* [OE-core][kirkstone 00/36] Patch review
@ 2023-08-23 14:35 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 01/36] glib-2.0: Fix CVE-2023-32665 Steve Sakoman
` (35 more replies)
0 siblings, 36 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, August 25.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5772
The following changes since commit f20a06149cb61264662d1eaf6ea02aefabc0a18b:
libxcrypt: update PV to match SRCREV (2023-08-16 06:11:05 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alex Kiernan (2):
rootfs: Add debugfs package db file copy and cleanup
rpm: Pick debugfs package db files/dirs explicitly
Alexander Kanavin (1):
glibc-locale: use stricter matching for metapackages' runtime
dependencies
Anuj Mittal (5):
selftest/cases/glibc.py: fix the override syntax
glibc/check-test-wrapper: don't emit warnings from ssh
selftest/cases/glibc.py: increase the memory for testing
oeqa/utils/nfs: allow requesting non-udp ports
selftest/cases/glibc.py: switch to using NFS over TCP
Archana Polampalli (1):
gstreamer1.0: upgrade 1.20.6 -> 1.20.7
BELOUARGA Mohamed (1):
linux-firmware : Add firmware of RTL8822 serie
Bruce Ashfield (3):
linux-yocto/5.15: update to v5.15.122
linux-yocto/5.15: update to v5.15.123
linux-yocto/5.15: update to v5.15.124
Chee Yang Lee (2):
librsvg: 2.52.7 -> 2.52.10
bind: 9.18.11 -> 9.18.17
Dmitry Baryshkov (2):
linux-firmware: package firmare for Dragonboard 410c
linux-firmware: split platform-specific Adreno shaders to separate
packages
Enrico Scholz (1):
shadow-sysroot: add license information
Julien Stephan (1):
automake: fix buildtest patch
Michael Halstead (3):
yocto-uninative: Update hashes for uninative 4.1
yocto-uninative: Update to 4.2 for glibc 2.38
resulttool/resultutils: allow index generation despite corrupt json
Ovidiu Panait (1):
mdadm: add util-linux-blockdev ptest dependency
Poonam Jadhav (1):
pixman: Remove duplication of license MIT
Richard Purdie (6):
lib/package_manager: Improve repo artefact filtering
acl/attr: ptest fixes and improvements
oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
oeqa/runtime/ltp: Increase ltp test output timeout
target/ssh: Ensure exit code set for commands
oeqa/ssh: Further improve process exit handling
Soumya Sambu (3):
glib-2.0: Fix CVE-2023-32665
glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611
glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636
Staffan Rydén (1):
kernel: Fix path comparison in kernel staging dir symlinking
Trevor Gamblin (1):
linux-firmware: upgrade 20230515 -> 20230625
Wang Mingyu (1):
libnss-nis: upgrade 3.1 -> 3.2
meta/classes/kernel.bbclass | 7 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
meta/lib/oe/package_manager/__init__.py | 5 +-
meta/lib/oe/package_manager/rpm/rootfs.py | 2 +-
meta/lib/oe/rootfs.py | 20 +-
meta/lib/oeqa/core/target/ssh.py | 7 +
meta/lib/oeqa/runtime/cases/ltp.py | 2 +-
meta/lib/oeqa/selftest/cases/glibc.py | 8 +-
meta/lib/oeqa/utils/nfs.py | 4 +-
.../bind/bind-9.18.11/CVE-2023-2828.patch | 197 ---------
.../bind/bind-9.18.11/CVE-2023-2911.patch | 97 ----
...1-avoid-start-failure-with-bind-user.patch | 0
...d-V-and-start-log-hide-build-options.patch | 0
...ching-for-json-headers-searches-sysr.patch | 0
.../bind/{bind-9.18.11 => bind-9.18.17}/bind9 | 0
.../{bind-9.18.11 => bind-9.18.17}/conf.patch | 0
.../generate-rndc-key.sh | 0
...t.d-add-support-for-read-only-rootfs.patch | 0
.../make-etc-initd-bind-stop-work.patch | 0
.../named.service | 0
.../bind/{bind_9.18.11.bb => bind_9.18.17.bb} | 8 +-
.../glib-2.0/glib-2.0/CVE-2023-29499.patch | 291 ++++++++++++
.../glib-2.0/CVE-2023-32611-0001.patch | 97 ++++
.../glib-2.0/CVE-2023-32611-0002.patch | 282 ++++++++++++
.../glib-2.0/glib-2.0/CVE-2023-32636.patch | 50 +++
.../glib-2.0/glib-2.0/CVE-2023-32643.patch | 155 +++++++
.../glib-2.0/CVE-2023-32665-0001.patch | 104 +++++
.../glib-2.0/CVE-2023-32665-0002.patch | 211 +++++++++
.../glib-2.0/CVE-2023-32665-0003.patch | 418 ++++++++++++++++++
.../glib-2.0/CVE-2023-32665-0004.patch | 114 +++++
.../glib-2.0/CVE-2023-32665-0005.patch | 81 ++++
.../glib-2.0/CVE-2023-32665-0006.patch | 397 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0007.patch | 50 +++
.../glib-2.0/CVE-2023-32665-0008.patch | 395 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0009.patch | 98 ++++
meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 14 +
meta/recipes-core/glibc/glibc-locale.inc | 8 +-
.../glibc/glibc/check-test-wrapper | 2 +-
.../automake/automake/buildtest.patch | 2 +-
.../recipes-extended/libnss-nis/libnss-nis.bb | 4 +-
meta/recipes-extended/mdadm/mdadm_4.2.bb | 9 +-
.../shadow/files/login.defs_shadow-sysroot | 1 +
.../shadow/shadow-sysroot_4.6.bb | 2 +-
.../{librsvg_2.52.7.bb => librsvg_2.52.10.bb} | 2 +-
.../xorg-lib/pixman_0.40.0.bb | 2 +-
...20230515.bb => linux-firmware_20230625.bb} | 37 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
...tools_1.20.6.bb => gst-devtools_1.20.7.bb} | 2 +-
...1.20.6.bb => gstreamer1.0-libav_1.20.7.bb} | 2 +-
...x_1.20.6.bb => gstreamer1.0-omx_1.20.7.bb} | 2 +-
....bb => gstreamer1.0-plugins-bad_1.20.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-base_1.20.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-good_1.20.7.bb} | 2 +-
...bb => gstreamer1.0-plugins-ugly_1.20.7.bb} | 2 +-
....20.6.bb => gstreamer1.0-python_1.20.7.bb} | 2 +-
....bb => gstreamer1.0-rtsp-server_1.20.7.bb} | 2 +-
...1.20.6.bb => gstreamer1.0-vaapi_1.20.7.bb} | 2 +-
...er1.0_1.20.6.bb => gstreamer1.0_1.20.7.bb} | 2 +-
meta/recipes-support/attr/acl/run-ptest | 6 +
meta/recipes-support/attr/acl_2.3.1.bb | 1 +
meta/recipes-support/attr/attr.inc | 1 +
meta/recipes-support/attr/attr/run-ptest | 7 +
scripts/lib/resulttool/resultutils.py | 6 +-
65 files changed, 2901 insertions(+), 373 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
delete mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/0001-avoid-start-failure-with-bind-user.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/0001-named-lwresd-V-and-start-log-hide-build-options.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/bind-ensure-searching-for-json-headers-searches-sysr.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/bind9 (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/conf.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/generate-rndc-key.sh (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/init.d-add-support-for-read-only-rootfs.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/make-etc-initd-bind-stop-work.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/named.service (100%)
rename meta/recipes-connectivity/bind/{bind_9.18.11.bb => bind_9.18.17.bb} (92%)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch
rename meta/recipes-gnome/librsvg/{librsvg_2.52.7.bb => librsvg_2.52.10.bb} (96%)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230515.bb => linux-firmware_20230625.bb} (96%)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.6.bb => gst-devtools_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.6.bb => gstreamer1.0-libav_1.20.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.6.bb => gstreamer1.0-omx_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.6.bb => gstreamer1.0-plugins-bad_1.20.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.6.bb => gstreamer1.0-plugins-base_1.20.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.6.bb => gstreamer1.0-plugins-good_1.20.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.6.bb => gstreamer1.0-plugins-ugly_1.20.7.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.6.bb => gstreamer1.0-python_1.20.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.6.bb => gstreamer1.0-rtsp-server_1.20.7.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.6.bb => gstreamer1.0-vaapi_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.6.bb => gstreamer1.0_1.20.7.bb} (97%)
--
2.34.1
^ permalink raw reply [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 01/36] glib-2.0: Fix CVE-2023-32665
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 02/36] glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611 Steve Sakoman
` (34 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Soumya Sambu <soumya.sambu@windriver.com>
GVariant deserialisation does not match spec for non-normal data
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../glib-2.0/CVE-2023-32665-0001.patch | 104 +++++
.../glib-2.0/CVE-2023-32665-0002.patch | 211 +++++++++
.../glib-2.0/CVE-2023-32665-0003.patch | 418 ++++++++++++++++++
.../glib-2.0/CVE-2023-32665-0004.patch | 114 +++++
.../glib-2.0/CVE-2023-32665-0005.patch | 81 ++++
.../glib-2.0/CVE-2023-32665-0006.patch | 397 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0007.patch | 50 +++
.../glib-2.0/CVE-2023-32665-0008.patch | 395 +++++++++++++++++
.../glib-2.0/CVE-2023-32665-0009.patch | 98 ++++
meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 9 +
10 files changed, 1877 insertions(+)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch
new file mode 100644
index 0000000000..2b7536c42d
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0001.patch
@@ -0,0 +1,104 @@
+From 1deacdd4e8e35a5cf1417918ca4f6b0afa6409b1 Mon Sep 17 00:00:00 2001
+From: William Manley <will@stb-tester.com>
+Date: Wed, 9 Aug 2023 10:04:49 +0000
+Subject: [PATCH] gvariant-core: Consolidate construction of
+ `GVariantSerialised`
+
+So I only need to change it in one place.
+
+This introduces no functional changes.
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/1deacdd4e8e35a5cf1417918ca4f6b0afa6409b1]
+
+Signed-off-by: Soumya <soumya.sambu@windriver.com>
+---
+ glib/gvariant-core.c | 49 ++++++++++++++++++++++----------------------
+ 1 file changed, 25 insertions(+), 24 deletions(-)
+
+diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
+index a31d396..496f2e2 100644
+--- a/glib/gvariant-core.c
++++ b/glib/gvariant-core.c
+@@ -349,6 +349,27 @@ g_variant_ensure_size (GVariant *value)
+ }
+ }
+
++/* < private >
++ * g_variant_to_serialised:
++ * @value: a #GVariant
++ *
++ * Gets a GVariantSerialised for a GVariant in state STATE_SERIALISED.
++ */
++inline static GVariantSerialised
++g_variant_to_serialised (GVariant *value)
++{
++ g_assert (value->state & STATE_SERIALISED);
++ {
++ GVariantSerialised serialised = {
++ value->type_info,
++ (gpointer) value->contents.serialised.data,
++ value->size,
++ value->depth,
++ };
++ return serialised;
++ }
++}
++
+ /* < private >
+ * g_variant_serialise:
+ * @value: a #GVariant
+@@ -1007,16 +1028,8 @@ g_variant_n_children (GVariant *value)
+ g_variant_lock (value);
+
+ if (value->state & STATE_SERIALISED)
+- {
+- GVariantSerialised serialised = {
+- value->type_info,
+- (gpointer) value->contents.serialised.data,
+- value->size,
+- value->depth,
+- };
+-
+- n_children = g_variant_serialised_n_children (serialised);
+- }
++ n_children = g_variant_serialised_n_children (
++ g_variant_to_serialised (value));
+ else
+ n_children = value->contents.tree.n_children;
+
+@@ -1083,12 +1096,7 @@ g_variant_get_child_value (GVariant *value,
+ }
+
+ {
+- GVariantSerialised serialised = {
+- value->type_info,
+- (gpointer) value->contents.serialised.data,
+- value->size,
+- value->depth,
+- };
++ GVariantSerialised serialised = g_variant_to_serialised (value);
+ GVariantSerialised s_child;
+ GVariant *child;
+
+@@ -1201,14 +1209,7 @@ g_variant_is_normal_form (GVariant *value)
+
+ if (value->state & STATE_SERIALISED)
+ {
+- GVariantSerialised serialised = {
+- value->type_info,
+- (gpointer) value->contents.serialised.data,
+- value->size,
+- value->depth
+- };
+-
+- if (g_variant_serialised_is_normal (serialised))
++ if (g_variant_serialised_is_normal (g_variant_to_serialised (value)))
+ value->state |= STATE_TRUSTED;
+ }
+ else
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch
new file mode 100644
index 0000000000..4eff85a5f3
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0002.patch
@@ -0,0 +1,211 @@
+From 446e69f5edd72deb2196dee36bbaf8056caf6948 Mon Sep 17 00:00:00 2001
+From: William Manley <will@stb-tester.com>
+Date: Wed, 9 Aug 2023 10:39:34 +0000
+Subject: [PATCH] gvariant-serialiser: Factor out functions for dealing with
+ framing offsets
+
+This introduces no functional changes.
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/446e69f5edd72deb2196dee36bbaf8056caf6948]
+
+Signed-off-by: Soumya <soumya.sambu@windriver.com>
+---
+ glib/gvariant-serialiser.c | 108 +++++++++++++++++++------------------
+ 1 file changed, 57 insertions(+), 51 deletions(-)
+
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 7b13381..e71248e 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -633,30 +633,62 @@ gvs_calculate_total_size (gsize body_size,
+ return body_size + 8 * offsets;
+ }
+
++struct Offsets
++{
++ gsize data_size;
++
++ guchar *array;
++ gsize length;
++ guint offset_size;
++
++ gboolean is_normal;
++};
++
+ static gsize
+-gvs_variable_sized_array_n_children (GVariantSerialised value)
++gvs_offsets_get_offset_n (struct Offsets *offsets,
++ gsize n)
++{
++ return gvs_read_unaligned_le (
++ offsets->array + (offsets->offset_size * n), offsets->offset_size);
++}
++
++static struct Offsets
++gvs_variable_sized_array_get_frame_offsets (GVariantSerialised value)
+ {
++ struct Offsets out = { 0, };
+ gsize offsets_array_size;
+- gsize offset_size;
+ gsize last_end;
+
+ if (value.size == 0)
+- return 0;
+-
+- offset_size = gvs_get_offset_size (value.size);
++ {
++ out.is_normal = TRUE;
++ return out;
++ }
+
+- last_end = gvs_read_unaligned_le (value.data + value.size -
+- offset_size, offset_size);
++ out.offset_size = gvs_get_offset_size (value.size);
++ last_end = gvs_read_unaligned_le (value.data + value.size - out.offset_size,
++ out.offset_size);
+
+ if (last_end > value.size)
+- return 0;
++ return out; /* offsets not normal */
+
+ offsets_array_size = value.size - last_end;
+
+- if (offsets_array_size % offset_size)
+- return 0;
++ if (offsets_array_size % out.offset_size)
++ return out; /* offsets not normal */
++
++ out.data_size = last_end;
++ out.array = value.data + last_end;
++ out.length = offsets_array_size / out.offset_size;
++ out.is_normal = TRUE;
+
+- return offsets_array_size / offset_size;
++ return out;
++}
++
++static gsize
++gvs_variable_sized_array_n_children (GVariantSerialised value)
++{
++ return gvs_variable_sized_array_get_frame_offsets (value).length;
+ }
+
+ static GVariantSerialised
+@@ -664,8 +696,9 @@ gvs_variable_sized_array_get_child (GVariantSerialised value,
+ gsize index_)
+ {
+ GVariantSerialised child = { 0, };
+- gsize offset_size;
+- gsize last_end;
++
++ struct Offsets offsets = gvs_variable_sized_array_get_frame_offsets (value);
++
+ gsize start;
+ gsize end;
+
+@@ -673,18 +706,11 @@ gvs_variable_sized_array_get_child (GVariantSerialised value,
+ g_variant_type_info_ref (child.type_info);
+ child.depth = value.depth + 1;
+
+- offset_size = gvs_get_offset_size (value.size);
+-
+- last_end = gvs_read_unaligned_le (value.data + value.size -
+- offset_size, offset_size);
+-
+ if (index_ > 0)
+ {
+ guint alignment;
+
+- start = gvs_read_unaligned_le (value.data + last_end +
+- (offset_size * (index_ - 1)),
+- offset_size);
++ start = gvs_offsets_get_offset_n (&offsets, index_ - 1);
+
+ g_variant_type_info_query (child.type_info, &alignment, NULL);
+ start += (-start) & alignment;
+@@ -692,11 +718,9 @@ gvs_variable_sized_array_get_child (GVariantSerialised value,
+ else
+ start = 0;
+
+- end = gvs_read_unaligned_le (value.data + last_end +
+- (offset_size * index_),
+- offset_size);
++ end = gvs_offsets_get_offset_n (&offsets, index_);
+
+- if (start < end && end <= value.size && end <= last_end)
++ if (start < end && end <= value.size && end <= offsets.data_size)
+ {
+ child.data = value.data + start;
+ child.size = end - start;
+@@ -768,34 +792,16 @@ static gboolean
+ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+ {
+ GVariantSerialised child = { 0, };
+- gsize offsets_array_size;
+- guchar *offsets_array;
+- guint offset_size;
+ guint alignment;
+- gsize last_end;
+- gsize length;
+ gsize offset;
+ gsize i;
+
+- if (value.size == 0)
+- return TRUE;
+-
+- offset_size = gvs_get_offset_size (value.size);
+- last_end = gvs_read_unaligned_le (value.data + value.size -
+- offset_size, offset_size);
++ struct Offsets offsets = gvs_variable_sized_array_get_frame_offsets (value);
+
+- if (last_end > value.size)
++ if (!offsets.is_normal)
+ return FALSE;
+
+- offsets_array_size = value.size - last_end;
+-
+- if (offsets_array_size % offset_size)
+- return FALSE;
+-
+- offsets_array = value.data + value.size - offsets_array_size;
+- length = offsets_array_size / offset_size;
+-
+- if (length == 0)
++ if (value.size != 0 && offsets.length == 0)
+ return FALSE;
+
+ child.type_info = g_variant_type_info_element (value.type_info);
+@@ -803,14 +809,14 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+ child.depth = value.depth + 1;
+ offset = 0;
+
+- for (i = 0; i < length; i++)
++ for (i = 0; i < offsets.length; i++)
+ {
+ gsize this_end;
+
+- this_end = gvs_read_unaligned_le (offsets_array + offset_size * i,
+- offset_size);
++ this_end = gvs_read_unaligned_le (offsets.array + offsets.offset_size * i,
++ offsets.offset_size);
+
+- if (this_end < offset || this_end > last_end)
++ if (this_end < offset || this_end > offsets.data_size)
+ return FALSE;
+
+ while (offset & alignment)
+@@ -832,7 +838,7 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+ offset = this_end;
+ }
+
+- g_assert (offset == last_end);
++ g_assert (offset == offsets.data_size);
+
+ return TRUE;
+ }
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch
new file mode 100644
index 0000000000..183c6b20e7
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0003.patch
@@ -0,0 +1,418 @@
+From ade71fb544391b2e33e1859645726bfee0d5eaaf Mon Sep 17 00:00:00 2001
+From: William Manley <will@stb-tester.com>
+Date: Wed, 16 Aug 2023 03:12:21 +0000
+Subject: [PATCH] gvariant: Don't allow child elements to overlap with each
+ other
+
+If different elements of a variable sized array can overlap with each
+other then we can cause a `GVariant` to normalise to a much larger type.
+
+This commit changes the behaviour of `GVariant` with non-normal form data. If
+an invalid frame offset is found all subsequent elements are given their
+default value.
+
+When retrieving an element at index `n` we scan the frame offsets up to index
+`n` and if they are not in order we return an element with the default value
+for that type. This guarantees that elements don't overlap with each
+other. We remember the offset we've scanned up to so we don't need to
+repeat this work on subsequent accesses. We skip these checks for trusted
+data.
+
+Unfortunately this makes random access of untrusted data O(n) — at least
+on first access. It doesn't affect the algorithmic complexity of accessing
+elements in order, such as when using the `GVariantIter` interface. Also:
+the cost of validation will be amortised as the `GVariant` instance is
+continued to be used.
+
+I've implemented this with 4 different functions, 1 for each element size,
+rather than looping calling `gvs_read_unaligned_le` in the hope that the
+compiler will find it easy to optimise and should produce fairly tight
+code.
+
+Fixes: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/ade71fb544391b2e33e1859645726bfee0d5eaaf]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-core.c | 35 ++++++++++++++++
+ glib/gvariant-serialiser.c | 86 ++++++++++++++++++++++++++++++++++++--
+ glib/gvariant-serialiser.h | 8 ++++
+ glib/tests/gvariant.c | 45 ++++++++++++++++++++
+ 4 files changed, 171 insertions(+), 3 deletions(-)
+
+diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
+index 496f2e2..4e0b2b5 100644
+--- a/glib/gvariant-core.c
++++ b/glib/gvariant-core.c
+@@ -65,6 +65,7 @@ struct _GVariant
+ {
+ GBytes *bytes;
+ gconstpointer data;
++ gsize ordered_offsets_up_to;
+ } serialised;
+
+ struct
+@@ -162,6 +163,24 @@ struct _GVariant
+ * if .data pointed to the appropriate number of nul
+ * bytes.
+ *
++ * .ordered_offsets_up_to: If ordered_offsets_up_to == n this means that all
++ * the frame offsets up to and including the frame
++ * offset determining the end of element n are in
++ * order. This guarantees that the bytes of element
++ * n don't overlap with any previous element.
++ *
++ * For trusted data this is set to G_MAXSIZE and we
++ * don't check that the frame offsets are in order.
++ *
++ * Note: This doesn't imply the offsets are good in
++ * any way apart from their ordering. In particular
++ * offsets may be out of bounds for this value or
++ * may imply that the data overlaps the frame
++ * offsets themselves.
++ *
++ * This field is only relevant for arrays of non
++ * fixed width types.
++ *
+ * .tree: Only valid when the instance is in tree form.
+ *
+ * Note that accesses from other threads could result in
+@@ -365,6 +384,7 @@ g_variant_to_serialised (GVariant *value)
+ (gpointer) value->contents.serialised.data,
+ value->size,
+ value->depth,
++ value->contents.serialised.ordered_offsets_up_to,
+ };
+ return serialised;
+ }
+@@ -396,6 +416,7 @@ g_variant_serialise (GVariant *value,
+ serialised.size = value->size;
+ serialised.data = data;
+ serialised.depth = value->depth;
++ serialised.ordered_offsets_up_to = 0;
+
+ children = (gpointer *) value->contents.tree.children;
+ n_children = value->contents.tree.n_children;
+@@ -439,6 +460,15 @@ g_variant_fill_gvs (GVariantSerialised *serialised,
+ g_assert (serialised->size == value->size);
+ serialised->depth = value->depth;
+
++ if (value->state & STATE_SERIALISED)
++ {
++ serialised->ordered_offsets_up_to = value->contents.serialised.ordered_offsets_up_to;
++ }
++ else
++ {
++ serialised->ordered_offsets_up_to = 0;
++ }
++
+ if (serialised->data)
+ /* g_variant_store() is a public API, so it
+ * it will reacquire the lock if it needs to.
+@@ -481,6 +511,7 @@ g_variant_ensure_serialised (GVariant *value)
+ bytes = g_bytes_new_take (data, value->size);
+ value->contents.serialised.data = g_bytes_get_data (bytes, NULL);
+ value->contents.serialised.bytes = bytes;
++ value->contents.serialised.ordered_offsets_up_to = G_MAXSIZE;
+ value->state |= STATE_SERIALISED;
+ }
+ }
+@@ -561,6 +592,7 @@ g_variant_new_from_bytes (const GVariantType *type,
+ serialised.type_info = value->type_info;
+ serialised.data = (guchar *) g_bytes_get_data (bytes, &serialised.size);
+ serialised.depth = 0;
++ serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
+
+ if (!g_variant_serialised_check (serialised))
+ {
+@@ -611,6 +643,8 @@ g_variant_new_from_bytes (const GVariantType *type,
+ value->contents.serialised.data = g_bytes_get_data (bytes, &value->size);
+ }
+
++ value->contents.serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
++
+ g_clear_pointer (&owned_bytes, g_bytes_unref);
+
+ return value;
+@@ -1130,6 +1164,7 @@ g_variant_get_child_value (GVariant *value,
+ child->contents.serialised.bytes =
+ g_bytes_ref (value->contents.serialised.bytes);
+ child->contents.serialised.data = s_child.data;
++ child->contents.serialised.ordered_offsets_up_to = s_child.ordered_offsets_up_to;
+
+ return child;
+ }
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index e71248e..6fb3f2f 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -1,6 +1,7 @@
+ /*
+ * Copyright © 2007, 2008 Ryan Lortie
+ * Copyright © 2010 Codethink Limited
++ * Copyright © 2020 William Manley
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -264,6 +265,7 @@ gvs_fixed_sized_maybe_get_child (GVariantSerialised value,
+ value.type_info = g_variant_type_info_element (value.type_info);
+ g_variant_type_info_ref (value.type_info);
+ value.depth++;
++ value.ordered_offsets_up_to = 0;
+
+ return value;
+ }
+@@ -295,7 +297,7 @@ gvs_fixed_sized_maybe_serialise (GVariantSerialised value,
+ {
+ if (n_children)
+ {
+- GVariantSerialised child = { NULL, value.data, value.size, value.depth + 1 };
++ GVariantSerialised child = { NULL, value.data, value.size, value.depth + 1, 0 };
+
+ gvs_filler (&child, children[0]);
+ }
+@@ -317,6 +319,7 @@ gvs_fixed_sized_maybe_is_normal (GVariantSerialised value)
+ /* proper element size: "Just". recurse to the child. */
+ value.type_info = g_variant_type_info_element (value.type_info);
+ value.depth++;
++ value.ordered_offsets_up_to = 0;
+
+ return g_variant_serialised_is_normal (value);
+ }
+@@ -358,6 +361,7 @@ gvs_variable_sized_maybe_get_child (GVariantSerialised value,
+ value.data = NULL;
+
+ value.depth++;
++ value.ordered_offsets_up_to = 0;
+
+ return value;
+ }
+@@ -388,7 +392,7 @@ gvs_variable_sized_maybe_serialise (GVariantSerialised value,
+ {
+ if (n_children)
+ {
+- GVariantSerialised child = { NULL, value.data, value.size - 1, value.depth + 1 };
++ GVariantSerialised child = { NULL, value.data, value.size - 1, value.depth + 1, 0 };
+
+ /* write the data for the child. */
+ gvs_filler (&child, children[0]);
+@@ -408,6 +412,7 @@ gvs_variable_sized_maybe_is_normal (GVariantSerialised value)
+ value.type_info = g_variant_type_info_element (value.type_info);
+ value.size--;
+ value.depth++;
++ value.ordered_offsets_up_to = 0;
+
+ return g_variant_serialised_is_normal (value);
+ }
+@@ -691,6 +696,32 @@ gvs_variable_sized_array_n_children (GVariantSerialised value)
+ return gvs_variable_sized_array_get_frame_offsets (value).length;
+ }
+
++/* Find the index of the first out-of-order element in @data, assuming that
++ * @data is an array of elements of given @type, starting at index @start and
++ * containing a further @len-@start elements. */
++#define DEFINE_FIND_UNORDERED(type) \
++ static gsize \
++ find_unordered_##type (const guint8 *data, gsize start, gsize len) \
++ { \
++ gsize off; \
++ type current, previous; \
++ \
++ memcpy (&previous, data + start * sizeof (current), sizeof (current)); \
++ for (off = (start + 1) * sizeof (current); off < len * sizeof (current); off += sizeof (current)) \
++ { \
++ memcpy (¤t, data + off, sizeof (current)); \
++ if (current < previous) \
++ break; \
++ previous = current; \
++ } \
++ return off / sizeof (current) - 1; \
++ }
++
++DEFINE_FIND_UNORDERED (guint8);
++DEFINE_FIND_UNORDERED (guint16);
++DEFINE_FIND_UNORDERED (guint32);
++DEFINE_FIND_UNORDERED (guint64);
++
+ static GVariantSerialised
+ gvs_variable_sized_array_get_child (GVariantSerialised value,
+ gsize index_)
+@@ -706,6 +737,49 @@ gvs_variable_sized_array_get_child (GVariantSerialised value,
+ g_variant_type_info_ref (child.type_info);
+ child.depth = value.depth + 1;
+
++ /* If the requested @index_ is beyond the set of indices whose framing offsets
++ * have been checked, check the remaining offsets to see whether they’re
++ * normal (in order, no overlapping array elements). */
++ if (index_ > value.ordered_offsets_up_to)
++ {
++ switch (offsets.offset_size)
++ {
++ case 1:
++ {
++ value.ordered_offsets_up_to = find_unordered_guint8 (
++ offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ break;
++ }
++ case 2:
++ {
++ value.ordered_offsets_up_to = find_unordered_guint16 (
++ offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ break;
++ }
++ case 4:
++ {
++ value.ordered_offsets_up_to = find_unordered_guint32 (
++ offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ break;
++ }
++ case 8:
++ {
++ value.ordered_offsets_up_to = find_unordered_guint64 (
++ offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ break;
++ }
++ default:
++ /* gvs_get_offset_size() only returns maximum 8 */
++ g_assert_not_reached ();
++ }
++ }
++
++ if (index_ > value.ordered_offsets_up_to)
++ {
++ /* Offsets are invalid somewhere, so return an empty child. */
++ return child;
++ }
++
+ if (index_ > 0)
+ {
+ guint alignment;
+@@ -840,6 +914,9 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+
+ g_assert (offset == offsets.data_size);
+
++ /* All offsets have now been checked. */
++ value.ordered_offsets_up_to = G_MAXSIZE;
++
+ return TRUE;
+ }
+
+@@ -1072,7 +1149,7 @@ gvs_tuple_is_normal (GVariantSerialised value)
+ for (i = 0; i < length; i++)
+ {
+ const GVariantMemberInfo *member_info;
+- GVariantSerialised child;
++ GVariantSerialised child = { 0, };
+ gsize fixed_size;
+ guint alignment;
+ gsize end;
+@@ -1132,6 +1209,9 @@ gvs_tuple_is_normal (GVariantSerialised value)
+ offset = end;
+ }
+
++ /* All element bounds have been checked above. */
++ value.ordered_offsets_up_to = G_MAXSIZE;
++
+ {
+ gsize fixed_size;
+ guint alignment;
+diff --git a/glib/gvariant-serialiser.h b/glib/gvariant-serialiser.h
+index 859cb7b..3ab83b3 100644
+--- a/glib/gvariant-serialiser.h
++++ b/glib/gvariant-serialiser.h
+@@ -29,6 +29,14 @@ typedef struct
+ guchar *data;
+ gsize size;
+ gsize depth; /* same semantics as GVariant.depth */
++ /* If ordered_offsets_up_to == n this means that all the frame offsets up to and
++ * including the frame offset determining the end of element n are in order.
++ * This guarantees that the bytes of element n don't overlap with any previous
++ * element.
++ *
++ * This is both read and set by g_variant_serialised_get_child for arrays of
++ * non-fixed-width types */
++ gsize ordered_offsets_up_to;
+ } GVariantSerialised;
+
+ /* deserialization */
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 0110f26..291f796 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -1,5 +1,6 @@
+ /*
+ * Copyright © 2010 Codethink Limited
++ * Copyright © 2020 William Manley
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -1279,6 +1280,7 @@ random_instance_filler (GVariantSerialised *serialised,
+ serialised->size = instance->size;
+
+ serialised->depth = 0;
++ serialised->ordered_offsets_up_to = 0;
+
+ g_assert_true (serialised->type_info == instance->type_info);
+ g_assert_cmpuint (serialised->size, ==, instance->size);
+@@ -5023,6 +5025,47 @@ test_normal_checking_array_offsets (void)
+ g_variant_unref (variant);
+ }
+
++/* This is a regression test that we can't have non-normal values that take up
++ * significantly more space than the normal equivalent, by specifying the
++ * offset table entries so that array elements overlap.
++ *
++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2121#note_832242 */
++static void
++test_normal_checking_array_offsets2 (void)
++{
++ const guint8 data[] = {
++ 'h', 'i', '\0',
++ 0x03, 0x00, 0x03,
++ 0x06, 0x00, 0x06,
++ 0x09, 0x00, 0x09,
++ 0x0c, 0x00, 0x0c,
++ 0x0f, 0x00, 0x0f,
++ 0x12, 0x00, 0x12,
++ 0x15, 0x00, 0x15,
++ };
++ gsize size = sizeof (data);
++ const GVariantType *aaaaaaas = G_VARIANT_TYPE ("aaaaaaas");
++ GVariant *variant = NULL;
++ GVariant *normal_variant = NULL;
++ GVariant *expected = NULL;
++
++ variant = g_variant_new_from_data (aaaaaaas, data, size, FALSE, NULL, NULL);
++ g_assert_nonnull (variant);
++
++ normal_variant = g_variant_get_normal_form (variant);
++ g_assert_nonnull (normal_variant);
++ g_assert_cmpuint (g_variant_get_size (normal_variant), <=, size * 2);
++
++ expected = g_variant_new_parsed (
++ "[[[[[[['hi', '', ''], [], []], [], []], [], []], [], []], [], []], [], []]");
++ g_assert_cmpvariant (expected, variant);
++ g_assert_cmpvariant (expected, normal_variant);
++
++ g_variant_unref (expected);
++ g_variant_unref (normal_variant);
++ g_variant_unref (variant);
++}
++
+ /* Test that a tuple with invalidly large values in its offset table is
+ * normalised successfully without looping infinitely. */
+ static void
+@@ -5189,6 +5232,8 @@ main (int argc, char **argv)
+ test_normal_checking_tuples);
+ g_test_add_func ("/gvariant/normal-checking/array-offsets",
+ test_normal_checking_array_offsets);
++ g_test_add_func ("/gvariant/normal-checking/array-offsets2",
++ test_normal_checking_array_offsets2);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets",
+ test_normal_checking_tuple_offsets);
+ g_test_add_func ("/gvariant/normal-checking/empty-object-path",
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch
new file mode 100644
index 0000000000..791efdee87
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0004.patch
@@ -0,0 +1,114 @@
+From 345cae9c1aa7bf6752039225ef4c8d8d69fa8d76 Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Fri, 11 Aug 2023 04:09:12 +0000
+Subject: [PATCH] gvariant-serialiser: Factor out code to get bounds of a tuple
+ member
+
+This introduces no functional changes.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/345cae9c1aa7bf6752039225ef4c8d8d69fa8d76]
+
+Signed-off-by: Soumya <soumya.sambu@windriver.com>
+---
+ glib/gvariant-serialiser.c | 73 ++++++++++++++++++++++++--------------
+ 1 file changed, 46 insertions(+), 27 deletions(-)
+
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 2932427..1c23eab 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -946,6 +946,51 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+ * for the tuple. See the notes in gvarianttypeinfo.h.
+ */
+
++static void
++gvs_tuple_get_member_bounds (GVariantSerialised value,
++ gsize index_,
++ gsize offset_size,
++ gsize *out_member_start,
++ gsize *out_member_end)
++{
++ const GVariantMemberInfo *member_info;
++ gsize member_start, member_end;
++
++ member_info = g_variant_type_info_member_info (value.type_info, index_);
++
++ if (member_info->i + 1)
++ member_start = gvs_read_unaligned_le (value.data + value.size -
++ offset_size * (member_info->i + 1),
++ offset_size);
++ else
++ member_start = 0;
++
++ member_start += member_info->a;
++ member_start &= member_info->b;
++ member_start |= member_info->c;
++
++ if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_LAST)
++ member_end = value.size - offset_size * (member_info->i + 1);
++
++ else if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_FIXED)
++ {
++ gsize fixed_size;
++
++ g_variant_type_info_query (member_info->type_info, NULL, &fixed_size);
++ member_end = member_start + fixed_size;
++ }
++
++ else /* G_VARIANT_MEMBER_ENDING_OFFSET */
++ member_end = gvs_read_unaligned_le (value.data + value.size -
++ offset_size * (member_info->i + 2),
++ offset_size);
++
++ if (out_member_start != NULL)
++ *out_member_start = member_start;
++ if (out_member_end != NULL)
++ *out_member_end = member_end;
++}
++
+ static gsize
+ gvs_tuple_n_children (GVariantSerialised value)
+ {
+@@ -1001,33 +1046,7 @@ gvs_tuple_get_child (GVariantSerialised value,
+ }
+ }
+
+- if (member_info->i + 1)
+- start = gvs_read_unaligned_le (value.data + value.size -
+- offset_size * (member_info->i + 1),
+- offset_size);
+- else
+- start = 0;
+-
+- start += member_info->a;
+- start &= member_info->b;
+- start |= member_info->c;
+-
+- if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_LAST)
+- end = value.size - offset_size * (member_info->i + 1);
+-
+- else if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_FIXED)
+- {
+- gsize fixed_size;
+-
+- g_variant_type_info_query (child.type_info, NULL, &fixed_size);
+- end = start + fixed_size;
+- child.size = fixed_size;
+- }
+-
+- else /* G_VARIANT_MEMBER_ENDING_OFFSET */
+- end = gvs_read_unaligned_le (value.data + value.size -
+- offset_size * (member_info->i + 2),
+- offset_size);
++ gvs_tuple_get_member_bounds (value, index_, offset_size, &start, &end);
+
+ /* The child should not extend into the offset table. */
+ if (index_ != g_variant_type_info_n_members (value.type_info) - 1)
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch
new file mode 100644
index 0000000000..6c71c20819
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0005.patch
@@ -0,0 +1,81 @@
+From 73d0aa81c2575a5c9ae77dcb94da919579014fc0 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Fri, 11 Aug 2023 04:13:02 +0000
+Subject: [PATCH] gvariant-serialiser: Rework child size calculation
+
+This reduces a few duplicate calls to `g_variant_type_info_query()` and
+explains why they’re needed.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/73d0aa81c2575a5c9ae77dcb94da919579014fc0]
+
+Signed-off-by: Soumya <soumya.sambu@windriver.com>
+---
+ glib/gvariant-serialiser.c | 31 +++++++++----------------------
+ 1 file changed, 9 insertions(+), 22 deletions(-)
+
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 1c23eab..b63e99f 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -1011,14 +1011,18 @@ gvs_tuple_get_child (GVariantSerialised value,
+ child.depth = value.depth + 1;
+ offset_size = gvs_get_offset_size (value.size);
+
++ /* Ensure the size is set for fixed-sized children, or
++ * g_variant_serialised_check() will fail, even if we return
++ * (child.data == NULL) to indicate an error. */
++ if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_FIXED)
++ g_variant_type_info_query (child.type_info, NULL, &child.size);
++
+ /* tuples are the only (potentially) fixed-sized containers, so the
+ * only ones that have to deal with the possibility of having %NULL
+ * data with a non-zero %size if errors occurred elsewhere.
+ */
+ if G_UNLIKELY (value.data == NULL && value.size != 0)
+ {
+- g_variant_type_info_query (child.type_info, NULL, &child.size);
+-
+ /* this can only happen in fixed-sized tuples,
+ * so the child must also be fixed sized.
+ */
+@@ -1036,29 +1040,12 @@ gvs_tuple_get_child (GVariantSerialised value,
+ else
+ {
+ if (offset_size * (member_info->i + 1) > value.size)
+- {
+- /* if the child is fixed size, return its size.
+- * if child is not fixed-sized, return size = 0.
+- */
+- g_variant_type_info_query (child.type_info, NULL, &child.size);
+-
+- return child;
+- }
++ return child;
+ }
+
+- gvs_tuple_get_member_bounds (value, index_, offset_size, &start, &end);
+-
+ /* The child should not extend into the offset table. */
+- if (index_ != g_variant_type_info_n_members (value.type_info) - 1)
+- {
+- GVariantSerialised last_child;
+- last_child = gvs_tuple_get_child (value,
+- g_variant_type_info_n_members (value.type_info) - 1);
+- last_end = last_child.data + last_child.size - value.data;
+- g_variant_type_info_unref (last_child.type_info);
+- }
+- else
+- last_end = end;
++ gvs_tuple_get_member_bounds (value, index_, offset_size, &start, &end);
++ gvs_tuple_get_member_bounds (value, g_variant_type_info_n_members (value.type_info) - 1, offset_size, NULL, &last_end);
+
+ if (start < end && end <= value.size && end <= last_end)
+ {
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch
new file mode 100644
index 0000000000..194ce15287
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0006.patch
@@ -0,0 +1,397 @@
+From 7cf6f5b69146d20948d42f0c476688fe17fef787 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Wed, 16 Aug 2023 12:09:06 +0000
+Subject: [PATCH] gvariant: Don't allow child elements of a tuple to overlap
+ each other
+
+This is similar to the earlier commit which prevents child elements of a
+variable-sized array from overlapping each other, but this time for
+tuples. It is based heavily on ideas by William Manley.
+
+Tuples are slightly different from variable-sized arrays in that they
+contain a mixture of fixed and variable sized elements. All but one of
+the variable sized elements have an entry in the frame offsets table.
+This means that if we were to just check the ordering of the frame
+offsets table, the variable sized elements could still overlap
+interleaving fixed sized elements, which would be bad.
+
+Therefore we have to check the elements rather than the frame offsets.
+
+The logic of checking the elements up to the index currently being
+requested, and caching the result in `ordered_offsets_up_to`, means that
+the algorithmic cost implications are the same for this commit as for
+variable-sized arrays: an O(N) cost for these checks is amortised out
+over N accesses to O(1) per access.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Fixes: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/7cf6f5b69146d20948d42f0c476688fe17fef787]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-core.c | 6 +-
+ glib/gvariant-serialiser.c | 40 ++++++++
+ glib/gvariant-serialiser.h | 7 +-
+ glib/gvariant.c | 1 +
+ glib/tests/gvariant.c | 181 +++++++++++++++++++++++++++++++++++++
+ 5 files changed, 232 insertions(+), 3 deletions(-)
+
+diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
+index 4e0b2b5..c57ee77 100644
+--- a/glib/gvariant-core.c
++++ b/glib/gvariant-core.c
+@@ -1,6 +1,7 @@
+ /*
+ * Copyright © 2007, 2008 Ryan Lortie
+ * Copyright © 2010 Codethink Limited
++ * Copyright © 2022 Endless OS Foundation, LLC
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -179,7 +180,7 @@ struct _GVariant
+ * offsets themselves.
+ *
+ * This field is only relevant for arrays of non
+- * fixed width types.
++ * fixed width types and for tuples.
+ *
+ * .tree: Only valid when the instance is in tree form.
+ *
+@@ -1139,6 +1140,9 @@ g_variant_get_child_value (GVariant *value,
+ */
+ s_child = g_variant_serialised_get_child (serialised, index_);
+
++ /* Update the cached ordered_offsets_up_to, since @serialised will be thrown away when this function exits */
++ value->contents.serialised.ordered_offsets_up_to = MAX (value->contents.serialised.ordered_offsets_up_to, serialised.ordered_offsets_up_to);
++
+ /* Check whether this would cause nesting too deep. If so, return a fake
+ * child. The only situation we expect this to happen in is with a variant,
+ * as all other deeply-nested types have a static type, and hence should
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 2493e76..d46d05c 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -942,6 +942,10 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+ * for the tuple. See the notes in gvarianttypeinfo.h.
+ */
+
++/* Note: This doesn’t guarantee that @out_member_end >= @out_member_start; that
++ * condition may not hold true for invalid serialised variants. The caller is
++ * responsible for checking the returned values and handling invalid ones
++ * appropriately. */
+ static void
+ gvs_tuple_get_member_bounds (GVariantSerialised value,
+ gsize index_,
+@@ -1028,6 +1032,42 @@ gvs_tuple_get_child (GVariantSerialised value,
+ return child;
+ }
+
++ /* If the requested @index_ is beyond the set of indices whose framing offsets
++ * have been checked, check the remaining offsets to see whether they’re
++ * normal (in order, no overlapping tuple elements).
++ *
++ * Unlike the checks in gvs_variable_sized_array_get_child(), we have to check
++ * all the tuple *elements* here, not just all the framing offsets, since
++ * tuples contain a mix of elements which use framing offsets and ones which
++ * don’t. None of them are allowed to overlap. */
++ if (index_ > value.ordered_offsets_up_to)
++ {
++ gsize i, prev_i_end = 0;
++
++ if (value.ordered_offsets_up_to > 0)
++ gvs_tuple_get_member_bounds (value, value.ordered_offsets_up_to - 1, offset_size, NULL, &prev_i_end);
++
++ for (i = value.ordered_offsets_up_to; i <= index_; i++)
++ {
++ gsize i_start, i_end;
++
++ gvs_tuple_get_member_bounds (value, i, offset_size, &i_start, &i_end);
++
++ if (i_start > i_end || i_start < prev_i_end || i_end > value.size)
++ break;
++
++ prev_i_end = i_end;
++ }
++
++ value.ordered_offsets_up_to = i - 1;
++ }
++
++ if (index_ > value.ordered_offsets_up_to)
++ {
++ /* Offsets are invalid somewhere, so return an empty child. */
++ return child;
++ }
++
+ if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_OFFSET)
+ {
+ if (offset_size * (member_info->i + 2) > value.size)
+diff --git a/glib/gvariant-serialiser.h b/glib/gvariant-serialiser.h
+index 3ab83b3..03826f9 100644
+--- a/glib/gvariant-serialiser.h
++++ b/glib/gvariant-serialiser.h
+@@ -34,8 +34,11 @@ typedef struct
+ * This guarantees that the bytes of element n don't overlap with any previous
+ * element.
+ *
+- * This is both read and set by g_variant_serialised_get_child for arrays of
+- * non-fixed-width types */
++ * This is both read and set by g_variant_serialised_get_child() for arrays of
++ * non-fixed-width types, and for tuples.
++ *
++ * Even when dealing with tuples, @ordered_offsets_up_to is an element index,
++ * rather than an index into the frame offsets. */
+ gsize ordered_offsets_up_to;
+ } GVariantSerialised;
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 42ffc9a..f645e05 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -5997,6 +5997,7 @@ g_variant_byteswap (GVariant *value)
+ serialised.size = g_variant_get_size (trusted);
+ serialised.data = g_malloc (serialised.size);
+ serialised.depth = g_variant_get_depth (trusted);
++ serialised.ordered_offsets_up_to = G_MAXSIZE; /* operating on the normal form */
+ g_variant_store (trusted, serialised.data);
+ g_variant_unref (trusted);
+
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 291f796..3ddff96 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -1,6 +1,7 @@
+ /*
+ * Copyright © 2010 Codethink Limited
+ * Copyright © 2020 William Manley
++ * Copyright © 2022 Endless OS Foundation, LLC
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -1447,6 +1448,7 @@ test_maybe (void)
+ serialised.data = flavoured_malloc (needed_size, flavour);
+ serialised.size = needed_size;
+ serialised.depth = 0;
++ serialised.ordered_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised,
+ random_instance_filler,
+@@ -1570,6 +1572,7 @@ test_array (void)
+ serialised.data = flavoured_malloc (needed_size, flavour);
+ serialised.size = needed_size;
+ serialised.depth = 0;
++ serialised.ordered_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) instances, n_children);
+@@ -1734,6 +1737,7 @@ test_tuple (void)
+ serialised.data = flavoured_malloc (needed_size, flavour);
+ serialised.size = needed_size;
+ serialised.depth = 0;
++ serialised.ordered_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) instances, n_children);
+@@ -1830,6 +1834,7 @@ test_variant (void)
+ serialised.data = flavoured_malloc (needed_size, flavour);
+ serialised.size = needed_size;
+ serialised.depth = 0;
++ serialised.ordered_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) &instance, 1);
+@@ -5090,6 +5095,176 @@ test_normal_checking_tuple_offsets (void)
+ g_variant_unref (variant);
+ }
+
++/* This is a regression test that we can't have non-normal values that take up
++ * significantly more space than the normal equivalent, by specifying the
++ * offset table entries so that tuple elements overlap.
++ *
++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2121#note_838503 and
++ * https://gitlab.gnome.org/GNOME/glib/-/issues/2121#note_838513 */
++static void
++test_normal_checking_tuple_offsets2 (void)
++{
++ const GVariantType *data_type = G_VARIANT_TYPE ("(yyaiyyaiyy)");
++ const guint8 data[] = {
++ 0x12, 0x34, 0x56, 0x78, 0x01,
++ /*
++ ^───────────────────┘
++
++ ^^^^^^^^^^ 1st yy
++ ^^^^^^^^^^ 2nd yy
++ ^^^^^^^^^^ 3rd yy
++ ^^^^ Framing offsets
++ */
++
++ /* If this variant was encoded normally, it would be something like this:
++ * 0x12, 0x34, pad, pad, [array bytes], 0x56, 0x78, pad, pad, [array bytes], 0x9A, 0xBC, 0xXX
++ * ^─────────────────────────────────────────────────────┘
++ *
++ * ^^^^^^^^^^ 1st yy
++ * ^^^^^^^^^^ 2nd yy
++ * ^^^^^^^^^^ 3rd yy
++ * ^^^^ Framing offsets
++ */
++ };
++ gsize size = sizeof (data);
++ GVariant *variant = NULL;
++ GVariant *normal_variant = NULL;
++ GVariant *expected = NULL;
++
++ variant = g_variant_new_from_data (data_type, data, size, FALSE, NULL, NULL);
++ g_assert_nonnull (variant);
++
++ normal_variant = g_variant_get_normal_form (variant);
++ g_assert_nonnull (normal_variant);
++ g_assert_cmpuint (g_variant_get_size (normal_variant), <=, size * 3);
++
++ expected = g_variant_new_parsed (
++ "@(yyaiyyaiyy) (0x12, 0x34, [], 0x00, 0x00, [], 0x00, 0x00)");
++ g_assert_cmpvariant (expected, variant);
++ g_assert_cmpvariant (expected, normal_variant);
++
++ g_variant_unref (expected);
++ g_variant_unref (normal_variant);
++ g_variant_unref (variant);
++}
++
++/* This is a regression test that overlapping entries in the offset table are
++ * decoded consistently, even though they’re non-normal.
++ *
++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2121#note_910935 */
++static void
++test_normal_checking_tuple_offsets3 (void)
++{
++ /* The expected decoding of this non-normal byte stream is complex. See
++ * section 2.7.3 (Handling Non-Normal Serialised Data) of the GVariant
++ * specification.
++ *
++ * The rule “Child Values Overlapping Framing Offsets” from the specification
++ * says that the first `ay` must be decoded as `[0x01]` even though it
++ * overlaps the first byte of the offset table. However, since commit
++ * 7eedcd76f7d5b8c98fa60013e1fe6e960bf19df3, GLib explicitly doesn’t allow
++ * this as it’s exploitable. So the first `ay` must be given a default value.
++ *
++ * The second and third `ay`s must be given default values because of rule
++ * “End Boundary Precedes Start Boundary”.
++ *
++ * The `i` must be given a default value because of rule “Start or End
++ * Boundary of a Child Falls Outside the Container”.
++ */
++ const GVariantType *data_type = G_VARIANT_TYPE ("(ayayiay)");
++ const guint8 data[] = {
++ 0x01, 0x00, 0x02,
++ /*
++ ^──┘
++
++ ^^^^^^^^^^ 1st ay, bytes 0-2 (but given a default value anyway, see above)
++ 2nd ay, bytes 2-0
++ i, bytes 0-4
++ 3rd ay, bytes 4-1
++ ^^^^^^^^^^ Framing offsets
++ */
++ };
++ gsize size = sizeof (data);
++ GVariant *variant = NULL;
++ GVariant *normal_variant = NULL;
++ GVariant *expected = NULL;
++
++ variant = g_variant_new_from_data (data_type, data, size, FALSE, NULL, NULL);
++ g_assert_nonnull (variant);
++
++ g_assert_false (g_variant_is_normal_form (variant));
++
++ normal_variant = g_variant_get_normal_form (variant);
++ g_assert_nonnull (normal_variant);
++ g_assert_cmpuint (g_variant_get_size (normal_variant), <=, size * 3);
++
++ expected = g_variant_new_parsed ("@(ayayiay) ([], [], 0, [])");
++ g_assert_cmpvariant (expected, variant);
++ g_assert_cmpvariant (expected, normal_variant);
++
++ g_variant_unref (expected);
++ g_variant_unref (normal_variant);
++ g_variant_unref (variant);
++}
++
++/* This is a regression test that overlapping entries in the offset table are
++ * decoded consistently, even though they’re non-normal.
++ *
++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2121#note_910935 */
++static void
++test_normal_checking_tuple_offsets4 (void)
++{
++ /* The expected decoding of this non-normal byte stream is complex. See
++ * section 2.7.3 (Handling Non-Normal Serialised Data) of the GVariant
++ * specification.
++ *
++ * The rule “Child Values Overlapping Framing Offsets” from the specification
++ * says that the first `ay` must be decoded as `[0x01]` even though it
++ * overlaps the first byte of the offset table. However, since commit
++ * 7eedcd76f7d5b8c98fa60013e1fe6e960bf19df3, GLib explicitly doesn’t allow
++ * this as it’s exploitable. So the first `ay` must be given a default value.
++ *
++ * The second `ay` must be given a default value because of rule “End Boundary
++ * Precedes Start Boundary”.
++ *
++ * The third `ay` must be given a default value because its framing offsets
++ * overlap that of the first `ay`.
++ */
++ const GVariantType *data_type = G_VARIANT_TYPE ("(ayayay)");
++ const guint8 data[] = {
++ 0x01, 0x00, 0x02,
++ /*
++ ^──┘
++
++ ^^^^^^^^^^ 1st ay, bytes 0-2 (but given a default value anyway, see above)
++ 2nd ay, bytes 2-0
++ 3rd ay, bytes 0-1
++ ^^^^^^^^^^ Framing offsets
++ */
++ };
++ gsize size = sizeof (data);
++ GVariant *variant = NULL;
++ GVariant *normal_variant = NULL;
++ GVariant *expected = NULL;
++
++ variant = g_variant_new_from_data (data_type, data, size, FALSE, NULL, NULL);
++ g_assert_nonnull (variant);
++
++ g_assert_false (g_variant_is_normal_form (variant));
++
++ normal_variant = g_variant_get_normal_form (variant);
++ g_assert_nonnull (normal_variant);
++ g_assert_cmpuint (g_variant_get_size (normal_variant), <=, size * 3);
++
++ expected = g_variant_new_parsed ("@(ayayay) ([], [], [])");
++ g_assert_cmpvariant (expected, variant);
++ g_assert_cmpvariant (expected, normal_variant);
++
++ g_variant_unref (expected);
++ g_variant_unref (normal_variant);
++ g_variant_unref (variant);
++}
++
+ /* Test that an empty object path is normalised successfully to the base object
+ * path, ‘/’. */
+ static void
+@@ -5236,6 +5411,12 @@ main (int argc, char **argv)
+ test_normal_checking_array_offsets2);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets",
+ test_normal_checking_tuple_offsets);
++ g_test_add_func ("/gvariant/normal-checking/tuple-offsets2",
++ test_normal_checking_tuple_offsets2);
++ g_test_add_func ("/gvariant/normal-checking/tuple-offsets3",
++ test_normal_checking_tuple_offsets3);
++ g_test_add_func ("/gvariant/normal-checking/tuple-offsets4",
++ test_normal_checking_tuple_offsets4);
+ g_test_add_func ("/gvariant/normal-checking/empty-object-path",
+ test_normal_checking_empty_object_path);
+
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
new file mode 100644
index 0000000000..8a408ab030
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
@@ -0,0 +1,50 @@
+From e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Wed, 16 Aug 2023 03:42:47 +0000
+Subject: [PATCH] gvariant: Port g_variant_deep_copy() to count its iterations
+ directly
+
+This is equivalent to what `GVariantIter` does, but it means that
+`g_variant_deep_copy()` is making its own `g_variant_get_child_value()`
+calls.
+
+This will be useful in an upcoming commit, where those child values will
+be inspected a little more deeply.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 42ffc9a..ca13cc1 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -5850,14 +5850,13 @@ g_variant_deep_copy (GVariant *value)
+ case G_VARIANT_CLASS_VARIANT:
+ {
+ GVariantBuilder builder;
+- GVariantIter iter;
+- GVariant *child;
++ gsize i, n_children;
+
+ g_variant_builder_init (&builder, g_variant_get_type (value));
+- g_variant_iter_init (&iter, value);
+
+- while ((child = g_variant_iter_next_value (&iter)))
++ for (i = 0, n_children = g_variant_n_children (value); i < n_children; i++)
+ {
++ GVariant *child = g_variant_get_child_value (value, i);
+ g_variant_builder_add_value (&builder, g_variant_deep_copy (child));
+ g_variant_unref (child);
+ }
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch
new file mode 100644
index 0000000000..9b074a543d
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0008.patch
@@ -0,0 +1,395 @@
+From d1a293c4e29880b8d17bb826c9a426a440ca4a91 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 01:30:38 +0000
+Subject: [PATCH] gvariant: Track checked and ordered offsets independently
+
+The past few commits introduced the concept of known-good offsets in the
+offset table (which is used for variable-width arrays and tuples).
+Good offsets are ones which are non-overlapping with all the previous
+offsets in the table.
+
+If a bad offset is encountered when indexing into the array or tuple,
+the cached known-good offset index will not be increased. In this way,
+all child variants at and beyond the first bad offset can be returned as
+default values rather than dereferencing potentially invalid data.
+
+In this case, there was no information about the fact that the indexes
+between the highest known-good index and the requested one had been
+checked already. That could lead to a pathological case where an offset
+table with an invalid first offset is repeatedly checked in full when
+trying to access higher-indexed children.
+
+Avoid that by storing the index of the highest checked offset in the
+table, as well as the index of the highest good/ordered offset.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/d1a293c4e29880b8d17bb826c9a426a440ca4a91]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-core.c | 28 ++++++++++++++++++++++++
+ glib/gvariant-serialiser.c | 44 +++++++++++++++++++++++++++-----------
+ glib/gvariant-serialiser.h | 9 ++++++++
+ glib/gvariant.c | 1 +
+ glib/tests/gvariant.c | 5 +++++
+ 5 files changed, 75 insertions(+), 12 deletions(-)
+
+diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
+index c57ee77..7b71efc 100644
+--- a/glib/gvariant-core.c
++++ b/glib/gvariant-core.c
+@@ -67,6 +67,7 @@ struct _GVariant
+ GBytes *bytes;
+ gconstpointer data;
+ gsize ordered_offsets_up_to;
++ gsize checked_offsets_up_to;
+ } serialised;
+
+ struct
+@@ -182,6 +183,24 @@ struct _GVariant
+ * This field is only relevant for arrays of non
+ * fixed width types and for tuples.
+ *
++ * .checked_offsets_up_to: Similarly to .ordered_offsets_up_to, this stores
++ * the index of the highest element, n, whose frame
++ * offsets (and all the preceding frame offsets)
++ * have been checked for validity.
++ *
++ * It is always the case that
++ * .checked_offsets_up_to ≥ .ordered_offsets_up_to.
++ *
++ * If .checked_offsets_up_to == .ordered_offsets_up_to,
++ * then a bad offset has not been found so far.
++ *
++ * If .checked_offsets_up_to > .ordered_offsets_up_to,
++ * then a bad offset has been found at
++ * (.ordered_offsets_up_to + 1).
++ *
++ * This field is only relevant for arrays of non
++ * fixed width types and for tuples.
++ *
+ * .tree: Only valid when the instance is in tree form.
+ *
+ * Note that accesses from other threads could result in
+@@ -386,6 +405,7 @@ g_variant_to_serialised (GVariant *value)
+ value->size,
+ value->depth,
+ value->contents.serialised.ordered_offsets_up_to,
++ value->contents.serialised.checked_offsets_up_to,
+ };
+ return serialised;
+ }
+@@ -418,6 +438,7 @@ g_variant_serialise (GVariant *value,
+ serialised.data = data;
+ serialised.depth = value->depth;
+ serialised.ordered_offsets_up_to = 0;
++ serialised.checked_offsets_up_to = 0;
+
+ children = (gpointer *) value->contents.tree.children;
+ n_children = value->contents.tree.n_children;
+@@ -464,10 +485,12 @@ g_variant_fill_gvs (GVariantSerialised *serialised,
+ if (value->state & STATE_SERIALISED)
+ {
+ serialised->ordered_offsets_up_to = value->contents.serialised.ordered_offsets_up_to;
++ serialised->checked_offsets_up_to = value->contents.serialised.checked_offsets_up_to;
+ }
+ else
+ {
+ serialised->ordered_offsets_up_to = 0;
++ serialised->checked_offsets_up_to = 0;
+ }
+
+ if (serialised->data)
+@@ -513,6 +536,7 @@ g_variant_ensure_serialised (GVariant *value)
+ value->contents.serialised.data = g_bytes_get_data (bytes, NULL);
+ value->contents.serialised.bytes = bytes;
+ value->contents.serialised.ordered_offsets_up_to = G_MAXSIZE;
++ value->contents.serialised.checked_offsets_up_to = G_MAXSIZE;
+ value->state |= STATE_SERIALISED;
+ }
+ }
+@@ -594,6 +618,7 @@ g_variant_new_from_bytes (const GVariantType *type,
+ serialised.data = (guchar *) g_bytes_get_data (bytes, &serialised.size);
+ serialised.depth = 0;
+ serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
++ serialised.checked_offsets_up_to = trusted ? G_MAXSIZE : 0;
+
+ if (!g_variant_serialised_check (serialised))
+ {
+@@ -645,6 +670,7 @@ g_variant_new_from_bytes (const GVariantType *type,
+ }
+
+ value->contents.serialised.ordered_offsets_up_to = trusted ? G_MAXSIZE : 0;
++ value->contents.serialised.checked_offsets_up_to = trusted ? G_MAXSIZE : 0;
+
+ g_clear_pointer (&owned_bytes, g_bytes_unref);
+
+@@ -1142,6 +1168,7 @@ g_variant_get_child_value (GVariant *value,
+
+ /* Update the cached ordered_offsets_up_to, since @serialised will be thrown away when this function exits */
+ value->contents.serialised.ordered_offsets_up_to = MAX (value->contents.serialised.ordered_offsets_up_to, serialised.ordered_offsets_up_to);
++ value->contents.serialised.checked_offsets_up_to = MAX (value->contents.serialised.checked_offsets_up_to, serialised.checked_offsets_up_to);
+
+ /* Check whether this would cause nesting too deep. If so, return a fake
+ * child. The only situation we expect this to happen in is with a variant,
+@@ -1169,6 +1196,7 @@ g_variant_get_child_value (GVariant *value,
+ g_bytes_ref (value->contents.serialised.bytes);
+ child->contents.serialised.data = s_child.data;
+ child->contents.serialised.ordered_offsets_up_to = s_child.ordered_offsets_up_to;
++ child->contents.serialised.checked_offsets_up_to = s_child.checked_offsets_up_to;
+
+ return child;
+ }
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index d46d05c..9c7f12a 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -120,6 +120,8 @@
+ *
+ * @depth has no restrictions; the depth of a top-level serialized #GVariant is
+ * zero, and it increases for each level of nested child.
++ *
++ * @checked_offsets_up_to is always ≥ @ordered_offsets_up_to
+ */
+
+ /* < private >
+@@ -147,6 +149,9 @@ g_variant_serialised_check (GVariantSerialised serialised)
+ !(serialised.size == 0 || serialised.data != NULL))
+ return FALSE;
+
++ if (serialised.ordered_offsets_up_to > serialised.checked_offsets_up_to)
++ return FALSE;
++
+ /* Depending on the native alignment requirements of the machine, the
+ * compiler will insert either 3 or 7 padding bytes after the char.
+ * This will result in the sizeof() the struct being 12 or 16.
+@@ -266,6 +271,7 @@ gvs_fixed_sized_maybe_get_child (GVariantSerialised value,
+ g_variant_type_info_ref (value.type_info);
+ value.depth++;
+ value.ordered_offsets_up_to = 0;
++ value.checked_offsets_up_to = 0;
+
+ return value;
+ }
+@@ -297,7 +303,7 @@ gvs_fixed_sized_maybe_serialise (GVariantSerialised value,
+ {
+ if (n_children)
+ {
+- GVariantSerialised child = { NULL, value.data, value.size, value.depth + 1, 0 };
++ GVariantSerialised child = { NULL, value.data, value.size, value.depth + 1, 0, 0 };
+
+ gvs_filler (&child, children[0]);
+ }
+@@ -320,6 +326,7 @@ gvs_fixed_sized_maybe_is_normal (GVariantSerialised value)
+ value.type_info = g_variant_type_info_element (value.type_info);
+ value.depth++;
+ value.ordered_offsets_up_to = 0;
++ value.checked_offsets_up_to = 0;
+
+ return g_variant_serialised_is_normal (value);
+ }
+@@ -362,6 +369,7 @@ gvs_variable_sized_maybe_get_child (GVariantSerialised value,
+
+ value.depth++;
+ value.ordered_offsets_up_to = 0;
++ value.checked_offsets_up_to = 0;
+
+ return value;
+ }
+@@ -392,7 +400,7 @@ gvs_variable_sized_maybe_serialise (GVariantSerialised value,
+ {
+ if (n_children)
+ {
+- GVariantSerialised child = { NULL, value.data, value.size - 1, value.depth + 1, 0 };
++ GVariantSerialised child = { NULL, value.data, value.size - 1, value.depth + 1, 0, 0 };
+
+ /* write the data for the child. */
+ gvs_filler (&child, children[0]);
+@@ -413,6 +421,7 @@ gvs_variable_sized_maybe_is_normal (GVariantSerialised value)
+ value.size--;
+ value.depth++;
+ value.ordered_offsets_up_to = 0;
++ value.checked_offsets_up_to = 0;
+
+ return g_variant_serialised_is_normal (value);
+ }
+@@ -739,39 +748,46 @@ gvs_variable_sized_array_get_child (GVariantSerialised value,
+
+ /* If the requested @index_ is beyond the set of indices whose framing offsets
+ * have been checked, check the remaining offsets to see whether they’re
+- * normal (in order, no overlapping array elements). */
+- if (index_ > value.ordered_offsets_up_to)
++ * normal (in order, no overlapping array elements).
++ *
++ * Don’t bother checking if the highest known-good offset is lower than the
++ * highest checked offset, as that means there’s an invalid element at that
++ * index, so there’s no need to check further. */
++ if (index_ > value.checked_offsets_up_to &&
++ value.ordered_offsets_up_to == value.checked_offsets_up_to)
+ {
+ switch (offsets.offset_size)
+ {
+ case 1:
+ {
+ value.ordered_offsets_up_to = find_unordered_guint8 (
+- offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ offsets.array, value.checked_offsets_up_to, index_ + 1);
+ break;
+ }
+ case 2:
+ {
+ value.ordered_offsets_up_to = find_unordered_guint16 (
+- offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ offsets.array, value.checked_offsets_up_to, index_ + 1);
+ break;
+ }
+ case 4:
+ {
+ value.ordered_offsets_up_to = find_unordered_guint32 (
+- offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ offsets.array, value.checked_offsets_up_to, index_ + 1);
+ break;
+ }
+ case 8:
+ {
+ value.ordered_offsets_up_to = find_unordered_guint64 (
+- offsets.array, value.ordered_offsets_up_to, index_ + 1);
++ offsets.array, value.checked_offsets_up_to, index_ + 1);
+ break;
+ }
+ default:
+ /* gvs_get_offset_size() only returns maximum 8 */
+ g_assert_not_reached ();
+ }
++
++ value.checked_offsets_up_to = index_;
+ }
+
+ if (index_ > value.ordered_offsets_up_to)
+@@ -916,6 +932,7 @@ gvs_variable_sized_array_is_normal (GVariantSerialised value)
+
+ /* All offsets have now been checked. */
+ value.ordered_offsets_up_to = G_MAXSIZE;
++ value.checked_offsets_up_to = G_MAXSIZE;
+
+ return TRUE;
+ }
+@@ -1040,14 +1057,15 @@ gvs_tuple_get_child (GVariantSerialised value,
+ * all the tuple *elements* here, not just all the framing offsets, since
+ * tuples contain a mix of elements which use framing offsets and ones which
+ * don’t. None of them are allowed to overlap. */
+- if (index_ > value.ordered_offsets_up_to)
++ if (index_ > value.checked_offsets_up_to &&
++ value.ordered_offsets_up_to == value.checked_offsets_up_to)
+ {
+ gsize i, prev_i_end = 0;
+
+- if (value.ordered_offsets_up_to > 0)
+- gvs_tuple_get_member_bounds (value, value.ordered_offsets_up_to - 1, offset_size, NULL, &prev_i_end);
++ if (value.checked_offsets_up_to > 0)
++ gvs_tuple_get_member_bounds (value, value.checked_offsets_up_to - 1, offset_size, NULL, &prev_i_end);
+
+- for (i = value.ordered_offsets_up_to; i <= index_; i++)
++ for (i = value.checked_offsets_up_to; i <= index_; i++)
+ {
+ gsize i_start, i_end;
+
+@@ -1060,6 +1078,7 @@ gvs_tuple_get_child (GVariantSerialised value,
+ }
+
+ value.ordered_offsets_up_to = i - 1;
++ value.checked_offsets_up_to = index_;
+ }
+
+ if (index_ > value.ordered_offsets_up_to)
+@@ -1257,6 +1276,7 @@ gvs_tuple_is_normal (GVariantSerialised value)
+
+ /* All element bounds have been checked above. */
+ value.ordered_offsets_up_to = G_MAXSIZE;
++ value.checked_offsets_up_to = G_MAXSIZE;
+
+ {
+ gsize fixed_size;
+diff --git a/glib/gvariant-serialiser.h b/glib/gvariant-serialiser.h
+index 03826f9..2423e01 100644
+--- a/glib/gvariant-serialiser.h
++++ b/glib/gvariant-serialiser.h
+@@ -40,6 +40,15 @@ typedef struct
+ * Even when dealing with tuples, @ordered_offsets_up_to is an element index,
+ * rather than an index into the frame offsets. */
+ gsize ordered_offsets_up_to;
++
++ /* Similar to @ordered_offsets_up_to. This gives the index of the child element
++ * whose frame offset is the highest in the offset table which has been
++ * checked so far.
++ *
++ * This is always ≥ @ordered_offsets_up_to. It is always an element index.
++ *
++ * See documentation in gvariant-core.c for `struct GVariant` for details. */
++ gsize checked_offsets_up_to;
+ } GVariantSerialised;
+
+ /* deserialization */
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 1b1cbdc..2e288af 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -5997,6 +5997,7 @@ g_variant_byteswap (GVariant *value)
+ serialised.data = g_malloc (serialised.size);
+ serialised.depth = g_variant_get_depth (trusted);
+ serialised.ordered_offsets_up_to = G_MAXSIZE; /* operating on the normal form */
++ serialised.checked_offsets_up_to = G_MAXSIZE;
+ g_variant_store (trusted, serialised.data);
+ g_variant_unref (trusted);
+
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 3ddff96..31a7dde 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -1282,6 +1282,7 @@ random_instance_filler (GVariantSerialised *serialised,
+
+ serialised->depth = 0;
+ serialised->ordered_offsets_up_to = 0;
++ serialised->checked_offsets_up_to = 0;
+
+ g_assert_true (serialised->type_info == instance->type_info);
+ g_assert_cmpuint (serialised->size, ==, instance->size);
+@@ -1449,6 +1450,7 @@ test_maybe (void)
+ serialised.size = needed_size;
+ serialised.depth = 0;
+ serialised.ordered_offsets_up_to = 0;
++ serialised.checked_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised,
+ random_instance_filler,
+@@ -1573,6 +1575,7 @@ test_array (void)
+ serialised.size = needed_size;
+ serialised.depth = 0;
+ serialised.ordered_offsets_up_to = 0;
++ serialised.checked_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) instances, n_children);
+@@ -1738,6 +1741,7 @@ test_tuple (void)
+ serialised.size = needed_size;
+ serialised.depth = 0;
+ serialised.ordered_offsets_up_to = 0;
++ serialised.checked_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) instances, n_children);
+@@ -1835,6 +1839,7 @@ test_variant (void)
+ serialised.size = needed_size;
+ serialised.depth = 0;
+ serialised.ordered_offsets_up_to = 0;
++ serialised.checked_offsets_up_to = 0;
+
+ g_variant_serialiser_serialise (serialised, random_instance_filler,
+ (gpointer *) &instance, 1);
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch
new file mode 100644
index 0000000000..7a43b138f3
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0009.patch
@@ -0,0 +1,98 @@
+From 298a537d5f6783e55d87e40011ee3fd3b22b72f9 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 01:39:01 +0000
+Subject: [PATCH] gvariant: Zero-initialise various GVariantSerialised objects
+
+The following few commits will add a couple of new fields to
+`GVariantSerialised`, and they should be zero-filled by default.
+
+Try and pre-empt that a bit by zero-filling `GVariantSerialised` by
+default in a few places.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2121
+
+CVE: CVE-2023-32665
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/298a537d5f6783e55d87e40011ee3fd3b22b72f9]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant.c | 2 +-
+ glib/tests/gvariant.c | 12 ++++++------
+ 2 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 2e288af..30a3280 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -5987,7 +5987,7 @@ g_variant_byteswap (GVariant *value)
+ if (alignment)
+ /* (potentially) contains multi-byte numeric data */
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+ GVariant *trusted;
+ GBytes *bytes;
+
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 31a7dde..2f33a3e 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -1442,7 +1442,7 @@ test_maybe (void)
+
+ for (flavour = 0; flavour < 8; flavour += alignment)
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+ GVariantSerialised child;
+
+ serialised.type_info = type_info;
+@@ -1568,7 +1568,7 @@ test_array (void)
+
+ for (flavour = 0; flavour < 8; flavour += alignment)
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+
+ serialised.type_info = array_info;
+ serialised.data = flavoured_malloc (needed_size, flavour);
+@@ -1734,7 +1734,7 @@ test_tuple (void)
+
+ for (flavour = 0; flavour < 8; flavour += alignment)
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+
+ serialised.type_info = type_info;
+ serialised.data = flavoured_malloc (needed_size, flavour);
+@@ -1831,7 +1831,7 @@ test_variant (void)
+
+ for (flavour = 0; flavour < 8; flavour += alignment)
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+ GVariantSerialised child;
+
+ serialised.type_info = type_info;
+@@ -2280,7 +2280,7 @@ serialise_tree (TreeInstance *tree,
+ static void
+ test_byteswap (void)
+ {
+- GVariantSerialised one, two;
++ GVariantSerialised one = { 0, }, two = { 0, };
+ TreeInstance *tree;
+
+ tree = tree_instance_new (NULL, 3);
+@@ -2354,7 +2354,7 @@ test_serialiser_children (void)
+ static void
+ test_fuzz (gdouble *fuzziness)
+ {
+- GVariantSerialised serialised;
++ GVariantSerialised serialised = { 0, };
+ TreeInstance *tree;
+
+ /* make an instance */
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
index b5ab6502a3..b04b5f0a44 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
@@ -17,6 +17,15 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
file://0001-gio-tests-g-file-info-don-t-assume-million-in-one-ev.patch \
+ file://CVE-2023-32665-0001.patch \
+ file://CVE-2023-32665-0002.patch \
+ file://CVE-2023-32665-0003.patch \
+ file://CVE-2023-32665-0004.patch \
+ file://CVE-2023-32665-0005.patch \
+ file://CVE-2023-32665-0006.patch \
+ file://CVE-2023-32665-0007.patch \
+ file://CVE-2023-32665-0008.patch \
+ file://CVE-2023-32665-0009.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 02/36] glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 01/36] glib-2.0: Fix CVE-2023-32665 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 03/36] glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636 Steve Sakoman
` (33 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Soumya Sambu <soumya.sambu@windriver.com>
GVariant offset table entry size is not checked in is_normal()
g_variant_byteswap() can take a long time with some non-normal inputs
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../glib-2.0/glib-2.0/CVE-2023-29499.patch | 291 ++++++++++++++++++
.../glib-2.0/CVE-2023-32611-0001.patch | 97 ++++++
.../glib-2.0/CVE-2023-32611-0002.patch | 282 +++++++++++++++++
meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 3 +
4 files changed, 673 insertions(+)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch
new file mode 100644
index 0000000000..65174efa6d
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-29499.patch
@@ -0,0 +1,291 @@
+From 5f4485c4ff57fdefb1661531788def7ca5a47328 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 04:19:44 +0000
+Subject: [PATCH] gvariant-serialiser: Check offset table entry size is minimal
+
+The entries in an offset table (which is used for variable sized arrays
+and tuples containing variable sized members) are sized so that they can
+address every byte in the overall variant.
+
+The specification requires that for a variant to be in normal form, its
+offset table entries must be the minimum width such that they can
+address every byte in the variant.
+
+That minimality requirement was not checked in
+`g_variant_is_normal_form()`, leading to two different byte arrays being
+interpreted as the normal form of a given variant tree. That kind of
+confusion could potentially be exploited, and is certainly a bug.
+
+Fix it by adding the necessary checks on offset table entry width, and
+unit tests.
+
+Spotted by William Manley.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Fixes: #2794
+
+CVE: CVE-2023-29499
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/5f4485c4ff57fdefb1661531788def7ca5a47328]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-serialiser.c | 19 +++-
+ glib/tests/gvariant.c | 176 +++++++++++++++++++++++++++++++++++++
+ 2 files changed, 194 insertions(+), 1 deletion(-)
+
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 9c7f12a..3d6e7b8 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -694,6 +694,10 @@ gvs_variable_sized_array_get_frame_offsets (GVariantSerialised value)
+ out.data_size = last_end;
+ out.array = value.data + last_end;
+ out.length = offsets_array_size / out.offset_size;
++
++ if (out.length > 0 && gvs_calculate_total_size (last_end, out.length) != value.size)
++ return out; /* offset size not minimal */
++
+ out.is_normal = TRUE;
+
+ return out;
+@@ -1201,6 +1205,7 @@ gvs_tuple_is_normal (GVariantSerialised value)
+ gsize length;
+ gsize offset;
+ gsize i;
++ gsize offset_table_size;
+
+ /* as per the comment in gvs_tuple_get_child() */
+ if G_UNLIKELY (value.data == NULL && value.size != 0)
+@@ -1305,7 +1310,19 @@ gvs_tuple_is_normal (GVariantSerialised value)
+ }
+ }
+
+- return offset_ptr == offset;
++ /* @offset_ptr has been counting backwards from the end of the variant, to
++ * find the beginning of the offset table. @offset has been counting forwards
++ * from the beginning of the variant to find the end of the data. They should
++ * have met in the middle. */
++ if (offset_ptr != offset)
++ return FALSE;
++
++ offset_table_size = value.size - offset_ptr;
++ if (value.size > 0 &&
++ gvs_calculate_total_size (offset, offset_table_size / offset_size) != value.size)
++ return FALSE; /* offset size not minimal */
++
++ return TRUE;
+ }
+
+ /* Variants {{{2
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 44e4451..ad45043 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -5076,6 +5076,86 @@ test_normal_checking_array_offsets2 (void)
+ g_variant_unref (variant);
+ }
+
++/* Test that an otherwise-valid serialised GVariant is considered non-normal if
++ * its offset table entries are too wide.
++ *
++ * See §2.3.6 (Framing Offsets) of the GVariant specification. */
++static void
++test_normal_checking_array_offsets_minimal_sized (void)
++{
++ GVariantBuilder builder;
++ gsize i;
++ GVariant *aay_constructed = NULL;
++ const guint8 *data = NULL;
++ guint8 *data_owned = NULL;
++ GVariant *aay_deserialised = NULL;
++ GVariant *aay_normalised = NULL;
++
++ /* Construct an array of type aay, consisting of 128 elements which are each
++ * an empty array, i.e. `[[] * 128]`. This is chosen because the inner
++ * elements are variable sized (making the outer array variable sized, so it
++ * must have an offset table), but they are also zero-sized when serialised.
++ * So the serialised representation of @aay_constructed consists entirely of
++ * its offset table, which is entirely zeroes.
++ *
++ * The array is chosen to be 128 elements long because that means offset
++ * table entries which are 1 byte long. If the elements in the array were
++ * non-zero-sized (to the extent that the overall array is ≥256 bytes long),
++ * the offset table entries would end up being 2 bytes long. */
++ g_variant_builder_init (&builder, G_VARIANT_TYPE ("aay"));
++
++ for (i = 0; i < 128; i++)
++ g_variant_builder_add_value (&builder, g_variant_new_array (G_VARIANT_TYPE_BYTE, NULL, 0));
++
++ aay_constructed = g_variant_builder_end (&builder);
++
++ /* Verify that the constructed array is in normal form, and its serialised
++ * form is `b'\0' * 128`. */
++ g_assert_true (g_variant_is_normal_form (aay_constructed));
++ g_assert_cmpuint (g_variant_n_children (aay_constructed), ==, 128);
++ g_assert_cmpuint (g_variant_get_size (aay_constructed), ==, 128);
++
++ data = g_variant_get_data (aay_constructed);
++ for (i = 0; i < g_variant_get_size (aay_constructed); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ /* Construct a serialised `aay` GVariant which is `b'\0' * 256`. This has to
++ * be a non-normal form of `[[] * 128]`, with 2-byte-long offset table
++ * entries, because each offset table entry has to be able to reference all of
++ * the byte boundaries in the container. All the entries in the offset table
++ * are zero, so all the elements of the array are zero-sized. */
++ data = data_owned = g_malloc0 (256);
++ aay_deserialised = g_variant_new_from_data (G_VARIANT_TYPE ("aay"),
++ data,
++ 256,
++ FALSE,
++ g_free,
++ g_steal_pointer (&data_owned));
++
++ g_assert_false (g_variant_is_normal_form (aay_deserialised));
++ g_assert_cmpuint (g_variant_n_children (aay_deserialised), ==, 128);
++ g_assert_cmpuint (g_variant_get_size (aay_deserialised), ==, 256);
++
++ data = g_variant_get_data (aay_deserialised);
++ for (i = 0; i < g_variant_get_size (aay_deserialised); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ /* Get its normal form. That should change the serialised size. */
++ aay_normalised = g_variant_get_normal_form (aay_deserialised);
++
++ g_assert_true (g_variant_is_normal_form (aay_normalised));
++ g_assert_cmpuint (g_variant_n_children (aay_normalised), ==, 128);
++ g_assert_cmpuint (g_variant_get_size (aay_normalised), ==, 128);
++
++ data = g_variant_get_data (aay_normalised);
++ for (i = 0; i < g_variant_get_size (aay_normalised); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ g_variant_unref (aay_normalised);
++ g_variant_unref (aay_deserialised);
++ g_variant_unref (aay_constructed);
++}
++
+ /* Test that a tuple with invalidly large values in its offset table is
+ * normalised successfully without looping infinitely. */
+ static void
+@@ -5270,6 +5350,98 @@ test_normal_checking_tuple_offsets4 (void)
+ g_variant_unref (variant);
+ }
+
++/* Test that an otherwise-valid serialised GVariant is considered non-normal if
++ * its offset table entries are too wide.
++ *
++ * See §2.3.6 (Framing Offsets) of the GVariant specification. */
++static void
++test_normal_checking_tuple_offsets_minimal_sized (void)
++{
++ GString *type_string = NULL;
++ GVariantBuilder builder;
++ gsize i;
++ GVariant *ray_constructed = NULL;
++ const guint8 *data = NULL;
++ guint8 *data_owned = NULL;
++ GVariant *ray_deserialised = NULL;
++ GVariant *ray_normalised = NULL;
++
++ /* Construct a tuple of type (ay…ay), consisting of 129 members which are each
++ * an empty array, i.e. `([] * 129)`. This is chosen because the inner
++ * members are variable sized, so the outer tuple must have an offset table,
++ * but they are also zero-sized when serialised. So the serialised
++ * representation of @ray_constructed consists entirely of its offset table,
++ * which is entirely zeroes.
++ *
++ * The tuple is chosen to be 129 members long because that means it has 128
++ * offset table entries which are 1 byte long each. If the members in the
++ * tuple were non-zero-sized (to the extent that the overall tuple is ≥256
++ * bytes long), the offset table entries would end up being 2 bytes long.
++ *
++ * 129 members are used unlike 128 array elements in
++ * test_normal_checking_array_offsets_minimal_sized(), because the last member
++ * in a tuple never needs an offset table entry. */
++ type_string = g_string_new ("");
++ g_string_append_c (type_string, '(');
++ for (i = 0; i < 129; i++)
++ g_string_append (type_string, "ay");
++ g_string_append_c (type_string, ')');
++
++ g_variant_builder_init (&builder, G_VARIANT_TYPE (type_string->str));
++
++ for (i = 0; i < 129; i++)
++ g_variant_builder_add_value (&builder, g_variant_new_array (G_VARIANT_TYPE_BYTE, NULL, 0));
++
++ ray_constructed = g_variant_builder_end (&builder);
++
++ /* Verify that the constructed tuple is in normal form, and its serialised
++ * form is `b'\0' * 128`. */
++ g_assert_true (g_variant_is_normal_form (ray_constructed));
++ g_assert_cmpuint (g_variant_n_children (ray_constructed), ==, 129);
++ g_assert_cmpuint (g_variant_get_size (ray_constructed), ==, 128);
++
++ data = g_variant_get_data (ray_constructed);
++ for (i = 0; i < g_variant_get_size (ray_constructed); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ /* Construct a serialised `(ay…ay)` GVariant which is `b'\0' * 256`. This has
++ * to be a non-normal form of `([] * 129)`, with 2-byte-long offset table
++ * entries, because each offset table entry has to be able to reference all of
++ * the byte boundaries in the container. All the entries in the offset table
++ * are zero, so all the members of the tuple are zero-sized. */
++ data = data_owned = g_malloc0 (256);
++ ray_deserialised = g_variant_new_from_data (G_VARIANT_TYPE (type_string->str),
++ data,
++ 256,
++ FALSE,
++ g_free,
++ g_steal_pointer (&data_owned));
++
++ g_assert_false (g_variant_is_normal_form (ray_deserialised));
++ g_assert_cmpuint (g_variant_n_children (ray_deserialised), ==, 129);
++ g_assert_cmpuint (g_variant_get_size (ray_deserialised), ==, 256);
++
++ data = g_variant_get_data (ray_deserialised);
++ for (i = 0; i < g_variant_get_size (ray_deserialised); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ /* Get its normal form. That should change the serialised size. */
++ ray_normalised = g_variant_get_normal_form (ray_deserialised);
++
++ g_assert_true (g_variant_is_normal_form (ray_normalised));
++ g_assert_cmpuint (g_variant_n_children (ray_normalised), ==, 129);
++ g_assert_cmpuint (g_variant_get_size (ray_normalised), ==, 128);
++
++ data = g_variant_get_data (ray_normalised);
++ for (i = 0; i < g_variant_get_size (ray_normalised); i++)
++ g_assert_cmpuint (data[i], ==, 0);
++
++ g_variant_unref (ray_normalised);
++ g_variant_unref (ray_deserialised);
++ g_variant_unref (ray_constructed);
++ g_string_free (type_string, TRUE);
++}
++
+ /* Test that an empty object path is normalised successfully to the base object
+ * path, ‘/’. */
+ static void
+@@ -5414,6 +5586,8 @@ main (int argc, char **argv)
+ test_normal_checking_array_offsets);
+ g_test_add_func ("/gvariant/normal-checking/array-offsets2",
+ test_normal_checking_array_offsets2);
++ g_test_add_func ("/gvariant/normal-checking/array-offsets/minimal-sized",
++ test_normal_checking_array_offsets_minimal_sized);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets",
+ test_normal_checking_tuple_offsets);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets2",
+@@ -5422,6 +5596,8 @@ main (int argc, char **argv)
+ test_normal_checking_tuple_offsets3);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets4",
+ test_normal_checking_tuple_offsets4);
++ g_test_add_func ("/gvariant/normal-checking/tuple-offsets/minimal-sized",
++ test_normal_checking_tuple_offsets_minimal_sized);
+ g_test_add_func ("/gvariant/normal-checking/empty-object-path",
+ test_normal_checking_empty_object_path);
+
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch
new file mode 100644
index 0000000000..cc4b4055b2
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0001.patch
@@ -0,0 +1,97 @@
+From 4c4cf568f0f710baf0bd04d52df715636bc6b971 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 04:23:41 +0000
+Subject: [PATCH] gvariant: Fix g_variant_byteswap() returning non-normal data
+
+If `g_variant_byteswap()` was called on a non-normal variant of a type
+which doesn’t need byteswapping, it would return a non-normal output.
+
+That contradicts the documentation, which says that the return value is
+always in normal form.
+
+Fix the code so it matches the documentation.
+
+Includes a unit test.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Helps: #2797
+
+CVE: CVE-2023-32611
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/4c4cf568f0f710baf0bd04d52df715636bc6b971]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant.c | 8 +++++---
+ glib/tests/gvariant.c | 24 ++++++++++++++++++++++++
+ 2 files changed, 29 insertions(+), 3 deletions(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 30a3280..7e568d1 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -6004,14 +6004,16 @@ g_variant_byteswap (GVariant *value)
+ g_variant_serialised_byteswap (serialised);
+
+ bytes = g_bytes_new_take (serialised.data, serialised.size);
+- new = g_variant_new_from_bytes (g_variant_get_type (value), bytes, TRUE);
++ new = g_variant_ref_sink (g_variant_new_from_bytes (g_variant_get_type (value), bytes, TRUE));
+ g_bytes_unref (bytes);
+ }
+ else
+ /* contains no multi-byte data */
+- new = value;
++ new = g_variant_get_normal_form (value);
+
+- return g_variant_ref_sink (new);
++ g_assert (g_variant_is_trusted (new));
++
++ return g_steal_pointer (&new);
+ }
+
+ /**
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index ad45043..36c86c2 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -3818,6 +3818,29 @@ test_gv_byteswap (void)
+ g_free (string);
+ }
+
++static void
++test_gv_byteswap_non_normal_non_aligned (void)
++{
++ const guint8 data[] = { 0x02 };
++ GVariant *v = NULL;
++ GVariant *v_byteswapped = NULL;
++
++ g_test_summary ("Test that calling g_variant_byteswap() on a variant which "
++ "is in non-normal form and doesn’t need byteswapping returns "
++ "the same variant in normal form.");
++
++ v = g_variant_new_from_data (G_VARIANT_TYPE_BOOLEAN, data, sizeof (data), FALSE, NULL, NULL);
++ g_assert_false (g_variant_is_normal_form (v));
++
++ v_byteswapped = g_variant_byteswap (v);
++ g_assert_true (g_variant_is_normal_form (v_byteswapped));
++
++ g_assert_cmpvariant (v, v_byteswapped);
++
++ g_variant_unref (v);
++ g_variant_unref (v_byteswapped);
++}
++
+ static void
+ test_parser (void)
+ {
+@@ -5553,6 +5576,7 @@ main (int argc, char **argv)
+ g_test_add_func ("/gvariant/builder-memory", test_builder_memory);
+ g_test_add_func ("/gvariant/hashing", test_hashing);
+ g_test_add_func ("/gvariant/byteswap", test_gv_byteswap);
++ g_test_add_func ("/gvariant/byteswap/non-normal-non-aligned", test_gv_byteswap_non_normal_non_aligned);
+ g_test_add_func ("/gvariant/parser", test_parses);
+ g_test_add_func ("/gvariant/parser/integer-bounds", test_parser_integer_bounds);
+ g_test_add_func ("/gvariant/parser/recursion", test_parser_recursion);
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch
new file mode 100644
index 0000000000..304c15bceb
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32611-0002.patch
@@ -0,0 +1,282 @@
+From 7d7efce1d9c379fdd7d2ff58caea88f8806fdd2e Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 05:05:39 +0000
+Subject: [PATCH] gvariant: Allow g_variant_byteswap() to operate on tree-form
+ variants
+
+This avoids needing to always serialise a variant before byteswapping it.
+With variants in non-normal forms, serialisation can result in a large
+increase in size of the variant, and a lot of allocations for leaf
+`GVariant`s. This can lead to a denial of service attack.
+
+Avoid that by changing byteswapping so that it happens on the tree form
+of the variant if the input is in non-normal form. If the input is in
+normal form (either serialised or in tree form), continue using the
+existing code as byteswapping an already-serialised normal variant is
+about 3× faster than byteswapping on the equivalent tree form.
+
+The existing unit tests cover byteswapping well, but need some
+adaptation so that they operate on tree form variants too.
+
+I considered dropping the serialised byteswapping code and doing all
+byteswapping on tree-form variants, as that would make maintenance
+simpler (avoiding having two parallel implementations of byteswapping).
+However, most inputs to `g_variant_byteswap()` are likely to be
+serialised variants (coming from a byte array of input from some foreign
+source) and most of them are going to be in normal form (as corruption
+and malicious action are rare). So getting rid of the serialised
+byteswapping code would impose quite a performance penalty on the common
+case.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Fixes: #2797
+
+CVE: CVE-2023-32611
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/7d7efce1d9c379fdd7d2ff58caea88f8806fdd2e]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant.c | 83 ++++++++++++++++++++++++++++++++-----------
+ glib/tests/gvariant.c | 57 +++++++++++++++++++++++++----
+ 2 files changed, 113 insertions(+), 27 deletions(-)
+
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index 7e568d1..65b8443 100644
+--- a/glib/gvariant.c
++++ b/glib/gvariant.c
+@@ -5839,7 +5839,8 @@ g_variant_iter_loop (GVariantIter *iter,
+
+ /* Serialized data {{{1 */
+ static GVariant *
+-g_variant_deep_copy (GVariant *value)
++g_variant_deep_copy (GVariant *value,
++ gboolean byteswap)
+ {
+ switch (g_variant_classify (value))
+ {
+@@ -5857,7 +5858,7 @@ g_variant_deep_copy (GVariant *value)
+ for (i = 0, n_children = g_variant_n_children (value); i < n_children; i++)
+ {
+ GVariant *child = g_variant_get_child_value (value, i);
+- g_variant_builder_add_value (&builder, g_variant_deep_copy (child));
++ g_variant_builder_add_value (&builder, g_variant_deep_copy (child, byteswap));
+ g_variant_unref (child);
+ }
+
+@@ -5871,28 +5872,63 @@ g_variant_deep_copy (GVariant *value)
+ return g_variant_new_byte (g_variant_get_byte (value));
+
+ case G_VARIANT_CLASS_INT16:
+- return g_variant_new_int16 (g_variant_get_int16 (value));
++ if (byteswap)
++ return g_variant_new_int16 (GUINT16_SWAP_LE_BE (g_variant_get_int16 (value)));
++ else
++ return g_variant_new_int16 (g_variant_get_int16 (value));
+
+ case G_VARIANT_CLASS_UINT16:
+- return g_variant_new_uint16 (g_variant_get_uint16 (value));
++ if (byteswap)
++ return g_variant_new_uint16 (GUINT16_SWAP_LE_BE (g_variant_get_uint16 (value)));
++ else
++ return g_variant_new_uint16 (g_variant_get_uint16 (value));
+
+ case G_VARIANT_CLASS_INT32:
+- return g_variant_new_int32 (g_variant_get_int32 (value));
++ if (byteswap)
++ return g_variant_new_int32 (GUINT32_SWAP_LE_BE (g_variant_get_int32 (value)));
++ else
++ return g_variant_new_int32 (g_variant_get_int32 (value));
+
+ case G_VARIANT_CLASS_UINT32:
+- return g_variant_new_uint32 (g_variant_get_uint32 (value));
++ if (byteswap)
++ return g_variant_new_uint32 (GUINT32_SWAP_LE_BE (g_variant_get_uint32 (value)));
++ else
++ return g_variant_new_uint32 (g_variant_get_uint32 (value));
+
+ case G_VARIANT_CLASS_INT64:
+- return g_variant_new_int64 (g_variant_get_int64 (value));
++ if (byteswap)
++ return g_variant_new_int64 (GUINT64_SWAP_LE_BE (g_variant_get_int64 (value)));
++ else
++ return g_variant_new_int64 (g_variant_get_int64 (value));
+
+ case G_VARIANT_CLASS_UINT64:
+- return g_variant_new_uint64 (g_variant_get_uint64 (value));
++ if (byteswap)
++ return g_variant_new_uint64 (GUINT64_SWAP_LE_BE (g_variant_get_uint64 (value)));
++ else
++ return g_variant_new_uint64 (g_variant_get_uint64 (value));
+
+ case G_VARIANT_CLASS_HANDLE:
+- return g_variant_new_handle (g_variant_get_handle (value));
++ if (byteswap)
++ return g_variant_new_handle (GUINT32_SWAP_LE_BE (g_variant_get_handle (value)));
++ else
++ return g_variant_new_handle (g_variant_get_handle (value));
+
+ case G_VARIANT_CLASS_DOUBLE:
+- return g_variant_new_double (g_variant_get_double (value));
++ if (byteswap)
++ {
++ /* We have to convert the double to a uint64 here using a union,
++ * because a cast will round it numerically. */
++ union
++ {
++ guint64 u64;
++ gdouble dbl;
++ } u1, u2;
++ u1.dbl = g_variant_get_double (value);
++ u2.u64 = GUINT64_SWAP_LE_BE (u1.u64);
++ return g_variant_new_double (u2.dbl);
++ }
++ else
++ return g_variant_new_double (g_variant_get_double (value));
+
+ case G_VARIANT_CLASS_STRING:
+ return g_variant_new_string (g_variant_get_string (value, NULL));
+@@ -5947,7 +5983,7 @@ g_variant_get_normal_form (GVariant *value)
+ if (g_variant_is_normal_form (value))
+ return g_variant_ref (value);
+
+- trusted = g_variant_deep_copy (value);
++ trusted = g_variant_deep_copy (value, FALSE);
+ g_assert (g_variant_is_trusted (trusted));
+
+ return g_variant_ref_sink (trusted);
+@@ -5967,6 +6003,11 @@ g_variant_get_normal_form (GVariant *value)
+ * contain multi-byte numeric data. That include strings, booleans,
+ * bytes and containers containing only these things (recursively).
+ *
++ * While this function can safely handle untrusted, non-normal data, it is
++ * recommended to check whether the input is in normal form beforehand, using
++ * g_variant_is_normal_form(), and to reject non-normal inputs if your
++ * application can be strict about what inputs it rejects.
++ *
+ * The returned value is always in normal form and is marked as trusted.
+ *
+ * Returns: (transfer full): the byteswapped form of @value
+@@ -5984,22 +6025,21 @@ g_variant_byteswap (GVariant *value)
+
+ g_variant_type_info_query (type_info, &alignment, NULL);
+
+- if (alignment)
+- /* (potentially) contains multi-byte numeric data */
++ if (alignment && g_variant_is_normal_form (value))
+ {
++ /* (potentially) contains multi-byte numeric data, but is also already in
++ * normal form so we can use a faster byteswapping codepath on the
++ * serialised data */
+ GVariantSerialised serialised = { 0, };
+- GVariant *trusted;
+ GBytes *bytes;
+
+- trusted = g_variant_get_normal_form (value);
+- serialised.type_info = g_variant_get_type_info (trusted);
+- serialised.size = g_variant_get_size (trusted);
++ serialised.type_info = g_variant_get_type_info (value);
++ serialised.size = g_variant_get_size (value);
+ serialised.data = g_malloc (serialised.size);
+- serialised.depth = g_variant_get_depth (trusted);
++ serialised.depth = g_variant_get_depth (value);
+ serialised.ordered_offsets_up_to = G_MAXSIZE; /* operating on the normal form */
+ serialised.checked_offsets_up_to = G_MAXSIZE;
+- g_variant_store (trusted, serialised.data);
+- g_variant_unref (trusted);
++ g_variant_store (value, serialised.data);
+
+ g_variant_serialised_byteswap (serialised);
+
+@@ -6007,6 +6047,9 @@ g_variant_byteswap (GVariant *value)
+ new = g_variant_ref_sink (g_variant_new_from_bytes (g_variant_get_type (value), bytes, TRUE));
+ g_bytes_unref (bytes);
+ }
++ else if (alignment)
++ /* (potentially) contains multi-byte numeric data */
++ new = g_variant_ref_sink (g_variant_deep_copy (value, TRUE));
+ else
+ /* contains no multi-byte data */
+ new = g_variant_get_normal_form (value);
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 36c86c2..43091f2 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -2280,24 +2280,67 @@ serialise_tree (TreeInstance *tree,
+ static void
+ test_byteswap (void)
+ {
+- GVariantSerialised one = { 0, }, two = { 0, };
++ GVariantSerialised one = { 0, }, two = { 0, }, three = { 0, };
+ TreeInstance *tree;
+-
++ GVariant *one_variant = NULL;
++ GVariant *two_variant = NULL;
++ GVariant *two_byteswapped = NULL;
++ GVariant *three_variant = NULL;
++ GVariant *three_byteswapped = NULL;
++ guint8 *three_data_copy = NULL;
++ gsize three_size_copy = 0;
++
++ /* Write a tree out twice, once normally and once byteswapped. */
+ tree = tree_instance_new (NULL, 3);
+ serialise_tree (tree, &one);
+
++ one_variant = g_variant_new_from_data (G_VARIANT_TYPE (g_variant_type_info_get_type_string (one.type_info)),
++ one.data, one.size, FALSE, NULL, NULL);
++
+ i_am_writing_byteswapped = TRUE;
+ serialise_tree (tree, &two);
++ serialise_tree (tree, &three);
+ i_am_writing_byteswapped = FALSE;
+
+- g_variant_serialised_byteswap (two);
+-
+- g_assert_cmpmem (one.data, one.size, two.data, two.size);
+- g_assert_cmpuint (one.depth, ==, two.depth);
+-
++ /* Swap the first byteswapped one back using the function we want to test. */
++ two_variant = g_variant_new_from_data (G_VARIANT_TYPE (g_variant_type_info_get_type_string (two.type_info)),
++ two.data, two.size, FALSE, NULL, NULL);
++ two_byteswapped = g_variant_byteswap (two_variant);
++
++ /* Make the second byteswapped one non-normal (hopefully), and then byteswap
++ * it back using the function we want to test in its non-normal mode.
++ * This might not work because it’s not necessarily possible to make an
++ * arbitrary random variant non-normal. Adding a single zero byte to the end
++ * often makes something non-normal but still readable. */
++ three_size_copy = three.size + 1;
++ three_data_copy = g_malloc (three_size_copy);
++ memcpy (three_data_copy, three.data, three.size);
++ three_data_copy[three.size] = '\0';
++
++ three_variant = g_variant_new_from_data (G_VARIANT_TYPE (g_variant_type_info_get_type_string (three.type_info)),
++ three_data_copy, three_size_copy, FALSE, NULL, NULL);
++ three_byteswapped = g_variant_byteswap (three_variant);
++
++ /* Check they’re the same. We can always compare @one_variant and
++ * @two_byteswapped. We can only compare @two_byteswapped and
++ * @three_byteswapped if @two_variant and @three_variant are equal: in that
++ * case, the corruption to @three_variant was enough to make it non-normal but
++ * not enough to change its value. */
++ g_assert_cmpvariant (one_variant, two_byteswapped);
++
++ if (g_variant_equal (two_variant, three_variant))
++ g_assert_cmpvariant (two_byteswapped, three_byteswapped);
++
++ g_variant_unref (three_byteswapped);
++ g_variant_unref (three_variant);
++ g_variant_unref (two_byteswapped);
++ g_variant_unref (two_variant);
++ g_variant_unref (one_variant);
+ tree_instance_free (tree);
+ g_free (one.data);
+ g_free (two.data);
++ g_free (three.data);
++ g_free (three_data_copy);
+ }
+
+ static void
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
index b04b5f0a44..3545e6675a 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
@@ -26,6 +26,9 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://CVE-2023-32665-0007.patch \
file://CVE-2023-32665-0008.patch \
file://CVE-2023-32665-0009.patch \
+ file://CVE-2023-29499.patch \
+ file://CVE-2023-32611-0001.patch \
+ file://CVE-2023-32611-0002.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 03/36] glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 01/36] glib-2.0: Fix CVE-2023-32665 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 02/36] glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 04/36] librsvg: 2.52.7 -> 2.52.10 Steve Sakoman
` (32 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Soumya Sambu <soumya.sambu@windriver.com>
fuzz_variant_binary_byteswap: Heap-buffer-overflow in g_variant_serialised_get_child
fuzz_variant_text: Timeout in fuzz_variant_text
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../glib-2.0/glib-2.0/CVE-2023-32636.patch | 50 ++++++
.../glib-2.0/glib-2.0/CVE-2023-32643.patch | 155 ++++++++++++++++++
meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb | 2 +
3 files changed, 207 insertions(+)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch
new file mode 100644
index 0000000000..311993625a
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32636.patch
@@ -0,0 +1,50 @@
+From 21a204147b16539b3eda3143b32844c49e29f4d4 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 11:33:49 +0000
+Subject: [PATCH] gvariant: Propagate trust when getting a child of a
+ serialised variant
+
+If a variant is trusted, that means all its children are trusted, so
+ensure that their checked offsets are set as such.
+
+This allows a lot of the offset table checks to be avoided when getting
+children from trusted serialised tuples, which speeds things up.
+
+No unit test is included because this is just a performance fix. If
+there are other slownesses, or regressions, in serialised `GVariant`
+performance, the fuzzing setup will catch them like it did this one.
+
+This change does reduce the time to run the oss-fuzz reproducer from 80s
+to about 0.7s on my machine.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Fixes: #2841
+oss-fuzz#54314
+
+CVE: CVE-2023-32636
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/21a204147b16539b3eda3143b32844c49e29f4d4]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-core.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/glib/gvariant-core.c b/glib/gvariant-core.c
+index 7b71efc..a2c7d2d 100644
+--- a/glib/gvariant-core.c
++++ b/glib/gvariant-core.c
+@@ -1195,8 +1195,8 @@ g_variant_get_child_value (GVariant *value,
+ child->contents.serialised.bytes =
+ g_bytes_ref (value->contents.serialised.bytes);
+ child->contents.serialised.data = s_child.data;
+- child->contents.serialised.ordered_offsets_up_to = s_child.ordered_offsets_up_to;
+- child->contents.serialised.checked_offsets_up_to = s_child.checked_offsets_up_to;
++ child->contents.serialised.ordered_offsets_up_to = (value->state & STATE_TRUSTED) ? G_MAXSIZE : s_child.ordered_offsets_up_to;
++ child->contents.serialised.checked_offsets_up_to = (value->state & STATE_TRUSTED) ? G_MAXSIZE : s_child.checked_offsets_up_to;
+
+ return child;
+ }
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch
new file mode 100644
index 0000000000..b5cb4273b6
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32643.patch
@@ -0,0 +1,155 @@
+From 78da5faccb3e065116b75b3ff87ff55381da6c76 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Thu, 17 Aug 2023 11:24:43 +0000
+Subject: [PATCH] gvariant: Check offset table doesn't fall outside variant
+ bounds
+
+When dereferencing the first entry in the offset table for a tuple,
+check that it doesn’t fall outside the bounds of the variant first.
+
+This prevents an out-of-bounds read from some non-normal tuples.
+
+This bug was introduced in commit 73d0aa81c2575a5c9ae77d.
+
+Includes a unit test, although the test will likely only catch the
+original bug if run with asan enabled.
+
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+
+Fixes: #2840
+oss-fuzz#54302
+
+CVE: CVE-2023-32643
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/78da5faccb3e065116b75b3ff87ff55381da6c76]
+
+Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+---
+ glib/gvariant-serialiser.c | 12 ++++++--
+ glib/tests/gvariant.c | 63 ++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 72 insertions(+), 3 deletions(-)
+
+diff --git a/glib/gvariant-serialiser.c b/glib/gvariant-serialiser.c
+index 3d6e7b8..5abb87e 100644
+--- a/glib/gvariant-serialiser.c
++++ b/glib/gvariant-serialiser.c
+@@ -979,7 +979,8 @@ gvs_tuple_get_member_bounds (GVariantSerialised value,
+
+ member_info = g_variant_type_info_member_info (value.type_info, index_);
+
+- if (member_info->i + 1)
++ if (member_info->i + 1 &&
++ offset_size * (member_info->i + 1) <= value.size)
+ member_start = gvs_read_unaligned_le (value.data + value.size -
+ offset_size * (member_info->i + 1),
+ offset_size);
+@@ -990,7 +991,8 @@ gvs_tuple_get_member_bounds (GVariantSerialised value,
+ member_start &= member_info->b;
+ member_start |= member_info->c;
+
+- if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_LAST)
++ if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_LAST &&
++ offset_size * (member_info->i + 1) <= value.size)
+ member_end = value.size - offset_size * (member_info->i + 1);
+
+ else if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_FIXED)
+@@ -1001,11 +1003,15 @@ gvs_tuple_get_member_bounds (GVariantSerialised value,
+ member_end = member_start + fixed_size;
+ }
+
+- else /* G_VARIANT_MEMBER_ENDING_OFFSET */
++ else if (member_info->ending_type == G_VARIANT_MEMBER_ENDING_OFFSET &&
++ offset_size * (member_info->i + 2) <= value.size)
+ member_end = gvs_read_unaligned_le (value.data + value.size -
+ offset_size * (member_info->i + 2),
+ offset_size);
+
++ else /* invalid */
++ member_end = G_MAXSIZE;
++
+ if (out_member_start != NULL)
+ *out_member_start = member_start;
+ if (out_member_end != NULL)
+diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c
+index 43091f2..ab0361a 100644
+--- a/glib/tests/gvariant.c
++++ b/glib/tests/gvariant.c
+@@ -5416,6 +5416,67 @@ test_normal_checking_tuple_offsets4 (void)
+ g_variant_unref (variant);
+ }
+
++/* This is a regression test that dereferencing the first element in the offset
++ * table doesn’t dereference memory before the start of the GVariant. The first
++ * element in the offset table gives the offset of the final member in the
++ * tuple (the offset table is stored in reverse), and the position of this final
++ * member is needed to check that none of the tuple members overlap with the
++ * offset table
++ *
++ * See https://gitlab.gnome.org/GNOME/glib/-/issues/2840 */
++static void
++test_normal_checking_tuple_offsets5 (void)
++{
++ /* A tuple of type (sss) in normal form would have an offset table with two
++ * entries:
++ * - The first entry (lowest index in the table) gives the offset of the
++ * third `s` in the tuple, as the offset table is reversed compared to the
++ * tuple members.
++ * - The second entry (highest index in the table) gives the offset of the
++ * second `s` in the tuple.
++ * - The offset of the first `s` in the tuple is always 0.
++ *
++ * See §2.5.4 (Structures) of the GVariant specification for details, noting
++ * that the table is only layed out this way because all three members of the
++ * tuple have non-fixed sizes.
++ *
++ * It’s not clear whether the 0xaa data of this variant is part of the strings
++ * in the tuple, or part of the offset table. It doesn’t really matter. This
++ * is a regression test to check that the code to validate the offset table
++ * doesn’t unconditionally try to access the first entry in the offset table
++ * by subtracting the table size from the end of the GVariant data.
++ *
++ * In this non-normal case, that would result in an address off the start of
++ * the GVariant data, and an out-of-bounds read, because the GVariant is one
++ * byte long, but the offset table is calculated as two bytes long (with 1B
++ * sized entries) from the tuple’s type.
++ */
++ const GVariantType *data_type = G_VARIANT_TYPE ("(sss)");
++ const guint8 data[] = { 0xaa };
++ gsize size = sizeof (data);
++ GVariant *variant = NULL;
++ GVariant *normal_variant = NULL;
++ GVariant *expected = NULL;
++
++ g_test_bug ("https://gitlab.gnome.org/GNOME/glib/-/issues/2840");
++
++ variant = g_variant_new_from_data (data_type, data, size, FALSE, NULL, NULL);
++ g_assert_nonnull (variant);
++
++ g_assert_false (g_variant_is_normal_form (variant));
++
++ normal_variant = g_variant_get_normal_form (variant);
++ g_assert_nonnull (normal_variant);
++
++ expected = g_variant_new_parsed ("('', '', '')");
++ g_assert_cmpvariant (expected, variant);
++ g_assert_cmpvariant (expected, normal_variant);
++
++ g_variant_unref (expected);
++ g_variant_unref (normal_variant);
++ g_variant_unref (variant);
++}
++
+ /* Test that an otherwise-valid serialised GVariant is considered non-normal if
+ * its offset table entries are too wide.
+ *
+@@ -5663,6 +5724,8 @@ main (int argc, char **argv)
+ test_normal_checking_tuple_offsets3);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets4",
+ test_normal_checking_tuple_offsets4);
++ g_test_add_func ("/gvariant/normal-checking/tuple-offsets5",
++ test_normal_checking_tuple_offsets5);
+ g_test_add_func ("/gvariant/normal-checking/tuple-offsets/minimal-sized",
+ test_normal_checking_tuple_offsets_minimal_sized);
+ g_test_add_func ("/gvariant/normal-checking/empty-object-path",
+--
+2.40.0
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
index 3545e6675a..24c590a714 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.72.3.bb
@@ -29,6 +29,8 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://CVE-2023-29499.patch \
file://CVE-2023-32611-0001.patch \
file://CVE-2023-32611-0002.patch \
+ file://CVE-2023-32643.patch \
+ file://CVE-2023-32636.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 04/36] librsvg: 2.52.7 -> 2.52.10
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (2 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 03/36] glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 05/36] gstreamer1.0: upgrade 1.20.6 -> 1.20.7 Steve Sakoman
` (31 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Chee Yang Lee <chee.yang.lee@intel.com>
upgrade include fix for CVE-2023-38633
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../librsvg/{librsvg_2.52.7.bb => librsvg_2.52.10.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-gnome/librsvg/{librsvg_2.52.7.bb => librsvg_2.52.10.bb} (96%)
diff --git a/meta/recipes-gnome/librsvg/librsvg_2.52.7.bb b/meta/recipes-gnome/librsvg/librsvg_2.52.10.bb
similarity index 96%
rename from meta/recipes-gnome/librsvg/librsvg_2.52.7.bb
rename to meta/recipes-gnome/librsvg/librsvg_2.52.10.bb
index 78eb93c635..b79e95a04f 100644
--- a/meta/recipes-gnome/librsvg/librsvg_2.52.7.bb
+++ b/meta/recipes-gnome/librsvg/librsvg_2.52.10.bb
@@ -20,7 +20,7 @@ SRC_URI += "file://0001-Makefile.am-pass-rust-target-to-cargo-also-when-not-.pat
file://0001-system-deps-src-lib.rs-do-not-probe-into-harcoded-li.patch \
"
-SRC_URI[archive.sha256sum] = "057c1eeeaf85c84e254bdb707459207f5840da5b4d52b4711c03140ed09e6887"
+SRC_URI[archive.sha256sum] = "6292dfcd6a8e1ce1784e0188914546af1633081d1fae9e22f7cb017e7e84ba8f"
# librsvg is still autotools-based, but is calling cargo from its automake-driven makefiles
# so we cannot use cargo class directly, but still need bits and pieces from it
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 05/36] gstreamer1.0: upgrade 1.20.6 -> 1.20.7
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (3 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 04/36] librsvg: 2.52.7 -> 2.52.10 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 06/36] bind: 9.18.11 -> 9.18.17 Steve Sakoman
` (30 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
This release only contains bugfixes.
Highlighted bugfixes in 1.20.7:
Security fixes for flacparse, dvdspu, and subparse, and the RealMedia demuxer
h265parse: Fix framerate handling
filesink: Fix buffered mode writing of buffer lists and buffers with multiple memories
asfmux, rtpbin_buffer_list test: fix possible unaligned write/read on 32-bit ARM
ptp clock: Work around bug in ptpd in default configuration
qtdemux: fix reverse playback regression with edit lists
rtspsrc: various control path handling server compatibility improvements
avviddec: fix potential deadlock on seeking with FFmpeg 6.x
cerbero: Fix pango crash on 32bit Windows; move libass into non-GPL codecs
Miscellaneous bug fixes, memory leak fixes, and other stability and reliability improvements
https://nvd.nist.gov/vuln/detail/CVE-2023-37327
https://nvd.nist.gov/vuln/detail/CVE-2023-37328
https://nvd.nist.gov/vuln/detail/CVE-2023-37329
https://gstreamer.freedesktop.org/releases/1.20/#1.20.7
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{gst-devtools_1.20.6.bb => gst-devtools_1.20.7.bb} | 2 +-
...streamer1.0-libav_1.20.6.bb => gstreamer1.0-libav_1.20.7.bb} | 2 +-
.../{gstreamer1.0-omx_1.20.6.bb => gstreamer1.0-omx_1.20.7.bb} | 2 +-
...plugins-bad_1.20.6.bb => gstreamer1.0-plugins-bad_1.20.7.bb} | 2 +-
...ugins-base_1.20.6.bb => gstreamer1.0-plugins-base_1.20.7.bb} | 2 +-
...ugins-good_1.20.6.bb => gstreamer1.0-plugins-good_1.20.7.bb} | 2 +-
...ugins-ugly_1.20.6.bb => gstreamer1.0-plugins-ugly_1.20.7.bb} | 2 +-
...reamer1.0-python_1.20.6.bb => gstreamer1.0-python_1.20.7.bb} | 2 +-
...rtsp-server_1.20.6.bb => gstreamer1.0-rtsp-server_1.20.7.bb} | 2 +-
...streamer1.0-vaapi_1.20.6.bb => gstreamer1.0-vaapi_1.20.7.bb} | 2 +-
.../{gstreamer1.0_1.20.6.bb => gstreamer1.0_1.20.7.bb} | 2 +-
11 files changed, 11 insertions(+), 11 deletions(-)
rename meta/recipes-multimedia/gstreamer/{gst-devtools_1.20.6.bb => gst-devtools_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-libav_1.20.6.bb => gstreamer1.0-libav_1.20.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-omx_1.20.6.bb => gstreamer1.0-omx_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-bad_1.20.6.bb => gstreamer1.0-plugins-bad_1.20.7.bb} (98%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-base_1.20.6.bb => gstreamer1.0-plugins-base_1.20.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-good_1.20.6.bb => gstreamer1.0-plugins-good_1.20.7.bb} (97%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-plugins-ugly_1.20.6.bb => gstreamer1.0-plugins-ugly_1.20.7.bb} (94%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-python_1.20.6.bb => gstreamer1.0-python_1.20.7.bb} (91%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-rtsp-server_1.20.6.bb => gstreamer1.0-rtsp-server_1.20.7.bb} (90%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0-vaapi_1.20.6.bb => gstreamer1.0-vaapi_1.20.7.bb} (95%)
rename meta/recipes-multimedia/gstreamer/{gstreamer1.0_1.20.6.bb => gstreamer1.0_1.20.7.bb} (97%)
diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.7.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gst-devtools_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gst-devtools_1.20.7.bb
index 2eee50e6d8..2409ea25e1 100644
--- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.20.7.bb
@@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV}
file://0001-connect-has-a-different-signature-on-musl.patch \
"
-SRC_URI[sha256sum] = "2c64037c823fb88751a47dacf3d4752a52b7951190d6e05fc44855e912e81d71"
+SRC_URI[sha256sum] = "2df2ddfee05f6ce978207de9086ca22f00fc36e04f74a11869074da178585e35"
DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
RRECOMMENDS:${PN} = "git"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.7.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.7.bb
index c54913e8a1..f3f53893b6 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.20.7.bb
@@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \
"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "7d619a030542a4a5a11e0302742a3d9b05f8e5cfc453025683a0379bc50aa013"
+SRC_URI[sha256sum] = "65e776e366f7f3549a9a829418817f464dcc5dc9845220c64a886683d8841b56"
S = "${WORKDIR}/gst-libav-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.7.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.7.bb
index b29d393bfe..bcbe0206d7 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.20.7.bb
@@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
-SRC_URI[sha256sum] = "48e82008a2a0ad5f4b525aba8a6c49c4ca2d7d25c6b1b14d107dd747e26d5a8e"
+SRC_URI[sha256sum] = "e3dd418e3235db044104c1cb024f609e57035251fd1718e4e3e5d64780af1805"
S = "${WORKDIR}/gst-omx-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.7.bb
similarity index 98%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.7.bb
index fdb4509691..86b5301d8e 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.20.7.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad
file://0003-ensure-valid-sentinals-for-gst_structure_get-etc.patch \
file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
"
-SRC_URI[sha256sum] = "d98c73fa5cdddb372a91199464515cfc80c89bbe05e3d4387ea4381e4224483a"
+SRC_URI[sha256sum] = "87251beebfd1325e5118cc67774061f6e8971761ca65a9e5957919610080d195"
S = "${WORKDIR}/gst-plugins-bad-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.7.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.7.bb
index 8d1aef1fc8..8822c6a905 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.20.7.bb
@@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba
file://0003-viv-fb-Make-sure-config.h-is-included.patch \
file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
"
-SRC_URI[sha256sum] = "54eac357d6cd66f183b94a26e493bf4d5781bc76bc60cad122742626caf8f1a3"
+SRC_URI[sha256sum] = "fde6696a91875095d82c1012b5777c28ba926047ffce08508e12c1d2c66f0057"
S = "${WORKDIR}/gst-plugins-base-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.7.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.7.bb
index 81f5dd0932..dfb0c0f342 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.20.7.bb
@@ -8,7 +8,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-go
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
"
-SRC_URI[sha256sum] = "e51365cfa9b19bd736dafe2c8828254a55d66996a3c60550bb0d50041c381a44"
+SRC_URI[sha256sum] = "599f093cc833a1e346939ab6e78a3f8046855b6da13520aae80dd385434f4ab2"
S = "${WORKDIR}/gst-plugins-good-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.7.bb
similarity index 94%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.7.bb
index e62e9e9815..1068bb4d80 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.20.7.bb
@@ -14,7 +14,7 @@ LICENSE_FLAGS = "commercial"
SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
"
-SRC_URI[sha256sum] = "ca3fb6abc9f6e981d204a736c254e50cc1786a2f5038d83023e42ea009b10246"
+SRC_URI[sha256sum] = "e761665bb3c66fb35ff3567a283b3763b494acf0fe1df8f4abeda047b22dbc55"
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.7.bb
similarity index 91%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.7.bb
index 77745b8ba9..83445fab09 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.20.7.bb
@@ -8,7 +8,7 @@ LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "aa619e08ddd9f92755f4bd24ba9577e81ae4c86bff170c3e574153ec3cdc80cc"
+SRC_URI[sha256sum] = "a63db0cb502308446db3d3b0a23772f1966f9f2b98fddc22fca49560a0575adc"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.7.bb
similarity index 90%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.7.bb
index 017edec426..2901be69d2 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.20.7.bb
@@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "800122a798387bd4b18b558737d30a010d94154f41bd210d4c4cc2d80ecae90f"
+SRC_URI[sha256sum] = "2c8f46aa9df2245e5b39a2082be8e9d3edc0f61bc34f667803d7a21da1b51987"
S = "${WORKDIR}/${PNREAL}-${PV}"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.7.bb
similarity index 95%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.7.bb
index d67abf408c..21676bddde 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.20.7.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "57028a2cdabb749eb38a53f45cfa36f02b4e5368fb6d8684ef31d9e73ddf653b"
+SRC_URI[sha256sum] = "40b9747408c7066a1344adae001d2d53203adda012814944a1c0a5cff3f33dd6"
S = "${WORKDIR}/${REALPN}-${PV}"
DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.6.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
similarity index 97%
rename from meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.6.bb
rename to meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
index 7ceb319d9b..6d002198ae 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.6.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.20.7.bb
@@ -22,7 +22,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x
file://0003-tests-use-a-dictionaries-for-environment.patch;striplevel=3 \
file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
"
-SRC_URI[sha256sum] = "0545b030960680f71a95f9d39c95daae54b4d317d335e8f239d81138773c9b90"
+SRC_URI[sha256sum] = "1757184a07b9703219e8b1961f81cb1dd64320d147fc045ac8eb499efbea79be"
PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
check \
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 06/36] bind: 9.18.11 -> 9.18.17
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (4 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 05/36] gstreamer1.0: upgrade 1.20.6 -> 1.20.7 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 07/36] libnss-nis: upgrade 3.1 -> 3.2 Steve Sakoman
` (29 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Chee Yang Lee <chee.yang.lee@intel.com>
upgrade also include fix for CVE-2023-2829.
License-Update: removed trailing whitespace from COPYRIGHT
also remove obsolete configuration option epoll and devpoll:
https://github.com/isc-projects/bind9/commit/6b6076c882a00028197b04a827f6cf8e7a5369de
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../bind/bind-9.18.11/CVE-2023-2828.patch | 197 ------------------
.../bind/bind-9.18.11/CVE-2023-2911.patch | 97 ---------
...1-avoid-start-failure-with-bind-user.patch | 0
...d-V-and-start-log-hide-build-options.patch | 0
| 0
.../bind/{bind-9.18.11 => bind-9.18.17}/bind9 | 0
.../{bind-9.18.11 => bind-9.18.17}/conf.patch | 0
.../generate-rndc-key.sh | 0
...t.d-add-support-for-read-only-rootfs.patch | 0
.../make-etc-initd-bind-stop-work.patch | 0
.../named.service | 0
.../bind/{bind_9.18.11.bb => bind_9.18.17.bb} | 8 +-
12 files changed, 3 insertions(+), 299 deletions(-)
delete mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
delete mode 100644 meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/0001-avoid-start-failure-with-bind-user.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/0001-named-lwresd-V-and-start-log-hide-build-options.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/bind-ensure-searching-for-json-headers-searches-sysr.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/bind9 (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/conf.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/generate-rndc-key.sh (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/init.d-add-support-for-read-only-rootfs.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/make-etc-initd-bind-stop-work.patch (100%)
rename meta/recipes-connectivity/bind/{bind-9.18.11 => bind-9.18.17}/named.service (100%)
rename meta/recipes-connectivity/bind/{bind_9.18.11.bb => bind_9.18.17.bb} (92%)
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
deleted file mode 100644
index ef2d64b16c..0000000000
--- a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2828.patch
+++ /dev/null
@@ -1,197 +0,0 @@
-From e9d5219fca9f6b819d953990b369d6acfb4e952b Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
-Date: Tue, 30 May 2023 08:46:17 +0200
-Subject: [PATCH] Improve RBT overmem cache cleaning
-
-When cache memory usage is over the configured cache size (overmem) and
-we are cleaning unused entries, it might not be enough to clean just two
-entries if the entries to be expired are smaller than the newly added
-rdata. This could be abused by an attacker to cause a remote Denial of
-Service by possibly running out of the operating system memory.
-
-Currently, the addrdataset() tries to do a single TTL-based cleaning
-considering the serve-stale TTL and then optionally moves to overmem
-cleaning if we are in that condition. Then the overmem_purge() tries to
-do another single TTL based cleaning from the TTL heap and then continue
-with LRU-based cleaning up to 2 entries cleaned.
-
-Squash the TTL-cleaning mechanism into single call from addrdataset(),
-but ignore the serve-stale TTL if we are currently overmem.
-
-Then instead of having a fixed number of entries to clean, pass the size
-of newly added rdatasetheader to the overmem_purge() function and
-cleanup at least the size of the newly added data. This prevents the
-cache going over the configured memory limit (`max-cache-size`).
-
-Additionally, refactor the overmem_purge() function to reduce for-loop
-nesting for readability.
-
-Patch taken from : https://downloads.isc.org/isc/bind9/9.18.16/patches/0001-CVE-2023-2828.patch
-
-Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e9d5219fca9f6b819d953990b369d6acfb4e952b]
-CVE: CVE-2023-2828
-Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
----
- lib/dns/rbtdb.c | 106 +++++++++++++++++++++++++++++-------------------
- 1 file changed, 65 insertions(+), 41 deletions(-)
-
-diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c
-index d1aee54..ba60a49 100644
---- a/lib/dns/rbtdb.c
-+++ b/lib/dns/rbtdb.c
-@@ -561,7 +561,7 @@ static void
- expire_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, bool tree_locked,
- expire_t reason);
- static void
--overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, isc_stdtime_t now,
-+overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, size_t purgesize,
- bool tree_locked);
- static void
- resign_insert(dns_rbtdb_t *rbtdb, int idx, rdatasetheader_t *newheader);
-@@ -6787,6 +6787,16 @@ cleanup:
-
- static dns_dbmethods_t zone_methods;
-
-+static size_t
-+rdataset_size(rdatasetheader_t *header) {
-+ if (!NONEXISTENT(header)) {
-+ return (dns_rdataslab_size((unsigned char *)header,
-+ sizeof(*header)));
-+ }
-+
-+ return (sizeof(*header));
-+}
-+
- static isc_result_t
- addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
- isc_stdtime_t now, dns_rdataset_t *rdataset, unsigned int options,
-@@ -6951,7 +6961,8 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
- }
-
- if (cache_is_overmem) {
-- overmem_purge(rbtdb, rbtnode->locknum, now, tree_locked);
-+ overmem_purge(rbtdb, rbtnode->locknum, rdataset_size(newheader),
-+ tree_locked);
- }
-
- NODE_LOCK(&rbtdb->node_locks[rbtnode->locknum].lock,
-@@ -6970,11 +6981,18 @@ addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version,
- }
-
- header = isc_heap_element(rbtdb->heaps[rbtnode->locknum], 1);
-- if (header != NULL &&
-- header->rdh_ttl + STALE_TTL(header, rbtdb) <
-- now - RBTDB_VIRTUAL)
-- {
-- expire_header(rbtdb, header, tree_locked, expire_ttl);
-+ if (header != NULL) {
-+ dns_ttl_t rdh_ttl = header->rdh_ttl;
-+
-+ /* Only account for stale TTL if cache is not overmem */
-+ if (!cache_is_overmem) {
-+ rdh_ttl += STALE_TTL(header, rbtdb);
-+ }
-+
-+ if (rdh_ttl < now - RBTDB_VIRTUAL) {
-+ expire_header(rbtdb, header, tree_locked,
-+ expire_ttl);
-+ }
- }
-
- /*
-@@ -10114,52 +10132,58 @@ update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, isc_stdtime_t now) {
- ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum], header, link);
- }
-
-+static size_t
-+expire_lru_headers(dns_rbtdb_t *rbtdb, unsigned int locknum, size_t purgesize,
-+ bool tree_locked) {
-+ rdatasetheader_t *header, *header_prev;
-+ size_t purged = 0;
-+
-+ for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]);
-+ header != NULL && purged <= purgesize; header = header_prev)
-+ {
-+ header_prev = ISC_LIST_PREV(header, link);
-+ /*
-+ * Unlink the entry at this point to avoid checking it
-+ * again even if it's currently used someone else and
-+ * cannot be purged at this moment. This entry won't be
-+ * referenced any more (so unlinking is safe) since the
-+ * TTL was reset to 0.
-+ */
-+ ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header, link);
-+ size_t header_size = rdataset_size(header);
-+ expire_header(rbtdb, header, tree_locked, expire_lru);
-+ purged += header_size;
-+ }
-+
-+ return (purged);
-+}
-+
- /*%
-- * Purge some expired and/or stale (i.e. unused for some period) cache entries
-- * under an overmem condition. To recover from this condition quickly, up to
-- * 2 entries will be purged. This process is triggered while adding a new
-- * entry, and we specifically avoid purging entries in the same LRU bucket as
-- * the one to which the new entry will belong. Otherwise, we might purge
-- * entries of the same name of different RR types while adding RRsets from a
-- * single response (consider the case where we're adding A and AAAA glue records
-- * of the same NS name).
-+ * Purge some stale (i.e. unused for some period - LRU based cleaning) cache
-+ * entries under the overmem condition. To recover from this condition quickly,
-+ * we cleanup entries up to the size of newly added rdata (passed as purgesize).
-+ *
-+ * This process is triggered while adding a new entry, and we specifically avoid
-+ * purging entries in the same LRU bucket as the one to which the new entry will
-+ * belong. Otherwise, we might purge entries of the same name of different RR
-+ * types while adding RRsets from a single response (consider the case where
-+ * we're adding A and AAAA glue records of the same NS name).
- */
- static void
--overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, isc_stdtime_t now,
-+overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, size_t purgesize,
- bool tree_locked) {
-- rdatasetheader_t *header, *header_prev;
- unsigned int locknum;
-- int purgecount = 2;
-+ size_t purged = 0;
-
- for (locknum = (locknum_start + 1) % rbtdb->node_lock_count;
-- locknum != locknum_start && purgecount > 0;
-+ locknum != locknum_start && purged <= purgesize;
- locknum = (locknum + 1) % rbtdb->node_lock_count)
- {
- NODE_LOCK(&rbtdb->node_locks[locknum].lock,
- isc_rwlocktype_write);
-
-- header = isc_heap_element(rbtdb->heaps[locknum], 1);
-- if (header && header->rdh_ttl < now - RBTDB_VIRTUAL) {
-- expire_header(rbtdb, header, tree_locked, expire_ttl);
-- purgecount--;
-- }
--
-- for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]);
-- header != NULL && purgecount > 0; header = header_prev)
-- {
-- header_prev = ISC_LIST_PREV(header, link);
-- /*
-- * Unlink the entry at this point to avoid checking it
-- * again even if it's currently used someone else and
-- * cannot be purged at this moment. This entry won't be
-- * referenced any more (so unlinking is safe) since the
-- * TTL was reset to 0.
-- */
-- ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header,
-- link);
-- expire_header(rbtdb, header, tree_locked, expire_lru);
-- purgecount--;
-- }
-+ purged += expire_lru_headers(rbtdb, locknum, purgesize - purged,
-+ tree_locked);
-
- NODE_UNLOCK(&rbtdb->node_locks[locknum].lock,
- isc_rwlocktype_write);
---
-2.25.1
-
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch b/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
deleted file mode 100644
index 8e9a358dee..0000000000
--- a/meta/recipes-connectivity/bind/bind-9.18.11/CVE-2023-2911.patch
+++ /dev/null
@@ -1,97 +0,0 @@
-From ff5bacf17c2451e9d48c78a5ef96ec0c376ff33d Mon Sep 17 00:00:00 2001
-From: Matthijs Mekking <matthijs@isc.org>
-Date: Thu, 1 Jun 2023 10:03:48 +0200
-Subject: [PATCH] Fix serve-stale hang at shutdown
-
-The 'refresh_rrset' variable is used to determine if we can detach from
-the client. This can cause a hang on shutdown. To fix this, move setting
-of the 'nodetach' variable up to where 'refresh_rrset' is set (in
-query_lookup(), and thus not in ns_query_done()), and set it to false
-when actually refreshing the RRset, so that when this lookup is
-completed, the client will be detached.
-
-Patch taken from :https://downloads.isc.org/isc/bind9/9.18.16/patches/0003-CVE-2023-2911.patch
-
-Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/240caa32b9cab90a38ab863fd64e6becf5d1393c && https://gitlab.isc.org/isc-projects/bind9/-/commit/ff5bacf17c2451e9d48c78a5ef96ec0c376ff33d]
-CVE: CVE-2023-2911
-Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
----
- lib/ns/query.c | 30 ++++++++++++++++++++++--------
- 1 file changed, 22 insertions(+), 8 deletions(-)
-
-diff --git a/lib/ns/query.c b/lib/ns/query.c
-index 0d2ba6b..8945dd4 100644
---- a/lib/ns/query.c
-+++ b/lib/ns/query.c
-@@ -5824,6 +5824,7 @@ query_refresh_rrset(query_ctx_t *orig_qctx) {
- qctx.client->query.dboptions &= ~(DNS_DBFIND_STALETIMEOUT |
- DNS_DBFIND_STALEOK |
- DNS_DBFIND_STALEENABLED);
-+ qctx.client->nodetach = false;
-
- /*
- * We'll need some resources...
-@@ -6076,7 +6077,14 @@ query_lookup(query_ctx_t *qctx) {
- "%s stale answer used, an attempt to "
- "refresh the RRset will still be made",
- namebuf);
-+
- qctx->refresh_rrset = STALE(qctx->rdataset);
-+ /*
-+ * If we are refreshing the RRSet, we must not
-+ * detach from the client in query_send().
-+ */
-+ qctx->client->nodetach = qctx->refresh_rrset;
-+
- ns_client_extendederror(
- qctx->client, ede,
- "stale data prioritized over lookup");
-@@ -6503,7 +6511,7 @@ ns_query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname,
- if (recparam_match(&client->query.recparam, qtype, qname, qdomain)) {
- ns_client_log(client, NS_LOGCATEGORY_CLIENT, NS_LOGMODULE_QUERY,
- ISC_LOG_INFO, "recursion loop detected");
-- return (ISC_R_FAILURE);
-+ return (ISC_R_ALREADYRUNNING);
- }
-
- recparam_update(&client->query.recparam, qtype, qname, qdomain);
-@@ -7620,10 +7628,21 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) {
- return (false);
- }
-
-- if (result == DNS_R_DUPLICATE || result == DNS_R_DROP) {
-+ if (qctx->refresh_rrset) {
-+ /*
-+ * This is a refreshing query, we have already prioritized
-+ * stale data, so don't enable serve-stale again.
-+ */
-+ return (false);
-+ }
-+
-+ if (result == DNS_R_DUPLICATE || result == DNS_R_DROP ||
-+ result == ISC_R_ALREADYRUNNING)
-+ {
- /*
- * Don't enable serve-stale if the result signals a duplicate
-- * query or query that is being dropped.
-+ * query or a query that is being dropped or can't proceed
-+ * because of a recursion loop.
- */
- return (false);
- }
-@@ -11927,12 +11946,7 @@ ns_query_done(query_ctx_t *qctx) {
- /*
- * Client may have been detached after query_send(), so
- * we test and store the flag state here, for safety.
-- * If we are refreshing the RRSet, we must not detach from the client
-- * in the query_send(), so we need to override the flag.
- */
-- if (qctx->refresh_rrset) {
-- qctx->client->nodetach = true;
-- }
- nodetach = qctx->client->nodetach;
- query_send(qctx->client);
-
---
-2.25.1
-
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/0001-avoid-start-failure-with-bind-user.patch b/meta/recipes-connectivity/bind/bind-9.18.17/0001-avoid-start-failure-with-bind-user.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/0001-avoid-start-failure-with-bind-user.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/0001-avoid-start-failure-with-bind-user.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/meta/recipes-connectivity/bind/bind-9.18.17/0001-named-lwresd-V-and-start-log-hide-build-options.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/0001-named-lwresd-V-and-start-log-hide-build-options.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/0001-named-lwresd-V-and-start-log-hide-build-options.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/bind-ensure-searching-for-json-headers-searches-sysr.patch b/meta/recipes-connectivity/bind/bind-9.18.17/bind-ensure-searching-for-json-headers-searches-sysr.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/bind-ensure-searching-for-json-headers-searches-sysr.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/bind-ensure-searching-for-json-headers-searches-sysr.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/bind9 b/meta/recipes-connectivity/bind/bind-9.18.17/bind9
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/bind9
rename to meta/recipes-connectivity/bind/bind-9.18.17/bind9
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/conf.patch b/meta/recipes-connectivity/bind/bind-9.18.17/conf.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/conf.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/conf.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind-9.18.17/generate-rndc-key.sh
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/generate-rndc-key.sh
rename to meta/recipes-connectivity/bind/bind-9.18.17/generate-rndc-key.sh
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/init.d-add-support-for-read-only-rootfs.patch b/meta/recipes-connectivity/bind/bind-9.18.17/init.d-add-support-for-read-only-rootfs.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/init.d-add-support-for-read-only-rootfs.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/init.d-add-support-for-read-only-rootfs.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind-9.18.17/make-etc-initd-bind-stop-work.patch
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/make-etc-initd-bind-stop-work.patch
rename to meta/recipes-connectivity/bind/bind-9.18.17/make-etc-initd-bind-stop-work.patch
diff --git a/meta/recipes-connectivity/bind/bind-9.18.11/named.service b/meta/recipes-connectivity/bind/bind-9.18.17/named.service
similarity index 100%
rename from meta/recipes-connectivity/bind/bind-9.18.11/named.service
rename to meta/recipes-connectivity/bind/bind-9.18.17/named.service
diff --git a/meta/recipes-connectivity/bind/bind_9.18.11.bb b/meta/recipes-connectivity/bind/bind_9.18.17.bb
similarity index 92%
rename from meta/recipes-connectivity/bind/bind_9.18.11.bb
rename to meta/recipes-connectivity/bind/bind_9.18.17.bb
index b3e3b8bef0..b6fa279360 100644
--- a/meta/recipes-connectivity/bind/bind_9.18.11.bb
+++ b/meta/recipes-connectivity/bind/bind_9.18.17.bb
@@ -4,7 +4,7 @@ DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
SECTION = "console/network"
LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d8cf7bd9c4fd5471a588e7e66e672408"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43"
DEPENDS = "openssl libcap zlib libuv"
@@ -18,11 +18,9 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
- file://CVE-2023-2828.patch \
- file://CVE-2023-2911.patch \
"
-SRC_URI[sha256sum] = "8ff3352812230cbcbda42df87cad961f94163d3da457c5e4bef8057fd5df2158"
+SRC_URI[sha256sum] = "bde1c5017b81d1d79c69eb8f537f2e5032fd3623acdd5ee830d4f74bc2483458"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# follow the ESV versions divisible by 2
@@ -41,7 +39,7 @@ PACKAGECONFIG[readline] = "--with-readline=readline,,readline"
PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit"
PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2"
-EXTRA_OECONF = " --disable-devpoll --disable-auto-validation --enable-epoll \
+EXTRA_OECONF = " --disable-auto-validation \
--with-gssapi=no --with-lmdb=no --with-zlib \
--sysconfdir=${sysconfdir}/bind \
--with-openssl=${STAGING_DIR_HOST}${prefix} \
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 07/36] libnss-nis: upgrade 3.1 -> 3.2
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (5 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 06/36] bind: 9.18.11 -> 9.18.17 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 08/36] linux-firmware: upgrade 20230515 -> 20230625 Steve Sakoman
` (28 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@fujitsu.com>
Changelog:
* Do not call malloc_usable_size
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5cd967503c0574f45b814572da9503182556b431)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/libnss-nis/libnss-nis.bb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-extended/libnss-nis/libnss-nis.bb b/meta/recipes-extended/libnss-nis/libnss-nis.bb
index d0afb3ca0a..f0e687c330 100644
--- a/meta/recipes-extended/libnss-nis/libnss-nis.bb
+++ b/meta/recipes-extended/libnss-nis/libnss-nis.bb
@@ -13,9 +13,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
SECTION = "libs"
DEPENDS += "libtirpc libnsl2"
-PV = "3.1+git${SRCPV}"
+PV = "3.2"
-SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad"
+SRCREV = "cd0d391af9535b56e612ed227c1b89be269f3d59"
SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \
"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 08/36] linux-firmware: upgrade 20230515 -> 20230625
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (6 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 07/36] libnss-nis: upgrade 3.1 -> 3.2 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 09/36] linux-firmware: package firmare for Dragonboard 410c Steve Sakoman
` (27 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Trevor Gamblin <tgamblin@baylibre.com>
WHENCE checksum changed because of updated version lists and removal of
information for the RTL8188EU driver.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 986f8ca9d4c2c22d368f69e65b2ab76d661edca0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...{linux-firmware_20230515.bb => linux-firmware_20230625.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20230515.bb => linux-firmware_20230625.bb} (99%)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
similarity index 99%
rename from meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb
rename to meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
index d304b75c5f..9e3196d5bd 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230515.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
@@ -134,7 +134,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \
"
# WHENCE checksum is defined separately to ease overriding it if
# class-devupstream is selected.
-WHENCE_CHKSUM = "a0997fc7a9af4e46d96529d6ef13b58a"
+WHENCE_CHKSUM = "57bf874056926f12aec2405d3fc390d9"
# These are not common licenses, set NO_GENERIC_LICENSE for them
# so that the license files will be copied from fetched source
@@ -212,7 +212,7 @@ SRC_URI:class-devupstream = "git://git.kernel.org/pub/scm/linux/kernel/git/firmw
# Pin this to the 20220509 release, override this in local.conf
SRCREV:class-devupstream ?= "b19cbdca78ab2adfd210c91be15a22568e8b8cae"
-SRC_URI[sha256sum] = "8b1acfa16f1ee94732a6acb50d9d6c835cf53af11068bd89ed207bbe04a1e951"
+SRC_URI[sha256sum] = "87597111c0d4b71b31e53cb85a92c386921b84c825a402db8c82e0e86015500d"
inherit allarch
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 09/36] linux-firmware: package firmare for Dragonboard 410c
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (7 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 08/36] linux-firmware: upgrade 20230515 -> 20230625 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 10/36] linux-firmware : Add firmware of RTL8822 serie Steve Sakoman
` (26 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Latest linux-firmware archive inclues firmware for the Dragonboard 410c
device (Qualcomm apq8016 SBC). Follow the rest of linux-firmware-qcom-*
packages as a template and create packages for the new firmware files.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 380216e8d3b63d563ebfb10445fc6eb5e77eb9f2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit ffd5eeb866254a958846c7099d1d46e553beed56)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux-firmware/linux-firmware_20230625.bb | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
index 9e3196d5bd..7d0a794e8e 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
@@ -315,6 +315,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
${PN}-qcom-vpu-1.0 ${PN}-qcom-vpu-2.0 \
${PN}-qcom-adreno-a2xx ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a4xx ${PN}-qcom-adreno-a530 \
${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \
+ ${PN}-qcom-apq8016-modem ${PN}-qcom-apq8016-wifi \
${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \
${PN}-qcom-sc8280xp-lenovo-x13s-compat \
${PN}-qcom-sc8280xp-lenovo-x13s-audio \
@@ -1000,6 +1001,8 @@ LICENSE:${PN}-qcom-adreno-a530 = "Firmware-qcom"
LICENSE:${PN}-qcom-adreno-a630 = "Firmware-qcom"
LICENSE:${PN}-qcom-adreno-a650 = "Firmware-qcom"
LICENSE:${PN}-qcom-adreno-a660 = "Firmware-qcom"
+LICENSE:${PN}-qcom-apq8016-modem = "Firmware-qcom"
+LICENSE:${PN}-qcom-apq8016-wifi = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8096-audio = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8096-modem = "Firmware-qcom"
LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "Firmware-qcom"
@@ -1027,6 +1030,8 @@ FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.* ${n
FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*"
FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*"
FILES:${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*"
+FILES:${PN}-qcom-apq8016-modem = "${nonarch_base_libdir}/firmware/qcom/apq8016/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/modem.mbn"
+FILES:${PN}-qcom-apq8016-wifi = "${nonarch_base_libdir}/firmware/qcom/apq8016/wcnss.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/WCNSS*"
FILES:${PN}-qcom-apq8096-audio = "${nonarch_base_libdir}/firmware/qcom/apq8096/adsp*.*"
FILES:${PN}-qcom-apq8096-modem = "${nonarch_base_libdir}/firmware/qcom/apq8096/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8096/modem*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/wlanmdsp.mbn"
FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compat = "${nonarch_base_libdir}/firmware/qcom/LENOVO/21BX"
@@ -1053,6 +1058,8 @@ RDEPENDS:${PN}-qcom-adreno-a530 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a630 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a650 = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-adreno-a660 = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-apq8016-modem = "${PN}-qcom-license"
+RDEPENDS:${PN}-qcom-apq8016-wifi = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-apq8096-audio = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-apq8096-modem = "${PN}-qcom-license"
RDEPENDS:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${PN}-qcom-license"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 10/36] linux-firmware : Add firmware of RTL8822 serie
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (8 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 09/36] linux-firmware: package firmare for Dragonboard 410c Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 11/36] linux-firmware: split platform-specific Adreno shaders to separate packages Steve Sakoman
` (25 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: BELOUARGA Mohamed <m.belouarga@technologyandstrategy.com>
RTL8822 is a serie of wireless modules that need firmwares to function correctly.
The linux firmware recipe does not have a package of these firmwares, and this commit add them.
Signed-off-by: BELOUARGA Mohamed <m.belouarga@technologyandstrategy.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6459959beeb91c0b694f5f17b6587a12c6dcb087)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux-firmware/linux-firmware_20230625.bb | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
index 7d0a794e8e..e3670c63b2 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
@@ -241,6 +241,7 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
${PN}-rtl-license ${PN}-rtl8188 ${PN}-rtl8192cu ${PN}-rtl8192ce ${PN}-rtl8192su ${PN}-rtl8723 ${PN}-rtl8821 \
${PN}-rtl8761 \
${PN}-rtl8168 \
+ ${PN}-rtl8822 \
${PN}-cypress-license \
${PN}-broadcom-license \
${PN}-bcm-0bb4-0306 \
@@ -582,6 +583,7 @@ LICENSE:${PN}-rtl8192su = "Firmware-rtlwifi_firmware"
LICENSE:${PN}-rtl8723 = "Firmware-rtlwifi_firmware"
LICENSE:${PN}-rtl8761 = "Firmware-rtlwifi_firmware"
LICENSE:${PN}-rtl8821 = "Firmware-rtlwifi_firmware"
+LICENSE:${PN}-rtl8822 = "Firmware-rtlwifi_firmware"
LICENSE:${PN}-rtl-license = "Firmware-rtlwifi_firmware"
LICENSE:${PN}-rtl8168 = "WHENCE"
@@ -612,6 +614,11 @@ FILES:${PN}-rtl8761 = " \
FILES:${PN}-rtl8168 = " \
${nonarch_base_libdir}/firmware/rtl_nic/rtl8168*.fw \
"
+FILES:${PN}-rtl8822 = " \
+ ${nonarch_base_libdir}/firmware/rtl_bt/rtl8822*.bin \
+ ${nonarch_base_libdir}/firmware/rtw88/rtw8822*.bin \
+ ${nonarch_base_libdir}/firmware/rtlwifi/rtl8822*.bin \
+"
RDEPENDS:${PN}-rtl8188 += "${PN}-rtl-license"
RDEPENDS:${PN}-rtl8192ce += "${PN}-rtl-license"
@@ -620,6 +627,7 @@ RDEPENDS:${PN}-rtl8192su = "${PN}-rtl-license"
RDEPENDS:${PN}-rtl8723 += "${PN}-rtl-license"
RDEPENDS:${PN}-rtl8821 += "${PN}-rtl-license"
RDEPENDS:${PN}-rtl8761 += "${PN}-rtl-license"
+RDEPENDS:${PN}-rtl8822 += "${PN}-rtl-license"
RDEPENDS:${PN}-rtl8168 += "${PN}-whence-license"
# For ti-connectivity
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 11/36] linux-firmware: split platform-specific Adreno shaders to separate packages
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (9 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 10/36] linux-firmware : Add firmware of RTL8822 serie Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 12/36] linux-yocto/5.15: update to v5.15.122 Steve Sakoman
` (24 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
For newest Qualcomm platforms the firmware for the Adreno GPU consists
of two parts: platform-independent SQE/GMU/GPMU/PFP/PM4 and
platform-specific ZAP shader, which is used during the boot process. As
the platform-independent parts can be shared between different
platforms, split the platform-specific part to the separate package.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bf00a042d2fa2eb4b20d8c5982926758821bf990)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux-firmware/linux-firmware_20230625.bb | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
index e3670c63b2..6765226b9d 100644
--- a/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
+++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20230625.bb
@@ -317,14 +317,14 @@ PACKAGES =+ "${PN}-ralink-license ${PN}-ralink \
${PN}-qcom-adreno-a2xx ${PN}-qcom-adreno-a3xx ${PN}-qcom-adreno-a4xx ${PN}-qcom-adreno-a530 \
${PN}-qcom-adreno-a630 ${PN}-qcom-adreno-a650 ${PN}-qcom-adreno-a660 \
${PN}-qcom-apq8016-modem ${PN}-qcom-apq8016-wifi \
- ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \
+ ${PN}-qcom-apq8096-adreno ${PN}-qcom-apq8096-audio ${PN}-qcom-apq8096-modem \
${PN}-qcom-sc8280xp-lenovo-x13s-compat \
${PN}-qcom-sc8280xp-lenovo-x13s-audio \
${PN}-qcom-sc8280xp-lenovo-x13s-adreno \
${PN}-qcom-sc8280xp-lenovo-x13s-compute \
${PN}-qcom-sc8280xp-lenovo-x13s-sensors \
- ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \
- ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \
+ ${PN}-qcom-sdm845-adreno ${PN}-qcom-sdm845-audio ${PN}-qcom-sdm845-compute ${PN}-qcom-sdm845-modem \
+ ${PN}-qcom-sm8250-adreno ${PN}-qcom-sm8250-audio ${PN}-qcom-sm8250-compute \
${PN}-amlogic-vdec-license ${PN}-amlogic-vdec \
${PN}-lt9611uxc ${PN}-lontium-license \
${PN}-whence-license \
@@ -1012,15 +1012,18 @@ LICENSE:${PN}-qcom-adreno-a660 = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8016-modem = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8016-wifi = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8096-audio = "Firmware-qcom"
+LICENSE:${PN}-qcom-apq8096-adreno = "Firmware-qcom"
LICENSE:${PN}-qcom-apq8096-modem = "Firmware-qcom"
LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "Firmware-qcom"
LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "Firmware-qcom"
LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "Firmware-qcom"
LICENSE:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "Firmware-qcom"
LICENSE:${PN}-qcom-sdm845-audio = "Firmware-qcom"
+LICENSE:${PN}-qcom-sdm845-adreno = "Firmware-qcom"
LICENSE:${PN}-qcom-sdm845-compute = "Firmware-qcom"
LICENSE:${PN}-qcom-sdm845-modem = "Firmware-qcom"
LICENSE:${PN}-qcom-sm8250-audio = "Firmware-qcom"
+LICENSE:${PN}-qcom-sm8250-adreno = "Firmware-qcom"
LICENSE:${PN}-qcom-sm8250-compute = "Firmware-qcom"
FILES:${PN}-qcom-license = "${nonarch_base_libdir}/firmware/LICENSE.qcom ${nonarch_base_libdir}/firmware/qcom/NOTICE.txt"
@@ -1034,12 +1037,13 @@ FILES:${PN}-qcom-vpu-2.0 = "${nonarch_base_libdir}/firmware/qcom/vpu-2.0/*"
FILES:${PN}-qcom-adreno-a2xx = "${nonarch_base_libdir}/firmware/qcom/leia_*.fw ${nonarch_base_libdir}/firmware/qcom/yamato_*.fw"
FILES:${PN}-qcom-adreno-a3xx = "${nonarch_base_libdir}/firmware/qcom/a3*_*.fw ${nonarch_base_libdir}/firmware/a300_*.fw"
FILES:${PN}-qcom-adreno-a4xx = "${nonarch_base_libdir}/firmware/qcom/a4*_*.fw"
-FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/a530*.*"
-FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*"
-FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.* ${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*"
+FILES:${PN}-qcom-adreno-a530 = "${nonarch_base_libdir}/firmware/qcom/a530*.fw*"
+FILES:${PN}-qcom-adreno-a630 = "${nonarch_base_libdir}/firmware/qcom/a630*.*"
+FILES:${PN}-qcom-adreno-a650 = "${nonarch_base_libdir}/firmware/qcom/a650*.*"
FILES:${PN}-qcom-adreno-a660 = "${nonarch_base_libdir}/firmware/qcom/a660*.*"
FILES:${PN}-qcom-apq8016-modem = "${nonarch_base_libdir}/firmware/qcom/apq8016/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/modem.mbn"
FILES:${PN}-qcom-apq8016-wifi = "${nonarch_base_libdir}/firmware/qcom/apq8016/wcnss.mbn ${nonarch_base_libdir}/firmware/qcom/apq8016/WCNSS*"
+FILES:${PN}-qcom-apq8096-adreno = "${nonarch_base_libdir}/firmware/qcom/apq8096/a530_zap.mbn ${nonarch_base_libdir}/firmware/qcom/a530_zap.mdt"
FILES:${PN}-qcom-apq8096-audio = "${nonarch_base_libdir}/firmware/qcom/apq8096/adsp*.*"
FILES:${PN}-qcom-apq8096-modem = "${nonarch_base_libdir}/firmware/qcom/apq8096/mba.mbn ${nonarch_base_libdir}/firmware/qcom/apq8096/modem*.* ${nonarch_base_libdir}/firmware/qcom/apq8096/wlanmdsp.mbn"
FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compat = "${nonarch_base_libdir}/firmware/qcom/LENOVO/21BX"
@@ -1047,9 +1051,11 @@ FILES:${PN}-qcom-sc8280xp-lenovo-x13s-audio = "${nonarch_base_libdir}/firmware/q
FILES:${PN}-qcom-sc8280xp-lenovo-x13s-adreno = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/qcdxkmsuc8280.mbn"
FILES:${PN}-qcom-sc8280xp-lenovo-x13s-compute = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*cdsp*.*"
FILES:${PN}-qcom-sc8280xp-lenovo-x13s-sensors = "${nonarch_base_libdir}/firmware/qcom/sc8280xp/LENOVO/21BX/*slpi*.*"
+FILES:${PN}-qcom-sdm845-adreno = "${nonarch_base_libdir}/firmware/qcom/sdm845/a630*.*"
FILES:${PN}-qcom-sdm845-audio = "${nonarch_base_libdir}/firmware/qcom/sdm845/adsp*.*"
FILES:${PN}-qcom-sdm845-compute = "${nonarch_base_libdir}/firmware/qcom/sdm845/cdsp*.*"
FILES:${PN}-qcom-sdm845-modem = "${nonarch_base_libdir}/firmware/qcom/sdm845/mba.mbn ${nonarch_base_libdir}/firmware/qcom/sdm845/modem*.* ${nonarch_base_libdir}/firmware/qcom/sdm845/wlanmdsp.mbn"
+FILES:${PN}-qcom-sm8250-adreno = "${nonarch_base_libdir}/firmware/qcom/sm8250/a650*.*"
FILES:${PN}-qcom-sm8250-audio = "${nonarch_base_libdir}/firmware/qcom/sm8250/adsp*.*"
FILES:${PN}-qcom-sm8250-compute = "${nonarch_base_libdir}/firmware/qcom/sm8250/cdsp*.*"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 12/36] linux-yocto/5.15: update to v5.15.122
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (10 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 11/36] linux-firmware: split platform-specific Adreno shaders to separate packages Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 13/36] linux-yocto/5.15: update to v5.15.123 Steve Sakoman
` (23 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
5c6a716301d9 Linux 5.15.122
be824fdb827d x86/cpu/amd: Add a Zenbleed fix
5398be2c48aa x86/cpu/amd: Move the errata checking functionality up
cdd3cdb682f4 Linux 5.15.121
30580f3a3301 drm/atomic: Fix potential use-after-free in nonblocking commits
ab2fa2fafb21 net/sched: sch_qfq: reintroduce lmax bound check for MTU
204d7c36e8e7 MIPS: kvm: Fix build error with KVM_MIPS_DEBUG_COP0_COUNTERS enabled
522ee1b3030f scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue
0715da51391d scsi: qla2xxx: Pointer may be dereferenced
541af83572c9 scsi: qla2xxx: Correct the index of array
1ccd52b790a6 scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
5a52a2e14fe8 scsi: qla2xxx: Fix potential NULL pointer dereference
89250e775dcc scsi: qla2xxx: Fix buffer overrun
4406fe8a96a9 scsi: qla2xxx: Avoid fcport pointer dereference
748d8f8698a2 scsi: qla2xxx: Array index may go out of bound
079c8264ed9f scsi: qla2xxx: Wait for io return on terminate rport
25d63eb730b8 tracing/probes: Fix to update dynamic data counter if fetcharg uses it
8277bcacf165 tracing/probes: Fix not to count error code to total length
610193a23fd5 selftests: mptcp: depend on SYN_COOKIES
c8b375871eb8 selftests: mptcp: sockopt: return error if wrong mark
3b5d9b7b8759 tracing: Fix null pointer dereference in tracing_err_log_open()
391da52c8777 xtensa: ISS: fix call to split_if_spec
179feeeef62f ftrace: Fix possible warning on checking all pages used in ftrace_process_locs()
bb14a93bccc9 ring-buffer: Fix deadloop issue on reading trace_pipe
3e36cc94d6e6 net: ena: fix shift-out-of-bounds in exponential backoff
b763e6342429 samples: ftrace: Save required argument registers in sample trampolines
954792db9f61 tracing: Fix memory leak of iter->temp when reading trace_pipe
97f54b330c79 tracing/histograms: Add histograms to hist_vars if they have referenced variables
b45a33897f54 s390/decompressor: fix misaligned symbol build error
1856cf9132f6 bus: ixp4xx: fix IXP4XX_EXP_T1_MASK
7269c250dd9d Revert "8250: add support for ASIX devices with a FIFO bug"
20f7c4d51c94 soundwire: qcom: fix storing port config out-of-bounds
39a0e723d350 opp: Fix use-after-free in lazy_opp_tables after probe deferral
0ff4a97ac20f meson saradc: fix clock divider mask length
e5fdd73c883b xhci: Show ZHAOXIN xHCI root hub speed correctly
6eaedbffec55 xhci: Fix TRB prefetch issue of ZHAOXIN hosts
328b18a42a57 xhci: Fix resume issue of some ZHAOXIN hosts
d9c91ef5d8da ceph: don't let check_caps skip sending responses for revoke msgs
db8ca8d9b4df libceph: harden msgr2.1 frame segment length checks
974ac045a05a firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()
becf8c69b7e7 tty: serial: imx: fix rs485 rx after tx
9dd8091959bc tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
073dbbe57437 tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
21e2fe510aee serial: atmel: don't enable IRQs prematurely
af4e0ce2af8a drm/ttm: Don't leak a resource on swapout move error
22c16c896cbf drm/amdgpu: avoid restore process run into dead loop.
85b9335d8e0b drm/amd/display: Correct `DMUB_FW_VERSION` macro
9ced7e65c3c4 drm/amdgpu: fix clearing mappings for BOs that are always valid in VM
0121d83ddfc8 drm/rockchip: vop: Leave vblank enabled in self-refresh
941a395e969b drm/atomic: Allow vblank-enabled + self-refresh "disable"
54163ad21e17 fs: dlm: return positive pid value for F_GETLK
866bf37b7c10 dm init: add dm-mod.waitfor to wait for asynchronously probed block devices
4f61488541bb md/raid0: add discard support for the 'original' layout
3435c5674e67 mfd: pm8008: Fix module autoloading
560c458340a9 misc: pci_endpoint_test: Re-init completion for every test
14bdee38e96c misc: pci_endpoint_test: Free IRQs before removing the device
eec34da87bc6 PCI: rockchip: Set address alignment for endpoint mode
750fd00a0a37 PCI: rockchip: Use u32 variable to access 32-bit registers
875d7a7f851a PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core
7b0026977a51 PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked
049d774b8b9b PCI: rockchip: Write PCI Device ID to correct register
20c62b3c1e4d PCI: rockchip: Assert PCI Configuration Enable bit after probe
e8cc74b6b446 PCI: qcom: Disable write access to read only registers for IP v2.3.3
7b2f1ddc943a PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
1d24c5b10dbb PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold
f930cf3f21fd dm integrity: reduce vmalloc space footprint on 32-bit architectures
70564215ad92 hwrng: imx-rngc - fix the timeout for init and self check
de984faecddb jfs: jfs_dmap: Validate db_l2nbperpage while mounting
d04a3ff04c93 ext4: only update i_reserved_data_blocks on successful block allocation
c327b83c59ee ext4: turn quotas off if mount failed after enabling quotas
8830523440a6 ext4: fix to check return value of freeze_bdev() in ext4_shutdown()
c7514dceb7b9 ext4: fix wrong unit use in ext4_mb_new_blocks
5523851fad60 ext4: get block from bh in ext4_free_blocks for fast commit replay
ba92af119b31 ext4: fix wrong unit use in ext4_mb_clear_bb
951ee9c9bb05 ext4: Fix reusing stale buffer heads from last failed mounting
cd517f9a9d07 MIPS: KVM: Fix NULL pointer dereference
fd89522a6198 MIPS: Loongson: Fix cpu_probe_loongson() again
0e1854f87be8 erofs: fix compact 4B support for 16k block size
e4e7f67cc14e arm64: errata: Add detection for TRBE overwrite in FILL mode
affdbc8fbc7a powerpc/security: Fix Speculation_Store_Bypass reporting on Power10
9f1627d8b0a4 misc: fastrpc: Create fastrpc scalar with correct buffer count
faea67e6a508 powerpc: Fail build if using recordmcount with binutils v2.37
7eeed3ed1a6c mm/damon/ops-common: atomically test and clear young on ptes and pmds
7efc5bee2473 net: bcmgenet: Ensure MDIO unregistration has clocks enabled
626c1c291302 mtd: rawnand: meson: fix unaligned DMA buffers handling
e08295290c53 tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
936adde9c338 pinctrl: amd: Only use special debounce behavior for GPIO 0
0bcf6b12e699 pinctrl: amd: Detect and mask spurious interrupts
dff67c64f67b pinctrl: amd: Detect internal GPIO0 debounce handling
cc5050add034 pinctrl: amd: Fix mistake in handling clearing pins at startup
982c29e0d27a f2fs: fix to avoid NULL pointer dereference f2fs_write_end_io()
333feb7ba84f fs/ntfs3: Check fields while reading
04d2c9a6cb5c nvme-pci: fix DMA direction of unmapping integrity data
c58e45fbeaa8 nvme-pci: remove nvme_queue from nvme_iod
91d3554ab1fc net/sched: sch_qfq: account for stab overhead in qfq_enqueue
8e0326cbc4d5 net/sched: sch_qfq: refactor parsing of netlink parameters
78a0900e8dbc net/sched: make psched_mtu() RTNL-less safe
31976c68be26 netdevsim: fix uninitialized data in nsim_dev_trap_fa_cookie_write()
8a128e601f36 riscv: mm: fix truncation warning on RV32
3bd945532d0d net/sched: flower: Ensure both minimum and maximum ports are specified
d26299f50f5e bpf: cpumap: Fix memory leak in cpu_map_update_elem
099abb1cd229 wifi: airo: avoid uninitialized warning in airo_get_rate()
0e9ebc17457a erofs: fix fsdax unavailability for chunk-based regular files
41ccbc2ecb63 erofs: decouple basic mount options from fs_context
ed84618f8da2 erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF
e649333bcfe1 octeontx2-pf: Add additional check for MCAM rules
c62da24de388 drm/i915: Fix one wrong caching mode enum usage
567397dd8e7b riscv, bpf: Fix inconsistent JIT image generation
4e4e1f99bb47 bpf, riscv: Support riscv jit to provide bpf_line_info
420d30d36725 igc: Fix inserting of empty frame for launchtime
efc7f2593724 igc: Fix launchtime before start of cycle
d29387922b85 kernel/trace: Fix cleanup logic of enable_trace_eprobe
7aefc43277e5 platform/x86: wmi: Break possible infinite loop when parsing GUID
02081e57188b platform/x86: wmi: move variables
f3583db8980a platform/x86: wmi: use guid_t and guid_equal()
3b6fef411030 platform/x86: wmi: remove unnecessary argument
82abd1c37d3b ipv6/addrconf: fix a potential refcount underflow for idev
1d63fdf6d3ed NTB: ntb_tool: Add check for devm_kcalloc
0aa187a99935 NTB: ntb_transport: fix possible memory leak while device_register() fails
7e475cf97c47 ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
3326ecef63ca NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
fe1a2ed41162 ntb: idt: Fix error handling in idt_pci_driver_init()
7f2153c1ae89 udp6: fix udp6_ehashfn() typo
3fabca5d9cae icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().
ea438eed94ac net: prevent skb corruption on frag list segmentation
02474292a442 net: bgmac: postpone turning IRQs off to avoid SoC hangs
1417dd787a5e ionic: remove WARN_ON to prevent panic_on_warn
aa915d12c1cc gve: Set default duplex configuration to full
5b55f2d6ef40 net/sched: cls_fw: Fix improper refcount update leads to use-after-free
1d263bbdc5c6 net: mvneta: fix txq_map in case of txq_number==1
4a4804e6ae84 bpf: Fix max stack depth check for async callbacks
1b555dff835c scsi: qla2xxx: Fix error code in qla2x00_start_sp()
6e8af127ddbd igc: Handle PPS start time programming for past time values
809ea3a3eb3e igc: set TP bit in 'supported' and 'advertising' fields of ethtool_link_ksettings
82ac62d76a00 net/mlx5e: Check for NOT_READY flag state after locking
4892e1e548b5 net/mlx5e: fix memory leak in mlx5e_ptp_open
c61303ae2ce0 net/mlx5e: fix double free in mlx5e_destroy_flow_table
f4b1f2625186 igc: Remove delay during TX ring configuration
b3540c0de848 drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags
9dbc0fa2e85a drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime
486b2551b068 drm/panel: simple: Add connector_type for innolux_at043tn24
eb947403518e ksmbd: validate session id and tree id in the compound request
3813eee5154d ksmbd: fix out-of-bound read in smb2_write
35f450f54dca ksmbd: validate command payload size
08871ede8318 ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message()
d528faa9e828 workqueue: clean up WORK_* constant types, clarify masking
aed37b12a253 net: lan743x: Don't sleep in atomic context
d9e1cfae8d8e io_uring: add reschedule point to handle_tw_list()
f8307d862ca4 io_uring: Use io_schedule* in cqring wait
ecb9443b203f block/partition: fix signedness issue for Amiga partitions
478a7a30c33c tty: serial: fsl_lpuart: add earlycon for imx8ulp platform
75308d64c050 wireguard: netlink: send staged packets when setting initial private key
8c660cfd7230 wireguard: queueing: use saner cpu selection wrapping
870dcc31c0cf netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
041e2ac88cae netfilter: nf_tables: do not ignore genmask when looking up chain by id
6f03ce2f1abc netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
2bd6f13734ce netfilter: nf_tables: unbind non-anonymous set if rule construction fails
30235c245700 fanotify: disallow mount/sb marks on kernel internal pseudo fs
d97481c7b273 ovl: fix null pointer dereference in ovl_get_acl_rcu()
db42d2bf4f21 fs: no need to check source
86b93cbfe104 leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename
ecc8d95067e4 ARM: orion5x: fix d2net gpio initialization
1c401bb99394 ARM: dts: qcom: ipq4019: fix broken NAND controller properties override
02b5d96f7dd0 ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path
5f35f98e5609 ASoC: mediatek: mt8173: Fix irq error path
6e7f6b4b5ca0 btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block()
bdc8a582e1a4 btrfs: fix extent buffer leak after tree mod log failure at split_node()
7ba0da31dd4a btrfs: fix race when deleting quota root from the dirty cow roots list
bacd1c80e3b6 btrfs: reinsert BGs failed to reclaim
d1ca553f9431 btrfs: bail out reclaim process if filesystem is read-only
d8e172616fb7 btrfs: delete unused BGs while reclaiming BGs
12b6d6849898 btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile
dd15d1c5c22d fs: avoid empty option when generating legacy mount string
79b9ab357b6f jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
5ca021be5211 ipvs: increase ip_vs_conn_tab_bits range for 64BIT
6db001a7ed75 fs: Lock moved directories
40f99ad8e2c2 fs: Establish locking order for unrelated directories
8fdae421c26f Revert "f2fs: fix potential corruption when moving a directory"
eca9c3d86dd0 ext4: Remove ext4 locking of moved directory
487f229efea8 shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
17bdba70a802 autofs: use flexible array in ioctl structure
e7acd18e5ec3 integrity: Fix possible multiple allocation in integrity_inode_get()
f4e0809d3adc um: Use HOST_DIR for mrproper
f67b0e3081f2 bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
991e9c186a8a bcache: Remove unnecessary NULL point check in node allocations
cbdd5b3322f7 bcache: fixup btree_cache_wait list damage
99d0599742be mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is used.
c893918bf4d8 mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS
4a489c8e9cc8 mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
5b555f250069 mmc: core: disable TRIM on Kingston EMMC04G-M627
8e2983536613 io_uring: wait interruptibly for request completions on exit
e5da56c682f1 NFSD: add encoding of op_recall flag for write delegation
8a77b1d4663f i2c: qup: Add missing unwind goto in qup_i2c_probe()
5bf90e5e793a btrfs: do not BUG_ON() on tree mod log failure at balance_level()
e15eb4ec862c extcon: usbc-tusb320: Convert to i2c's .probe_new()
112c15d0974f i2c: xiic: Don't try to handle more interrupt events after error
9eaef43fef90 i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
0fa0cd1f98c1 apparmor: fix missing error check for rhashtable_insert_fast
196f6c71905a sh: dma: Fix DMA channel offset calculation
6342e46566f6 s390/qeth: Fix vipa deletion
307623bae629 octeontx-af: fix hardware timestamp configuration
deee40944a75 net: dsa: tag_sja1105: fix MAC DA patching from meta frames
e4db7f4369eb pptp: Fix fib lookup calls.
a4284246fca2 riscv: move memblock_allow_resize() after linear mapping is ready
ae682149bc00 net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
edd944b70ad2 xsk: Honor SO_BINDTODEVICE on bind
428ccde9242a tcp: annotate data races in __tcp_oow_rate_limited()
0dad52a840d6 net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
ada440952d5e powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
f3380d895e28 ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr()
e425e2ba9336 octeontx2-af: Add validation before accessing cgx and lmac
eeaf264cd43f octeontx2-af: Fix mapping for NIX block from CGX connection
d58d718136f8 f2fs: fix error path handling in truncate_dnode()
c0dd447558c6 mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
217b6ea8cf7b spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
2e2e5f9300a1 net: dsa: vsc73xx: fix MTU configuration
b8aedf29db12 ibmvnic: Do not reset dql stats on NON_FATAL err
6a5a705fa8ad Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
a6527128feeb net/sched: act_ipt: add sanity checks on table name and hook locations
1fba2510b52f sctp: fix potential deadlock on &net->sctp.addr_wq_lock
baa76d9b6163 media: cec: i2c: ch7322: also select REGMAP
677c5707ec38 drm/i915/psr: Use hw.adjusted mode when calculating io/fast wake times
2a0acbc6b7cd rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
7834580ca104 md/raid10: fix the condition to call bio_end_io_acct()
d623fd42a019 pwm: mtk_disp: Fix the disable flow of disp_pwm
db3c7f3eb85f pwm: ab8500: Fix error code in probe()
05b35ea06d26 pwm: sysfs: Do not apply state to already disabled PWMs
aa12faec2314 pwm: imx-tpm: force 'real_period' to be zero in suspend
07e229f06eba phy: tegra: xusb: check return value of devm_kzalloc()
f7454b8fd21f mfd: stmpe: Only disable the regulators if they are enabled
a9ccf140a2a0 KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler
2070f3e0bc76 KVM: s390: vsie: fix the length of APCB bitmap
52f371952a71 mfd: stmfx: Nullify stmfx->vdd in case of error
b1dbc919c166 mfd: stmfx: Fix error path in stmfx_chip_init
9783c2ec8d04 nvmem: rmem: Use NVMEM_DEVID_AUTO
e6bd54f4977b test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation
22c7e378b06b serial: 8250_omap: Use force_suspend and resume for system suspend
10f6656c9575 Revert "usb: common: usb-conn-gpio: Set last role to unknown before initial detection"
76ac2acb7554 mfd: intel-lpss: Add missing check for platform_get_resource
0e8b1a28351b usb: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe()
f232c1caac3c usb: common: usb-conn-gpio: Set last role to unknown before initial detection
dfda400a4d04 usb: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe()
81ecef54d8c6 usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove()
f219ea71ee0f KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes
de846dec7aee media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var()
7ad558baf6d0 media: venus: helpers: Fix ALIGN() of non power of two
3bedb7a27353 mfd: rt5033: Drop rt5033-battery sub-device
a77616f5a3c3 coresight: Fix loss of connection info when a module is unloaded
ca9e766c8a49 kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR
e7ecade51b48 serial: 8250: lock port for UART_IER access in omap8250_irq()
c1a4ad35c566 serial: 8250: lock port for stop_rx() in omap8250_irq()
c2194a361087 usb: hide unused usbfs_notify_suspend/resume functions
ecf26d6e1b54 usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
b10200650e1e extcon: Fix kernel doc of property capability fields to avoid warnings
44e383e22af0 extcon: Fix kernel doc of property fields to avoid warnings
a8ea7ed644cb usb: gadget: u_serial: Add null pointer check in gserial_suspend
b626cd5e4a87 usb: dwc3: qcom: Fix potential memory leak
1cee6f04105f clk: qcom: ipq6018: fix networking resets
6ad5ded420f5 clk: qcom: reset: support resetting multiple bits
40844343a885 clk: qcom: reset: Allow specifying custom reset delay
cab904bf50c4 media: i2c: Correct format propagation for st-mipid02
784a8027b8ac media: usb: siano: Fix warning due to null work_func_t function pointer
1e1af31c4c5d media: videodev2.h: Fix struct v4l2_input tuner index comment
a3727915b350 media: usb: Check az6007_read() return value
2a50c146cb3b clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks
8d762ad8006e clk: qcom: camcc-sc7180: Add parent dependency to all camera GDSCs
10e2b1c5d819 serial: 8250: omap: Fix freeing of resources on failed register
a1a5c5606048 usb: dwc2: Fix some error handling paths
fa1547b47195 usb: dwc2: platform: Improve error reporting for problems during .remove()
0a9c0fa3e91a sh: j2: Use ioremap() to translate device tree address into kernel memory
629e97f0c862 w1: fix loop in w1_fini()
cb263e9b6d76 w1: w1_therm: fix locking behavior in convert_t
fbf4ace39b2e SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
92905470a125 block: increment diskseq on all media change events
8744a9eda7c1 block: change all __u32 annotations to __be32 in affs_hardblocks.h
de4d538380f6 block: add overflow checks for Amiga partition support
bc0129a644f0 block: fix signed int overflow in Amiga partition support
92a37fc52272 ALSA: jack: Fix mutex call in snd_jack_report()
2f533bcb0717 ALSA: hda/realtek: Add quirk for Clevo NPx0SNx
5bcdfe1544f2 iio: accel: fxls8962af: fixup buffer scan element type
8cc75ce657a4 iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF
92cee2da5b45 iio: adc: ad7192: Fix internal/external clock selection
f88a05ef447f iio: adc: ad7192: Fix null ad7192_state pointer access
b84998a407a8 phy: tegra: xusb: Clear the driver reference in usb-phy dev
8585c6cb0381 usb: dwc3: gadget: Propagate core init errors to UDC during pullup
9cd1627ff0f1 USB: serial: option: add LARA-R6 01B PIDs
fb348857e7b6 io_uring: ensure IOPOLL locks around deferred work
4909d0ad1728 bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page
902256de2b95 ACPI: utils: Fix acpi_evaluate_dsm_typed() redefinition error
b3889a5990b5 ksmbd: avoid field overflow warning
ef26b05023e7 efi/libstub: Disable PCI DMA before grabbing the EFI memory map
5c883c42bd78 kbuild: Disable GCOV for *.mod.o
3d9f6fc71de5 hwrng: st - keep clock enabled while hwrng is registered
cd5bd4b7130c dax/kmem: Pass valid argument to memory_group_register_static
2a327c8c315a dax: Introduce alloc_dev_dax_id()
9c2f993b6ca9 dax: Fix dax_mapping_release() use after free
63fb45ddc491 SMB3: Do not send lease break acknowledgment if all file handles have been closed
7f6023610b4e NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION
6d9f814b265c crypto: qat - unmap buffers before free for RSA
718f30e30b3e crypto: qat - unmap buffer before free for DH
3894f5880f96 crypto: qat - Use helper to set reqsize
30682e121475 crypto: kpp - Add helper to set reqsize
41bd35a16196 crypto: qat - use reference to structure in dma_map_single()
a3fcd2d23df9 crypto: qat - replace get_current_node() with numa_node_id()
9560559cba40 crypto: qat - honor CRYPTO_TFM_REQ_MAY_SLEEP flag
f6ee18555b40 ARC: define ASM_NL and __ALIGN(_STR) outside #ifdef __ASSEMBLY__ guard
5e0424cd8a44 modpost: fix off by one in is_executable_section()
7c0c62e5574f crypto: marvell/cesa - Fix type mismatch warning
6bfdced5b6be modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
cd7806eec34f modpost: fix section mismatch message for R_ARM_ABS32
7543ffe03af6 crypto: nx - fix build warnings when DEBUG_FS is not enabled
b030d239256c modpost: remove broken calculation of exception_table_entry size
c76d991b6f01 hwrng: virtio - Fix race on data_avail and actual data
64410e7b0306 hwrng: virtio - always add a pending request
9a9ef9652941 hwrng: virtio - don't waste entropy
f5634d21541e hwrng: virtio - don't wait on cleanup
91806246e4e9 hwrng: virtio - add an internal buffer
36874844f7b5 powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary
271c25008a08 powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo
fafeeb398df1 riscv: uprobes: Restore thread.bad_cause
3786416e1fa2 powerpc: update ppc_save_regs to save current r1 in pt_regs
b08d9a11df37 powerpc: simplify ppc_save_regs
d3a0d96c16e5 powerpc/powernv/sriov: perform null check on iov before dereferencing iov
0a95dd17a73b pinctrl: at91-pio4: check return value of devm_kasprintf()
50aa3e6abbb2 pinctrl: microchip-sgpio: check return value of devm_kasprintf()
f7d92313002b powerpc/64s: Fix VAS mm use after free
5e79521da11f perf dwarf-aux: Fix off-by-one in die_get_varname()
ac6c849428fb perf script: Fix allocation of evsel->priv related to per-event dump files
939bf462a125 powerpc/signal32: Force inlining of __unsafe_save_user_regs() and save_tm_user_regs_unsafe()
7d25fc45c42c powerpc/interrupt: Don't read MSR from interrupt_exit_kernel_prepare()
d4f3531cd2c3 kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures
196f18dd7f0e pinctrl: cherryview: Return correct value if pin in push-pull mode
c92365c3f390 perf bench: Add missing setlocale() call to allow usage of %'d style formatting
e456d9b2dd23 perf bench: Use unbuffered output when pipe/tee'ing to a file
c02b496d9294 PCI: Add pci_clear_master() stub for non-CONFIG_PCI
d1bfe6ca7328 PCI: ftpci100: Release the clock resources
7fe2876aac63 PCI: pciehp: Cancel bringup sequence if card is not present
dfbf41e4fc16 scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
9856c0de4905 PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
6053df4da4fc pinctrl: bcm2835: Handle gpiochip_add_pin_range() errors
b1de5105d29b scsi: qedf: Fix NULL dereference in error handling
48e6b7602e9b PCI: vmd: Reset VMD config register between soft reboots
34c701b52d04 PCI: cadence: Fix Gen2 Link Retraining process
a326cf0107b1 clk: Fix memory leak in devm_clk_notifier_register()
a0e7e33b8c2d ASoC: imx-audmix: check return value of devm_kasprintf()
62f29ca45f83 ovl: update of dentry revalidate flags after copy up
a089ec635ae9 drivers: meson: secure-pwrc: always enable DMA domain
8ca6b2add2c0 clk: ti: clkctrl: check return value of kasprintf()
b700e5d4feb0 clk: keystone: sci-clk: check return value of kasprintf()
06759faca0ef clk: si5341: free unused memory on probe failure
34b11a9a7d39 clk: si5341: check return value of {devm_}kasprintf()
4ade98acef5a clk: si5341: return error if one synth clock registration fails
9875046f147a clk: cdce925: check return value of kasprintf()
d8832e85a1ae clk: vc5: check memory returned by kasprintf()
f180408f164c drm/msm/dpu: correct MERGE_3D length
e45377cfe1db arm64: dts: mediatek: mt8192: Fix CPUs capacity-dmips-mhz
30111c478b97 arm64: dts: mediatek: Add cpufreq nodes for MT8192
3c3f3d35f5e0 drm/msm/dp: Free resources after unregistering them
ec3b55b2c91d drm/msm/dpu: do not enable color-management if DSPPs are not available
300e26e3e648 ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
fd1c117bb5d7 clk: tegra: tegra124-emc: Fix potential memory leak
2f276dd9c0f8 clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider()
141d87977b81 arm64: dts: qcom: sm8250-edo: Panel framebuffer is 2.5k instead of 4k
bcea444ab4c0 clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()
50b5ddde8fad clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
1fb12e7716e7 RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context
79226176cdd1 RDMA/bnxt_re: wraparound mbox producer index
bf35c202a3f0 drm/msm/a5xx: really check for A510 in a5xx_gpu_init
4300a47e4017 amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
9b8087950b4c drm/radeon: fix possible division-by-zero errors
b979dc54b6c7 drm/amd/display: Fix artifacting on eDP panels when engaging freesync video mode
52c2b295e377 drm/amdkfd: Fix potential deallocation of previously deallocated memory.
95afd2c7c7d2 ARM: dts: BCM5301X: fix duplex-full => full-duplex
838534e86cbc hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
31c90fa8416f hwmon: (adm1275) Allow setting sample averaging
3ff1062bd09b hwmon: (gsc-hwmon) fix fan pwm temperature scaling
535eafe7158b ARM: dts: stm32: fix i2s endpoint format property for stm32mp15xx-dkx
8909898d0b6c ARM: dts: stm32: Fix audio routing on STM32MP15xx DHCOM PDK2
555ddd671cf3 arm64: dts: ti: k3-j7200: Fix physical address of pin
716efd08985e fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
95cb88a85361 arm64: dts: renesas: ulcb-kf: Remove flow control for SCIF1
06c6fdaa111a ARM: dts: iwg20d-q7-common: Fix backlight pwm specifier
8ac3083a26d3 RDMA/hns: Fix hns_roce_table_get return value
8d158b32cba6 IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate
b2ffd8212ef4 IB/hfi1: Use bitmap_zalloc() when applicable
192ab380657e RDMA/irdma: avoid fortify-string warning in irdma_clr_wqes
f5ca4d358b9a soc/fsl/qe: fix usb.c build errors
9dcc95e3fc51 ARM: dts: meson8: correct uart_B and uart_C clock references
1b4d08bdc055 ASoC: es8316: Do not set rate constraints for unsupported MCLKs
b324de100d3c ASoC: es8316: Increment max value for ALC Capture Target Volume control
38d04765ad93 memory: brcmstb_dpfe: fix testing array offset after use
17b723acee4e ARM: dts: stm32: Shorten the AV96 HDMI sound card name
9c14802f14db arm64: dts: mediatek: mt8183: Add mediatek,broken-save-restore-fw to kukui
8f08ff836c28 arm64: dts: qcom: apq8096: fix fixed regulator name property
2e8c8fd792a0 ARM: omap2: fix missing tick_broadcast() prototype
016aeb9a7604 ARM: ep93xx: fix missing-prototype warnings
314850a4d0c6 drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
04f16697d351 arm64: dts: qcom: apq8016-sbc: Fix 1.8V power rail on LS expansion
7ce11e909828 arm64: dts: qcom: apq8016-sbc: Fix regulator constraints
8d139a395dbe arm64: dts: qcom: Drop unneeded extra device-specific includes
078578f608ba arm64: dts: qcom: apq8016-sbc: fix mpps state names
25d624af5a86 arm64: dts: qcom: apq8016-sbc: Clarify firmware-names
d7d784424aa0 arm64: dts: qcom: apq8016-sbc: Update modem and WiFi firmware path
6a843066e0ec arm64: dts: qcom: db820c: Move blsp1_uart2 pin states to msm8996.dtsi
23f7e4bf8905 arm64: dts: qcom: sdm845: correct camss unit address
dea5289b05f2 arm64: dts: qcom: sdm630: correct camss unit address
b12e9fb2819a arm64: dts: qcom: msm8996: correct camss unit address
5a8bbab2b14b arm64: dts: qcom: msm8994: correct SPMI unit address
46474b10dcd7 arm64: dts: qcom: msm8916: correct camss unit address
b4ed5be2ea31 ARM: dts: gta04: Move model property out of pinctrl node
70b8eeb7c67e drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK
2422edc2256c drm/msm/disp/dpu: get timing engine status from intf status register
adac5cf6092e drm/msm/dsi: don't allow enabling 14nm VCO with unprogrammed rate
6882389691e1 RDMA/bnxt_re: Fix to remove an unnecessary log
b41dd1d896d1 RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid
9ccca79eb353 RDMA/bnxt_re: Use unique names while registering interrupts
ced019c1f9ea RDMA/bnxt_re: Fix to remove unnecessary return labels
adc129e89497 RDMA/bnxt_re: Disable/kill tasklet only if it is enabled
f95ff838ac39 clk: imx: scu: use _safe list iterator to avoid a use after free
f564dd710971 arm64: dts: microchip: sparx5: do not use PSCI on reference boards
3752e6a98e10 bus: ti-sysc: Fix dispc quirk masking bool variables
6d07673027f4 ARM: dts: stm32: Move ethernet MAC EEPROM from SoM to carrier boards
a14e6f9392dc drm/panel: sharp-ls043t1le01: adjust mode settings
6b5a02a57265 drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks`
ec43cfdcbd36 Input: adxl34x - do not hardcode interrupt trigger type
fd6cdc56ee28 ARM: dts: meson8b: correct uart_B and uart_C clock references
5899bc4058e8 ARM: dts: BCM5301X: Drop "clock-names" from the SPI node
ba51c4072f9a drm/vram-helper: fix function names in vram helper doc
019f013e8b92 drm/bridge: tc358768: fix THS_TRAILCNT computation
ed8bfa046153 drm/bridge: tc358768: fix TXTAGOCNT computation
cec2271095d2 drm/bridge: tc358768: fix THS_ZEROCNT computation
47b8546301a9 drm/bridge: tc358768: fix TCLK_TRAILCNT computation
a07e6484f915 drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation
34b805ab386c drm/bridge: tc358768: fix TCLK_ZEROCNT computation
9e0668ecef6e drm/bridge: tc358768: fix PLL target frequency
81bb5e859f2e drm/bridge: tc358768: fix PLL parameters computation
6451b3274fb3 drm/bridge: tc358768: always enable HS video mode
26a0ba5d1654 Input: drv260x - sleep between polling GO bit
efb61a718540 drm/amd/display: Explicitly specify update type per plane info change
53e0a5ba9deb radeon: avoid double free in ci_dpm_init()
6173df9026d0 drm/amd/display: Add logging for display MALL refresh setting
a4b0164fc18b netlink: Add __sock_i_ino() for __netlink_diag_dump().
04daf3f67497 ipvlan: Fix return value of ipvlan_queue_xmit()
eb720f669b6d netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
c052797ac368 netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
5848ad42507d lib/ts_bm: reset initial match offset for every block of text
fc8429f8d868 net: nfc: Fix use-after-free caused by nfc_llcp_find_local
60ec0058c72f nfc: llcp: simplify llcp_sock_connect() error paths
91f4ef204e73 sfc: fix crash when reading stats while NIC is resetting
9ced40bf849e net: axienet: Move reset before 64-bit DMA detection
ebd6d2077a08 gtp: Fix use-after-free in __gtp_encap_destroy().
4f22f55dc80d selftests: rtnetlink: remove netdevsim device after ipsec offload test
029d892b05fc bonding: do not assume skb mac_header is set
619384319b13 netlink: do not hard code device address lenth in fdb dumps
a641240b7e07 netlink: fix potential deadlock in netlink_set_err()
d4aee9512ae0 net: stmmac: fix double serdes powerdown
cfe147bdd094 igc: Fix race condition in PTP tx code
c729f590fe41 can: length: fix bitstuffing count
4bc47970179a bpf: Fix bpf socket lookup from tc/xdp to respect socket VRF bindings
a254e029b742 bpf: Call __bpf_sk_lookup()/__bpf_skc_lookup() directly via TC hookpoint
9eb2651c67b5 bpf: Factor out socket lookup functions for the TC hookpoint.
a66cce0339a6 bpf: Omit superfluous address family check in __bpf_skc_lookup
7e3d771f85c3 wifi: ath9k: convert msecs to jiffies where needed
248fc11128f9 wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection
365cd15e8fcb wifi: cfg80211: rewrite merging of inherited elements
3b9de981fe7f wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler()
d0f665eee9c3 iwlwifi: don't dump_stack() when we get an unexpected interrupt
a6db476ff38c wifi: iwlwifi: pull from TXQs with softirqs disabled
a572c6852b51 rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO
48c2d1455a6a wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
8c561a59c6cd memstick r592: make memstick_debug_get_tpc_name() static
79c0fbf8f359 kexec: fix a memory leak in crash_shrink_memory()
ed8d827f4313 watchdog/perf: more properly prevent false positives with turbo modes
c29d8d1f56c3 watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config
15b37d2b4a02 wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown
4391fa180856 wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
ac4bf9426af9 selftests/bpf: Fix check_mtu using wrong variable type
95b4b940f0fb wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
ef24fe436bab wifi: ray_cs: Fix an error handling path in ray_probe()
0700d878b0d2 wifi: ray_cs: Drop useless status variable in parse_addr()
d696cbbe43db wifi: ray_cs: Utilize strnlen() in parse_addr()
93890d057317 wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
eaffd568a248 wl3501_cs: use eth_hw_addr_set()
c6143548e634 wifi: atmel: Fix an error handling path in atmel_probe()
5a0a312d3490 wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
f5bb5474f40d wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
ec856ca3b0ac regulator: core: Streamline debugfs operations
fc2f8b9054eb regulator: core: Fix more error checking for debugfs_create_dir()
534508689e89 bpftool: JIT limited misreported as negative value on aarch64
e7e0b6e066f0 nfc: llcp: fix possible use of uninitialized variable in nfc_llcp_send_connect()
edeb029dd9ad spi: dw: Round of n_bytes to power of 2
ac6158b5c4db bpf: Don't EFAULT for {g,s}setsockopt with wrong optlen
71754ee427d7 libbpf: fix offsetof() and container_of() to work with CO-RE
3e7ee33b95e0 sctp: add bpf_bypass_getsockopt proto callback
a32a89bb0459 wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan()
a55f88dd156f wifi: wilc1000: fix for absent RSN capabilities WFA testcase
e215a8a4283a spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG
e92f61e0701e samples/bpf: Fix buffer overflow in tcp_basertt
c77eb01a6e41 libbpf: btf_dump_type_data_check_overflow needs to consider BTF_MEMBER_BITFIELD_SIZE
ad5425e70789 wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
06da826e3b7d wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
79305655961d igc: Enable and fix RX hash usage by netstack
38a9d7dac3ad pstore/ram: Add check for kstrdup
745cec2bd3b3 ima: Fix build warnings
41da2c318cf1 evm: Fix build warnings
757b06fb026c evm: Complete description of evm_inode_setattr()
85872ffac4d8 locking/atomic: arm: fix sync ops
cf78062aa988 x86/mm: Fix __swp_entry_to_pte() for Xen PV guests
bd4c759d31ca perf/ibs: Fix interface via core pmu events
87666a7d3e40 kselftest: vDSO: Fix accumulation of uninitialized ret when CLOCK_REALTIME is undefined
f766d45ab294 rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale
bfe210f62518 rcu/rcuscale: Move rcu_scale_*() after kfree_scale_cleanup()
751cb9511764 rcuscale: Move shutdown from wait_event() to wait_event_idle()
a6d33ea30575 rcuscale: Always log error message
e610497ba1ce rcutorture: Correct name of use_softirq module parameter
c756e8a227c4 thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe()
e2b32b0c5f0a cpufreq: intel_pstate: Fix energy_performance_preference for passive
b51194170f9a ARM: 9303/1: kprobes: avoid missing-declaration warnings
4864c82cb8b5 powercap: RAPL: Fix CONFIG_IOSF_MBI dependency
2c06e0e0102f perf/arm-cmn: Fix DTC reset
3c4f5aee3795 PM: domains: fix integer overflow issues in genpd_parse_state()
289e2054eeb6 clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
5017132f2f92 tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode().
0670c4c567b2 posix-timers: Prevent RT livelock in itimer_delete()
f222873711a5 svcrdma: Prevent page release when nothing was received
6689782746a3 irqchip/jcore-aic: Fix missing allocation of IRQ descriptors
e6b7362290ba md/raid10: fix io loss while replacement replace rdev
f4368a462b1f md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
3c76920e547d md/raid10: fix wrong setting of max_corr_read_errors
d3bf54a69bce md/raid10: fix overflow of md/safe_mode_delay
a134dd582c0d md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
eb120c0aff5c blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost
1bc29ba9598c x86/resctrl: Only show tasks' pid in current pid namespace
d9c194281bc8 fs: pipe: reveal missing function protoypes
25aa2ad37c21 netfilter: nf_tables: drop map element references from preparation phase
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 25bd49d03af0e20808c26744e35fe7f416981017)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 8361787bdb..a44cfa042f 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "0b2e44360ea08b441883f16826c4720546a0886c"
-SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79"
+SRCREV_machine ?= "116b31284aee597f71b1e608b4c0fd33fae483a8"
+SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.120"
+LINUX_VERSION ?= "5.15.122"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 517aede49c..502d6cc679 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.120"
+LINUX_VERSION ?= "5.15.122"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "bb0cc3f9542c03fba314f5da44e91556c641706f"
-SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79"
+SRCREV_machine ?= "ba5a5a74beb8160940ac4a7bae7b3ba4bb2ae8a4"
+SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index dc2cd79f97..babd72dce9 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "938c0c130bc6403d7e54ffc026a1eb32d10b34f9"
-SRCREV_machine:qemuarm64 ?= "d248c07ace0f6bf2a94eaba26a2bdbdbcfb2ec15"
-SRCREV_machine:qemumips ?= "19fdaea3b322820eb042622e68ede3cc99cdf87f"
-SRCREV_machine:qemuppc ?= "8db87cbed6574bec3ece05bf4cbb275fd3497f50"
-SRCREV_machine:qemuriscv64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a"
-SRCREV_machine:qemuriscv32 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a"
-SRCREV_machine:qemux86 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a"
-SRCREV_machine:qemux86-64 ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a"
-SRCREV_machine:qemumips64 ?= "f7673229ddb5c9f3d77b5fb521c98f7dcd20f2ea"
-SRCREV_machine ?= "74c80e559b24dd2c75214e4affc86d71f3d8cc8a"
-SRCREV_meta ?= "820b9bdb192ae263be93e609da415c570d5acc79"
+SRCREV_machine:qemuarm ?= "359aed9e8617e74cc294c5ed7ab1ba545f3c64da"
+SRCREV_machine:qemuarm64 ?= "97e944b9f7bcc62d6dbd5457a73da3e8324efde7"
+SRCREV_machine:qemumips ?= "a8df61307d1b0dc24568183c680eacb3ec16f80c"
+SRCREV_machine:qemuppc ?= "2db940bee2b844eee8e29dc1f9b7ecae118a2455"
+SRCREV_machine:qemuriscv64 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
+SRCREV_machine:qemuriscv32 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
+SRCREV_machine:qemux86 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
+SRCREV_machine:qemux86-64 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
+SRCREV_machine:qemumips64 ?= "28984d668cee9c13a6e7d107d65f4923f3c7db7a"
+SRCREV_machine ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
+SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "d54cfc420586425d418a53871290cc4a59d33501"
+SRCREV_machine:class-devupstream ?= "5c6a716301d915055c7bd6d935f7a4fccec2649c"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.120"
+LINUX_VERSION ?= "5.15.122"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 13/36] linux-yocto/5.15: update to v5.15.123
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (11 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 12/36] linux-yocto/5.15: update to v5.15.122 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 14/36] linux-yocto/5.15: update to v5.15.124 Steve Sakoman
` (22 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
09996673e313 Linux 5.15.123
e6c2f1ce413c Revert "drm/amd/display: edp do not add non-edid timings"
68eafe294786 nixge: fix mac address error handling again
22f4093a4213 tracing/histograms: Return an error if we fail to add histogram to hist_vars list
78471c3ad36f jbd2: recheck chechpointing non-dirty buffer
0ae6b6d21701 net: phy: prevent stale pointer dereference in phy_init()
b7168d2906fd tcp: annotate data-races around fastopenq.max_qlen
accb138c10ff tcp: annotate data-races around icsk->icsk_user_timeout
6b88371f000f tcp: annotate data-races around tp->notsent_lowat
4f0a31f73258 tcp: annotate data-races around rskq_defer_accept
ff0fedfc7540 tcp: annotate data-races around tp->linger2
e187d88f3ba3 tcp: annotate data-races around icsk->icsk_syn_retries
d5617eeb546e tcp: annotate data-races around tp->keepalive_probes
9b2296a2ad23 tcp: annotate data-races around tp->keepalive_intvl
f70ebecdf3c2 tcp: annotate data-races around tp->keepalive_time
0bcee9325268 tcp: annotate data-races around tp->tcp_tx_delay
10013f764ad2 netfilter: nf_tables: skip bound chain on rule flush
dbe1a82d46ed netfilter: nf_tables: skip bound chain in netns release path
706ce3c81b5c netfilter: nft_set_pipapo: fix improper element removal
62615b895ab4 netfilter: nf_tables: fix spurious set element insertion failure
c17b4ec9cc38 llc: Don't drop packet from non-root netns.
2400ae8fd86d fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
40276640bed8 Revert "tcp: avoid the lookup process failing to get sk in ehash table"
b04ab5243e84 net:ipv6: check return value of pskb_trim()
b87a7e3a330c net: ipv4: Use kfree_sensitive instead of kfree
5dd4d1ff8ba1 tcp: annotate data-races around tcp_rsk(req)->ts_recent
fa941f53a2c2 igc: Prevent garbled TX queue with XDP ZEROCOPY
e35dc107a172 bpf: Fix subprog idx logic in check_max_stack_depth
4e87eb224896 octeontx2-pf: Dont allocate BPIDs for LBK interfaces
87fc9616d606 security: keys: Modify mismatched function name
0fb37ce6c01e iavf: Fix out-of-bounds when setting channels on remove
345c44e18cc1 iavf: Fix use-after-free in free_netdev
52ed16146349 net: sched: cls_bpf: Undo tcf_bind_filter in case of an error
5ed16ecae5bf net: ethernet: mtk_eth_soc: handle probe deferral
39479093a472 ethernet: use of_get_ethdev_address()
cb1e666ec077 of: net: add a helper for loading netdev->dev_addr
43da399e509e ethernet: use eth_hw_addr_set() instead of ether_addr_copy()
3fb402bd20e2 bridge: Add extack warning when enabling STP in netns.
ec4ac15eced0 net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
6a5d6096ae5c pinctrl: amd: Use amd_pinconf_set() for all config options
4727cece2994 perf build: Fix library not found error when using CSLIBS
29fb046ec031 fbdev: imxfb: warn about invalid left/right margin
5d191467534b spi: bcm63xx: fix max prepend length
2febd5f81e4b FS: JFS: Check for read-only mounted filesystem in txBegin
3e94d0d378d2 FS: JFS: Fix null-ptr-deref Read in txBegin
13ae3f2fd2be MIPS: dec: prom: Address -Warray-bounds warning
39f6292d7595 fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev
985f96666989 udf: Fix uninitialized array access for some pathnames
579d814de87c quota: fix warning in dqgrab()
32c2f51fffec quota: Properly disable quotas when add_dquot_ref() fails
d363075066cc ALSA: emu10k1: roll up loops in DSP setup code for Audigy
c0d7dbc6b7a6 drm/radeon: Fix integer overflow in radeon_cs_parser_init
bca9fb7a5a86 ext4: correct inline offset when handling xattrs in inode body
87336783d054 ASoC: codecs: wcd938x: fix soundwire initialisation race
a14527c394d0 ASoC: codecs: wcd938x: fix codec initialisation race
4ca000456ea6 ASoC: codecs: wcd934x: fix resource leaks on component remove
5a34d252052b ASoC: codecs: wcd938x: fix missing mbhc init error handling
aa44782a0293 ASoC: codecs: wcd938x: fix resource leaks on component remove
90ab6446eb52 ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove
a05a277a8d23 ASoC: codecs: wcd938x: fix missing clsh ctrl error handling
574ffa6fdf30 ASoC: fsl_sai: Disable bit clock with transmitter
925bbcdbc4d0 drm/amd/display: Keep PHY active for DP displays on DCN31
742340371b01 drm/amd/display: Disable MPC split by default on special asic
1369d0c586ad drm/client: Fix memory leak in drm_client_modeset_probe
a85e23a1ef63 drm/client: Fix memory leak in drm_client_target_cloned
82690148ff19 selftests: tc: add ConnTrack procfs kconfig
3c3941bb1eb5 can: bcm: Fix UAF in bcm_proc_show()
148453787636 regmap: Account for register length in SMBus I/O limits
6ce258d0c622 regmap: Drop initial version of maximum transfer length fixes
d3ee089a16a3 selftests: tc: add 'ct' action kconfig dep
4a888b22cc07 selftests: tc: set timeout to 15 minutes
62ee5840326b fuse: ioctl: translate ENOSYS in outarg
ab80a901f8da btrfs: zoned: fix memory leak after finding block group with super blocks
6ba7ac692a25 fuse: revalidate: don't invalidate if interrupted
c9060caab413 btrfs: fix warning when putting transaction with qgroups enabled after abort
232a104e38fe perf probe: Add test for regression introduced by switch to die_get_decl_file()
9aecfebea24f keys: Fix linking a duplicate key to a keyring's assoc_array
0b24b5e187bd ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx
2d04042a9fce ALSA: hda/realtek: Add quirk for Clevo NS70AU
a5de09b7f9fe ALSA: hda/realtek - remove 3k pull low procedure
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit df81fdbc619c5a3a76ad3bdea2bf7d761e612656)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index a44cfa042f..76c98336f9 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "116b31284aee597f71b1e608b4c0fd33fae483a8"
-SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
+SRCREV_machine ?= "59fd8ada21b5e298f66a7b22b8e90a16f5a30142"
+SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.122"
+LINUX_VERSION ?= "5.15.123"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index 502d6cc679..c340702712 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.122"
+LINUX_VERSION ?= "5.15.123"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "ba5a5a74beb8160940ac4a7bae7b3ba4bb2ae8a4"
-SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
+SRCREV_machine ?= "5aa57f90df9951ba3d98a8ff083a43b62f97e7cc"
+SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index babd72dce9..06b381b362 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "359aed9e8617e74cc294c5ed7ab1ba545f3c64da"
-SRCREV_machine:qemuarm64 ?= "97e944b9f7bcc62d6dbd5457a73da3e8324efde7"
-SRCREV_machine:qemumips ?= "a8df61307d1b0dc24568183c680eacb3ec16f80c"
-SRCREV_machine:qemuppc ?= "2db940bee2b844eee8e29dc1f9b7ecae118a2455"
-SRCREV_machine:qemuriscv64 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
-SRCREV_machine:qemuriscv32 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
-SRCREV_machine:qemux86 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
-SRCREV_machine:qemux86-64 ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
-SRCREV_machine:qemumips64 ?= "28984d668cee9c13a6e7d107d65f4923f3c7db7a"
-SRCREV_machine ?= "295703c7e73cf6be6c7977b2c00130764a8cb400"
-SRCREV_meta ?= "ad208ba7d8166bc7cfd260650d481ba8e95dc1b9"
+SRCREV_machine:qemuarm ?= "ef2785ed640623ce9ae395a2abc49d22cdc6250b"
+SRCREV_machine:qemuarm64 ?= "c68f102984771a06e462d8a8f6ded44c3acee4bf"
+SRCREV_machine:qemumips ?= "f5dcc525b57cf14c8a3d287ff3da9c2bf2b76bee"
+SRCREV_machine:qemuppc ?= "4372656a5a7ea05a29ca1758468e41f1ceae5a1a"
+SRCREV_machine:qemuriscv64 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
+SRCREV_machine:qemuriscv32 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
+SRCREV_machine:qemux86 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
+SRCREV_machine:qemux86-64 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
+SRCREV_machine:qemumips64 ?= "bd546f292ae1ce89104a3556b0245e8cd908615d"
+SRCREV_machine ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
+SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "5c6a716301d915055c7bd6d935f7a4fccec2649c"
+SRCREV_machine:class-devupstream ?= "09996673e3139a6d86fc3d95c852b3a020e2fe5f"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.122"
+LINUX_VERSION ?= "5.15.123"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 14/36] linux-yocto/5.15: update to v5.15.124
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (12 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 13/36] linux-yocto/5.15: update to v5.15.123 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 15/36] yocto-uninative: Update hashes for uninative 4.1 Steve Sakoman
` (21 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest korg -stable release that comprises
the following commits:
38d4ca22a528 Linux 5.15.124
78001ffa9bc4 selftests: mptcp: join: only check for ip6tables if needed
66cf5f394abe ASoC: cs42l51: fix driver to properly autoload with automatic module loading
3359fdf49de4 io_uring: treat -EAGAIN for REQ_F_NOWAIT as final for io-wq
374edda0db70 selftests: mptcp: sockopt: use 'iptables-legacy' if available
43bbe1a091e0 cpufreq: intel_pstate: Drop ACPI _PSS states table patching
73b4cbed9176 ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily
cd031669682e ACPI: processor: perflib: Use the "no limit" frequency QoS
e8e93e2f017e tracing: Fix trace_event_raw_event_synth() if else statement
f3b6e63004f6 rbd: retrieve and check lock owner twice before blocklisting
bb25c5c0e4ae rbd: harden get_lock_owner_info() a bit
b223e9ffb64d rbd: make get_lock_owner_info() return a single locker or NULL
098d0b9ba03c dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
7c9b8cca4917 ceph: never send metrics if disable_send_metrics is set
e443b3a508b0 ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
585355a76e05 s390/dasd: fix hanging device after quiesce/resume
0061453d6ea1 virtio-net: fix race between set queues and probe
427d42838c16 KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid
4ed1549129f9 locking/rtmutex: Fix task->pi_waiters integrity
c579caef7c46 irqchip/gic-v4.1: Properly lock VPEs when doing a directLPI invalidation
6cb3c511afcb irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
354e8bd5f532 tpm_tis: Explicitly check for error code
8130c32b4ac1 nfsd: Remove incorrect check in nfsd4_validate_stateid
9b8a31a23152 file: always lock position for FMODE_ATOMIC_POS
1f5ea62a0f42 btrfs: check for commit error at btrfs_attach_transaction_barrier()
883c3ed9a16a btrfs: check if the transaction was aborted at btrfs_wait_for_commit()
a7abb1690fe1 hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
3f3cdca84432 hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature
a676ddc4ca96 ALSA: hda/relatek: Enable Mute LED on HP 250 G8
dd125fcd580a Revert "xhci: add quirk for host controllers that don't update endpoint DCS"
5138c228311a tty: n_gsm: fix UAF in gsm_cleanup_mux
baf420e30364 staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
acacdbe0f740 staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
ba2975efe979 Documentation: security-bugs.rst: clarify CVE handling
28ae486f8e36 Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group
98a118840b71 Revert "usb: xhci: tegra: Fix error check"
2eaa43508a0e usb: xhci-mtk: set the dma max_seg_size
cd2d96c4bc6f usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config
3af06a8502ee USB: quirks: add quirk for Focusrite Scarlett
8fb5a01196df usb: ohci-at91: Fix the unhandle interrupt when resume
6366b1178545 usb: dwc3: don't reset device side if dwc3 was configured as host-only
6f126e026307 usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy
a2d2fa661293 Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"
97620ed1bcab can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED
0ac13ef00209 USB: serial: simple: sort driver entries
378e03623741 USB: serial: simple: add Kaufmann RKS+CAN VCP
5b9a5cf1bf4a USB: serial: option: add Quectel EC200A module support
399091399777 USB: serial: option: support Quectel EM060K_128
b800c0d5576e serial: sifive: Fix sifive_serial_console_setup() section
8fa462ad0f9b serial: 8250_dw: Preserve original value of DLF register
dc4f6c537f37 serial: qcom-geni: drop bogus runtime pm state update
41c487de4cf5 KVM: VMX: Don't fudge CR0 and CR4 for restricted L2 guest
5883a4e8478d KVM: Grab a reference to KVM for VM and vCPU stats file descriptors
0f7a2b567197 USB: gadget: Fix the memory leak in raw_gadget driver
2f9bfccced04 usb: gadget: call usb_gadget_check_config() to verify UDC capability
a49884561a8c Revert "usb: gadget: tegra-xudc: Fix error check in tegra_xudc_powerdomain_init()"
813cede7b2f5 tracing: Fix warning in trace_buffered_event_disable()
23e8a65f9a93 ring-buffer: Fix wrong stat of cpu_buffer->read
ae5b8b1c2eac ata: pata_ns87415: mark ns87560_tf_read static
6bbbe1b2161e RDMA/irdma: Report correct WC error
bd79de8bd371 drm/amd: Fix an error handling mistake in psp_sw_init()
4e1c1d742970 dm raid: protect md_stop() with 'reconfig_mutex'
0c4db5a04d4f dm raid: clean up four equivalent goto tags in raid_ctr()
2e321ee96f88 dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
4b9f3ef1f3eb block: Fix a source code comment in include/uapi/linux/blkzoned.h
2861b33820f9 ASoC: fsl_spdif: Silence output on stop
5ec0e4deee5b drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb()
b79a0e71d6e8 RDMA/bnxt_re: Prevent handling any completions after qp destroy
3ad5f655eb8a RDMA/mthca: Fix crash when polling CQ for shared QPs
c5b5dbcbf91f RDMA/irdma: Fix data race on CQP request done
bf0f9f65b7fe RDMA/irdma: Fix data race on CQP completion stats
fd6e50ec2c38 RDMA/irdma: Add missing read barriers
5fbb5068d2bd drm/msm/adreno: Fix snapshot BINDLESS_DATA size
4e9d4a21616b drm/msm/dpu: drop enum dpu_core_perf_data_bus_id
6ab756a55e46 RDMA/mlx4: Make check for invalid flags stricter
9dde876a4dc8 tipc: stop tipc crypto on failure in tipc_node_create
df019bc1241e tipc: check return value of pskb_trim()
42afa7ef6629 benet: fix return value check in be_lancer_xmit_workarounds()
95cf4fa31b0c net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64
98f6bbdfc0ce net/sched: mqprio: add extack to mqprio_parse_nlattr()
b1e85c9d28dd net/sched: mqprio: refactor nlattr parsing to a separate function
5bee91121cce netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID
98bcfcaecc76 netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
50cbb9d195c1 netfilter: nft_set_rbtree: fix overlap expiration walk
feba294c454a igc: Fix Kernel Panic during ndo_tx_timeout callback
8412fe36863b platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
238420a24d6b net: stmmac: Apply redundant write work around on 4.xx too
9be8ec5a0cfe team: reset team's flags when down link is P2P device
bf2d7b63e2b5 bonding: reset bond's flags when down link is P2P device
c28b39387634 ice: Fix memory management in ice_ethtool_fdir.c
ecb741a17cb2 tcp: Reduce chance of collisions in inet6_hashfn().
dd48780a7bbb ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address
46e40297355e ethernet: atheros: fix return value check in atl1e_tso_csum()
6d8a71e4c3a2 phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
49f5b3c9499b vxlan: calculate correct header length for GPE
77396fa9096a vxlan: move to its own directory
96dbc68b7f86 net: hns3: fix wrong bw weight of disabled tc issue
9755714d238c net: hns3: fix wrong tc bandwidth weight data issue
01460ac6ff95 net: phy: marvell10g: fix 88x3310 power up
57743a86cce1 iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED
1542e399a12a iavf: fix potential deadlock on allocation failure
5a4048355725 i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
c9b936984d89 media: staging: atomisp: select V4L2_FWNODE
6aa7cb3bb5c9 soundwire: qcom: update status correctly with mask
3f28ec4a4002 phy: qcom-snps-femto-v2: properly enable ref clock
ac3fe4c2a708 phy: qcom-snps-femto-v2: keep cfg_ahb_clk enabled during runtime suspend
e7c0c5af517f phy: qcom-snps: correct struct qcom_snps_hsphy kerneldoc
450ef59bef9a phy: qcom-snps: Use dev_err_probe() to simplify code
d6f92582816c drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel
fc399b0fdf2d drm/amdgpu: fix vkms crtc settings
aa56bcff46a1 scsi: qla2xxx: Fix hang in task management
58daf4e8709d scsi: qla2xxx: Add debug prints in the device remove path
f90d44e5bbbe scsi: qla2xxx: Fix task management cmd fail due to unavailable resource
01366f0b656a scsi: qla2xxx: Fix task management cmd failure
25cea82ea25d scsi: qla2xxx: Multi-que support for TMF
2e18fd3f61be scsi: qla2xxx: Remove unused declarations for qla2xxx
ace6bed42464 tracing/probes: Fix to record 0-length data_loc in fetch_store_string*() if fails
30c8ba1da373 Revert "tracing: Add "(fault)" name injection to kernel probes"
5f52389bdd9e tracing: Allow synthetic events to pass around stacktraces
e7b4d24fa090 tracing/probes: Fix to avoid double count of the string length on the array
3a1a229712ef tracing/probes: Add symstr type for dynamic events
7ac170d93bec pwm: meson: fix handling of period/duty if greater than UINT_MAX
bae3c43a9d25 pwm: meson: Simplify duplicated per-channel tracking
5cb0349cfcde cifs: if deferred close is disabled then close files immediately
c600e23fbc40 ksmbd: remove internal.h include
c8117ac42303 cifs: use fs_context for automounts
5076cc8bc162 cifs: missing directory in MAINTAINERS file
da60170558b9 drm/ttm: never consider pinned BOs for eviction&swap
c556573e4bb1 tty: fix hang on tty device with no_room set
d262770b95c7 n_tty: Rename tail to old_tail in n_tty_read()
7738335d73d0 drm/ttm: Don't leak a resource on eviction error
4400b96587fd drm/ttm: Don't print error message if eviction was interrupted
354cdda79a77 fs: dlm: interrupt posix locks only when process is killed
97e7a0f8dea2 dlm: rearrange async condition return
75ce95abc65b dlm: cleanup plock_op vs plock_xop
b409d8df9bea PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
cbd1494e51fd PCI: rockchip: Fix window mapping and address translation for endpoint
eb39c4c051dc PCI: rockchip: Remove writes to unused registers
05f13e85fbdd PCI/ASPM: Avoid link retraining race
52d274956a8f PCI/ASPM: Factor out pcie_wait_for_retrain()
cf8c18150030 PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link()
8b9249d74ca5 i2c: nomadik: Remove a useless call in the remove function
f07d8d345bd2 i2c: nomadik: Use devm_clk_get_enabled()
4954c8705339 i2c: nomadik: Remove unnecessary goto label
24562f0a46ad i2c: Improve size determinations
9845744e57fe i2c: Delete error messages for failed memory allocations
89eae1f0aaeb btrfs: fix race between quota disable and relocation
b19e90521286 gpio: mvebu: fix irq domain leak
a999660042af gpio: mvebu: Make use of devm_pwmchip_add
34fe5fbc208f pwm: Add a stub for devm_pwmchip_add()
f3d2344811fd gpio: tps68470: Make tps68470_gpio_output() always set the initial value
21d063d27bf3 io_uring: don't audit the capability check in io_uring_create()
49a2686addde KVM: s390: pv: fix index value of replaced ASCE
fee1e6a73557 jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit f7ffd2eba4d5c731b7841690e24ca4c5752dfce8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../linux/linux-yocto-rt_5.15.bb | 6 ++---
.../linux/linux-yocto-tiny_5.15.bb | 6 ++---
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +++++++++----------
3 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
index 76c98336f9..6ac3118f81 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.15.bb
@@ -11,13 +11,13 @@ python () {
raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
}
-SRCREV_machine ?= "59fd8ada21b5e298f66a7b22b8e90a16f5a30142"
-SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
+SRCREV_machine ?= "0ac91942af8fec31671ffe62e9518aaf15f110b3"
+SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
-LINUX_VERSION ?= "5.15.123"
+LINUX_VERSION ?= "5.15.124"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
index c340702712..9c06ddf200 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.15.bb
@@ -5,7 +5,7 @@ KCONFIG_MODE = "--allnoconfig"
require recipes-kernel/linux/linux-yocto.inc
-LINUX_VERSION ?= "5.15.123"
+LINUX_VERSION ?= "5.15.124"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
@@ -14,8 +14,8 @@ DEPENDS += "openssl-native util-linux-native"
KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
-SRCREV_machine ?= "5aa57f90df9951ba3d98a8ff083a43b62f97e7cc"
-SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
+SRCREV_machine ?= "cdb289c798fe1fc9f259a08c32e2dd9516ccb7a4"
+SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8"
PV = "${LINUX_VERSION}+git${SRCPV}"
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.15.bb b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
index 06b381b362..76009eb6a1 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.15.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.15.bb
@@ -13,24 +13,24 @@ KBRANCH:qemux86 ?= "v5.15/standard/base"
KBRANCH:qemux86-64 ?= "v5.15/standard/base"
KBRANCH:qemumips64 ?= "v5.15/standard/mti-malta64"
-SRCREV_machine:qemuarm ?= "ef2785ed640623ce9ae395a2abc49d22cdc6250b"
-SRCREV_machine:qemuarm64 ?= "c68f102984771a06e462d8a8f6ded44c3acee4bf"
-SRCREV_machine:qemumips ?= "f5dcc525b57cf14c8a3d287ff3da9c2bf2b76bee"
-SRCREV_machine:qemuppc ?= "4372656a5a7ea05a29ca1758468e41f1ceae5a1a"
-SRCREV_machine:qemuriscv64 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
-SRCREV_machine:qemuriscv32 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
-SRCREV_machine:qemux86 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
-SRCREV_machine:qemux86-64 ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
-SRCREV_machine:qemumips64 ?= "bd546f292ae1ce89104a3556b0245e8cd908615d"
-SRCREV_machine ?= "20f53f58b8ce5cade2786e8e31cfdb714fa4c420"
-SRCREV_meta ?= "cae7ce34613cda607d089452f19e8b20143afcf6"
+SRCREV_machine:qemuarm ?= "676a22c65ec0f8bb5dc7e13d130f6e3764959d75"
+SRCREV_machine:qemuarm64 ?= "f0e7afd5948f71be062cd9194b56cd03de94b7cb"
+SRCREV_machine:qemumips ?= "0f1ceb9008f182cd7f21420bbec6f21a67da8397"
+SRCREV_machine:qemuppc ?= "4ec9fc13283ce01627ef8c32617a1eb71e127c62"
+SRCREV_machine:qemuriscv64 ?= "1c09be01f4b87f60ea64136459167d73502a118f"
+SRCREV_machine:qemuriscv32 ?= "1c09be01f4b87f60ea64136459167d73502a118f"
+SRCREV_machine:qemux86 ?= "1c09be01f4b87f60ea64136459167d73502a118f"
+SRCREV_machine:qemux86-64 ?= "1c09be01f4b87f60ea64136459167d73502a118f"
+SRCREV_machine:qemumips64 ?= "fad09cc6acf2175aa6b5979ef48cd5f05afc3da0"
+SRCREV_machine ?= "1c09be01f4b87f60ea64136459167d73502a118f"
+SRCREV_meta ?= "f484a7f175b4f3c4f7d2b553cde232bd41f757d8"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
# meta SRCREV as the linux-yocto-standard builds. Select your version using the
# normal PREFERRED_VERSION settings.
BBCLASSEXTEND = "devupstream:target"
-SRCREV_machine:class-devupstream ?= "09996673e3139a6d86fc3d95c852b3a020e2fe5f"
+SRCREV_machine:class-devupstream ?= "38d4ca22a5288c4bae7e6d62a1728b0718d51866"
PN:class-devupstream = "linux-yocto-upstream"
KBRANCH:class-devupstream = "v5.15/base"
@@ -38,7 +38,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.15;destsuffix=${KMETA}"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
-LINUX_VERSION ?= "5.15.123"
+LINUX_VERSION ?= "5.15.124"
DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}"
DEPENDS += "openssl-native util-linux-native"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 15/36] yocto-uninative: Update hashes for uninative 4.1
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (13 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 14/36] linux-yocto/5.15: update to v5.15.124 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 16/36] yocto-uninative: Update to 4.2 for glibc 2.38 Steve Sakoman
` (20 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
This version includes fixes to patchelf.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1c5c8ff97ba0a7f9adc592d702b865b3d166a24b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/conf/distro/include/yocto-uninative.inc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index ad4816a1f3..b3bd7794fb 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -7,9 +7,9 @@
#
UNINATIVE_MAXGLIBCVERSION = "2.37"
-UNINATIVE_VERSION = "4.0"
+UNINATIVE_VERSION = "4.1"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "7baa8418a302df52e00916193b0a04f318356d9d2670c9a2bce3e966efefd738"
-UNINATIVE_CHECKSUM[i686] ?= "83114d36883d43a521e280742b9849bf85d039b2f83d8e21d480659babe75ee8"
-UNINATIVE_CHECKSUM[x86_64] ?= "fd75b2a1a67a10f6b7d65afb7d0f3e71a63b0038e428f34dfe420bb37716558a"
+UNINATIVE_CHECKSUM[aarch64] ?= "b6ff9171aa7d3828bc81197822e804725908856bbd488bf412121cc0deddcb60"
+UNINATIVE_CHECKSUM[i686] ?= "6354fd2e09af1f111bad5e34ce7af4f9ad7cd266188af7eeceaeb982afd5354b"
+UNINATIVE_CHECKSUM[x86_64] ?= "f83eca543170adfd2432b135ca655922a4303622d73cc4b13e92b973cdf49e3a"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 16/36] yocto-uninative: Update to 4.2 for glibc 2.38
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (14 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 15/36] yocto-uninative: Update hashes for uninative 4.1 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 17/36] pixman: Remove duplication of license MIT Steve Sakoman
` (19 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
Uninative 4.2 adds glibc 2.38.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c6654fab00a1b4e4bb05eec8b77c8c60e1f8a709)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index b3bd7794fb..6596c0f4a2 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,10 +6,10 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.37"
-UNINATIVE_VERSION = "4.1"
+UNINATIVE_MAXGLIBCVERSION = "2.38"
+UNINATIVE_VERSION = "4.2"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "b6ff9171aa7d3828bc81197822e804725908856bbd488bf412121cc0deddcb60"
-UNINATIVE_CHECKSUM[i686] ?= "6354fd2e09af1f111bad5e34ce7af4f9ad7cd266188af7eeceaeb982afd5354b"
-UNINATIVE_CHECKSUM[x86_64] ?= "f83eca543170adfd2432b135ca655922a4303622d73cc4b13e92b973cdf49e3a"
+UNINATIVE_CHECKSUM[aarch64] ?= "cff40e7bdde50aeda06707af8c001796a71b4cf33c5ae1616e5c47943ff6b94e"
+UNINATIVE_CHECKSUM[i686] ?= "a70516447e9a9f1465ffaf1c7f89e79d1692d2356d86fd2a5a63acd908db1ff2"
+UNINATIVE_CHECKSUM[x86_64] ?= "6a86d71eeafba4fefec600c9bf8cf4a01324d1eb52788b6e398d3f23c10d19fb"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 17/36] pixman: Remove duplication of license MIT
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (15 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 16/36] yocto-uninative: Update to 4.2 for glibc 2.38 Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 18/36] lib/package_manager: Improve repo artefact filtering Steve Sakoman
` (18 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Poonam Jadhav <ppjadhav456@gmail.com>
Remove duplication of license MIT from pixman bbfile.
Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb b/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
index c56733eefd..63fd6d2978 100644
--- a/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
+++ b/meta/recipes-graphics/xorg-lib/pixman_0.40.0.bb
@@ -19,7 +19,7 @@ UPSTREAM_CHECK_REGEX = "pixman-(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)"
PE = "1"
-LICENSE = "MIT & MIT & PD"
+LICENSE = "MIT & PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=14096c769ae0cbb5fcb94ec468be11b3 \
file://pixman/pixman-matrix.c;endline=21;md5=4a018dff3e4e25302724c88ff95c2456 \
file://pixman/pixman-arm-neon-asm.h;endline=24;md5=9a9cc1e51abbf1da58f4d9528ec9d49b \
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 18/36] lib/package_manager: Improve repo artefact filtering
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (16 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 17/36] pixman: Remove duplication of license MIT Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 19/36] acl/attr: ptest fixes and improvements Steve Sakoman
` (17 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
If you run an arm build followed by an x86 one and then ask for a
full repo to be created, it will include all of the arm and x86 packages.
testexport will then find the arm socat package rather than the x86 one
and try and run arm binaries within an x86 qemu image with no success.
The reproducer for this was:
oe-selftest -r fitimage.FitImageTests.test_initramfs_bundle runtime_test.TestImage.test_testimage_install
This patch only symlinks in the compatible package archictures rather
than all of them which fixes the failure and the resulting autobuilder
intermittent failure too.
[YOCTO #15190]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 30b45bcf49bf8207fd96bb45a55d7708661f3359)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oe/package_manager/__init__.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/meta/lib/oe/package_manager/__init__.py b/meta/lib/oe/package_manager/__init__.py
index 80bc1a6bc6..6615258470 100644
--- a/meta/lib/oe/package_manager/__init__.py
+++ b/meta/lib/oe/package_manager/__init__.py
@@ -467,7 +467,10 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie
# Detect bitbake -b usage
nodeps = d.getVar("BB_LIMITEDDEPS") or False
if nodeps or not filterbydependencies:
- oe.path.symlink(deploydir, subrepo_dir, True)
+ for arch in d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").split() + d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").replace("-", "_").split():
+ target = os.path.join(deploydir + "/" + arch)
+ if os.path.exists(target):
+ oe.path.symlink(target, subrepo_dir + "/" + arch, True)
return
start = None
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 19/36] acl/attr: ptest fixes and improvements
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (17 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 18/36] lib/package_manager: Improve repo artefact filtering Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 20/36] shadow-sysroot: add license information Steve Sakoman
` (16 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a missing perl module dependency for the ptest packages and also
improve the run-ptest script so that the error log is saved allowing
easier debugging if this fails in future.
(From OE-Core rev: fbb9c596b8e6a8a1260dd7aefddf138d20bf64df)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2c948fa0250b765bc5f2fbe63c82258601cc77ff)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-support/attr/acl/run-ptest | 6 ++++++
meta/recipes-support/attr/acl_2.3.1.bb | 1 +
meta/recipes-support/attr/attr.inc | 1 +
meta/recipes-support/attr/attr/run-ptest | 7 +++++++
4 files changed, 15 insertions(+)
diff --git a/meta/recipes-support/attr/acl/run-ptest b/meta/recipes-support/attr/acl/run-ptest
index 4312823365..3af75c84fe 100644
--- a/meta/recipes-support/attr/acl/run-ptest
+++ b/meta/recipes-support/attr/acl/run-ptest
@@ -7,4 +7,10 @@
mkdir -p /tmp/acl-ptest/test
cp test/test.* /tmp/acl-ptest/test
+set +e
make test-suite.log
+exitcode=$?
+if [ $exitcode -ne 0 -a -e test-suite.log ]; then
+ cat test-suite.log
+fi
+exit $exitcode
diff --git a/meta/recipes-support/attr/acl_2.3.1.bb b/meta/recipes-support/attr/acl_2.3.1.bb
index aca04a9aac..c2c9ba9069 100644
--- a/meta/recipes-support/attr/acl_2.3.1.bb
+++ b/meta/recipes-support/attr/acl_2.3.1.bb
@@ -62,6 +62,7 @@ RDEPENDS:${PN}-ptest = "acl \
bash \
coreutils \
perl \
+ perl-module-constant \
perl-module-filehandle \
perl-module-getopt-std \
perl-module-posix \
diff --git a/meta/recipes-support/attr/attr.inc b/meta/recipes-support/attr/attr.inc
index a4e38f2b19..56028edb12 100644
--- a/meta/recipes-support/attr/attr.inc
+++ b/meta/recipes-support/attr/attr.inc
@@ -50,6 +50,7 @@ do_install_ptest() {
RDEPENDS:${PN}-ptest = "attr \
coreutils \
+ perl-module-constant \
perl-module-filehandle \
perl-module-getopt-std \
perl-module-posix \
diff --git a/meta/recipes-support/attr/attr/run-ptest b/meta/recipes-support/attr/attr/run-ptest
index f64244f239..3e7a3a17a0 100644
--- a/meta/recipes-support/attr/attr/run-ptest
+++ b/meta/recipes-support/attr/attr/run-ptest
@@ -1,3 +1,10 @@
#!/bin/sh
+set +e
make test-suite.log
+exitcode=$?
+if [ $exitcode -ne 0 -a -e test-suite.log ]; then
+ cat test-suite.log
+fi
+exit $exitcode
+
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 20/36] shadow-sysroot: add license information
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (18 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 19/36] acl/attr: ptest fixes and improvements Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 21/36] resulttool/resultutils: allow index generation despite corrupt json Steve Sakoman
` (15 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Recipe references 'login.defs' in LIC_FILES_CHKSUM. This causes some
problems:
- file does not contain a single word which is related with its license
- changing this file (here: increasing SYS_UID_MIN) invalidates
LIC_FILES_CHKSUM
Add 'SPDX-License-Identifier' to the file and limit the checksum to
this part.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c6f2e3feeb26abefb4136c56db6f3c0349acefb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/shadow/files/login.defs_shadow-sysroot | 1 +
meta/recipes-extended/shadow/shadow-sysroot_4.6.bb | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot b/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot
index 8a68dd341a..09df77d2e7 100644
--- a/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot
+++ b/meta/recipes-extended/shadow/files/login.defs_shadow-sysroot
@@ -1,3 +1,4 @@
+# SPDX-License-Identifier: BSD-3-Clause OR Artistic-1.0
#
# /etc/login.defs - Configuration control definitions for the shadow package.
#
diff --git a/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb b/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb
index e05fa237a2..6580bd9166 100644
--- a/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb
+++ b/meta/recipes-extended/shadow/shadow-sysroot_4.6.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "http://github.com/shadow-maint/shadow"
BUGTRACKER = "http://github.com/shadow-maint/shadow/issues"
SECTION = "base utils"
LICENSE = "BSD-3-Clause | Artistic-1.0"
-LIC_FILES_CHKSUM = "file://login.defs_shadow-sysroot;md5=25e2f2de4dfc8f966ac5cdfce45cd7d5"
+LIC_FILES_CHKSUM = "file://login.defs_shadow-sysroot;endline=1;md5=ceddfb61608e4db87012499555184aed"
DEPENDS = "base-passwd"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 21/36] resulttool/resultutils: allow index generation despite corrupt json
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (19 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 20/36] shadow-sysroot: add license information Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 22/36] automake: fix buildtest patch Steve Sakoman
` (14 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
non-release indexes will continue to generate when test output is
corrupted.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1a9157684a6bff8406c9bb470cb2e16ee006bbe9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
scripts/lib/resulttool/resultutils.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/scripts/lib/resulttool/resultutils.py b/scripts/lib/resulttool/resultutils.py
index 7666331ba2..c5521d81bd 100644
--- a/scripts/lib/resulttool/resultutils.py
+++ b/scripts/lib/resulttool/resultutils.py
@@ -58,7 +58,11 @@ def append_resultsdata(results, f, configmap=store_map, configvars=extra_configv
testseries = posixpath.basename(posixpath.dirname(url.path))
else:
with open(f, "r") as filedata:
- data = json.load(filedata)
+ try:
+ data = json.load(filedata)
+ except json.decoder.JSONDecodeError:
+ print("Cannot decode {}. Possible corruption. Skipping.".format(f))
+ data = ""
testseries = os.path.basename(os.path.dirname(f))
else:
data = f
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 22/36] automake: fix buildtest patch
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (20 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 21/36] resulttool/resultutils: allow index generation despite corrupt json Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 23/36] selftest/cases/glibc.py: fix the override syntax Steve Sakoman
` (13 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Julien Stephan <jstephan@baylibre.com>
Add check_PROGRAMS as a dependency of buildtest-TESTS target.
This is required because according to the official automake
documentation [1]:
* TESTS: contains all the tests files
* check_PROGRAMS: contains the programs used by the tests
* check_PROGRAMS is not automatically added to TESTS
So, by using only TESTS as a dependency for buildtest-TESTS we may end
up having runtime errors because of missing program required by the
tests.
[1]: https://www.gnu.org/software/automake/manual/html_node/Scripts_002dbased-Testsuites.html
Signed-off-by: Julien Stephan <jstephan@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee3e2af4f8ed95b4fd0f7cec52ae4e169401b719)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/automake/automake/buildtest.patch | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/automake/automake/buildtest.patch b/meta/recipes-devtools/automake/automake/buildtest.patch
index b88b9e8693..c43a4ac8f3 100644
--- a/meta/recipes-devtools/automake/automake/buildtest.patch
+++ b/meta/recipes-devtools/automake/automake/buildtest.patch
@@ -36,7 +36,7 @@ index e0db651..de137fa 100644
-check-TESTS: $(TESTS)
+AM_RECURSIVE_TARGETS += buildtest runtest
+
-+buildtest-TESTS: $(TESTS)
++buildtest-TESTS: $(TESTS) $(check_PROGRAMS)
+
+check-TESTS: buildtest-TESTS
+ $(MAKE) $(AM_MAKEFLAGS) runtest-TESTS
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 23/36] selftest/cases/glibc.py: fix the override syntax
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (21 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 22/36] automake: fix buildtest patch Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 24/36] rootfs: Add debugfs package db file copy and cleanup Steve Sakoman
` (12 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Fix the override so we actually pass the correct value to glibc.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38fd2120f0f48512091ddad6205ce19839eaf589)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/selftest/cases/glibc.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index 6fc98e9cb4..783c2d8541 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -24,7 +24,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
features.append('TOOLCHAIN_TEST_HOST_USER = "root"')
features.append('TOOLCHAIN_TEST_HOST_PORT = "22"')
# force single threaded test execution
- features.append('EGLIBCPARALLELISM_task-check:pn-glibc-testsuite = "PARALLELMFLAGS="-j1""')
+ features.append('EGLIBCPARALLELISM:task-check:pn-glibc-testsuite = "PARALLELMFLAGS="-j1""')
self.write_config("\n".join(features))
bitbake("glibc-testsuite -c check")
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 24/36] rootfs: Add debugfs package db file copy and cleanup
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (22 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 23/36] selftest/cases/glibc.py: fix the override syntax Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 25/36] rpm: Pick debugfs package db files/dirs explicitly Steve Sakoman
` (11 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Alex Kiernan <alex.kiernan@gmail.com>
When copying the package database files for the debugfs, add individual
file copy as well as tree copying. After the debug rootfs has been
created, cleanup the package files.
This then allows us to avoid a problem where (for rpm at least)
extraneous files in the debug rootfs would cause failures during
oe-selftest because some files existed in both regular and debugfs
images.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit ce49ea435ce55eb5b6da442c12e03a806534c38d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oe/rootfs.py | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/meta/lib/oe/rootfs.py b/meta/lib/oe/rootfs.py
index 91312f8353..2824d4f037 100644
--- a/meta/lib/oe/rootfs.py
+++ b/meta/lib/oe/rootfs.py
@@ -104,7 +104,7 @@ class Rootfs(object, metaclass=ABCMeta):
def _cleanup(self):
pass
- def _setup_dbg_rootfs(self, dirs):
+ def _setup_dbg_rootfs(self, package_paths):
gen_debugfs = self.d.getVar('IMAGE_GEN_DEBUGFS') or '0'
if gen_debugfs != '1':
return
@@ -120,11 +120,12 @@ class Rootfs(object, metaclass=ABCMeta):
bb.utils.mkdirhier(self.image_rootfs)
bb.note(" Copying back package database...")
- for dir in dirs:
- if not os.path.isdir(self.image_rootfs + '-orig' + dir):
- continue
- bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(dir))
- shutil.copytree(self.image_rootfs + '-orig' + dir, self.image_rootfs + dir, symlinks=True)
+ for path in package_paths:
+ bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(path))
+ if os.path.isdir(self.image_rootfs + '-orig' + path):
+ shutil.copytree(self.image_rootfs + '-orig' + path, self.image_rootfs + path, symlinks=True)
+ elif os.path.isfile(self.image_rootfs + '-orig' + path):
+ shutil.copyfile(self.image_rootfs + '-orig' + path, self.image_rootfs + path)
# Copy files located in /usr/lib/debug or /usr/src/debug
for dir in ["/usr/lib/debug", "/usr/src/debug"]:
@@ -160,6 +161,13 @@ class Rootfs(object, metaclass=ABCMeta):
bb.note(" Install extra debug packages...")
self.pm.install(extra_debug_pkgs.split(), True)
+ bb.note(" Removing package database...")
+ for path in package_paths:
+ if os.path.isdir(self.image_rootfs + path):
+ shutil.rmtree(self.image_rootfs + path)
+ elif os.path.isfile(self.image_rootfs + path):
+ os.remove(self.image_rootfs + path)
+
bb.note(" Rename debug rootfs...")
try:
shutil.rmtree(self.image_rootfs + '-dbg')
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 25/36] rpm: Pick debugfs package db files/dirs explicitly
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (23 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 24/36] rootfs: Add debugfs package db file copy and cleanup Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 26/36] kernel: Fix path comparison in kernel staging dir symlinking Steve Sakoman
` (10 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Alex Kiernan <alex.kiernan@gmail.com>
Rather than copying the entire /etc hierarchy, specify the pieces we
actually need.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f0fea55ab02b013484282177a636795a254e7986)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oe/package_manager/rpm/rootfs.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oe/package_manager/rpm/rootfs.py b/meta/lib/oe/package_manager/rpm/rootfs.py
index 00d07cd9cc..a120092b83 100644
--- a/meta/lib/oe/package_manager/rpm/rootfs.py
+++ b/meta/lib/oe/package_manager/rpm/rootfs.py
@@ -108,7 +108,7 @@ class PkgRootfs(Rootfs):
if self.progress_reporter:
self.progress_reporter.next_stage()
- self._setup_dbg_rootfs(['/etc', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf'])
+ self._setup_dbg_rootfs(['/etc/rpm', '/etc/rpmrc', '/etc/dnf', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf'])
execute_pre_post_process(self.d, rpm_post_process_cmds)
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 26/36] kernel: Fix path comparison in kernel staging dir symlinking
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (24 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 25/36] rpm: Pick debugfs package db files/dirs explicitly Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 27/36] mdadm: add util-linux-blockdev ptest dependency Steve Sakoman
` (9 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Staffan Rydén <staffan.ryden@axis.com>
Due to an oversight in the do_symlink_kernsrc function, the path
comparison between "S" and "STAGING_KERNEL_DIR" is broken. The code
obtains both variables, but modifies the local copy of "S" before
comparing them, causing the comparison to always return false.
This can cause the build to fail when the EXTERNALSRC flag is enabled,
since the code will try to create a symlink even if one already exists.
This patch resolves the issue by comparing the variables before they are
modified.
Signed-off-by: Staffan Rydén <staffan.ryden@axis.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit afd2038ef8a66a5e6433be31a14e1eb0d9f9a1d3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes/kernel.bbclass | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index a82e4cf942..f7d199e917 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -176,13 +176,14 @@ do_unpack[cleandirs] += " ${S} ${STAGING_KERNEL_DIR} ${B} ${STAGING_KERNEL_BUILD
do_clean[cleandirs] += " ${S} ${STAGING_KERNEL_DIR} ${B} ${STAGING_KERNEL_BUILDDIR}"
python do_symlink_kernsrc () {
s = d.getVar("S")
- if s[-1] == '/':
- # drop trailing slash, so that os.symlink(kernsrc, s) doesn't use s as directory name and fail
- s=s[:-1]
kernsrc = d.getVar("STAGING_KERNEL_DIR")
if s != kernsrc:
bb.utils.mkdirhier(kernsrc)
bb.utils.remove(kernsrc, recurse=True)
+ if s[-1] == '/':
+ # drop trailing slash, so that os.symlink(kernsrc, s) doesn't use s as
+ # directory name and fail
+ s = s[:-1]
if d.getVar("EXTERNALSRC"):
# With EXTERNALSRC S will not be wiped so we can symlink to it
os.symlink(s, kernsrc)
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 27/36] mdadm: add util-linux-blockdev ptest dependency
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (25 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 26/36] kernel: Fix path comparison in kernel staging dir symlinking Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 28/36] glibc/check-test-wrapper: don't emit warnings from ssh Steve Sakoman
` (8 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Ovidiu Panait <ovidiu.panait@windriver.com>
07revert-inplace test logs contain the following:
func.sh: line 335: /sbin/blockdev: No such file or directory
Add the missing util-linux-blockdev dependency.
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit a15cd04f528d137d428a572f15d1ec5ebbbd81f0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/mdadm/mdadm_4.2.bb | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-extended/mdadm/mdadm_4.2.bb b/meta/recipes-extended/mdadm/mdadm_4.2.bb
index 307e7abd9e..e4b98f82c1 100644
--- a/meta/recipes-extended/mdadm/mdadm_4.2.bb
+++ b/meta/recipes-extended/mdadm/mdadm_4.2.bb
@@ -105,7 +105,14 @@ do_install_ptest() {
}
RDEPENDS:${PN} += "bash"
-RDEPENDS:${PN}-ptest += "bash e2fsprogs-mke2fs util-linux-lsblk util-linux-losetup strace"
+RDEPENDS:${PN}-ptest += " \
+ bash \
+ e2fsprogs-mke2fs \
+ util-linux-lsblk \
+ util-linux-losetup \
+ util-linux-blockdev \
+ strace \
+"
RRECOMMENDS:${PN}-ptest += " \
coreutils \
kernel-module-loop \
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 28/36] glibc/check-test-wrapper: don't emit warnings from ssh
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (26 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 27/36] mdadm: add util-linux-blockdev ptest dependency Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 29/36] selftest/cases/glibc.py: increase the memory for testing Steve Sakoman
` (7 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Dont fill up the test log with ssh warning about having added the host
to list of known hosts.
Also helps fix a test case failure where stderr log was being compared
to a known value.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 63b31ff7e54a171c4c02fca2e6b07aec64a410af)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/glibc/glibc/check-test-wrapper | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/glibc/glibc/check-test-wrapper b/meta/recipes-core/glibc/glibc/check-test-wrapper
index 6ec9b9b29e..5cc993f718 100644
--- a/meta/recipes-core/glibc/glibc/check-test-wrapper
+++ b/meta/recipes-core/glibc/glibc/check-test-wrapper
@@ -58,7 +58,7 @@ elif targettype == "ssh":
user = os.environ.get("SSH_HOST_USER", None)
port = os.environ.get("SSH_HOST_PORT", None)
- command = ["ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no"]
+ command = ["ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "LogLevel=quiet"]
if port:
command += ["-p", str(port)]
if not host:
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 29/36] selftest/cases/glibc.py: increase the memory for testing
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (27 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 28/36] glibc/check-test-wrapper: don't emit warnings from ssh Steve Sakoman
@ 2023-08-23 14:35 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 30/36] oeqa/utils/nfs: allow requesting non-udp ports Steve Sakoman
` (6 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:35 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Some of the tests trigger OOM and fail. Increase the amount of memory
available so we dont run into these issues.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4d22dba482cb19ffcff5abee73f24526ea9d1c2a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/selftest/cases/glibc.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index 783c2d8541..fdda6f3ecf 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -61,7 +61,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
bitbake("core-image-minimal")
# start runqemu
- qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic"))
+ qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic", qemuparams = "-m 1024"))
# validate that SSH is working
status, _ = qemu.run("uname")
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 30/36] oeqa/utils/nfs: allow requesting non-udp ports
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (28 preceding siblings ...)
2023-08-23 14:35 ` [OE-core][kirkstone 29/36] selftest/cases/glibc.py: increase the memory for testing Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 31/36] selftest/cases/glibc.py: switch to using NFS over TCP Steve Sakoman
` (5 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
Allows setting up NFS over TCP as well.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1ff9b9a3b7f7924aea67d2024581bea2e916036)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/utils/nfs.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/lib/oeqa/utils/nfs.py b/meta/lib/oeqa/utils/nfs.py
index a37686c914..c9bac050a4 100644
--- a/meta/lib/oeqa/utils/nfs.py
+++ b/meta/lib/oeqa/utils/nfs.py
@@ -8,7 +8,7 @@ from oeqa.utils.commands import bitbake, get_bb_var, Command
from oeqa.utils.network import get_free_port
@contextlib.contextmanager
-def unfs_server(directory, logger = None):
+def unfs_server(directory, logger = None, udp = True):
unfs_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "unfs3-native")
if not os.path.exists(os.path.join(unfs_sysroot, "usr", "bin", "unfsd")):
# build native tool
@@ -22,7 +22,7 @@ def unfs_server(directory, logger = None):
exports.write("{0} (rw,no_root_squash,no_all_squash,insecure)\n".format(directory).encode())
# find some ports for the server
- nfsport, mountport = get_free_port(udp = True), get_free_port(udp = True)
+ nfsport, mountport = get_free_port(udp), get_free_port(udp)
nenv = dict(os.environ)
nenv['PATH'] = "{0}/sbin:{0}/usr/sbin:{0}/usr/bin:".format(unfs_sysroot) + nenv.get('PATH', '')
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 31/36] selftest/cases/glibc.py: switch to using NFS over TCP
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (29 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 30/36] oeqa/utils/nfs: allow requesting non-udp ports Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 32/36] oeqa/target/ssh: Ensure EAGAIN doesn't truncate output Steve Sakoman
` (4 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Anuj Mittal <anuj.mittal@intel.com>
This provides a more reliable test execution when running tests that
write a large buffer/file and significantly reduces the localedata test
failures.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 97a7612e3959bc9c75116a4e696f47cc31aea75d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/selftest/cases/glibc.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index fdda6f3ecf..f42593a27f 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -41,7 +41,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
with contextlib.ExitStack() as s:
# use the base work dir, as the nfs mount, since the recipe directory may not exist
tmpdir = get_bb_var("BASE_WORKDIR")
- nfsport, mountport = s.enter_context(unfs_server(tmpdir))
+ nfsport, mountport = s.enter_context(unfs_server(tmpdir, udp = False))
# build core-image-minimal with required packages
default_installed_packages = [
@@ -70,7 +70,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
# setup nfs mount
if qemu.run("mkdir -p \"{0}\"".format(tmpdir))[0] != 0:
raise Exception("Failed to setup NFS mount directory on target")
- mountcmd = "mount -o noac,nfsvers=3,port={0},udp,mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir)
+ mountcmd = "mount -o noac,nfsvers=3,port={0},mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir)
status, output = qemu.run(mountcmd)
if status != 0:
raise Exception("Failed to setup NFS mount on target ({})".format(repr(output)))
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 32/36] oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (30 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 31/36] selftest/cases/glibc.py: switch to using NFS over TCP Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 33/36] oeqa/runtime/ltp: Increase ltp test output timeout Steve Sakoman
` (3 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
We have a suspicion that the read() call may return EAGAIN on the non-blocking
fd and this may truncate test output leading to some of our intermittent failures.
Tweak the code to avoid this potential issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a8920c105725431e989cceb616bd04eaa52127ec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/core/target/ssh.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py
index 4ab0cddb43..7c206ff105 100644
--- a/meta/lib/oeqa/core/target/ssh.py
+++ b/meta/lib/oeqa/core/target/ssh.py
@@ -250,6 +250,9 @@ def SSHCall(command, logger, timeout=None, **opts):
except InterruptedError:
logger.debug('InterruptedError')
continue
+ except BlockingIOError:
+ logger.debug('BlockingIOError')
+ continue
process.stdout.close()
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 33/36] oeqa/runtime/ltp: Increase ltp test output timeout
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (31 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 32/36] oeqa/target/ssh: Ensure EAGAIN doesn't truncate output Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 34/36] target/ssh: Ensure exit code set for commands Steve Sakoman
` (2 subsequent siblings)
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
On our slower arm server, the tests currently timeout leading to inconsistent test
results. Increase the timeout to avoid this and aim to make the test results
consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9a8b49208f3c99e184eab426360b137bc773aa31)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/runtime/cases/ltp.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/lib/oeqa/runtime/cases/ltp.py b/meta/lib/oeqa/runtime/cases/ltp.py
index a66d5d13d7..879f2a673c 100644
--- a/meta/lib/oeqa/runtime/cases/ltp.py
+++ b/meta/lib/oeqa/runtime/cases/ltp.py
@@ -67,7 +67,7 @@ class LtpTest(LtpTestBase):
def runltp(self, ltp_group):
cmd = '/opt/ltp/runltp -f %s -p -q -r /opt/ltp -l /opt/ltp/results/%s -I 1 -d /opt/ltp' % (ltp_group, ltp_group)
starttime = time.time()
- (status, output) = self.target.run(cmd)
+ (status, output) = self.target.run(cmd, timeout=1200)
endtime = time.time()
with open(os.path.join(self.ltptest_log_dir, "%s-raw.log" % ltp_group), 'w') as f:
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 34/36] target/ssh: Ensure exit code set for commands
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (32 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 33/36] oeqa/runtime/ltp: Increase ltp test output timeout Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 35/36] oeqa/ssh: Further improve process exit handling Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 36/36] glibc-locale: use stricter matching for metapackages' runtime dependencies Steve Sakoman
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
As spotted by Joshua Watt, the returncode isn't set until .poll() or .wait()
is called so we need to call this after the .kill() call.
This fixes return code reporting so that timeouts for example now return an
exit code when they didn't before.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3924e94214b5135369be2551d54fb92097d35e95)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/core/target/ssh.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py
index 7c206ff105..69fdc146f0 100644
--- a/meta/lib/oeqa/core/target/ssh.py
+++ b/meta/lib/oeqa/core/target/ssh.py
@@ -262,6 +262,7 @@ def SSHCall(command, logger, timeout=None, **opts):
time.sleep(5)
try:
process.kill()
+ process.wait()
except OSError:
logger.debug('OSError when killing process')
pass
@@ -284,6 +285,7 @@ def SSHCall(command, logger, timeout=None, **opts):
except TimeoutExpired:
try:
process.kill()
+ process.wait()
except OSError:
logger.debug('OSError')
pass
@@ -313,6 +315,7 @@ def SSHCall(command, logger, timeout=None, **opts):
# whilst running and ensure we don't leave a process behind.
if process.poll() is None:
process.kill()
+ process.wait()
logger.debug('Something went wrong, killing SSH process')
raise
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 35/36] oeqa/ssh: Further improve process exit handling
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (33 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 34/36] target/ssh: Ensure exit code set for commands Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 36/36] glibc-locale: use stricter matching for metapackages' runtime dependencies Steve Sakoman
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Richard Purdie <richard.purdie@linuxfoundation.org>
It looks like there were further cases where orphaned processes may be left
behind since the .kill() calls may be unsuccessful if the process terminated
due to the terminate or through normal exit. In that situation .wait()
wouldn't have been called.
Further tweak the exit code paths to ensure .wait() is called to update the
returncode value before returning in all cases.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0a0a1731e38edfa72a141e8fd8f2de52be562e94)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/core/target/ssh.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py
index 69fdc146f0..6ee40083bd 100644
--- a/meta/lib/oeqa/core/target/ssh.py
+++ b/meta/lib/oeqa/core/target/ssh.py
@@ -262,7 +262,6 @@ def SSHCall(command, logger, timeout=None, **opts):
time.sleep(5)
try:
process.kill()
- process.wait()
except OSError:
logger.debug('OSError when killing process')
pass
@@ -271,6 +270,7 @@ def SSHCall(command, logger, timeout=None, **opts):
" running time: %d seconds." % (timeout, endtime))
logger.debug('Received data from SSH call:\n%s ' % lastline)
output += lastline
+ process.wait()
else:
output_raw = process.communicate()[0]
@@ -285,10 +285,10 @@ def SSHCall(command, logger, timeout=None, **opts):
except TimeoutExpired:
try:
process.kill()
- process.wait()
except OSError:
logger.debug('OSError')
pass
+ process.wait()
options = {
"stdout": subprocess.PIPE,
@@ -315,6 +315,7 @@ def SSHCall(command, logger, timeout=None, **opts):
# whilst running and ensure we don't leave a process behind.
if process.poll() is None:
process.kill()
+ if process.returncode == None:
process.wait()
logger.debug('Something went wrong, killing SSH process')
raise
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [OE-core][kirkstone 36/36] glibc-locale: use stricter matching for metapackages' runtime dependencies
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
` (34 preceding siblings ...)
2023-08-23 14:36 ` [OE-core][kirkstone 35/36] oeqa/ssh: Further improve process exit handling Steve Sakoman
@ 2023-08-23 14:36 ` Steve Sakoman
35 siblings, 0 replies; 37+ messages in thread
From: Steve Sakoman @ 2023-08-23 14:36 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
This resolves two issues:
1. metapackages were depending on themselves (except -binaries which wouldn't match against 'glibc-binary').
2. for the nativesdk variant, due to a non-empty dependency list at parsing time caused by
issue 1, map_depends_variable() from meta/lib/oe/classextend.py was forcibly setting PACKAGES
to the initial parse-time value (e.g. missing the dynamically created packages). This meant that
three out of four nativesdk- metapackages were entireyly missing the dependencies on the
respective dynamic package sets.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a90fd3afe9184aa1870b34a826e3ba0563477d4b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/glibc/glibc-locale.inc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/recipes-core/glibc/glibc-locale.inc b/meta/recipes-core/glibc/glibc-locale.inc
index 7f70b3ca4f..69b29c836c 100644
--- a/meta/recipes-core/glibc/glibc-locale.inc
+++ b/meta/recipes-core/glibc/glibc-locale.inc
@@ -37,22 +37,22 @@ PACKAGES_DYNAMIC = "^locale-base-.* \
# Create a glibc-binaries package
ALLOW_EMPTY:${BPN}-binaries = "1"
PACKAGES += "${BPN}-binaries"
-RRECOMMENDS:${BPN}-binaries = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-binary") != -1])}"
+RRECOMMENDS:${BPN}-binaries = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-binary-") != -1])}"
# Create a glibc-charmaps package
ALLOW_EMPTY:${BPN}-charmaps = "1"
PACKAGES += "${BPN}-charmaps"
-RRECOMMENDS:${BPN}-charmaps = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-charmap") != -1])}"
+RRECOMMENDS:${BPN}-charmaps = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-charmap-") != -1])}"
# Create a glibc-gconvs package
ALLOW_EMPTY:${BPN}-gconvs = "1"
PACKAGES += "${BPN}-gconvs"
-RRECOMMENDS:${BPN}-gconvs = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-gconv") != -1])}"
+RRECOMMENDS:${BPN}-gconvs = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-gconv-") != -1])}"
# Create a glibc-localedatas package
ALLOW_EMPTY:${BPN}-localedatas = "1"
PACKAGES += "${BPN}-localedatas"
-RRECOMMENDS:${BPN}-localedatas = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-localedata") != -1])}"
+RRECOMMENDS:${BPN}-localedatas = "${@" ".join([p for p in d.getVar('PACKAGES').split() if p.find("glibc-localedata-") != -1])}"
DESCRIPTION:localedef = "glibc: compile locale definition files"
--
2.34.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
end of thread, other threads:[~2023-08-23 14:37 UTC | newest]
Thread overview: 37+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-23 14:35 [OE-core][kirkstone 00/36] Patch review Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 01/36] glib-2.0: Fix CVE-2023-32665 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 02/36] glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 03/36] glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 04/36] librsvg: 2.52.7 -> 2.52.10 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 05/36] gstreamer1.0: upgrade 1.20.6 -> 1.20.7 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 06/36] bind: 9.18.11 -> 9.18.17 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 07/36] libnss-nis: upgrade 3.1 -> 3.2 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 08/36] linux-firmware: upgrade 20230515 -> 20230625 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 09/36] linux-firmware: package firmare for Dragonboard 410c Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 10/36] linux-firmware : Add firmware of RTL8822 serie Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 11/36] linux-firmware: split platform-specific Adreno shaders to separate packages Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 12/36] linux-yocto/5.15: update to v5.15.122 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 13/36] linux-yocto/5.15: update to v5.15.123 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 14/36] linux-yocto/5.15: update to v5.15.124 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 15/36] yocto-uninative: Update hashes for uninative 4.1 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 16/36] yocto-uninative: Update to 4.2 for glibc 2.38 Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 17/36] pixman: Remove duplication of license MIT Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 18/36] lib/package_manager: Improve repo artefact filtering Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 19/36] acl/attr: ptest fixes and improvements Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 20/36] shadow-sysroot: add license information Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 21/36] resulttool/resultutils: allow index generation despite corrupt json Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 22/36] automake: fix buildtest patch Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 23/36] selftest/cases/glibc.py: fix the override syntax Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 24/36] rootfs: Add debugfs package db file copy and cleanup Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 25/36] rpm: Pick debugfs package db files/dirs explicitly Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 26/36] kernel: Fix path comparison in kernel staging dir symlinking Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 27/36] mdadm: add util-linux-blockdev ptest dependency Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 28/36] glibc/check-test-wrapper: don't emit warnings from ssh Steve Sakoman
2023-08-23 14:35 ` [OE-core][kirkstone 29/36] selftest/cases/glibc.py: increase the memory for testing Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 30/36] oeqa/utils/nfs: allow requesting non-udp ports Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 31/36] selftest/cases/glibc.py: switch to using NFS over TCP Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 32/36] oeqa/target/ssh: Ensure EAGAIN doesn't truncate output Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 33/36] oeqa/runtime/ltp: Increase ltp test output timeout Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 34/36] target/ssh: Ensure exit code set for commands Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 35/36] oeqa/ssh: Further improve process exit handling Steve Sakoman
2023-08-23 14:36 ` [OE-core][kirkstone 36/36] glibc-locale: use stricter matching for metapackages' runtime dependencies Steve Sakoman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox