cf8c9f883de ASoC: soc-pcm: serialize BE triggers
703ebcf64aac ASoC: soc-pcm: Fix and cleanup DPCM locking
c474bb800000 ASoC: soc-pcm: align BE 'atomicity' with that of the FE
13390bea97a4 ASoC: soc-pcm: use GFP_ATOMIC for dpcm structure
25361a0155a1 mailbox: zynqmp: Fix counts of child nodes
f9dd36311bd5 mailbox: zynq: Switch to flexible array to simplify code
2343385fe6ee bus: mhi: host: Range check CHDBOFF and ERDBOFF
a7561c04adb1 bus: mhi: host: Use mhi_tryset_pm_state() for setting fw error state
7517f62ea073 bus: mhi: host: Remove duplicate ee check for syserr
9fbf10148f31 bus: mhi: Move host MHI code to "host" directory
43b2f7d69069 ubifs: Fix memory leak in do_rename
9933a9086cea ubifs: Fix AA deadlock when setting xattr for encrypted file
21ad89e197dd crypto: ccp - Clear PSP interrupt status register before calling handler
93f8b664031b ring-buffer: Ensure proper resetting of atomic variables in ring_buffer_reset_online_cpus
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 276039dd77ad0e6276d4e4688db65150fced3d5f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 6e2af48543..c3f3fe7f39 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "b7b557241341ae3bd6dc793eac41232739778578"
-SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
+SRCREV_machine ?= "2424be7d485ac0bbcbca912b1a6cd4a79e5bab38"
+SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.111"
+LINUX_VERSION ?= "5.15.112"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 7717b2d6a0..5539131652 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.111"
+LINUX_VERSION ?= "5.15.112"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "a2c822d25ca2ddf1df5317a88d2319cb50330de4"
-SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
+SRCREV_machine ?= "b521a0dd3eb1941526d1cc853a81c60182f08e10"
+SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 2019a07c07..2fdb5759f5 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "6bea924ca14afde95155405061b7a38698b627bb"
-SRCREV_machine:qemuarm64 ?= "61af9ffc157af5a77c0df7f2a9c672e96d2dbbd9"
-SRCREV_machine:qemumips ?= "44a1952d813a46156aa652da567537a4c49cd257"
-SRCREV_machine:qemuppc ?= "931fcfcbb0537ff882718af07d0941ac4d571361"
-SRCREV_machine:qemuriscv64 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
-SRCREV_machine:qemuriscv32 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
-SRCREV_machine:qemux86 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
-SRCREV_machine:qemux86-64 ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
-SRCREV_machine:qemumips64 ?= "081f014de8e7c8ff3627e54fdd5149f573df34e9"
-SRCREV_machine ?= "aebcdb3f8bdb1a08ca6032d8369edd3f9bf86251"
-SRCREV_meta ?= "e316987285bb86fec4c567569c4977d264599c0a"
+SRCREV_machine:qemuarm ?= "9d59e27807dc264aa457efb8f808d5d246af0de2"
+SRCREV_machine:qemuarm64 ?= "795baaef531bf613f908372e46f0aa02e7f0c033"
+SRCREV_machine:qemumips ?= "240c1a6921778edceeddb57c666c1ad39eb99ab8"
+SRCREV_machine:qemuppc ?= "e62acaa3576f120915a766812d4f57e9b472d132"
+SRCREV_machine:qemuriscv64 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
+SRCREV_machine:qemuriscv32 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
+SRCREV_machine:qemux86 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
+SRCREV_machine:qemux86-64 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
+SRCREV_machine:qemumips64 ?= "943c52494237f510c59592bc3c10858b1fde736c"
+SRCREV_machine ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
+SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "b0ece631f84a3e70341496b000b094b7dfdf4e5f"
+SRCREV_machine:class-devupstream ?= "9d6bde853685609a631871d7c12be94fdf8d912e"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.111"
+LINUX_VERSION ?= "5.15.112"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 14/18] linux-yocto/5.15: update to v5.15.113
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (12 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 13/18] linux-yocto/5.15: update to v5.15.112 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 15/18] vim: upgrade 9.0.1429 -> 9.0.1527 Steve Sakoman
` (4 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
1fe619a7d252 Linux 5.15.113
7de20a23e52a HID: wacom: add three styli to wacom_intuos_get_tool_type
25b835d40838 HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs
a540aabefa9b HID: wacom: Force pen out of prox if no events have been received in a while
b4c7b54b83f6 s390/qdio: fix do_sqbs() inline assembly constraint
b8427b8522d9 nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()
cafdd9cefc5b powerpc/64s/radix: Fix soft dirty tracking
fe59dd824fad tpm/tpm_tis: Disable interrupts for more Lenovo devices
b9eb4491f0c9 powerpc/iommu: Incorrect DDW Table is referenced for SR-IOV device
317ee8c54faa ceph: force updating the msg pointer in non-split case
e3d1adcad5b7 vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
03e39ec73941 thunderbolt: Clear registers properly when auto clear isn't in use
742ed5bb683e serial: qcom-geni: fix enabling deactivated interrupt
6960267e7d0b serial: 8250_exar: Add support for USR298x PCI Modems
7d8873ecbd3c serial: Add support for Advantech PCI-1611U card
51d90382d241 statfs: enforce statfs[64] structure initialization
865be1cff2c0 ksmbd: fix global-out-of-bounds in smb2_find_context_vals
7657321b2624 ksmbd: fix wrong UserName check in session_user
61e043326e72 ksmbd: allocate one more byte for implied bcc[0]
1c2461b41f30 ksmbd: smb2: Allow messages padded to 8byte boundary
49f47945386e SMB3: drop reference to cfile before sending oplock break
653d30a1512c SMB3: Close all deferred handles of inode in case of handle lease break
972a33e6cc76 can: kvaser_pciefd: Disable interrupts in probe error path
143623940a03 can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt
c724a6edc1c6 can: kvaser_pciefd: Clear listen-only bit if not explicitly requested
f04628305cac can: kvaser_pciefd: Empty SRB buffer in probe
da711a8af0fa can: kvaser_pciefd: Call request_irq() before enabling interrupts
4857ccfbe283 can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop()
9ac2448c24a9 can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag
a17cf315f246 can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag
83af0876040b ALSA: hda/realtek: Add quirk for 2nd ASUS GU603
cc1924ab21d7 ALSA: hda/realtek: Add a quirk for HP EliteDesk 805
3a32c5149461 ALSA: hda/realtek: Add quirk for Clevo L140AU
059a18e95e06 ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table
e8c7d7c43d5e ALSA: hda: Fix Oops by 9.1 surround channel names
831a1ffb0a93 xhci: Fix incorrect tracking of free space on transfer rings
4c5c4870694b xhci-pci: Only run d3cold avoidance quirk for s2idle
fc0e18f95c88 usb: typec: altmodes/displayport: fix pin_assignment_show
0ed9257a8ab9 usb: gadget: u_ether: Fix host MAC address case
c51a131cacf4 usb: dwc3: debugfs: Resume dwc3 before accessing registers
720be29c7d1c USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value
2ef3ecff0907 usb-storage: fix deadlock when a scsi command timeouts more than once
3b43d9df27a7 USB: usbtmc: Fix direction for 0-length ioctl control messages
15d744133218 ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go
62499cf3ddd7 bridge: always declare tunnel functions
ec5caa765f7f netfilter: nft_set_rbtree: fix null deref on element insertion
b0cc763806c0 netfilter: nf_tables: fix nft_trans type confusion
addaba68018b vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit()
3a0450d38a3e igb: fix bit_shift to be in [1..8] range
c15c3bb90c9a net: dsa: mv88e6xxx: Fix mv88e6393x EPC write command offset
234e744d86bd cassini: Fix a memory leak in the error handling path of cas_init_one()
76a7cd047b3a scsi: storvsc: Don't pass unused PFNs to Hyper-V host
05ad5a4d421c wifi: iwlwifi: mvm: don't trust firmware n_channels
d66490c29364 wifi: iwlwifi: mvm: fix cancel_delayed_work_sync() deadlock
fce7d92a8990 wifi: mac80211: fix min center freq offset tracing
fd8bc0f581af net: bcmgenet: Restore phy_stop() depending upon suspend/close
99c5acfd1f6a net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop()
ed1283c46d90 s390/cio: include subchannels without devices also for evaluation
673cb4798921 tipc: check the bearer min mtu properly when setting it by netlink
575e84d90a74 tipc: do not update mtu if msg_max is too small in mtu negotiation
5cf99d5f656a tipc: add tipc_bearer_min_mtu to calculate min mtu
6a7690f2bd17 virtio_net: Fix error unwinding of XDP initialization
18c0bd6888b3 virtio-net: Maintain reverse cleanup order
cdd8160dcda1 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
f51d15d9bc41 drm/exynos: fix g2d_open/close helper function definitions
45a158a212d9 SUNRPC: Fix trace_svc_register() call site
1c28b206ae49 SUNRPC: always free ctxt when freeing deferred request
54832355b0b1 SUNRPC: Remove svc_rqst::rq_xprt_hlen
7a1dca013124 SUNRPC: Remove dead code in svc_tcp_release_rqst()
9712097e89b2 SUNRPC: Clean up svc_deferred_class trace events
8c26ecd887ef tracing: Introduce helpers to safely handle dynamic-sized sockaddrs
7851771789e8 SUNRPC: double free xprt_ctxt while still in use
051af3f0b7d1 media: netup_unidvb: fix use-after-free at del_timer()
8e37baf62181 net: hns3: fix reset delay time to avoid configuration timeout
aaf7c7d8448f net: hns3: fix sending pfc frames after reset issue
56640004ee56 net: hns3: fix output information incomplete for dumping tx queue info with debugfs
98e964801811 erspan: get the proto with the md version for collect_md
5258395e67fe serial: 8250_bcm7271: fix leak in `brcmuart_probe`
cc2f7cee933f serial: 8250_bcm7271: balance clk_enable calls
f76a18e53a66 serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
15251e783a4b tcp: fix possible sk_priority leak in tcp_v4_send_reset()
2832d6244634 vsock: avoid to close connected socket after the timeout
2c1617dc6dab ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15
bbb5ac533ca6 ALSA: firewire-digi00x: prevent potential use after free
81c843152422 net: phy: dp83867: add w/a for packet errors seen with short cables
c1bc2870f14e net: fec: Better handle pm_runtime_get() failing in .remove()
b598e76b49cc selftets: seg6: disable rp_filter by default in srv6_end_dt4_l3vpn_test
5041897b9f0f selftests: seg6: disable DAD on IPv6 router cfg for srv6_end_dt4_l3vpn_test
d6c89d776be2 af_key: Reject optional tunnel/BEET mode templates in outbound policies
19457a4423a3 cpupower: Make TSC read per CPU for Mperf monitor
3a4ff14b0ecb ASoC: fsl_micfil: Fix error handler with pm_runtime_enable
a2e5a77ae3c3 dt-bindings: display/msm: dsi-controller-main: Document qcom, master-dsi and qcom, sync-dual-dsi
e1c9c7482e31 drm/msm/dpu: Remove duplicate register defines from INTF
85eb9aef4fb5 drm/msm/dpu: Move non-MDP_TOP INTF_INTR offsets out of hwio header
b688a4115bdf drm/msm/dpu: Add INTF_5 interrupts
d8a291e39af2 drm/msm/dp: unregister audio driver during unbind
288247879f4e Revert "Fix XFRM-I support for nested ESP tunnels"
46f1a953545f xfrm: don't check the default policy if the policy allows the packet
98f179c5b072 platform/x86: hp-wmi: add micmute to hp_wmi_keymap struct
a832a43fdd95 platform/x86: Move existing HP drivers to a new hp subdir
df14d64b36b1 platform/x86: hp-wmi: Support touchpad on/off
6158e958e824 parisc: Replace regular spinlock with spin_trylock on panic path
1fa3fb4f7018 mfd: dln2: Fix memory leak in dln2_probe()
c9faa002ea4b soundwire: qcom: gracefully handle too many ports in DT
b61382a825c0 phy: st: miphy28lp: use _poll_timeout functions for waits
dc9c54d34dbd Input: xpad - add constants for GIP interface numbers
92c089a931fd iommu/sprd: Release dma buffer to avoid memory leak
a2bc5241ee14 iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
aa50d0a460cc clk: tegra20: fix gcc-7 constant overflow warning
20f9bfc664d6 fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()
85afd3007465 fs/ntfs3: Add length check in indx_get_root
2a67f26f70ab fs/ntfs3: Validate MFT flags before replaying logs
d4b744825295 fs/ntfs3: Fix NULL dereference in ni_write_inode
1fd5b80c9339 fs/ntfs3: Enhance the attribute size check
6d3d3283e6b4 fs/ntfs3: Fix NULL pointer dereference in 'ni_write_inode'
8ebcbd1811b8 iommu/arm-smmu-qcom: Limit the SMR groups to 128
036e02dfd515 RDMA/core: Fix multiple -Warray-bounds warnings
ff70ad9159fb recordmcount: Fix memory leaks in the uwrite function
f3458b84c627 sched: Fix KCSAN noinstr violation
0652b54957ff mcb-pci: Reallocate memory region to avoid memory overlapping
1ba5594739d8 serial: 8250: Reinit port->pm on port specific driver unbind
ee009c2abc44 usb: typec: tcpm: fix multiple times discover svids error
973f84956b2c HID: wacom: generic: Set battery quirk only when we see battery data
b2069cfe1b33 spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3
6293d0533cfe HID: logitech-hidpp: Reconcile USB and Unifying serials
3f1719790cc3 HID: logitech-hidpp: Don't use the USB serial for USB devices
a97e60bd2896 staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE
116b9c002c89 Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
392a06f965fe Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set
c018360885f0 Bluetooth: btintel: Add LE States quirk support
7aa14a7a3a85 ipvs: Update width of source for ip_vs_sync_conn_options
52851d0c3354 nbd: fix incomplete validation of ioctl arg
3d3f8fe01a01 wifi: ath11k: Fix SKB corruption in REO destination ring
87940e4030e4 wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
35e304dbcefa null_blk: Always check queue mode setting from configfs
82f877ec9b04 wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf
7545f21eee13 wifi: iwlwifi: pcie: fix possible NULL pointer dereference
095018267c87 bpf: Add preempt_count_{sub,add} into btf id deny list
e3e6e252d74f samples/bpf: Fix fout leak in hbm's run_bpf_prog
e2759a59a4cc f2fs: fix to check readonly condition correctly
d8f4ad5f3979 f2fs: fix to drop all dirty pages during umount() if cp_error is set
613f6cde5ebb ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()
bc4a3e1d07a8 ext4: set goal start correctly in ext4_mb_normalize_request
203e8875d294 scsi: ufs: ufs-pci: Add support for Intel Lunar Lake
71ee06193ed7 gfs2: Fix inode height consistency check
e84282efc87f scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
c6ed54dd9069 lib: cpu_rmap: Avoid use after free on rmap->obj array entries
1911cca5916b scsi: target: iscsit: Free cmds before session free
a6f9f53d73bf net: Catch invalid index in XPS mapping
e3644d15d74a net: pasemi: Fix return type of pasemi_mac_start_tx()
d5eaf2a6b077 bnxt: avoid overflow in bnxt_get_nvram_directory()
f91037487036 scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow
99f8a15af6c9 ext2: Check block size validity during mount
e242c66f7ecf wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
fe913db2acef bpf: Annotate data races in bpf_local_storage
aa186074b6f2 wifi: ath: Silence memcpy run-time false positive warning
9f87ee85ce1d media: Prefer designated initializers over memset for subdev pad ops
66acfe798cd0 drm/amd: Fix an out of bounds error in BIOS parser
d997c920a530 ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
3a7a4aa3958c ACPICA: Avoid undefined behavior: applying zero offset to null pointer
0aa3d558f14e drm/msm/dp: Clean up handling of DP AUX interrupts
33cc6ef106c9 drm/tegra: Avoid potential 32-bit integer overflow
19882a49b242 remoteproc: stm32_rproc: Add mutex protection for workqueue
f4a573eed637 ACPI: EC: Fix oops when removing custom query handlers
66caf2278771 firmware: arm_sdei: Fix sleep from invalid context BUG
162a9b321538 memstick: r592: Fix UAF bug in r592_remove due to race condition
dcf632bca424 media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish
f0a06203f2fe media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and buffer_finish()
c12733784112 arm64: dts: qcom: msm8996: Add missing DWC3 quirks
15856ab95617 regmap: cache: Return error in cache sync operations for REGCACHE_NONE
e9c5fc4f3f35 drm/amd/display: Use DC_LOG_DC in the trasform pixel function
9fd5be74b38f drm/displayid: add displayid_get_header() and check bounds better
37cab61a52d6 fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
e30a55e98ae6 rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access
718b66c5eb65 refscale: Move shutdown from wait_event() to wait_event_idle()
620a3c28221b ext4: allow ext4_get_group_info() to fail
99f7ce0fac22 ext4: allow to find by goal if EXT4_MB_HINT_GOAL_ONLY is set
1de53f2223eb ext4: fix lockdep warning when enabling MMP
c53936d9fb35 ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
3f937d6615dd ext4: reflect error codes from ext4_multi_mount_protect() to its callers
1284253ce95a ext4: remove an unused variable warning with CONFIG_QUOTA=n
96b3233f42fb fbdev: arcfb: Fix error handling in arcfb_probe()
33b5890dfaf2 drm/i915/dp: prevent potential div-by-zero
a41559ae3681 af_unix: Fix data races around sk->sk_shutdown.
610fd07c1370 af_unix: Fix a data race of sk->sk_receive_queue->qlen.
62d43dd14b1d net: datagram: fix data-races in datagram_poll()
7c8be27727fe ipvlan:Fix out-of-bounds caused by unclear skb->cb
3c9d916e39ef gve: Remove the code of clearing PBA bit
43d938a82ed1 tcp: add annotations around sk->sk_shutdown accesses
9dd9ffe11841 net: add vlan_get_protocol_and_depth() helper
538b511bc54e net: deal with most data-races in sk_wait_event()
159a81d5e5a9 net: annotate sk->sk_err write from do_recvmmsg()
1d5c8b01f1df netlink: annotate accesses to nlk->cb_running
1a2b27f2d7ac netfilter: conntrack: fix possible bug_on with enable_hooks=1
8d56f00c61f6 netfilter: nf_tables: always release netdev hooks from notifier
de260d1e02cd net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
5f5549b99828 net: stmmac: Initialize MAC_ONEUS_TIC_COUNTER register
b0a513ba5b28 net: stmmac: switch to use interrupt for hw crosstimestamping
46e100be0f02 linux/dim: Do nothing if no time delta between samples
2fdce3e52dc3 tick/broadcast: Make broadcast device replacement work correctly
6e455b89f02c scsi: ufs: core: Fix I/O hang that occurs when BKOPS fails in W-LUN suspend
b614567e0dd8 net: mdio: mvusb: Fix an error handling path in mvusb_mdio_probe()
da3cd1a81d4e ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings
ac88a1f41f93 drm/mipi-dsi: Set the fwnode for mipi_dsi_device
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit e59689be96bb366233a10db22246751f484691fa)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index c3f3fe7f39..a17840cb8a 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "2424be7d485ac0bbcbca912b1a6cd4a79e5bab38"
-SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
+SRCREV_machine ?= "613a261b361c2f0d1e1428ad02dffe4e81d1a24b"
+SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.112"
+LINUX_VERSION ?= "5.15.113"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 5539131652..5f6d254970 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.112"
+LINUX_VERSION ?= "5.15.113"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "b521a0dd3eb1941526d1cc853a81c60182f08e10"
-SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
+SRCREV_machine ?= "cad8d3fd06feec26840453ddfd483216b4cf5b51"
+SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 2fdb5759f5..b123ec6a1f 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "9d59e27807dc264aa457efb8f808d5d246af0de2"
-SRCREV_machine:qemuarm64 ?= "795baaef531bf613f908372e46f0aa02e7f0c033"
-SRCREV_machine:qemumips ?= "240c1a6921778edceeddb57c666c1ad39eb99ab8"
-SRCREV_machine:qemuppc ?= "e62acaa3576f120915a766812d4f57e9b472d132"
-SRCREV_machine:qemuriscv64 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
-SRCREV_machine:qemuriscv32 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
-SRCREV_machine:qemux86 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
-SRCREV_machine:qemux86-64 ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
-SRCREV_machine:qemumips64 ?= "943c52494237f510c59592bc3c10858b1fde736c"
-SRCREV_machine ?= "4d4b7f0ffa7c815225722b8a3c8fe2fd3ebdb796"
-SRCREV_meta ?= "397c9face7f492ea6c6047499afcf6ef387d0513"
+SRCREV_machine:qemuarm ?= "8f55d1b405ec36812e15592bec1a471c4afa8dfa"
+SRCREV_machine:qemuarm64 ?= "6f43cd2bf083a3a6d77edd2ddd275b9c6c3adf63"
+SRCREV_machine:qemumips ?= "942912a383bbb5b1edb362c1da8f328c50e8e16a"
+SRCREV_machine:qemuppc ?= "9b2cc2b52ad546d07bcef0d6c76e657ff46140ce"
+SRCREV_machine:qemuriscv64 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91"
+SRCREV_machine:qemuriscv32 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91"
+SRCREV_machine:qemux86 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91"
+SRCREV_machine:qemux86-64 ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91"
+SRCREV_machine:qemumips64 ?= "570b02954e1cf598ba8792aa6127ddde7f2af647"
+SRCREV_machine ?= "934b0d629afd6e3bf31fcaeada9828b1f13dbd91"
+SRCREV_meta ?= "957ddf5f9d4bf5791e88a46ce9ec4352a6d0a171"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "9d6bde853685609a631871d7c12be94fdf8d912e"
+SRCREV_machine:class-devupstream ?= "1fe619a7d25218e9b9fdcce9fcac6a05cd62abed"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.112"
+LINUX_VERSION ?= "5.15.113"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 15/18] vim: upgrade 9.0.1429 -> 9.0.1527
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (13 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 14/18] linux-yocto/5.15: update to v5.15.113 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 16/18] systemd-systemctl: support instance expansion in WantedBy Steve Sakoman
` (3 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Randy MacLeod <Randy.MacLeod@windriver.com>
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4f9a8df5aca99d0a5c2d2346b27ce7be08e7896c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 1e27415288..e1d2563316 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://no-path-adjust.patch \
"
-PV .= ".1429"
-SRCREV = "1a08a3e2a584889f19b84a27672134649b73da58"
+PV .= ".1527"
+SRCREV = "c28e7a2b2f23dbd246a1ad7ad7aaa6f7ab2e5887"
# Remove when 8.3 is out
UPSTREAM_VERSION_UNKNOWN = "1"
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 16/18] systemd-systemctl: support instance expansion in WantedBy
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (14 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 15/18] vim: upgrade 9.0.1429 -> 9.0.1527 Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 17/18] e2fsprogs: fix ptest bug for second running Steve Sakoman
` (2 subsequent siblings)
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Ian Ray <ian.ray@ge.com>
Refactor _process_deps to expand systemd instance specifier "%i" to the
template instance.
This change expands on prior commit e510222b57 ("systemd-systemctl: fix
instance template WantedBy symlink construction") by substituting every
"%i" pattern-match with the instance name.
The regexp handles the following cases:
* svc-wants@%i.service
* sys-subsystem-net-devices-%i.device
Signed-off-by: Ian Ray <ian.ray@ge.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 9356276137267a29ae2289d796a2940918375308)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/systemd/systemd-systemctl/systemctl | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl b/meta/recipes-core/systemd/systemd-systemctl/systemctl
index 1c87beadad..c8b5c9efe3 100755
--- a/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -190,13 +190,8 @@ class SystemdUnit():
target = ROOT / location.relative_to(self.root)
try:
for dependent in config.get('Install', prop):
- # determine whether or not dependent is a template with an actual
- # instance (i.e. a '@%i')
- dependent_is_template = re.match(r"[^@]+@(?P<instance>[^\.]*)\.", dependent)
- if dependent_is_template:
- # if so, replace with the actual instance to achieve
- # svc-wants@a.service.wants/svc-wanted-by@a.service
- dependent = re.sub(dependent_is_template.group('instance'), instance, dependent, 1)
+ # expand any %i to instance (ignoring escape sequence %%)
+ dependent = re.sub("([^%](%%)*)%i", "\\1{}".format(instance), dependent)
wants = systemdir / "{}.{}".format(dependent, dirstem) / service
add_link(wants, target)
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 17/18] e2fsprogs: fix ptest bug for second running
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (15 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 16/18] systemd-systemctl: support instance expansion in WantedBy Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-06-19 2:55 ` [OE-core][kirkstone 18/18] Revert "ipk: Decode byte data to string in manifest handling" Steve Sakoman
2023-08-02 12:04 ` [OE-core][kirkstone 00/18] Patch review Marta Rybczynska
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Qiu Tingting <qiutt@fujitsu.com>
At second running, there are four new failed case:
d_loaddump f_bigalloc_badinode f_bigalloc_orphan_list f_dup_resize
The test_data.tmp is necessary, but it is deleted by run-ptest.
So it should be restored after testing.
Signed-off-by: Qiu Tingting <qiutt@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit d0d08dd9a8a179e25b9cfcbac696c1d212a1910c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/e2fsprogs/e2fsprogs/run-ptest | 1 +
meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb | 3 +++
2 files changed, 4 insertions(+)
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/run-ptest b/meta/recipes-devtools/e2fsprogs/e2fsprogs/run-ptest
index c97c0377e9..279923db8e 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs/run-ptest
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/run-ptest
@@ -8,3 +8,4 @@ rm -f *.tmp
rm -f *.ok
rm -f *.failed
rm -f *.log
+cp ../data/test_data.tmp ./
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
index 5b2d1921f0..68c620cf71 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.5.bb
@@ -141,4 +141,7 @@ do_install_ptest() {
install -d ${D}${PTEST_PATH}/lib
install -m 0644 ${B}/lib/config.h ${D}${PTEST_PATH}/lib/
+
+ install -d ${D}${PTEST_PATH}/data
+ install -m 0644 ${B}/tests/test_data.tmp ${D}${PTEST_PATH}/data/
}
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* [OE-core][kirkstone 18/18] Revert "ipk: Decode byte data to string in manifest handling"
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (16 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 17/18] e2fsprogs: fix ptest bug for second running Steve Sakoman
@ 2023-06-19 2:55 ` Steve Sakoman
2023-08-02 12:04 ` [OE-core][kirkstone 00/18] Patch review Marta Rybczynska
18 siblings, 0 replies; 24+ messages in thread
From: Steve Sakoman @ 2023-06-19 2:55 UTC (permalink / raw)
To: openembedded-core
From: Andrew Jeffery <andrew@aj.id.au>
cf9df9e8d89f ("ipk: Decode byte data to string in manifest handling")
did a bit of least-effort fix to a string vs byte sequence issue in the
manifest handling. The approach was chosen as it localised the fix,
rather than having to analyse further call sites.
However since then f2167ae80258 ("package_manager/ipk: do not pipe
stderr to stdout") was applied, reworking the output handling from the
subcommand. dummy_bytes() now returns a string, so stop trying to decode
it.
Fixes: f2167ae80258 ("package_manager/ipk: do not pipe stderr to stdout")
Cc: Curtis Meier <cmeier@us.ibm.com>
Cc: Pam Eggler <eggler@us.ibm.com>
(From OE-Core rev: b61739554780d70307d2b6b37d2b3b1c7df93c77)
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 07e5a6331be60d5e35d7336a6215a972ced6eb57)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oe/package_manager/ipk/manifest.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oe/package_manager/ipk/manifest.py b/meta/lib/oe/package_manager/ipk/manifest.py
index ae451c5c70..22669f97c0 100644
--- a/meta/lib/oe/package_manager/ipk/manifest.py
+++ b/meta/lib/oe/package_manager/ipk/manifest.py
@@ -62,7 +62,7 @@ class PkgManifest(Manifest):
if len(pkgs_to_install) == 0:
return
- output = pm.dummy_install(pkgs_to_install).decode('utf-8')
+ output = pm.dummy_install(pkgs_to_install)
with open(self.full_manifest, 'w+') as manifest:
pkg_re = re.compile('^Installing ([^ ]+) [^ ].*')
--
2.34.1
^ permalink raw reply related [flat|nested] 24+ messages in thread* Re: [OE-core][kirkstone 00/18] Patch review
2023-06-19 2:55 [OE-core][kirkstone 00/18] Patch review Steve Sakoman
` (17 preceding siblings ...)
2023-06-19 2:55 ` [OE-core][kirkstone 18/18] Revert "ipk: Decode byte data to string in manifest handling" Steve Sakoman
@ 2023-08-02 12:04 ` Marta Rybczynska
18 siblings, 0 replies; 24+ messages in thread
From: Marta Rybczynska @ 2023-08-02 12:04 UTC (permalink / raw)
To: Steve Sakoman; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 3913 bytes --]
On Mon, Jun 19, 2023 at 4:55 AM Steve Sakoman <steve@sakoman.com> wrote:
> Please review this set of changes for kirkstone and have comments back by
> end of day Tuesday.
>
> Passed a-full on autobuilder:
>
> https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5481
>
> The following changes since commit
> 6e0d694ea1eb5d478dc7508d181c3a820098ee5f:
>
> uninative: Upgrade to 4.0 to include latest gcc 13.1.1 (2023-06-09
> 06:04:24 -1000)
>
> are available in the Git repository at:
>
> https://git.openembedded.org/openembedded-core-contrib
> stable/kirkstone-nut
>
> http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
>
> Andrew Jeffery (1):
> Revert "ipk: Decode byte data to string in manifest handling"
>
> Bruce Ashfield (5):
> linux-yocto/5.15: update to v5.15.109
> linux-yocto/5.15: update to v5.15.110
> linux-yocto/5.15: update to v5.15.111
> linux-yocto/5.15: update to v5.15.112
> linux-yocto/5.15: update to v5.15.113
>
> Chen Qi (1):
> openssh: fix CVE-2023-28531
>
> Deepthi Hemraj (1):
> glibc: stable 2.35 branch updates
>
> Ian Ray (1):
> systemd-systemctl: support instance expansion in WantedBy
>
> Jan Vermaete (1):
> cve-update-nvd2-native: added the missing http import
>
> Marta Rybczynska (1):
> cve-update-nvd2-native: new CVE database fetcher
>
> Qiu Tingting (1):
> e2fsprogs: fix ptest bug for second running
>
> Randy MacLeod (1):
> vim: upgrade 9.0.1429 -> 9.0.1527
>
> Sanjay Chitroda (1):
> cups: Fix CVE-2023-32324
>
> Yogita Urade (4):
> webkitgtk: fix CVE-2022-46691
> webkitgtk: fix CVE-2022-46699
> webkitgtk: fix CVE-2022-42867
> webkitgtk: fix CVE-2022-46700
>
> meta/classes/cve-check.bbclass | 4 +-
> meta/lib/oe/package_manager/ipk/manifest.py | 2 +-
> ...-destination-constraints-for-smartca.patch | 35 ++
> .../openssh/openssh_8.9p1.bb | 1 +
> meta/recipes-core/glibc/glibc-version.inc | 2 +-
> .../glibc/glibc/CVE-2023-0687.patch | 82 -----
> meta/recipes-core/glibc/glibc_2.35.bb | 1 -
> .../meta/cve-update-nvd2-native.bb | 334 ++++++++++++++++++
> .../systemd/systemd-systemctl/systemctl | 9 +-
> .../e2fsprogs/e2fsprogs/run-ptest | 1 +
> .../e2fsprogs/e2fsprogs_1.46.5.bb | 3 +
> meta/recipes-extended/cups/cups.inc | 1 +
> .../cups/cups/CVE-2023-32324.patch | 36 ++
> .../linux/linux-yocto-rt_5.15.bb | 6 +-
> .../linux/linux-yocto-tiny_5.15.bb | 6 +-
> meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
> .../webkit/webkitgtk/CVE-2022-42867.patch | 104 ++++++
> .../webkit/webkitgtk/CVE-2022-46691.patch | 43 +++
> .../webkit/webkitgtk/CVE-2022-46699.patch | 136 +++++++
> .../webkit/webkitgtk/CVE-2022-46700.patch | 67 ++++
> meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 4 +
> meta/recipes-support/vim/vim.inc | 4 +-
> 22 files changed, 792 insertions(+), 115 deletions(-)
> create mode 100644
> meta/recipes-connectivity/openssh/openssh/0001-upstream-include-destination-constraints-for-smartca.patch
> delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2023-0687.patch
> create mode 100644 meta/recipes-core/meta/cve-update-nvd2-native.bb
> create mode 100644 meta/recipes-extended/cups/cups/CVE-2023-32324.patch
> create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-42867.patch
> create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch
> create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46699.patch
> create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46700.patch
>
>
>
Tested for the CVE fetcher backport to kirkstone, no unexpected issues seen.
Kind regards,
Marta
[-- Attachment #2: Type: text/html, Size: 5679 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread